• Tom Lane's avatar
    Allow non-superusers to create (some) extensions. · 8d3b421f
    Tom Lane authored
    Remove the unconditional superuser permissions check in CREATE EXTENSION,
    and instead define a "superuser" extension property, which when false
    (not the default) skips the superuser permissions check.  In this case
    the calling user only needs enough permissions to execute the commands
    in the extension's installation script.  The superuser property is also
    enforced in the same way for ALTER EXTENSION UPDATE cases.
    
    In other ALTER EXTENSION cases and DROP EXTENSION, test ownership of
    the extension rather than superuserness.  ALTER EXTENSION ADD/DROP needs
    to insist on ownership of the target object as well; to do that without
    duplicating code, refactor comment.c's big switch for permissions checks
    into a separate function in objectaddress.c.
    
    I also removed the superuserness checks in pg_available_extensions and
    related functions; there's no strong reason why everybody shouldn't
    be able to see that info.
    
    Also invent an IF NOT EXISTS variant of CREATE EXTENSION, and use that
    in pg_dump, so that dumps won't fail for installed-by-default extensions.
    We don't have any of those yet, but we will soon.
    
    This is all per discussion of wrapping the standard procedural languages
    into extensions.  I'll make those changes in a separate commit; this is
    just putting the core infrastructure in place.
    8d3b421f
catalogs.sgml 272 KB