| From: | Pavel Luzanov <p(dot)luzanov(at)postgrespro(dot)ru> |
|---|---|
| To: | Jeff Davis <pgsql(at)j-davis(dot)com>, Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX |
| Date: | 2022-12-14 22:02:39 |
| Message-ID: | 8f7172da-2b58-3bd0-97ae-5126e2a7970c@postgrespro.ru |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 14.12.2022 22:46, Jeff Davis wrote:
> The behavior is that MAINTAIN
> privileges on the partitioned table does not imply MAINTAIN privileges
> on the partitions. I believe that's fine and it's consistent with other
> privileges on partitioned tables, such as SELECT and INSERT.
Sorry, I may have missed something, but here's what I see:
postgres(at)postgres(16.0)=# create table p (id int) partition by list (id);
postgres(at)postgres(16.0)=# create table p1 partition of p for values in (1);
postgres(at)postgres(16.0)=# create table p2 partition of p for values in (2);
postgres(at)postgres(16.0)=# grant select, insert, maintain on p to alice ;
postgres(at)postgres(16.0)=# \c - alice
You are now connected to database "postgres" as user "alice".
alice(at)postgres(16.0)=> insert into p values (1);
INSERT 0 1
alice(at)postgres(16.0)=> select * from p;
id
----
1
(1 row)
alice(at)postgres(16.0)=> vacuum p;
WARNING: permission denied to vacuum "p1", skipping it
WARNING: permission denied to vacuum "p2", skipping it
VACUUM
--
Pavel Luzanov
Postgres Professional: https://postgrespro.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Justin Pryzby | 2022-12-14 22:11:40 | Re: allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX |
| Previous Message | Michael Paquier | 2022-12-14 21:46:04 | Re: Inconsistency in reporting checkpointer stats |