From d8474d4b47f8f24dc735a5e6567b34c0789bc949 Mon Sep 17 00:00:00 2001 From: Jens Wilke Date: Wed, 10 Sep 2025 11:15:48 +0200 Subject: [PATCH 1/2] skip and warn about role mismatch in run_maintenance --- sql/functions/run_maintenance.sql | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/sql/functions/run_maintenance.sql b/sql/functions/run_maintenance.sql index e4783c0..76beea6 100644 --- a/sql/functions/run_maintenance.sql +++ b/sql/functions/run_maintenance.sql @@ -44,6 +44,7 @@ v_parent_exists text; v_parent_oid oid; v_parent_schema text; v_parent_tablename text; +v_parent_owner text; v_partition_expression text; v_premade_count int; v_row record; @@ -162,13 +163,18 @@ LOOP END IF; END IF; - SELECT n.nspname, c.relname, c.oid - INTO v_parent_schema, v_parent_tablename, v_parent_oid + SELECT n.nspname, c.relname, c.oid, c.relowner::regrole + INTO v_parent_schema, v_parent_tablename, v_parent_oid, v_parent_owner FROM pg_catalog.pg_class c JOIN pg_catalog.pg_namespace n ON c.relnamespace = n.oid WHERE n.nspname = split_part(v_row.parent_table, '.', 1)::name AND c.relname = split_part(v_row.parent_table, '.', 2)::name; + IF v_parent_owner != current_role THEN + RAISE WARNING 'Child partition creation skipped for parent table % owner is % but current role is %', v_row.parent_table, v_parent_owner, current_role; + CONTINUE; + END IF; + -- Always returns the default partition first if it exists SELECT partition_tablename INTO v_default_tablename FROM @extschema@.show_partitions(v_row.parent_table, p_include_default := true) LIMIT 1; From 4361087d7d605afd24e127a6bd243cc34ea773ab Mon Sep 17 00:00:00 2001 From: Jens Wilke Date: Fri, 12 Sep 2025 16:07:09 +0200 Subject: [PATCH 2/2] skip and warn about role mismatch in partition_data_time and partition_data_id --- sql/functions/partition_data_id.sql | 13 +++++++++++++ sql/functions/partition_data_time.sql | 12 ++++++++++++ 2 files changed, 25 insertions(+) diff --git a/sql/functions/partition_data_id.sql b/sql/functions/partition_data_id.sql index 67e8c54..f93eabe 100644 --- a/sql/functions/partition_data_id.sql +++ b/sql/functions/partition_data_id.sql @@ -28,6 +28,7 @@ v_max_partition_id bigint; v_min_partition_id bigint; v_parent_schema text; v_parent_tablename text; +v_parent_owner text; v_partition_interval bigint; v_partition_id bigint[]; v_rowcount bigint; @@ -69,6 +70,18 @@ IF v_control_type <> 'id' OR (v_control_type = 'id' AND v_epoch <> 'none') THEN RAISE EXCEPTION 'Control column for given partition set is not id/serial based or epoch flag is set for time-based partitioning.'; END IF; +SELECT c.relowner::regrole +INTO v_parent_owner +FROM pg_catalog.pg_class c +JOIN pg_catalog.pg_namespace n ON c.relnamespace = n.oid +WHERE n.nspname = v_parent_schema +AND c.relname = v_parent_tablename; + +IF v_parent_owner != current_role THEN + RAISE EXCEPTION 'parent table % owner is % but current role is %', p_parent_table, v_parent_owner, current_role; +END IF; + + IF p_source_table IS NOT NULL THEN -- Set source table to user given source table instead of parent table v_source_schemaname := NULL; diff --git a/sql/functions/partition_data_time.sql b/sql/functions/partition_data_time.sql index 34ca397..210934e 100644 --- a/sql/functions/partition_data_time.sql +++ b/sql/functions/partition_data_time.sql @@ -30,6 +30,7 @@ v_max_partition_timestamp timestamptz; v_min_partition_timestamp timestamptz; v_parent_schema text; v_parent_tablename text; +v_parent_owner text; v_partition_expression text; v_partition_interval interval; v_partition_suffix text; @@ -76,6 +77,17 @@ IF v_control_type <> 'time' THEN END IF; END IF; +SELECT c.relowner::regrole +INTO v_parent_owner +FROM pg_catalog.pg_class c +JOIN pg_catalog.pg_namespace n ON c.relnamespace = n.oid +WHERE n.nspname = v_parent_schema +AND c.relname = v_parent_tablename; + +IF v_parent_owner != current_role THEN + RAISE EXCEPTION 'parent table % owner is % but current role is %', p_parent_table, v_parent_owner, current_role; +END IF; + -- Replace the parent variables with the source variables if using source table for child table data IF p_source_table IS NOT NULL THEN -- Set source table to user given source table instead of parent table