(2012/02/23 5:32), Alvaro Herrera wrote:
>> My only concern on the patch is
>>
>> +static void
>> +AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid
>> newOwnerId)
>> +{
>> + Form_pg_foreign_server form;
>>
>> - srvId = HeapTupleGetOid(tup);
>> form = (Form_pg_foreign_server) GETSTRUCT(tup);
>>
>> if (form->srvowner != newOwnerId)
>> @@ -366,10 +388,15 @@ AlterForeignServerOwner(const char *name, Oid
>> newOwnerId)
>> /* Superusers can always do it */
>> if (!superuser())
>> {
>>
>> I wonder if superusers can always do it. For example, is it OK for
>> superusers to change the ownership of a foreign server owned by old_role
>> to new_role that doesn't have USAGE privilege on its foreign data wrapper.
>
> Well, permission checking are just what they were before the patch. I
> did not change them here. I didn't participate in the discussions that
> led to the current behavior, but as far as I know the guiding principle
> here is that superusers always can do whatever they please. Maybe what
> you point out is a bug in the behavior (both before and after my patch),
> but if so, please raise it separately.
OK. Thanks.
Best regards,
Etsuro Fujita