I started testing pg_get_tablespace_ddl(). While tracing pg_get_tablespace_ddl_internal(), I noticed that this error report must be wrong: ``` /* User must have SELECT privilege on pg_tablespace. */ if (pg_class_aclcheck(TableSpaceRelationId, GetUserId(), ACL_SELECT) != ACLCHECK_OK) { ReleaseSysCache(tuple); aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, spcname); } ```
The comment clearly says that SELECT privilege on pg_tablespace is required, but the error is reported against the target tablespace instead.
This is easy to reproduce: ``` evantest=# set allow_in_place_tablespaces = true; SET evantest=# create role r1; CREATE ROLE evantest=# create tablespace ts1 location ''; CREATE TABLESPACE evantest=# revoke select on pg_tablespace from r1; REVOKE evantest=# set role r1; SET evantest=> select * from pg_get_tablespace_ddl('ts1'); ERROR: permission denied for tablespace ts1 ```
Attached is a simple one-line fix. Attached is a simple one-line fix. I did not add a new test, as we usually try to avoid extending the test time for such a small fix. With the fix, the error message now looks like: ``` evantest=> select * from pg_get_tablespace_ddl('ts1'); ERROR: permission denied for table pg_tablespace ```
Oops, I was one of the reviewers of the original patch. Sorry for not finding this during review.
