On Fri, 24 Mar 2023 at 19:37, Robert Haas <robertmh...@gmail.com> wrote: > > > > I think there's some important tests missing related to this: > > > > 1. Ensuring that SECURITY_RESTRICTED_OPERATION things are enforced > > > > when the user **does not** have SET ROLE permissions to the > > > > subscription owner, e.g. don't allow SET ROLE from a trigger. > > > > 2. Ensuring that SECURITY_RESTRICTED_OPERATION things are not enforced > > > > when the user **does** have SET ROLE permissions to the subscription > > > > owner, e.g. allows SET ROLE from trigger. > > > Yeah, if we stick with the current approach we should probably add > > > tests for that stuff. > > > > Even if we don't, we should still have tests showing that the security > > restrictions that we intend to put in place actually do their job. > > Yeah, I just don't want to write the tests and then decide to change > the behavior and then have to write them over again. It's not so much > fun that I'm yearning to do it twice.
I forgot to follow up on this before, but based on the bug found by Amit. I think it would be good to still add these tests.
