| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Ayush Vatsa <ayushvatsa1810(at)gmail(dot)com> |
| Cc: | "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Clarification on Role Access Rights to Table Indexes |
| Date: | 2025-02-17 18:17:16 |
| Message-ID: | CAKFQuwaACqunNiK5Xo6qDYK5O-w-6od0xfN4kdu5Z3Bmp1GuDQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On Monday, February 17, 2025, Ayush Vatsa <ayushvatsa1810(at)gmail(dot)com> wrote:
> postgres=# CREATE ROLE alpha;
>
> CREATE ROLE
> postgres=# GRANT SELECT ON pg_class TO alpha;
>
This is pointless, everyone (i.e. the PUBLIC pseudo-role) can already read
pg_class.
1. Can a role have access rights to a table without having access to its
> index?
>
Roles don’t directly interact with indexes in PostgreSQL so this doesn’t
even make sense. But if you need a yes/no answer, then yes.
>
> 3. If no, and the role inherently gets access to the index when granted
> access to the table, why
> does the pg_prewarm call fail [1] in the above scenario?
>
> [1] https://github.com/postgres/postgres/blob/master/contrib
> /pg_prewarm/pg_prewarm.c#L108-L110
>
It fails because AFAICS there is no way for it to work on an index, only
tables.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2025-02-17 18:27:30 | Re: Clarification on Role Access Rights to Table Indexes |
| Previous Message | Ayush Vatsa | 2025-02-17 18:01:46 | Clarification on Role Access Rights to Table Indexes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2025-02-17 18:27:30 | Re: Clarification on Role Access Rights to Table Indexes |
| Previous Message | Jacob Champion | 2025-02-17 18:15:27 | Re: [PoC] Federated Authn/z with OAUTHBEARER |