Jeff Janes escribió:
> Since back-branch releases are coming up, I think fe3b5eb08 and it's
> analogues in all branches should be reverted.
>
> The issue it was intended to solve was not really a bug in the first place,
> and this patch didn't solve it anyway. But it introduced new behavior (into
> all supported branches) which certainly is a bug.
I disagree with this assessment, and propose the attached patch instead.
The documentation for DROP OWNED says in its opening paragraph "Any
privileges granted to the given roles on objects in the current database
will also be revoked." So commit fe3b5eb08 was correct, though
incomplete; DROP OWNED is really supposed to operate on tablespaces and
databases. Not drop them, mind you --- but if the user has been granted
privileges on them, those should be revoked.
On the other hand, running REASSIGN OWNED means to reassign ownership of
objects to some other user. There is no reason this cannot be done to
shared objects as well as local objects. I note, though, that REASSIGN
OWNED's documentation mentions "objects in the current database"; but in
spirit, the point of it is to drop users. So applying to shared objects
seems within charter to me.
So what this patch does, is ensure that both REASSIGN OWNED and DROP
OWNED operate on shared objects: the former changes ownership of those
shared objects to the target user; and the latter removes granted
privileges on those shared objects.
This is the patch for the master branch; I have not tried to backpatch
it yet. Conflicts are expected due to the refactoring of ALTER commands
by KaiGai.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
diff --git a/src/backend/catalog/pg_shdepend.c b/src/backend/catalog/pg_shdepend.c
index 86c6183..e411372 100644
--- a/src/backend/catalog/pg_shdepend.c
+++ b/src/backend/catalog/pg_shdepend.c
@@ -1240,11 +1240,14 @@ shdepDropOwned(List *roleids, DropBehavior behavior)
sdepForm->objid);
break;
case SHARED_DEPENDENCY_OWNER:
- /* Save it for deletion below */
- obj.classId = sdepForm->classid;
- obj.objectId = sdepForm->objid;
- obj.objectSubId = sdepForm->objsubid;
- add_exact_object_address(&obj, deleteobjs);
+ /* If a local object, save it for deletion below */
+ if (sdepForm->dbid == MyDatabaseId)
+ {
+ obj.classId = sdepForm->classid;
+ obj.objectId = sdepForm->objid;
+ obj.objectSubId = sdepForm->objsubid;
+ add_exact_object_address(&obj, deleteobjs);
+ }
break;
}
}
@@ -1322,8 +1325,12 @@ shdepReassignOwned(List *roleids, Oid newrole)
{
Form_pg_shdepend sdepForm = (Form_pg_shdepend) GETSTRUCT(tuple);
- /* We only operate on objects in the current database */
- if (sdepForm->dbid != MyDatabaseId)
+ /*
+ * We only operate on shared objects and objects in the current
+ * database
+ */
+ if (sdepForm->dbid != MyDatabaseId &&
+ sdepForm->dbid != InvalidOid)
continue;
/* Unexpected because we checked for pins above */
@@ -1385,6 +1392,8 @@ shdepReassignOwned(List *roleids, Oid newrole)
case OperatorFamilyRelationId:
case OperatorClassRelationId:
case ExtensionRelationId:
+ case TableSpaceRelationId:
+ case DatabaseRelationId:
{
Oid classId = sdepForm->classid;
Relation catalog;
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
