Hi Dave/Hackers,
I have started working on the feature
#5305. Based on my understanding, the Object Explorer should only display nodes or objects where the currently logged-in user has at least one permission granted in the ACL. In other words, the user must have some level of access to each object displayed.
For example, consider two users: 'postgres' (the default user) and 'test'. There are objects, such as a table, where the 'test' user does not have any permissions. This table was created by the 'postgres' user, who has revoked all permissions for other users. Now, if the 'test' user logs into the database server, we need to check whether the logged-in user has any permissions on the object. If not, it should not be displayed in the Object Explorer.
We will have a preference for whether to apply this check or not. There are following two solutions that can be implemented:
1) Change the nodes.sql to filter out the nodes based on privileges. It's challenging, as I tried with aclexplode(relacl), unnest(relacl) in the WHERE clause, and other different attempts to filter out Table nodes, but seems we will find some solution for sure).
2) Once nodes are fetched then filter out the data at the backend.
Any other solution or suggestion?
