Hi.
pg-schema-diff plan does not emit privilege diffs for regular views.
Environment:
- pg-schema-diff: 1.0.5
- PostgreSQL: 18
Repro 1: missing GRANT on view
Source (psd_from):
CREATE ROLE psd_role;
CREATE SCHEMA s;
CREATE TABLE s.t(id int);
CREATE VIEW s.v AS SELECT id FROM s.t;
GRANT USAGE ON SCHEMA s TO psd_role;
-- no SELECT grants on s.t / s.v
Target (psd_to):
CREATE SCHEMA s;
CREATE TABLE s.t(id int);
CREATE VIEW s.v AS SELECT id FROM s.t;
GRANT USAGE ON SCHEMA s TO psd_role;
GRANT SELECT ON s.t TO psd_role;
GRANT SELECT ON s.v TO psd_role;
Command:
pg-schema-diff plan \
--from-dsn "postgres://postgres:postgres@127.0.0.1:5432/psd_from" \
--to-dsn "postgres://postgres:postgres@127.0.0.1:5432/psd_to" \
--temp-db-dsn "postgres://postgres:postgres@127.0.0.1:5432/postgres" \
--output-format sql \
--disable-plan-validation
Actual:
GRANT SELECT ON "s"."t" TO "psd_role";
GRANT SELECT ON "s"."v" TO "psd_role";
Repro 2: missing REVOKE on view
Now reverse source/target ACLs:
Source (psd_from):
GRANT SELECT ON s.t TO psd_role;
GRANT SELECT ON s.v TO psd_role;
Target (psd_to):
-- no SELECT on s.t / s.v
Run the same plan command.
Actual:
REVOKE SELECT ON "s"."t" FROM "psd_role";
- does not emit revoke for:
REVOKE SELECT ON "s"."v" FROM "psd_role";
Expected:
GRANT/REVOKE SELECT diffs for regular views should be included.
Hi.
pg-schema-diff plandoes not emit privilege diffs for regular views.Environment:
Repro 1: missing GRANT on view
Source (
psd_from):Target (
psd_to):Command:
Actual:
Repro 2: missing REVOKE on view
Now reverse source/target ACLs:
Source (
psd_from):Target (
psd_to):-- no SELECT on s.t / s.vRun the same
plancommand.Actual:
Expected:
GRANT/REVOKE SELECTdiffs for regular views should be included.