Re: Security Definer functions no longer works in PG14+

From: Jan Katins <jasc(at)gmx(dot)net>
To: Jobin Augustine <jobinau(at)gmail(dot)com>
Cc: pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject: Re: Security Definer functions no longer works in PG14+
Date: 2022-05-05 18:31:58
Message-ID: CAAc324hNuW-FqTnpXbsyA8FmocoGx7AcULiFE7yxmqiw2gKkfQ@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

Hi,

The aiven-extras repo has a workaround for that, using dblink:
https://github.com/aiven/aiven-extras/commit/eb8c1107ca91a7da5ecb0c8127c94ce42762881d

Jan

On Thu, 5 May 2022, 17:49 Jobin Augustine, <jobinau(at)gmail(dot)com> wrote:

> Hello Community and Hackers,
>
> A function like:
>
> CREATE OR REPLACE FUNCTION fn_sql_refresh() RETURNS void AS $$
> ALTER SUBSCRIPTION sub REFRESH PUBLICATION;
> $$ LANGUAGE SQL SECURITY DEFINER;
>
> Works with PostgreSQL 13 and older versions.
> But gives error on PostgreSQL 14 as follows:
>
> postgres=> select fn_sql_refresh();
> ERROR: ALTER SUBSCRIPTION ... REFRESH cannot be executed from a function
> CONTEXT: SQL function "fn_sql_refresh" statement 1
>
> I believe, this is a consequence of :
>
> https://git.postgresql.org/gitweb/?p=postgresql.git;h=ce0fdbfe9722867b7fad4d3ede9b6a6bfc51fb4e
>
> But it is hurting good operational use cases of logical replication.
>
> Regards,
> Jobin.
>

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Masahiko Sawada 2022-05-06 05:26:42 Re: Implicitly created operator family not listed by pg_event_trigger_ddl_commands
Previous Message Jobin Augustine 2022-05-05 15:49:03 Security Definer functions no longer works in PG14+