From a14b88819a8a22da4f5abb19a3b1b61aebb10a7c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Tue, 21 May 2024 07:05:20 +0200 Subject: Merging upstream version 15.7. Signed-off-by: Daniel Baumann --- src/backend/parser/parse_merge.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/backend/parser/parse_merge.c') diff --git a/src/backend/parser/parse_merge.c b/src/backend/parser/parse_merge.c index e8865bf..de4825b 100644 --- a/src/backend/parser/parse_merge.c +++ b/src/backend/parser/parse_merge.c @@ -133,7 +133,11 @@ transformMergeStmt(ParseState *pstate, MergeStmt *stmt) int when_type = (mergeWhenClause->matched ? 0 : 1); /* - * Collect action types so we can check target permissions + * Collect permissions to check, according to action types. We require + * SELECT privileges for DO NOTHING because it'd be irregular to have + * a target relation with zero privileges checked, in case DO NOTHING + * is the only action. There's no damage from that: any meaningful + * MERGE command requires at least some access to the table anyway. */ switch (mergeWhenClause->commandType) { @@ -147,6 +151,7 @@ transformMergeStmt(ParseState *pstate, MergeStmt *stmt) targetPerms |= ACL_DELETE; break; case CMD_NOTHING: + targetPerms |= ACL_SELECT; break; default: elog(ERROR, "unknown action in MERGE WHEN clause"); -- cgit v1.2.3