On Thu, Sep 14, 2017 at 2:33 PM, Jeff Janes <jeff.ja...@gmail.com> wrote: > I think that foreign tables ought to behave as views do, where they run as > the owner rather than the invoker. No one has talked me out of it, but no > one has supported me on it either. But I think it is too late to change > that now.
That's an interesting point. I think that you can imagine use cases for either method. Obviously, if what you want to do is drill a hole through the Internet to another server and then expose it to some of your fellow users, having the FDW run with the owner's permissions (and credentials) is exactly right. But there's another use case too, which is where you have something that looks like a multi-user sharding cluster. You want each person's own credentials to carry over to everything they do remotely. I feel like the USER MAPPING stuff is a pretty clunky and annoying way of trying to make this work, no matter which of those use cases you happen to have. But I'm not exactly sure what would be better, either, and like you say, it's a bit late to be breaking compatibility at this point. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers