On 03.06.21 23:47, David G. Johnston wrote: > This behavior should require the same permissions as actually creating > an ON DELETE CASCADE FK on the cascaded-to tables. i.e., Table Owner > role membership (the requirement for FK permissions can be assumed by > the presence of the existing FK constraint and being the table's owner).
You can create foreign keys if you have the REFERENCES privilege on the primary key table. That's something this patch doesn't observe correctly: Normally, the owner of the foreign key table decides the cascade action, but with this patch, it's the primary key table owner.
So what are the necessary and sufficient conditions to check at this point? The constraint already exists, so what permissions would we need to check against which table(s) in order to grant this action?
