From ab82340a43bebe57a3db0e52bb74120b3bb53ae5 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Mon, 6 Feb 2017 15:17:27 -0500 Subject: Avoid permission failure in pg_sequences.last_value Before, reading pg_sequences.last_value would fail unless the user had appropriate sequence permissions, which would make the pg_sequences view cumbersome to use. Instead, return null instead of the real value when there are no permissions. From: Michael Paquier Reported-by: Shinoda, Noriyoshi --- src/backend/catalog/system_views.sql | 6 +++++- src/test/regress/expected/rules.out | 5 ++++- 2 files changed, 9 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/backend/catalog/system_views.sql b/src/backend/catalog/system_views.sql index 28be27a07ec..907e0fb6301 100644 --- a/src/backend/catalog/system_views.sql +++ b/src/backend/catalog/system_views.sql @@ -175,7 +175,11 @@ CREATE OR REPLACE VIEW pg_sequences AS S.seqincrement AS increment_by, S.seqcycle AS cycle, S.seqcache AS cache_size, - pg_sequence_last_value(C.oid) AS last_value + CASE + WHEN has_sequence_privilege(C.oid, 'SELECT,USAGE'::text) + THEN pg_sequence_last_value(C.oid) + ELSE NULL + END AS last_value FROM pg_sequence S JOIN pg_class C ON (C.oid = S.seqrelid) LEFT JOIN pg_namespace N ON (N.oid = C.relnamespace) WHERE NOT pg_is_other_temp_schema(N.oid) diff --git a/src/test/regress/expected/rules.out b/src/test/regress/expected/rules.out index 60731a99b7c..9c99a451ba0 100644 --- a/src/test/regress/expected/rules.out +++ b/src/test/regress/expected/rules.out @@ -1647,7 +1647,10 @@ pg_sequences| SELECT n.nspname AS schemaname, s.seqincrement AS increment_by, s.seqcycle AS cycle, s.seqcache AS cache_size, - pg_sequence_last_value((c.oid)::regclass) AS last_value + CASE + WHEN has_sequence_privilege(c.oid, 'SELECT,USAGE'::text) THEN pg_sequence_last_value((c.oid)::regclass) + ELSE NULL::bigint + END AS last_value FROM ((pg_sequence s JOIN pg_class c ON ((c.oid = s.seqrelid))) LEFT JOIN pg_namespace n ON ((n.oid = c.relnamespace))) -- cgit v1.2.3