postgres_fdw has some checks to enforce that non-superusers must connect to the foreign server with a password-based method. The reason for this is to prevent the authentication to the foreign server from happening on the basis of the OS user who is running the non-foreign server.
But I think these super user checks should be run against the userid of the USER MAPPING being used for the connection, not the userid of currently logged on user.
That is, I think the last line in this script should succeed: ('jjanes' is both a superuser, and a database):
CREATE EXTENSION IF NOT EXISTS postgres_fdw WITH SCHEMA public;
CREATE SERVER foo FOREIGN DATA WRAPPER postgres_fdw;
CREATE USER MAPPING FOR jjanes SERVER foo;
CREATE TABLE foobar1 ( x integer);
CREATE FOREIGN TABLE foobar2 ( x integer) SERVER foo OPTIONS ( table_name 'foobar1');
CREATE VIEW foobar3 AS SELECT foobar2.x FROM foobar2;
CREATE USER test;
GRANT SELECT ON TABLE foobar3 TO test;
\c jjanes test
select * from foobar3;
It connects back to itself, simply for demonstration purposes.
The attached patch implements this change in auth checking.
Cheers,
Jeff
