| From: | vignesh C <vignesh21(at)gmail(dot)com> |
|---|---|
| To: | "tanghy(dot)fnst(at)fujitsu(dot)com" <tanghy(dot)fnst(at)fujitsu(dot)com> |
| Cc: | Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, "houzj(dot)fnst(at)fujitsu(dot)com" <houzj(dot)fnst(at)fujitsu(dot)com>, Greg Nancarrow <gregn4422(at)gmail(dot)com>, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Smith <smithpb2250(at)gmail(dot)com>, Ajin Cherian <itsajin(at)gmail(dot)com>, Rahila Syed <rahilasyed90(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com>, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> |
| Subject: | Re: Added schema level support for publication. |
| Date: | 2021-10-19 15:42:02 |
| Message-ID: | CALDaNm2pJ49wAv=gEZrAP5=_apAzv_rgK3zjX-wfwCY+WWfT9w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Oct 19, 2021 at 9:15 AM tanghy(dot)fnst(at)fujitsu(dot)com
<tanghy(dot)fnst(at)fujitsu(dot)com> wrote:
>
> On Monday, October 18, 2021 8:23 PM vignesh C <vignesh21(at)gmail(dot)com> wrote:
> >
> > Thanks for the comments, the attached v42 patch has the fixes for the same.
>
> Thanks for your new patch.
>
> I tried your patch and found that the permission check for superuser didn't work.
>
> For example:
> postgres=# create role r1;
> CREATE ROLE
> postgres=# grant all privileges on database postgres to r1;
> GRANT
> postgres=# set role r1;
> SET
> postgres=> create schema s1;
> CREATE SCHEMA
> postgres=> create publication pub for all tables in schema s1;
> CREATE PUBLICATION
>
> Role r1 is not superuser, but this role could create publication for all tables in schema
> successfully, I think it is related the following change. List schemaidlist was
> not assigned yet. I think we should check it later.
>
> @@ -165,6 +265,12 @@ CreatePublication(ParseState *pstate, CreatePublicationStmt *stmt)
> (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
> errmsg("must be superuser to create FOR ALL TABLES publication")));
>
> + /* FOR ALL TABLES IN SCHEMA requires superuser */
> + if (list_length(schemaidlist) > 0 && !superuser())
> + ereport(ERROR,
> + errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
> + errmsg("must be superuser to create FOR ALL TABLES IN SCHEMA publication"));
> +
> rel = table_open(PublicationRelationId, RowExclusiveLock);
>
> /* Check if name is used */
This issue got induced in the v42 version, attached v43 patch has the
fixes for the same.
Regards,
Vignesh
| Attachment | Content-Type | Size |
|---|---|---|
| v43-0001-Add-support-for-publishing-the-tables-of-schema.patch | text/x-patch | 79.5 KB |
| v43-0002-Add-client-side-support-to-logical-replication-f.patch | text/x-patch | 22.3 KB |
| v43-0003-Add-tests-for-the-schema-publication-feature-of-.patch | text/x-patch | 59.0 KB |
| v43-0004-Add-documentation-for-the-schema-publication-fea.patch | text/x-patch | 15.2 KB |
| v43-0005-Add-new-pg_publication_objects-view-to-display-T.patch | text/x-patch | 6.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | vignesh C | 2021-10-19 15:44:16 | Re: Added schema level support for publication. |
| Previous Message | Alvaro Herrera | 2021-10-19 15:35:56 | Re: Parallel vacuum workers prevent the oldest xmin from advancing |