The following bug has been logged on the website:
Bug reference: 16942
Logged by: Mihail Gershkovich
Email address: mihail.gershkovich@gmail.com
PostgreSQL version: 13.0
Operating system: OpenSUSE
Description:
-- reproduce:
CREATE ROLE table_writer; CREATE ROLE table_reader; CREATE ROLE
table_processor;
GRANT column_reader TO column_writer;
CREATE TABLE column_access_test (open1 varchar, open2 varchar, closed1
varchar);
GRANT SELECT(open1,open2,closed1) ON column_access_test TO
table_processor;
GRANT INSERT(open1,open2, closed1 ), UPDATE(open1,open2, closed1 ) ON
column_access_test TO column_writer;
GRANT SELECT(open1,open2) ON column_access_test TO column_reader ;
SET ROLE column_reader;
SELECT open1, open2 from column_access_test; -- works fine
SELECT open1, open2, closed1 from column_access_test; -- access is
prohibited, as expected, but error message is misleading
/*
Error:
SQL Error [42501]: ERROR: permission denied for table XYZ
should be something like: ERROR: permission denied for column A in table B
makes troubleshooting of permissions cumbersome.
*/