Ah, I didn't realize that was an option on the function. They're already being created by a trigger (the table is partitioned on a foreign key, so partitions are created by a trigger on the referenced table); it sounds like I can just update that trigger function with `security definer`.
-Sam
https://github.com/nelsam
"As an adolescent I aspired to lasting fame, I craved factual certainty, and
I thirsted for a meaningful vision of human life -- so I became a scientist.
This is like becoming an archbishop so you can meet girls."
-- Matt Cartmill
"As an adolescent I aspired to lasting fame, I craved factual certainty, and
I thirsted for a meaningful vision of human life -- so I became a scientist.
This is like becoming an archbishop so you can meet girls."
-- Matt Cartmill
On Thu, Feb 4, 2021 at 4:42 PM David G. Johnston <david.g.johnston@xxxxxxxxx> wrote:
On Thu, Feb 4, 2021 at 3:39 PM Samuel Nelson <valczir.darkvein@xxxxxxxxx> wrote:I've been trying to restrict permissions of some users in our system and noticed that `create table foo partition of bar for values from (x) to (y)` complains that I must be the owner of the table. Is there another GRANT I can give to my user to allow creation and dropping of partitions without allowing them to drop the parent table?I doubt it...might want to consider writing a security definer function that you can give them permission to run instead of having them do things directly.David J.
