Ignore tablespace ACLs when ignoring schema ACLs.

The ALTER TABLE ALTER TYPE implementation can issue DROP INDEX and
CREATE INDEX to refit existing indexes for the new column type.  Since
this CREATE INDEX is an implementation detail of an index alteration,
the ensuing DefineIndex() should skip ACL checks specific to index
creation.  It already skips the namespace ACL check.  Make it skip the
tablespace ACL check, too.  Back-patch to 9.2 (all supported versions).

Reviewed by Tom Lane.

diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c
index 1b5bf474a1c2bec6d06e4f93091d570ab0929c71..fb51a793643624df958b3d6c9b7f47c389412731 100644 (file)
--- a/src/backend/commands/indexcmds.c
+++ b/src/backend/commands/indexcmds.c
@@ -285,8 +285,8 @@ CheckIndexCompatible(Oid oldId,
  * 'indexRelationId': normally InvalidOid, but during bootstrap can be
  *     nonzero to specify a preselected OID for the index.
  * 'is_alter_table': this is due to an ALTER rather than a CREATE operation.
- * 'check_rights': check for CREATE rights in the namespace.  (This should
- *     be true except when ALTER is deleting/recreating an index.)
+ * 'check_rights': check for CREATE rights in namespace and tablespace.  (This
+ *     should be true except when ALTER is deleting/recreating an index.)
  * 'skip_build': make the catalog entries but leave the index file empty;
  *     it will be filled later.
  * 'quiet': suppress the NOTICE chatter ordinarily provided for constraints.
@@ -421,8 +421,9 @@ DefineIndex(Oid relationId,
        /* note InvalidOid is OK in this case */
    }
 
-   /* Check permissions except when using database's default */
-   if (OidIsValid(tablespaceId) && tablespaceId != MyDatabaseTableSpace)
+   /* Check tablespace permissions */
+   if (check_rights &&
+       OidIsValid(tablespaceId) && tablespaceId != MyDatabaseTableSpace)
    {
        AclResult   aclresult;