On 4/8/22 08:58, Magnus Hagander wrote:
A side-note on this, which of course won't help the OP at this point, but if the general best practice of not running the application with a highly privileged account is followed, the problem won't occur (it will just fail early before breaking things). DISABLE TRIGGER ALL requires either ownership of the table or superuser permissions, none of which it's recommended that the application run with. Doesn't help once the problem has occurred of course, but can help avoid it happening in the future.
It gets even better further down in that code, where it UPDATEs pg_constraint directly. That not only requires superuser but also catupd permissions (which are separate from superuser for a reason).
Regards, Jan
