Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1w7VPw-005Nxz-28 for pgsql-hackers@arkaria.postgresql.org; Tue, 31 Mar 2026 09:29:49 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1w7VPv-009EVe-0E for pgsql-hackers@arkaria.postgresql.org; Tue, 31 Mar 2026 09:29:47 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1w7VPu-009EVK-20 for pgsql-hackers@lists.postgresql.org; Tue, 31 Mar 2026 09:29:47 +0000 Received: from udcm-wwu2.uni-muenster.de ([128.176.118.28]) by makus.postgresql.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1w7VPs-00000001wem-1FI2 for pgsql-hackers@lists.postgresql.org; Tue, 31 Mar 2026 09:29:46 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=uni-muenster.de; i=@uni-muenster.de; q=dns/txt; s=uniout; t=1774949384; x=1806485384; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=GmrSNo02aZndfpqDZnGaOBjiWgXAdmnKONKMKr5ZTTA=; b=bykraMvKVM2EwLtH5U6+ULs6MwnA3dJY2K4ZSdhIkNWwDHX9KmNFCVN1 +gp4UQXaECAApPU62puKHIRYC5YDad1tJRUpLMRJ4MoRTAUq2S6F8ZBkk TfIculFa92NIs1F6V2xcewNK2KAbokInqzg9zg0xMMKAMG2DHY0bVQ/uA LmHu98sS6SaIMGoUZSbWPOz6lcBrljClMUx9GS2bHOpQ8ZG/YTVbhsVL4 pyWnoSfO7KksQ4/s4ckR8/rW/wKT45TagBPD0Z/0jgkquhGbMgdBc+jJg KK/0cWZQXruQNJr+ukgdrbOaBVRGjDQlii08D4FZzL8EWnspPRdEPsTWA g==; X-CSE-ConnectionGUID: 6hC/nV15QWCWBVQ3sy26Uw== X-CSE-MsgGUID: bfoukXYVS0ao3c3IGIixQA== X-IronPort-AV: E=Sophos;i="6.23,151,1770591600"; d="scan'208";a="389293878" Received: from secmail.uni-muenster.de ([128.176.118.4]) by UDCM-RELAY2.UNI-MUENSTER.DE with ESMTP; 31 Mar 2026 11:29:39 +0200 Received: from [192.168.178.27] (dynamic-078-048-124-206.78.48.pool.telefonica.de [78.48.124.206]) by SECMAIL.UNI-MUENSTER.DE (Postfix) with ESMTPSA id D25DC20ADF00; Tue, 31 Mar 2026 11:29:38 +0200 (CEST) Message-ID: Date: Tue, 31 Mar 2026 11:29:38 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: WIP - xmlvalidate implementation from TODO list To: Pavel Stehule Cc: Marcos Magueta , Andrey Borodin , Kirill Reshke , PostgreSQL Hackers References: <08052569-9384-41b5-bcb7-33929fcc6c71@uni-muenster.de> <2ba05acc-6392-42a4-b59e-61df086b2d4d@uni-muenster.de> <1d49e214-93bc-4928-945c-27e60251a6ad@uni-muenster.de> <9228b6dc-cfae-4a11-927a-209680f5507e@uni-muenster.de> <2f8ca841-0956-4e7d-8fa2-038b879c8f4d@uni-muenster.de> Content-Language: de-DE, en-GB From: Jim Jones In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 30/03/2026 22:28, Pavel Stehule wrote: > I checked db2 doc, and if I understand their doc, the XML schema is > identified by "relational identifier" SQLschema.name > > So taking XML schema as catalog object is the correct analogy and using > acl looks to me correct. +1 > But what is different (patch and db2), one relational identifier can > identify a group of XML schemas. So there is relation 1:N not 1:1. You > can see the REGISTER XMLSCHEMA command. I wonder what are the applications for this 1:N relationship between xml schemas and their identifiers. Sounds cool though. > The schema registration is different on MSSQL where it is more similar > to some local cache, and schema is identified only by uri. In this case > using ACL can be messy, and I can imagine having some dedicated role > that can registerĀ a new xml schema. But MSSQL doesn't support SQL/XML > XMLVALIDATE function. > > Both concepts are workable, and I have no strong preference for one or > second (maybe DB2 concept is better for Postgres, probably DB2 concept > is closer to SQL/XML). But if we use relational identifiers, then it > should be consistent with other usage of relational identifiers - there > ACL should be used. A few other things I noticed in v6 == event triggers (event_trigger.c) == OBJECT_XMLSCHEMA is in the elog(ERROR) path of stringify_grant_objtype() and stringify_adefprivs_objtype(). Since the grammar does support GRANT/REVOKE ... ON XMLSCHEMA, any event trigger on ddl_command_end that fires during a GRANT on an XML schema will raise a elog(ERROR, "unsupported object type"). An additional test here would be nice as well. == corrupt dump == pg_dump is ignoring GRANT statements. Since the feature supports GRANT/REVOKE on XMLSCHEMAS, omitting ACL dump means privileges are silently lost during dump/restore. == inconsistent DDL statements == The docs suggest that ALTER XMLSCHEMA ... IF EXISTS is supported, which isn't the case. It should be either implemented or just removed from the docs. == different error message for build without libxml == In xml.c the error messag used is "unsupported XML feature", but you're using "xmlschema support requires libxml" in pg_xmlschema.c. I think we should be consistent here. Thanks! Best, Jim