On Thu, 16 Aug 2018 19:37:42 -0400
Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Yugo Nagata <nagata@sraoss.co.jp> writes:
> > I found that has_table_privilege returns an error when a table is specified
> > by schema-qualified name and the user doen't have privilege for its schema.
>
> > postgres=> select has_table_privilege('myschema.tbl','select');
> > ERROR: permission denied for schema myschema
>
> > I think that this function should return false because the user doesn't have
> > the privilege on this table eventually. It is more useful for users because
> > it is not needed to parse the schema-qualified table name and check the
> > privilege on the schema in advance.
>
> Sounds reasonable, but if we're going to do that, we should do it for
> every one of these functions that concerns a schema-qualifiable object
> type. Not just tables.
OK. I will fix all of these functions that can take a schema-qualifiable
object name as a parameter.
>
> Also, looking at the code, why are you bothering with
> convert_table_schema_priv_string? ISTM what's relevant on the schema is
> always going to be USAGE privilege, independently of the mode being
> checked on the object. So you shouldn't need a bunch of duplicative
> tables.
I thought we needed to consider also USAGE GRANT OPTION, but I might be
misunderstnding something. I will look into this again.
> Plus, I don't think this implementation approach is going to work for
> unqualified table names. You don't know which schema they're in until you
> look them up. (Although I vaguely remember that the path search logic just
> ignores unreadable schemas, so maybe all you have to do with unqualified
> names is nothing. But that's not what this patch is doing now.)
Oops. I overlooked these cases. I'll fix the patch to allow to handle
unqualified table names.
Thanks,
--
Yugo Nagata <nagata@sraoss.co.jp>