sql: address tech debt and edge cases in ALTER DEFAULT PRIVILEGES and REASSIGN OWNED BY #132929
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
sql: allow admins to ALTER DEFAULT PRIVILEGES for any role
Release note (bug fix): Users with the admin role can now run
ALTER DEFAULT PRIVILEGES FOR target_role ...
on any target_role. Previously,this could result in a privilege error, which is incorrect as admins are
allowed to perform any operation.
sql: address TODO for REASSIGN OWNED for public schema
Release note (bug fix): REASSIGN OWNED BY will now transfer ownership of
the public schema. Previously, it would always skip over the public
schema even if it was owned by the target role.
sql: fix ownership checks in REASSIGN OWNED BY
It was not correct to use the isOwner helper function here, since that
implicitly returns true for any admin role.
For REASSIGN OWNED BY, we only should reassign ownership if the object
is explicitly owned by the given role.
Release note: None
Epic: None