MIME-Version: 1.0
References: 
 <CANxoLDfXXyK7+Yc43LB9p2jCOkdps=73enqazasufuGwqZu0dg@mail.gmail.com>
In-Reply-To: 
 <CANxoLDfXXyK7+Yc43LB9p2jCOkdps=73enqazasufuGwqZu0dg@mail.gmail.com>
From: Dave Page <dpage@pgadmin.org>
Date: Wed, 19 Mar 2025 11:41:25 +0000
Message-ID: 
 <CA+OCxozQUzp9aTA=0afevqw2uYnofXiYa94oR9_ohCvjnJrLcQ@mail.gmail.com>
Subject: Re: Regarding Feature #5305
To: Akshay Joshi <akshay.joshi@enterprisedb.com>
Cc: pgadmin-hackers <pgadmin-hackers@postgresql.org>
Content-Type: multipart/alternative; boundary="000000000000f6bb3e0630b08044"
Archived-At: 
 <https://www.postgresql.org/message-id/CA%2BOCxozQUzp9aTA%3D0afevqw2uYnofXiYa94oR9_ohCvjnJrLcQ%40mail.gmail.com>
Precedence: bulk

--000000000000f6bb3e0630b08044
Content-Type: text/plain; charset="UTF-8"

On Wed, 19 Mar 2025 at 11:12, Akshay Joshi <akshay.joshi@enterprisedb.com>
wrote:

> Hi Dave/Hackers,
>
> I have started working on the feature #5305
> <https://github.com/pgadmin-org/pgadmin4/issues/5305>. Based on my
> understanding, the Object Explorer should only display nodes or objects
> where the currently logged-in user has at least one permission granted in
> the ACL. In other words, the user must have some level of access to each
> object displayed.
>
> For example, consider two users: 'postgres' (the default user) and 'test'.
> There are objects, such as a table, where the 'test' user does not have any
> permissions. This table was created by the 'postgres' user, who has revoked
> all permissions for other users. Now, if the 'test' user logs into the
> database server, we need to check whether the logged-in user has any
> permissions on the object. If not, it should not be displayed in the Object
> Explorer.
>
> We will have a preference for whether to apply this check or not. There
> are following two solutions that can be implemented:
> 1) Change the *nodes.sql* to filter out the nodes based on privileges.
> It's challenging, as I tried with aclexplode(relacl), unnest(relacl) in the
> WHERE clause, and other different attempts to filter out Table nodes, but
> seems we will find some solution for sure).
> 2) Once nodes are fetched then filter out the data at the backend.
>
> Any other solution or suggestion?
>

This seems like it would be a very large amount of work, for very little
gain, and would certainly be inconsistent with how we would expect to
browse files and folders for example. I do not think it is worth the effort.

-- 
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com

--000000000000f6bb3e0630b08044
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr"><br></div><br><div class=3D"gmail_quote g=
mail_quote_container"><div dir=3D"ltr" class=3D"gmail_attr">On Wed, 19 Mar =
2025 at 11:12, Akshay Joshi &lt;<a href=3D"mailto:akshay.joshi@enterprisedb=
.com">akshay.joshi@enterprisedb.com</a>&gt; wrote:<br></div><blockquote cla=
ss=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;=
border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex=
"><div dir=3D"ltr"><div>Hi Dave/Hackers,</div><div><br></div><div>I have st=
arted working on the feature <a href=3D"https://github.com/pgadmin-org/pgad=
min4/issues/5305" target=3D"_blank">#5305</a>.=C2=A0Based on my understandi=
ng, the Object Explorer should only display nodes or objects where the curr=
ently logged-in user has at least one permission granted in the ACL. In oth=
er words, the user must have some level of access to each object displayed.=
</div><div><br></div><div>For example, consider two users: &#39;postgres=
9; (the default user) and &#39;test&#39;. There are objects, such as a tabl=
e, where the &#39;test&#39; user does not have any permissions. This table =
was created by the &#39;postgres&#39; user, who has revoked all permissions=
 for other users. Now, if the &#39;test&#39; user logs into the database se=
rver, we need to check whether the logged-in user has any permissions on th=
e object. If not, it should not be displayed in the Object Explorer.</div><=
div><br></div><div>We will have a preference for whether to apply this chec=
k or not. There are following two solutions that can be implemented:=C2=A0<=
/div><div>1) Change the <b>nodes.sql</b> to filter out the nodes based on p=
rivileges. It&#39;s challenging, as I tried with aclexplode(relacl), unnest=
(relacl) in the WHERE clause, and other different attempts to filter out Ta=
ble nodes, but seems we will find some solution for sure).</div><div>2) Onc=
e nodes are fetched then filter out the data at the backend.</div><div><br>=
</div><div>Any other solution or suggestion? =C2=A0</div></div></blockquote=
><div><br></div><div>This seems like it would be a very large amount of wor=
k, for very little gain, and would certainly be inconsistent with how we wo=
uld expect to browse files and folders for example. I do not think it is wo=
rth the effort.</div><div>=C2=A0</div></div><span class=3D"gmail_signature_=
prefix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature"><div dir=
=3D"ltr">Dave Page<div>pgAdmin: <a href=3D"https://www.pgadmin.org" target=
=3D"_blank">https://www.pgadmin.org</a></div><div>PostgreSQL: <a href=3D"ht=
tps://www.postgresql.org" target=3D"_blank">https://www.postgresql.org</a><=
/div><div>pgEdge: <a href=3D"https://www.pgedge.com" target=3D"_blank">http=
s://www.pgedge.com</a><br><div></div><div><br></div></div></div></div></div=
>

--000000000000f6bb3e0630b08044--