From 3d3856c50992c60ce1a02b3ce2c57c511c76142c Mon Sep 17 00:00:00 2001
From: Mark Dilger <mark.dilger@enterprisedb.com>
Date: Wed, 4 Aug 2021 14:52:49 -0700
Subject: [PATCH v1] Fix cache lookup error in ownership check

Operations on statistic_ext objects by users who lack sufficient
privileges were triggering a cache failure owing to what appears to
have been a thinko in how check_object_ownership() was coded for
this datatype.
---
 src/backend/catalog/objectaddress.c     |  3 ++-
 src/test/regress/expected/stats_ext.out | 11 +++++++++++
 src/test/regress/sql/stats_ext.sql      |  9 +++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c
index 9882e549c4..deaabaeae9 100644
--- a/src/backend/catalog/objectaddress.c
+++ b/src/backend/catalog/objectaddress.c
@@ -2571,7 +2571,8 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
 			break;
 		case OBJECT_STATISTIC_EXT:
 			if (!pg_statistics_object_ownercheck(address.objectId, roleid))
-				aclcheck_error_type(ACLCHECK_NOT_OWNER, address.objectId);
+				aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
+							   NameListToString(castNode(List, object)));
 			break;
 		default:
 			elog(ERROR, "unrecognized object type: %d",
diff --git a/src/test/regress/expected/stats_ext.out b/src/test/regress/expected/stats_ext.out
index 7fb54de53d..90684a1454 100644
--- a/src/test/regress/expected/stats_ext.out
+++ b/src/test/regress/expected/stats_ext.out
@@ -67,6 +67,17 @@ DROP TABLE ext_stats_test;
 -- Ensure stats are dropped sanely, and test IF NOT EXISTS while at it
 CREATE TABLE ab1 (a INTEGER, b INTEGER, c INTEGER);
 CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1;
+COMMENT ON STATISTICS ab1_a_b_stats IS 'new comment';
+CREATE ROLE temp_role;
+SET SESSION AUTHORIZATION temp_role;
+COMMENT ON STATISTICS ab1_a_b_stats IS 'changed comment';
+ERROR:  must be owner of statistics object ab1_a_b_stats
+DROP STATISTICS ab1_a_b_stats;
+ERROR:  must be owner of statistics object ab1_a_b_stats
+ALTER STATISTICS ab1_a_b_stats RENAME TO ab1_a_b_stats_new;
+ERROR:  must be owner of statistics object ab1_a_b_stats
+RESET SESSION AUTHORIZATION;
+DROP ROLE temp_role;
 CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1;
 NOTICE:  statistics object "ab1_a_b_stats" already exists, skipping
 DROP STATISTICS ab1_a_b_stats;
diff --git a/src/test/regress/sql/stats_ext.sql b/src/test/regress/sql/stats_ext.sql
index d563c4654c..57396184c1 100644
--- a/src/test/regress/sql/stats_ext.sql
+++ b/src/test/regress/sql/stats_ext.sql
@@ -48,6 +48,15 @@ DROP TABLE ext_stats_test;
 -- Ensure stats are dropped sanely, and test IF NOT EXISTS while at it
 CREATE TABLE ab1 (a INTEGER, b INTEGER, c INTEGER);
 CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1;
+COMMENT ON STATISTICS ab1_a_b_stats IS 'new comment';
+CREATE ROLE temp_role;
+SET SESSION AUTHORIZATION temp_role;
+COMMENT ON STATISTICS ab1_a_b_stats IS 'changed comment';
+DROP STATISTICS ab1_a_b_stats;
+ALTER STATISTICS ab1_a_b_stats RENAME TO ab1_a_b_stats_new;
+RESET SESSION AUTHORIZATION;
+DROP ROLE temp_role;
+
 CREATE STATISTICS IF NOT EXISTS ab1_a_b_stats ON a, b FROM ab1;
 DROP STATISTICS ab1_a_b_stats;
 
-- 
2.21.1 (Apple Git-122.3)