crunchy_check_access

crunchy_check_access copied to clipboard

Replace uses of pg_authid with pg_roles so that crunchy_check_access ca…

3

Replace uses of pg_authid with pg_roles so it can be used in Postgres instances where privileged catalog tables are restricted, such as public cloud providers (AWS)

roberto-mello

all_access() returns incomplete results?

1

Following the examples in your blog article https://info.crunchydata.com/blog/postgresql-defaults-and-impact-on-security-part-1, `all_access()` seems to return incomplete results: joe is a member of both dbadm and endusers, so his privileges should be the same...

hai-ld

The current goal and function of check_access is to report on actual access routes. This is useful to report what roles can actively perform actions on tables. This PR adds...

cbrianpace

Replace list of oids for function arguments with more explicit list

1

Casting from oidvector to text produced a list of OIDs that seemed less helpful to the reader than what `pg_catalog.pg_get_function_arguments` produces, so use that.

davidfetter

Adding of "@extschema@" for SQL objects in order. Currently, if extension is installed in an another schema of public, we need to set search_path in order to make it working...

ThomasPoty

Update for v0.2 release

1

Incorporate all recent PRs into a new version release Add CHANGELOG & LICENSE files Add precommit hooks

keithf4