Excerpts from Noah Misch's message of mié sep 26 17:54:43 -0300 2012:
> I'm marking this patch Ready for Committer. I suggest backpatching it to 9.2;
> the patch corrects an oversight in 9.2 changes. There's more compatibility
> value in backpatching than in retaining distinct behavior for 9.2 only.
>
> On Thu, Jun 28, 2012 at 09:32:41AM -0700, Josh Kupershmidt wrote:
> > ! if (!superuser())
> > {
> > /*
> > ! * Since the user is not superuser, check for matching roles.
> > */
> > ! if (proc->roleId != GetUserId())
> > ! return SIGNAL_BACKEND_NOPERMISSION;
> > }
>
> I would have collapsed the conditionals and deleted the obvious comment:
>
> if (!(superuser() || proc->roleId == GetUserId()))
> return SIGNAL_BACKEND_NOPERMISSION;
>
> The committer can do that if desired; no need for another version.
Thanks, I pushed to HEAD and 9.2 with the suggested tweaks.
Documentation doesn't specify the behavior of the non-superuser case
when there's trouble, so I too think the behavior change in 9.2 is okay.
I am less sure about it needing documenting.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services