> The current permissions checks for truncate seem to be excessive. It
> requires that you're the owner of the relation instead of requiring
> that you have delete permissions on the relation. It was pointed out
> that truncate doesn't call triggers but it seems like that would be
> something easy enough to check for. My thinking is to replace the
> existing ownercheck with:
>
> Must have delete permissions on the relation
> If the relation has triggers:
> Check that the caller is the owner of the relation, if so, then
> issue a NOTICE that those triggers won't be called and perform the
> truncate.
> If not the owner, then error out saying there are ON DELETE triggers
> and that you're not the owner.
I'm strongly in favour of this patch. I am currently in this situation:
1. Web db user runs as non-superuser, non-owner.
2. I have a table of a tens of thousands of rows that I must delete
entirely and rebuild every day at least (pg_trgm word list)
3. It just gets slow over time, even with autovac.
4. I can't vacuum it as i'm not the owner, and I cannot truncate it either.
5. Table has no triggers or FK's whatsoever.
So, stephen frost's suggestion would be fantastic.
Chris