On Mon, 2020-02-24 at 14:45 -0800, David Glasser wrote: > I was planning to add a new table TA only writable by user A, with a foreign > key reference with > ON DELETE CASCADE to another table TB only writable by user B. My hope was > that user B would > still be allowed to delete rows in TB and cause cascading deletions in table > TA, and some manual > investigation makes it seem like that is the implemented semantics. > > However, I could not find a direct answer to my question in the docs. I > looked primarily at > https://www.postgresql.org/docs/current/sql-grant.html and > https://www.postgresql.org/docs/current/sql-createtable.html . > There are references to permissions required to create references, but not to > the permissions > (not, apparently) required to indirectly write to a table via referential > actions. > > Am I correct that (a) no permissions are needed here and (b) this is > undocumented and (c) it would > be helpful to document this, probably in the CREATE TABLE docs? Happy to > write a patch if so.
I would say that it is not documented outside the source, and I think it wouldn't harm to document that. I had to dig in the source myself the first time I encountered that. I am not sure if CREATE TABLE is the perfect place; another place that would offer ifself is https://www.postgresql.org/docs/current/ddl-constraints.html#DDL-CONSTRAINTS-FK , where foreign key constraints are explained. Yours, Laurenz Albe