From 323bcca5249c707b68d9f6d921d86fd750bcf33e Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Tue, 14 May 2024 21:16:20 +0200 Subject: Merging upstream version 16.3. Signed-off-by: Daniel Baumann --- src/backend/parser/parse_merge.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/backend/parser/parse_merge.c') diff --git a/src/backend/parser/parse_merge.c b/src/backend/parser/parse_merge.c index 91b1156..bf62466 100644 --- a/src/backend/parser/parse_merge.c +++ b/src/backend/parser/parse_merge.c @@ -133,7 +133,11 @@ transformMergeStmt(ParseState *pstate, MergeStmt *stmt) int when_type = (mergeWhenClause->matched ? 0 : 1); /* - * Collect action types so we can check target permissions + * Collect permissions to check, according to action types. We require + * SELECT privileges for DO NOTHING because it'd be irregular to have + * a target relation with zero privileges checked, in case DO NOTHING + * is the only action. There's no damage from that: any meaningful + * MERGE command requires at least some access to the table anyway. */ switch (mergeWhenClause->commandType) { @@ -147,6 +151,7 @@ transformMergeStmt(ParseState *pstate, MergeStmt *stmt) targetPerms |= ACL_DELETE; break; case CMD_NOTHING: + targetPerms |= ACL_SELECT; break; default: elog(ERROR, "unknown action in MERGE WHEN clause"); -- cgit v1.2.3