Skip to content

[PG18] Add various hooks for SU functionality #849

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mmeent-databricks wants to merge 7 commits into
base: REL_18_STABLE_neon
Choose a base branch
from
Open

[PG18] Add various hooks for SU functionality #849

mmeent-databricks wants to merge 7 commits into from
+71 −45

Conversation

@mmeent-databricks
Copy link

@mmeent-databricks mmeent-databricks commented Dec 29, 2025

This functionality can allow users to get temporary SU permisions, within a certain scope.

@mmeent-databricks
Add various hooks for SU functionality
e4fdcdc 
This functionality can allow users to get temporary SU permisions, within
a certain scope.  See $hadron$/pgxn/neon/su_statements.c for details.
@mmeent-databricks
Fix missing EventTrigger_hook call.
7f8e8a8
HaoyuHuang
HaoyuHuang reviewed Dec 29, 2025
View reviewed changes
src/backend/utils/misc/superuser.c
result = ((Form_pg_authid) GETSTRUCT(rtup))->rolsuper;
ReleaseSysCache(rtup);

if (!result && SUForUser_hook != NULL)
Copy link

@HaoyuHuang HaoyuHuang Dec 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we do this before the cache hit in line 63?

Copy link
Author

@mmeent-databricks mmeent-databricks Dec 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, our handling of this is cache-aware: Every time we add/drop a level of the stack we reset the cache.

tristan957 and others added 5 commits December 29, 2025 19:24
@tristan957
Move the neon_storage_token GUC definition to the neon extension
32149dd 
This is exactly what we do for privileged_role_name. It reduces the
amount of changes in the fork.

Signed-off-by: Tristan Partin <tristan.partin@databricks.com>
@mmeent-databricks
Add various hooks for SU functionality
ba9fdf8 
This functionality can allow users to get temporary SU permisions, within
a certain scope.  See $hadron$/pgxn/neon/su_statements.c for details.
@mmeent-databricks
Fix missing EventTrigger_hook call.
6d076fd
@mmeent-databricks
Merge remote-tracking branch 'origin/add-su-hooks/v18' into add-su-ho…
35e9720 
…oks/v18
c
21ae7d8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@HaoyuHuang HaoyuHuang HaoyuHuang left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@mmeent-databricks @HaoyuHuang @tristan957