Hi hackers, I found a flaw in the ACL_MAINTAIN comment.
Commands such as VACUUM are listed as commands that are allowed to be executed by the MAINTAIN privilege.
However, LOCK TABLE is missing from the comment.
/** Check if ACL_MAINTAIN is being checked and, if so, and not already set* as part of the result, then check if the user is a member of the * pg_maintain role, which allows VACUUM, ANALYZE, CLUSTER, REFRESH * MATERIALIZED VIEW, and REINDEX on all relations. */
Therefore, shouldn't LOCK TABLE be added to the comment? Best regards, Yusuke Sugie
