Postgres Pro
Downloads
Home   >   mailing lists

Partitioned table permission question - Mailing list pgsql-hackers

From Junfeng Yang
Subject Partitioned table permission question
Date
Msg-id DM6PR05MB54032E8C84DE1E4D5A55A9DECC489@DM6PR05MB5403.namprd05.prod.outlook.com
Whole thread Raw
Responses Re: Partitioned table permission question  (Amit Langote <amitlangote09@gmail.com>)
List pgsql-hackers
Tree view 
Hi hackers,

As I played with the partitioned table with GRANT, I found two questions.
Let's see an example:


CREATE TABLE measurement (
    city_id         int not null,
    logdate         date not null,
    peaktemp        int,
    unitsales       int
) PARTITION BY RANGE (logdate);

CREATE TABLE measurement_y2006m02 PARTITION OF measurement
    FOR VALUES FROM ('2006-02-01') TO ('2006-03-01');

CREATE TABLE measurement_y2006m03 PARTITION OF measurement
    FOR VALUES FROM ('2006-03-01') TO ('2006-04-01');

CREATE USER a;
GRANT SELECT ON measurement TO a;
GRANT INSERT ON measurement TO a;

I created a partitioned table with two leaf tables and only grant SELECT, INSERT on the root table to user a.

The first question is:
As a user a, since I don't have permission to read the leaf tables, but select from the root will return the leafs data
successfully.

postgres=# set role a;
postgres=> explain select * from measurement_y2006m02;
ERROR:  permission denied for table measurement_y2006m02
postgres=> explain select * from measurement;
                                         QUERY PLAN
---------------------------------------------------------------------------------------------
 Append  (cost=0.00..75.50 rows=3700 width=16)
   ->  Seq Scan on measurement_y2006m02 measurement_1  (cost=0.00..28.50 rows=1850 width=16)
   ->  Seq Scan on measurement_y2006m03 measurement_2  (cost=0.00..28.50 rows=1850 width=16)
(3 rows)

From the plan, we do scan on the leaf tables without ACL check. And the reason is in expand_single_inheritance_child,
we always set childrte->requiredPerms = 0; Seems like we always think the child has the same permission with the
partitionedtable. 


For the second question:
As a user a, I'm not allowed to insert any data into leaf tables.
But insert on the partitioned table will make the data go into leaves.

postgres=> insert into measurement_y2006m02 values (1, '2006-02-01', 1, 1);
ERROR:  permission denied for table measurement_y2006m02
postgres=> insert into measurement values (1, '2006-02-01', 1, 1);
INSERT 0 1

It makes me feel strange, we can grant different permission for partition tables, but as long as the user
has permission on the partitioned table, it can still see/modify the leaf tables which don't have permission.
Can anyone help me understand the behavior?

pgsql-hackers by date:

Previous
From: Michael Paquier
Date:
Subject: Re: Table refer leak in logical replication
Next
From: Michael Paquier
Date:
Subject: Re: pg_amcheck option to install extension