Apparently INSERT and SELECT on the parent partitioned table skip normal acl checks on the partitions. Is that intended behavior?
8<--------------------------- test=# create user part_test; CREATE ROLE test=# test=# create table t1 (id int) partition by range ((id % 4)); CREATE TABLE test=# create table t1_0 partition of t1 for values from (0) to (1); CREATE TABLE test=# create table t1_1 partition of t1 for values from (1) to (2); CREATE TABLE test=# create table t1_2 partition of t1 for values from (2) to (3); CREATE TABLE test=# create table t1_3 partition of t1 for values from (3) to (4); CREATE TABLE test=# grant all on TABLE t1 to part_test; GRANT test=# set session authorization part_test ; SET test=> select current_user; current_user -------------- part_test (1 row) test=> insert into t1 values(0),(1),(2),(3); INSERT 0 4 test=> insert into t1_0 values(0); ERROR: permission denied for relation t1_0 test=> insert into t1_1 values(1); ERROR: permission denied for relation t1_1 test=> insert into t1_2 values(2); ERROR: permission denied for relation t1_2 test=> insert into t1_3 values(3); ERROR: permission denied for relation t1_3 test=> select * from t1; id ---- 0 1 2 3 (4 rows) test=> select * from t1_0; ERROR: permission denied for relation t1_0 test=> select * from t1_1; ERROR: permission denied for relation t1_1 test=> select * from t1_2; ERROR: permission denied for relation t1_2 test=> select * from t1_3; ERROR: permission denied for relation t1_3 test=> reset session authorization; RESET test=# drop table if exists t1; DROP TABLE 8<--------------------------- Joe -- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development
signature.asc
Description: OpenPGP digital signature