Re: Extension pg_trgm, permissions and pg_dump order

On Wed, May 25, 2022 at 10:50:47PM -0700, Noah Misch wrote:
> BEGIN;
> CREATE ROLE limitedrole;
> CREATE SCHEMA ext_trgm;
> CREATE EXTENSION pg_trgm SCHEMA ext_trgm;
> CREATE TABLE x(y text);
> ALTER TABLE x OWNER TO limitedrole;
> CREATE INDEX ON x USING gist(y ext_trgm.gist_trgm_ops);
> ROLLBACK;

> Not too simple, no.  The parts of DefineIndex() that execute user code
> (e.g. DefineIndex->ComputeIndexAttrs->CheckMutability) are interspersed with
> the parts that do permissions checks, like the one yielding $SUBJECT at
> DefineIndex->ComputeIndexAttrs->ResolveOpClass->LookupExplicitNamespace.  My
> first candidate is to undo the userid switch before the ResolveOpClass() call
> and restore it after.  My second candidate is to pass down the userid we want
> used for this sort of permissions check.  Depending on the full list of call
> stacks reaching permissions checks, this could get hairy.

While I'd value the opportunity to work on this, there only a 50% chance I
could get it done by 2022-08-01.  I've set aside four hours on 2022-06-12 to
see how far I get.  For a 95% chance, the date would be 2023-02-01.  (I've
already canceled a 2022-07 vacation for the thing taking my time instead;
there's nothing clearly left to cut.)  If anyone would like it done faster
than that, I welcome that person taking over.