Right now, if an unprivileged user issues VACUUM/ANALYZE (without specifying a table), it will emit messages for each relation that it skips, including indexes, views, and other objects that can't be a direct target of VACUUM/ANALYZE anyway. Attached patch causes it to check the type of object first, and then check privileges second.
Found while reviewing the MAINTAIN privilege patch. Implemented with his suggested fix. I intend to commit soon. -- Jeff Davis PostgreSQL Contributor Team - AWS
From e1f0c310175285945ca0742b92fc70e2405cb831 Mon Sep 17 00:00:00 2001 From: Jeff Davis <j...@j-davis.com> Date: Tue, 13 Dec 2022 17:37:22 -0800 Subject: [PATCH v1] Clean up useless "skipping" messages for VACUUM/ANALYZE. When VACUUM/ANALYZE are run on an entire database, it warns of skipping relations for which the user doesn't have sufficient privileges. That only makes sense for tables, so skip such messages for indexes, etc. --- src/backend/commands/vacuum.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/backend/commands/vacuum.c b/src/backend/commands/vacuum.c index 293b84bbca..bb4847dfa0 100644 --- a/src/backend/commands/vacuum.c +++ b/src/backend/commands/vacuum.c @@ -874,10 +874,6 @@ get_all_vacuum_rels(int options) MemoryContext oldcontext; Oid relid = classForm->oid; - /* check permissions of relation */ - if (!vacuum_is_permitted_for_relation(relid, classForm, options)) - continue; - /* * We include partitioned tables here; depending on which operation is * to be performed, caller will decide whether to process or ignore @@ -888,6 +884,10 @@ get_all_vacuum_rels(int options) classForm->relkind != RELKIND_PARTITIONED_TABLE) continue; + /* check permissions of relation */ + if (!vacuum_is_permitted_for_relation(relid, classForm, options)) + continue; + /* * Build VacuumRelation(s) specifying the table OIDs to be processed. * We omit a RangeVar since it wouldn't be appropriate to complain -- 2.34.1
