Default monitoring roles

Three nologin roles with non-overlapping privs are created by default * pg_read_all_settings - read all GUCs. * pg_read_all_stats - pg_stat_*, pg_database_size(), pg_tablespace_size() * pg_stat_scan_tables - may lock/scan tables Top level role - pg_monitor includes all of the above by default, plus others Author: Dave Page Reviewed-by: Stephen Frost, Robert Haas, Peter Eisentraut, Simon Riggs
author: Simon Riggs <simon@2ndQuadrant.com> 2017-03-30 14:18:53 -0400
committer: Simon Riggs <simon@2ndQuadrant.com> 2017-03-30 14:18:53 -0400
commit: 25fff40798fc4ac11a241bfd9ab0c45c085e2212 (patch)
tree: 3c2e3eb741f814bba8eaa593d17811b86b8d2a00 /src/backend/replication/walreceiver.c
parent: e984ef5861df4bc9733b36271d05763e82de7c04 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/backend/replication/walreceiver.c b/src/backend/replication/walreceiver.c
index 771ac305c34..df93265c20e 100644
--- a/src/backend/replication/walreceiver.c
+++ b/src/backend/replication/walreceiver.c
@@ -50,6 +50,7 @@
 #include "access/timeline.h"
 #include "access/transam.h"
 #include "access/xlog_internal.h"
+#include "catalog/pg_authid.h"
 #include "catalog/pg_type.h"
 #include "funcapi.h"
 #include "libpq/pqformat.h"
@@ -1421,7 +1422,7 @@ pg_stat_get_wal_receiver(PG_FUNCTION_ARGS)
 	/* Fetch values */
 	values[0] = Int32GetDatum(walrcv->pid);
 
-	if (!superuser())
+	if (!is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
 	{
 		/*
 		 * Only superusers can see details. Other users only get the pid value
author	Simon Riggs <simon@2ndQuadrant.com>	2017-03-30 14:18:53 -0400
committer	Simon Riggs <simon@2ndQuadrant.com>	2017-03-30 14:18:53 -0400
commit	25fff40798fc4ac11a241bfd9ab0c45c085e2212 (patch)
tree	3c2e3eb741f814bba8eaa593d17811b86b8d2a00 /src/backend/replication/walreceiver.c
parent	e984ef5861df4bc9733b36271d05763e82de7c04 (diff)