Re: [BUGS] BUG #14456: pg_dump doesn't restore permissions on tablesbelonging to an extension

Greetings,

* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Moshe Jacobson <moshe@neadwerx.com> writes:
> > Scenario:
>
> >    1. Extension is installed into its own schema. Installation is now
> >    complete.
> >    2. Extension creates a new table in its schema
> >    3. Extension changes ACLs on the table.
>
> Extensions are not actors, so claiming that "the extension" did something
> is at best pretty fuzzy thinking.

Agreed.

> >    4. After changing ACLs, the table is added to the extension (ALTER
> >    EXTENSION)
> >    5. A pg_dump of this database will now include ACL commands for the
> >    table.
>
> Hmm.  There's an argument to be made that ALTER EXTENSION ADD should
> absorb whatever the object's current ACLs are into the pg_init_privs
> entries for the extension.  (I don't think it does that now, though
> I might be wrong.)  However ...

I've not gone and looked yet, but I doubt that it does.  I think I can
agree with the argument that it really should add those ACLs to
pg_init_privs.  Of course, any furhter manipulation of the ACLs from
that point will cause those ACLs to be included in the pg_dump.

I'll take a look at ALTER EXTENSION ADD and pg_init_privs.

> >    6. A pg_restore of this file will give warnings because the ACLs refer
> >    to a table that is not created as part of the installation process.
>
> I think this scenario is simply pilot error, or at least gross abuse of
> the extension system.  If you dump and reload a DB containing an extension,
> the extension definition that's fetched by CREATE EXTENSION is expected
> to define (at least) all the objects that belonged to the extension in the
> old DB.  You can't just randomly ALTER EXTENSION and not update the
> extension definition script to match.

Agreed.

Thanks!

Stephen