]> granicus.if.org Git - postgresql/commit
Switch user ID to the object owner when populating a materialized view.
authorNoah Misch <noah@leadboat.com>
Fri, 12 Jul 2013 22:21:22 +0000 (18:21 -0400)
committerNoah Misch <noah@leadboat.com>
Fri, 12 Jul 2013 22:21:22 +0000 (18:21 -0400)
commitf3ab5d46960023cf8a9df3751ab9748ce01a46a0
tree484f5381fe26bd82dd20889a4c5bc1d8b974e948
parent448fee2e238ae4797e68d7d15b49f2fc52691547
Switch user ID to the object owner when populating a materialized view.

This makes superuser-issued REFRESH MATERIALIZED VIEW safe regardless of
the object's provenance.  REINDEX is an earlier example of this pattern.
As a downside, functions called from materialized views must tolerate
running in a security-restricted operation.  CREATE MATERIALIZED VIEW
need not change user ID.  Nonetheless, avoid creation of materialized
views that will invariably fail REFRESH by making it, too, start a
security-restricted operation.

Back-patch to 9.3 so materialized views have this from the beginning.

Reviewed by Kevin Grittner.
doc/src/sgml/ref/create_materialized_view.sgml
src/backend/commands/createas.c
src/backend/commands/matview.c