On 15 June 2017 at 23:12, Maeldron T. <maeld...@gmail.com> wrote:

> I could send an explicit command for each session to make it read-only
> I could use a read-only role (let’s ignore now I don’t use rules)

You can also set the GUC default_transaction_read_only = on.

But apps can easily clobber that with explicit read/write begin.
Setting it in combination with a role that doesn't have any write
permissions would be sufficient for most practical situations IMO.

> The DDL could be applied in a specific session as whitelisting is safer than
> blacklisting. I think the only missing part is if the subscription could
> turn on the writes for itself.
>
> If you think this would make sense, please consider it.

BDR has the option of marking a node as read-only, which is
implemented using an ExecutorStart_hook. It probably wouldn't be
overly hard to do the same thing as a standalone extension. You'd want
to detect when you were running within a logical replication apply
worker and permit changes then, but I don't expect that'd be unduly
hard.

It'd be nice to have a built-in way to do this, so maybe you could
pursue that for postgresql 11, raising a firm design idea here and
following up with a patch if you get a reasonable approximation of
consensus.

-- 
 Craig Ringer                   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to