Robert Haas <robertmhaas@gmail.com> writes:
> On Fri, Jul 22, 2011 at 12:02 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> In particular I find the following in SQL-MED:2008 4.14.1:
>>
>> NOTE 9 - Privileges granted on foreign tables are not privileges to use
>> the data constituting foreign tables, but privileges to use the
>> definitions of the foreign tables. The privileges to access the data
>> constituting the foreign tables are enforced by the foreign server,
>> based on the user mapping. Consequently, a request by an SQL-client to
>> access external data may raise exceptions.
> I read that to mean that the remote side might chuck an error
> depending on the credentials used to connect. I don't read it to be
> saying that the local side is required to do anything in particular.
Well, if you read it that way, then CREATE USER MAPPING with an empty
option set is a no-op: the behavior of the FDW would be the same whether
you'd executed it or not. Which doesn't seem to me to satisfy the
principle of least surprise, nor the letter of the spec.
regards, tom lane