Re: Privileges on PUBLICATION

On 03.11.22 01:43, Antonin Houska wrote:
> Peter Eisentraut <peter.eisentraut@enterprisedb.com> wrote:
> 
>> The CF entry is about privileges on publications.  Please rebase that patch
>> and repost it so that the CF app and the CF bot are up to date.
> 
> The rebased patch (with regression tests added) is attached here.

Some preliminary discussion:

What is the upgrade strategy?  I suppose the options are either that 
publications have a default acl that makes them publicly accessible, 
thus preserving the existing behavior by default, or pg_dump would need 
to create additional GRANT statements when upgrading from pre-PG16.  I 
don't see anything like either of these mentioned in the patch.  What is 
your plan?

You might be interested in this patch, which relates to yours: 
https://commitfest.postgresql.org/40/3955/

Looking at your patch, I would also like to find a way to refactor away 
the ExecGrant_Publication() function.  I'll think about that.

I think you should add some tests under src/test/regress/ for the new 
GRANT and REVOKE statements, just to have some basic coverage that it 
works.  sql/publication.sql would be appropriate, I think.