Yugo Nagata <nag...@sraoss.co.jp> writes:
> I found that has_table_privilege returns an error when a table is specified
> by schema-qualified name and the user doen't have privilege for its schema.
> postgres=> select has_table_privilege('myschema.tbl','select');
> ERROR: permission denied for schema myschema
> I think that this function should return false because the user doesn't have
> the privilege on this table eventually. It is more useful for users because
> it is not needed to parse the schema-qualified table name and check the
> privilege on the schema in advance.
Sounds reasonable, but if we're going to do that, we should do it for
every one of these functions that concerns a schema-qualifiable object
type. Not just tables.
Also, looking at the code, why are you bothering with
convert_table_schema_priv_string? ISTM what's relevant on the schema is
always going to be USAGE privilege, independently of the mode being
checked on the object. So you shouldn't need a bunch of duplicative
tables.
Plus, I don't think this implementation approach is going to work for
unqualified table names. You don't know which schema they're in until you
look them up. (Although I vaguely remember that the path search logic just
ignores unreadable schemas, so maybe all you have to do with unqualified
names is nothing. But that's not what this patch is doing now.)
Some test cases would likely be a good idea.
regards, tom lane
