Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tr2An-00DlXi-VX
	for pgsql-hackers@arkaria.postgresql.org; Sat, 08 Mar 2025 21:57:34 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tr2Am-009wRJ-85
	for pgsql-hackers@arkaria.postgresql.org; Sat, 08 Mar 2025 21:57:32 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <nathandbossart@gmail.com>)
	id 1tr2Al-009wNU-Dv
	for pgsql-hackers@lists.postgresql.org; Sat, 08 Mar 2025 21:57:31 +0000
Received: from mail-qt1-x82c.google.com ([2607:f8b0:4864:20::82c])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <nathandbossart@gmail.com>)
	id 1tr2Ai-001kVp-2r
	for pgsql-hackers@postgresql.org;
	Sat, 08 Mar 2025 21:57:30 +0000
Received: by mail-qt1-x82c.google.com with SMTP id d75a77b69052e-47519994f25so42051841cf.1
        for <pgsql-hackers@postgresql.org>; Sat, 08 Mar 2025 13:57:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1741471048; x=1742075848; darn=postgresql.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=mXs9IVWs36Hy2p0N+6eGGTmCb2aSXbXcqsWhpp+IVh0=;
        b=RbidfIOR4IpZ5y7Z23inzaFKGbCcTDZKq+MJ0YixZq9jBeyB/v2WWnmgqJeVOyqplk
         qRbjmUsxRLqrA/wHMNW3pSBdrVNHTdfpoNpUrwQCjdzuuNWjK87CruY4UNhrrZeYGbR/
         qsmriNc0ppw99gauiZ8/D+m/37eof0R1NmaFMFKns1M9+9Iuso08NZDUEDtPag2za1/r
         wDvwrRsDYnptPCj2B31xqOkPM4c2aCM+Y+4AFmH/4aEDjPu4Kx/nO5yvkS606M1i4AHn
         JfSKzPhcGG05wKaAoJBN8kzAlHC92zU9BeWbwZZxZoAiYh298z9FlJtLZTMT+Mij5TTW
         qrsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1741471048; x=1742075848;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=mXs9IVWs36Hy2p0N+6eGGTmCb2aSXbXcqsWhpp+IVh0=;
        b=TcKmvUk+DN+GK05j7w0sAJnLfIGjcVjLfHNaJlkxoiESstKRwpTH1QrFTrsAaGHmQM
         GifURN/yf9JDfvpg8Ir66cD2MNkzb2s6xPwHTAmWYA/PV+8pQYAPzrL9V7aqlDYfHzwv
         o78KDRX6SfSpqRPrcAQqP8xBoCf/piIP2QyJC71dRFX8pcLRNYqxv1Ab8MVx/m4E+5XY
         sEMLimLRXx1QfMZJW3VaKDCRrq80bteiGTpYHJUS8/ODfvivryCRYdjUGERQcR6q4B6m
         gE1pA/Msc7laT6w+enfBgF4BcEUooGwM2nDJK638jkOXFTenxLZAd2Ms+nPZIZRozcon
         D6gg==
X-Forwarded-Encrypted: i=1; AJvYcCX/bI0c21DZrf1IqpqDBm4O1i2d1mEb/8IQQ6EEr36rjSnxmxk8vJ5yjB+A3krMOmroJiyJGbDR/Tt0wsyF@postgresql.org
X-Gm-Message-State: AOJu0YwifceO49J+rGamyAUA3r+6eDhRbo7mQ5TsCyfGPShGSGTb3pps
	rERefWtvRWlQCjQkKdt3j8ab08LepyZwneSM/3T+WM+Br13JlXZu
X-Gm-Gg: ASbGncudho3WU7vaaGfhI72ALWNakGgw3v3KRkUlogmVusfiBYrn68VC/yJBE/W57c2
	tnPsmT4xOCkd7uLJVU0HVo4xN9bDqjdyv5Z1/i7wXqx8QWPX0g1uSGfyQNP2xdqb44imAf0R3ld
	OS+Ln7KL+29VMIiPBd8E+YJakgsnEp+zDzGikcUXTBwfgMjQEPIGJe0V2gVW1iOuyBdXI+o0dTg
	Uk8kpXAxvucHuY8UAGp4hUu/V7hNs3fnbe2q5EwTGZVYwGnzRS8Xt0Ks/GwjeQWGPoz+MXnYgDm
	ucKF2kdmsss0zq4bqjZTQMJrIQzRcpqzJlOWZjGA+u2N+GQxPdArM+zKt/rKbMZNCRhRKFMaVPO
	a8BfwfP4VOP/cYiP+z1SXTTdKlh7pa8LHHYU=
X-Google-Smtp-Source: AGHT+IH4mwAxRxjmmi0NNqYTMuh1V0iuMrOFxEeBPXBUdTdak2bRlM+wRsKitFpb3UAziHtjSsNMGg==
X-Received: by 2002:ac8:578a:0:b0:472:8fd:90ec with SMTP id d75a77b69052e-47618af9718mr108921151cf.44.1741471048217;
        Sat, 08 Mar 2025 13:57:28 -0800 (PST)
Received: from nathan (162-195-168-172.lightspeed.stlsmo.sbcglobal.net. [162.195.168.172])
        by smtp.gmail.com with ESMTPSA id d75a77b69052e-4766708f8edsm10719861cf.71.2025.03.08.13.57.26
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 08 Mar 2025 13:57:27 -0800 (PST)
Date: Sat, 8 Mar 2025 15:57:25 -0600
From: Nathan Bossart <nathandbossart@gmail.com>
To: Ayush Vatsa <ayushvatsa1810@gmail.com>
Cc: Robert Haas <robertmhaas@gmail.com>, Tom Lane <tgl@sss.pgh.pa.us>,
	"David G. Johnston" <david.g.johnston@gmail.com>,
	PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Subject: Re: Clarification on Role Access Rights to Table Indexes
Message-ID: <Z8y9RTT-vU6oVI_Y@nathan>
References: <CA+TgmoZG71zBpLOfCGZqGhtp=88z6=YYhi54TEsCtKr3v+UpoA@mail.gmail.com>
 <1243984.1739894558@sss.pgh.pa.us>
 <CA+Tgmob_W0iq9Kuugra3WYTO2429RMJ_+HkVukrXWOUN81QiEw@mail.gmail.com>
 <1246906.1739896202@sss.pgh.pa.us>
 <CA+TgmoZYM2az+yCWu5DBnV50N_BE9f1r8-Doy6-tZTySeb-s+A@mail.gmail.com>
 <CACX+KaNAbOzePn710EtzH9F5xiUdBC+u59=UMab=Wr8jgDKQtw@mail.gmail.com>
 <Z8dcGMMP3-D5dobY@nathan>
 <CACX+KaO4R9QDxbPSxSB0jNXFsqA6Jf=UPS+tyUvT_YvuP_grVA@mail.gmail.com>
 <Z8yxsm9ZWVkHlPbV@nathan>
 <CACX+KaP+6U9jf=GT4wpR7TvRvSMtTAhz=vP2Zr+ZdUFVZzqNsA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="2h1cpbNhPxu/zVfF"
Content-Disposition: inline
In-Reply-To: <CACX+KaP+6U9jf=GT4wpR7TvRvSMtTAhz=vP2Zr+ZdUFVZzqNsA@mail.gmail.com>
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: <https://www.postgresql.org/message-id/Z8y9RTT-vU6oVI_Y%40nathan>
Precedence: bulk


--2h1cpbNhPxu/zVfF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Sun, Mar 09, 2025 at 03:01:41AM +0530, Ayush Vatsa wrote:
> Maybe we can move ahead with the patch if we can see no other concerns.

I think we should allow some time in case others want to review the patch.
I do see a concern upthread about increased deadlock risk [0], but your
patch doesn't lock the table, but unless I'm wrong [1] (which is always
possible), it doesn't need to lock it.

Anyway, here is a tidied up patch.

[0] https://postgr.es/m/1246906.1739896202%40sss.pgh.pa.us
[1] https://postgr.es/m/Z8yxsm9ZWVkHlPbV%40nathan

-- 
nathan

--2h1cpbNhPxu/zVfF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment;
	filename="v2-0001-pg_prewarm-For-indexes-check-privileges-on-table.patch"

From 326b4bfbb67485f40d77eaf97ea78bfef49b02f3 Mon Sep 17 00:00:00 2001
From: Nathan Bossart <nathan@postgresql.org>
Date: Sat, 8 Mar 2025 15:45:32 -0600
Subject: [PATCH v2 1/1] pg_prewarm: For indexes, check privileges on table.

Author: Ayush Vatsa <ayushvatsa1810@gmail.com>
Discussion: https://postgr.es/m/CACX%2BKaMz2ZoOojh0nQ6QNBYx8Ak1Dkoko%3DD4FSb80BYW%2Bo8CHQ%40mail.gmail.com
Backpatch-through: 13
---
 contrib/pg_prewarm/pg_prewarm.c   | 13 +++++++++++--
 contrib/pg_prewarm/t/001_basic.pl | 29 ++++++++++++++++++++++++++++-
 2 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/contrib/pg_prewarm/pg_prewarm.c b/contrib/pg_prewarm/pg_prewarm.c
index a2f0ac4af0c..57bd1527a50 100644
--- a/contrib/pg_prewarm/pg_prewarm.c
+++ b/contrib/pg_prewarm/pg_prewarm.c
@@ -16,6 +16,7 @@
 #include <unistd.h>
 
 #include "access/relation.h"
+#include "catalog/index.h"
 #include "fmgr.h"
 #include "miscadmin.h"
 #include "storage/bufmgr.h"
@@ -55,6 +56,7 @@ Datum
 pg_prewarm(PG_FUNCTION_ARGS)
 {
 	Oid			relOid;
+	Oid			permOid;
 	text	   *forkName;
 	text	   *type;
 	int64		first_block;
@@ -103,9 +105,16 @@ pg_prewarm(PG_FUNCTION_ARGS)
 	forkString = text_to_cstring(forkName);
 	forkNumber = forkname_to_number(forkString);
 
-	/* Open relation and check privileges. */
+	/*
+	 * Open relation and check privileges.  Indexes don't have their own
+	 * privileges, so we check privileges on the table instead in that case.
+	 */
 	rel = relation_open(relOid, AccessShareLock);
-	aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
+	if (rel->rd_rel->relkind == RELKIND_INDEX)
+		permOid = IndexGetRelation(relOid, false);
+	else
+		permOid = relOid;
+	aclresult = pg_class_aclcheck(permOid, GetUserId(), ACL_SELECT);
 	if (aclresult != ACLCHECK_OK)
 		aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), get_rel_name(relOid));
 
diff --git a/contrib/pg_prewarm/t/001_basic.pl b/contrib/pg_prewarm/t/001_basic.pl
index 0a8259d3678..a77ab67d29e 100644
--- a/contrib/pg_prewarm/t/001_basic.pl
+++ b/contrib/pg_prewarm/t/001_basic.pl
@@ -23,7 +23,9 @@ $node->start;
 $node->safe_psql("postgres",
 		"CREATE EXTENSION pg_prewarm;\n"
 	  . "CREATE TABLE test(c1 int);\n"
-	  . "INSERT INTO test SELECT generate_series(1, 100);");
+	  . "INSERT INTO test SELECT generate_series(1, 100);\n"
+	  . "CREATE INDEX test_idx ON test(c1);\n"
+	  . "CREATE ROLE test_user LOGIN;");
 
 # test read mode
 my $result =
@@ -42,6 +44,31 @@ ok( (        $stdout =~ qr/^[1-9][0-9]*$/
 		  or $stderr =~ qr/prefetch is not supported by this build/),
 	'prefetch mode succeeded');
 
+# test_user should be unable to prewarm table/index without privileges
+($cmdret, $stdout, $stderr) =
+  $node->psql(
+    "postgres", "SELECT pg_prewarm('test');",
+    extra_params => [ '--username' => 'test_user' ]);
+ok($stderr =~ /permission denied for table test/, 'pg_prewarm failed as expected');
+($cmdret, $stdout, $stderr) =
+  $node->psql(
+    "postgres", "SELECT pg_prewarm('test_idx');",
+    extra_params => [ '--username' => 'test_user' ]);
+ok($stderr =~ /permission denied for index test_idx/, 'pg_prewarm failed as expected');
+
+# test_user should be able to prewarm table/index with privileges
+$node->safe_psql("postgres", "GRANT SELECT ON test TO test_user;");
+$result =
+  $node->safe_psql(
+    "postgres", "SELECT pg_prewarm('test');",
+    extra_params => [ '--username' => 'test_user' ]);
+like($result, qr/^[1-9][0-9]*$/, 'pg_prewarm succeeded as expected');
+$result =
+  $node->safe_psql(
+    "postgres", "SELECT pg_prewarm('test_idx');",
+    extra_params => [ '--username' => 'test_user' ]);
+like($result, qr/^[1-9][0-9]*$/, 'pg_prewarm succeeded as expected');
+
 # test autoprewarm_dump_now()
 $result = $node->safe_psql("postgres", "SELECT autoprewarm_dump_now();");
 like($result, qr/^[1-9][0-9]*$/, 'autoprewarm_dump_now succeeded');
-- 
2.39.5 (Apple Git-154)


--2h1cpbNhPxu/zVfF--