On Wed, Oct 27, 2021 at 9:45 AM Michael Paquier <michael@paquier.xyz> wrote:
>
> On Tue, Oct 26, 2021 at 08:41:11PM +0000, Jeff Davis wrote:
> > Allow GRANT on pg_log_backend_memory_contexts().
> >
> > Remove superuser check, allowing any user granted permissions on
> > pg_log_backend_memory_contexts() to log the memory contexts of any
> > backend.
> >
> > Note that this could allow a privileged non-superuser to log the
> > memory contexts of a superuser backend, but as discussed, that does
> > not seem to be a problem.
>
> but will not be sent to the client regardless of
> <xref linkend="guc-client-min-messages"/>.
> - Only superusers can request to log the memory contexts.
> </para></entry>
> I don't think that the documentation part of this commit is correct.
> This sentence should have been changed to something like the
> following:
> "This function is restricted to superusers by default, but other users
> can be granted EXECUTE to run the function."
+1 and the above statement looks good. Apart from that I have one more
suggestion that I earlier made: have the function produce the error
when no permissions were granted (just to ensure we have the error
message covered) including has_function_privilege() case.
Attached a patch with the above documentation change and the error
case added. Please review it.
Regards,
Bharath Rupireddy.
