Re: BUG #17626: Permission denied errors should list role as well as user

Поиск
Список
Период
Сортировка
От Loren Siebert
Тема Re: BUG #17626: Permission denied errors should list role as well as user
Дата
Msg-id CAG5U2QJGnjO5=Sf7Ewg2UYLFejauF7K3Wa8uZOP=dwCr3v-boA@mail.gmail.com
обсуждение исходный текст
Ответ на Re: BUG #17626: Permission denied errors should list role as well as user  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-bugs
Дерево обсуждения
I think what may be happening here is that the Postgres error and "permission denied for table foo" message are getting caught by the ORM I am using (Prisma) and it is prepending "user=elevated_user" to that but no role information. That's probably the more appropriate place for me to take this up.

Thank you Tom and David for looking into this and for your work on Postgres!

On Mon, Oct 3, 2022 at 8:53 AM Tom Lane <tgl@sss.pgh.pa.us> wrote:
"David G. Johnston" <david.g.johnston@gmail.com> writes:
> Basically, a permission check requires two things and the complaint is that
> only one of those things is mentioned in the error message.

No, the complaint is that the wrong thing is shown --- but I don't
know what's showing it; aclcheck_error() certainly doesn't.

There's a separate conversation to be had perhaps about whether
aclcheck_error's standard message *should* include the role name
whose permissions were checked.  I have a vague feeling that that
omission was intentional, but it was so long ago that I don't
recall for sure.  It seems like something that'd be good to show
in more complicated situations with views, security definer
functions, etc.

                        regards, tom lane

В списке pgsql-bugs по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: BUG #17626: Permission denied errors should list role as well as user
Следующее
От: "David G. Johnston"
Дата:
Сообщение: Re: BUG #17626: Permission denied errors should list role as well as user