Greetings, The current permissions checks for truncate seem to be excessive. It requires that you're the owner of the relation instead of requiring that you have delete permissions on the relation. It was pointed out that truncate doesn't call triggers but it seems like that would be something easy enough to check for. My thinking is to replace the existing ownercheck with:
Must have delete permissions on the relation
If the relation has triggers:
Check that the caller is the owner of the relation, if so, then
issue a NOTICE that those triggers won't be called and perform the
truncate.
If not the owner, then error out saying there are ON DELETE triggers
and that you're not the owner.
I can submit a patch for this today if there's general agreement on
this change. An alternative that was mentioned was to make 'delete'
smart enough to know when it's delete'ing all the rows and there
aren't any triggers on it, etc, to perform like truncate, perhaps
leaving the old file around until all transactions using it have
finished. This sounds like a good idea but also sounds like it'd be a
larger change and might have to wait till 8.2.
Thanks,
Stephen
signature.asc
Description: Digital signature
