On 05.06.21 14:25, David Christensen wrote:
On Jun 5, 2021, at 2:29 AM, Peter Eisentraut
<peter.eisentr...@enterprisedb.com> wrote:
On 04.06.21 22:24, David Christensen wrote:
So what are the necessary and sufficient conditions to check at this point?
The constraint already exists, so what permissions would we need to check
against which table(s) in order to grant this action?
I think you would need DELETE privilege on all affected tables.
So basically where we are dispatching to the CASCADE guts, first check session
user’s DELETE permission and throw the normal permissions error if they can’t
delete?
Actually, you also need appropriate SELECT permissions that correspond
to the WHERE clause of the DELETE statement.
