• Stephen Frost's avatar
    pg_dump: Fix handling of ALTER DEFAULT PRIVILEGES · e2090d9d
    Stephen Frost authored
    In commit 23f34fa4, we changed how ACLs were handled to use the new
    pg_init_privs catalog and to dump out the ACL commands as REVOKE+GRANT
    combinations instead of trying to REVOKE all rights always and then
    GRANT back just the ones which were in place.
    
    Unfortunately, the DEFAULT PRIVILEGES system didn't quite get the
    correct treatment with this change and ended up (incorrectly) only
    including positive GRANTs instead of both the REVOKEs and GRANTs
    necessary to preserve the correct privileges.
    
    There are only a couple cases where such REVOKEs are possible because,
    generally speaking, there's few rights which exist on objects by
    default to be revoked.
    
    Examples of REVOKEs which weren't being correctly preserved are when
    privileges are REVOKE'd from the creator/owner, like so:
    
    ALTER DEFAULT PRIVILEGES
      FOR ROLE myrole
      REVOKE SELECT ON TABLES FROM myrole;
    
    or when other default privileges are being revoked, such as EXECUTE
    rights granted to public for functions:
    
    ALTER DEFAULT PRIVILEGES
      FOR ROLE myrole
      REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
    
    Fix this by correctly working out what the correct REVOKE statements are
    (if any) and dump them out, just as we do for everything else.
    
    Noticed while developing additional regression tests for pg_dump, which
    will be landing shortly.
    
    Back-patch to 9.6 where the bug was introduced.
    e2090d9d
dumputils.c 23.7 KB