Hi!
In order to support create subscription from non-superuser, we need to make it
possible to choose tables on the subscriber side:
1. add `FOR TABLE` clause in `CREATE SUBSCRIPTION`:
```
CREATE SUBSCRIPTION subscription_name
CONNECTION 'conninfo'
PUBLICATION publication_name [, ...]
[ FOR TABLE [ ONLY ] table_name [ * ] [, ...]| FOR ALL TABLES ]
[ WITH ( subscription_parameter [= value] [, ... ] ) ]
```
... where `FOR ALL TABLES` is only allowed for superuser.
and table list in `FOR TABLES` clause will be stored in
pg_subscription_rel table (maybe another place?)
2. Each subscription should have "all tables" attribute.
For example via a new column in pg_subscription "suballtables".
3. Add `ALTER SUBSCRIPTION (ADD TABLE | DROP TABLE)`:
```
ALTER SUBSCRIPTION subscription_name ADD TABLE [ ONLY ] table_name
[WITH copy_data];
ALTER SUBSCRIPTION subscription_name DROP TABLE [ ONLY ] table_name;
```
4. On `ALTER SUBSCRIPTION <name> REFRESH PUBLICATION` should check if table
owner equals subscription owner. The check is ommited if subscription owner is
superuser.
5. If superuser calls `ALTER SUBSCRIPTION REFRESH PUBLICATION` on
subscription with table list and non-superuser owner, we should filter tables
which owner is not subscription's owner or maybe we need to raise error?
What do you think about it? Any objections?
07.11.2018, 00:52, "Stephen Frost" <sfr...@snowman.net>:
> Greetings,
>
> * Evgeniy Efimkin (efim...@yandex-team.ru) wrote:
>> As a first step I suggest we allow CREATE SUBSCRIPTION for table owner only.
>
> That's a nice idea but seems like we would want to have a way to filter
> what tables a subscription follows then..? Just failing if the
> publication publishes tables that we don't have access to or are not the
> owner of seems like a poor solution..
>
> Thanks!
>
> Stephen
--------
Ефимкин Евгений
