[postgis-devel] estimated_extent & pg_statistic

[strk at refractions.net]

On Wed, Mar 08, 2006 at 05:39:09PM -0000, Mark Cave-Ayland wrote:
> > -----Original Message-----
> > From: postgis-devel-bounces at postgis.refractions.net [mailto:postgis-devel-
> > bounces at postgis.refractions.net] On Behalf Of strk at refractions.net
> > Sent: 06 March 2006 11:57
> > To: 'PostGIS Development Discussion'
> > Subject: Re: [postgis-devel] estimated_extent & pg_statistic
> 
> 
> Hi strk,
> 
> (cut)
> 
> > I'd rather avoid adding another view.
> 
> Is there any particular reason why views cause a problem?

Ehm... dump/reload ?
Our "soft-upgrade" procedure is not currently able to add a view.

> I've attached a patch for Martin's case that marks the estimated_extent()
> function as SECURITY DEFINER and implements an access control check using
> has_table_privilege. The new behaviour is that if a user u1 creates a
> geometry column, user u1 can now call estimated_extent(), but a user u2 who
> does not have SELECT permissions on the target table will not be able to
> call estimated_extent() on user u1's table.
> 
> The main downside with this approach is that it appears PostgreSQL 7.2
> doesn't support SECURITY DEFINER, and so non-superusers would not be able to
> get around this issue (then again, if you are still running a 7.2 series
> database in production you probably have a lot more pressing issues...)
> 
> I imagine that if we used a view in a similar manner to pg_stats then we
> would be able to get this to work back in 7.2 as well, however since support
> for 7.2 is now non-existent, I can't get too excited about it. Comments
> anyone?

estimated_extent is only available when building against pgsql >= 73
so no problem there.

I've no time to check the patch for this week. If people can test
it with different pgsql versions (from 73 to 81) that'll help.

--strk;