[postgis-devel] [PostGIS] #532: Temporary table geography columns appear in other's sessions
PostGIS
trac at osgeo.org
Sat Sep 18 10:02:35 PDT 2010
#532: Temporary table geography columns appear in other's sessions
----------------------+-----------------------------------------------------
Reporter: mwtoews | Owner: pramsey
Type: defect | Status: reopened
Priority: blocker | Milestone: PostGIS 1.5.2
Component: postgis | Version: 1.5.X
Resolution: | Keywords:
----------------------+-----------------------------------------------------
Comment(by robe):
Actually Trunk is right as Mike noted and Paul has listed up there -
AND NOT pg_is_other_temp_schema(c.relnamespace);
I thought has_table_privledge... would be enough, but super user can see
tables created in user temp spaces and of course they have rights to those
though (since I can select by qualifying with temp space). If I launch 2
different sessions with non-super user and with same user account -- I
can't see the temp tables created in the other session.
I do question though -- why do we want people seeing tables they don't
have rights to again? I think we had the discussion before. Note Paul's
above still allows a person to see tables they don't have rights to.
So I really think it should be:
{{{
AND has_table_privilege(c.oid, 'SELECT, INSERT, UPDATE, DELETE, TRUNCATE,
REFERENCES, TRIGGER'::text)
AND NOT pg_is_other_temp_schema(c.relnamespace)
}}}
which is actually what information_schema.tables definition has
Below is the definition of information_schema.tables in case I missed
anything.
{{{
SELECT (current_database())::information_schema.sql_identifier AS
table_catalog, (nc.nspname)::information_schema.sql_identifier AS
table_schema, (c.relname)::information_schema.sql_identifier AS
table_name, (CASE WHEN (nc.oid = pg_my_temp_schema()) THEN 'LOCAL
TEMPORARY'::text WHEN (c.relkind = 'r'::"char") THEN 'BASE TABLE'::text
WHEN (c.relkind = 'v'::"char") THEN 'VIEW'::text ELSE NULL::text
END)::information_schema.character_data AS table_type, (NULL::character
varying)::information_schema.sql_identifier AS
self_referencing_column_name, (NULL::character
varying)::information_schema.character_data AS reference_generation, (CASE
WHEN (t.typname IS NOT NULL) THEN current_database() ELSE NULL::name
END)::information_schema.sql_identifier AS user_defined_type_catalog,
(nt.nspname)::information_schema.sql_identifier AS
user_defined_type_schema, (t.typname)::information_schema.sql_identifier
AS user_defined_type_name, (CASE WHEN ((c.relkind = 'r'::"char") OR
((c.relkind = 'v'::"char") AND (EXISTS (SELECT 1 FROM pg_rewrite WHERE
(((pg_rewrite.ev_class = c.oid) AND (pg_rewrite.ev_type = '3'::"char"))
AND pg_rewrite.is_instead))))) THEN 'YES'::text ELSE 'NO'::text
END)::information_schema.yes_or_no AS is_insertable_into, (CASE WHEN
(t.typname IS NOT NULL) THEN 'YES'::text ELSE 'NO'::text
END)::information_schema.yes_or_no AS is_typed, (CASE WHEN (nc.oid =
pg_my_temp_schema()) THEN 'PRESERVE'::text ELSE NULL::text
END)::information_schema.character_data AS commit_action FROM
((pg_namespace nc JOIN pg_class c ON ((nc.oid = c.relnamespace))) LEFT
JOIN (pg_type t JOIN pg_namespace nt ON ((t.typnamespace = nt.oid))) ON
((c.reloftype = t.oid)))
WHERE (((c.relkind = ANY (ARRAY['r'::"char", 'v'::"char"])) AND (NOT
pg_is_other_temp_schema(nc.oid))) AND ((pg_has_role(c.relowner,
'USAGE'::text) OR has_table_privilege(c.oid, 'SELECT, INSERT, UPDATE,
DELETE, TRUNCATE, REFERENCES, TRIGGER'::text)) OR
has_any_column_privilege(c.oid, 'SELECT, INSERT, UPDATE,
REFERENCES'::text)));
}}}
--
Ticket URL: <https://trac.osgeo.org/postgis/ticket/532#comment:13>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.
More information about the postgis-devel
mailing list