The current permissions checks for truncate seem to be excessive. It
requires that you're the owner of the relation instead of requiring
that you have delete permissions on the relation. It was pointed out
that truncate doesn't call triggers but it seems like that would be
something easy enough to check for. My thinking is to replace the
existing ownercheck with:
Must have delete permissions on the relation
If the relation has triggers:
Check that the caller is the owner of the relation, if so, then
issue a NOTICE that those triggers won't be called and perform the
truncate.
If not the owner, then error out saying there are ON DELETE triggers
and that you're not the owner.
I'm strongly in favour of this patch. I am currently in this situation:
1. Web db user runs as non-superuser, non-owner.
2. I have a table of a tens of thousands of rows that I must delete
entirely and rebuild every day at least (pg_trgm word list)
3. It just gets slow over time, even with autovac.
4. I can't vacuum it as i'm not the owner, and I cannot truncate it either.
5. Table has no triggers or FK's whatsoever.
So, stephen frost's suggestion would be fantastic.
Chris
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
