On Wed, 19 Mar 2025 at 12:42, Akshay Joshi <akshay.jo...@enterprisedb.com> wrote:
> > > On Wed, Mar 19, 2025 at 5:11 PM Dave Page <dp...@pgadmin.org> wrote: > >> >> >> On Wed, 19 Mar 2025 at 11:12, Akshay Joshi <akshay.jo...@enterprisedb.com> >> wrote: >> >>> Hi Dave/Hackers, >>> >>> I have started working on the feature #5305 >>> <https://github.com/pgadmin-org/pgadmin4/issues/5305>. Based on my >>> understanding, the Object Explorer should only display nodes or objects >>> where the currently logged-in user has at least one permission granted in >>> the ACL. In other words, the user must have some level of access to each >>> object displayed. >>> >>> For example, consider two users: 'postgres' (the default user) and >>> 'test'. There are objects, such as a table, where the 'test' user does not >>> have any permissions. This table was created by the 'postgres' user, who >>> has revoked all permissions for other users. Now, if the 'test' user logs >>> into the database server, we need to check whether the logged-in user has >>> any permissions on the object. If not, it should not be displayed in the >>> Object Explorer. >>> >>> We will have a preference for whether to apply this check or not. There >>> are following two solutions that can be implemented: >>> 1) Change the *nodes.sql* to filter out the nodes based on privileges. >>> It's challenging, as I tried with aclexplode(relacl), unnest(relacl) in the >>> WHERE clause, and other different attempts to filter out Table nodes, but >>> seems we will find some solution for sure). >>> 2) Once nodes are fetched then filter out the data at the backend. >>> >>> Any other solution or suggestion? >>> >> >> This seems like it would be a very large amount of work, for very little >> gain, and would certainly be inconsistent with how we would expect to >> browse files and folders for example. I do not think it is worth the effort. >> > > OK Thanks, So should we keep this feature request open or close it? > I'd close it. -- Dave Page pgAdmin: https://www.pgadmin.org PostgreSQL: https://www.postgresql.org pgEdge: https://www.pgedge.com
