PG: Only list tables where schema has USAGE permission (#7000)

This covers cases where partitioned tables are part of a schema that is not accessible by the current user. CREATE SCHEMA xyz; CREATE TABLE xyz.tab ( id bigint GENERATED ALWAYS AS IDENTITY, ts timestamp NOT NULL ) PARTITION BY LIST ((ts::date)); CREATE TABLE xyz.tab_default PARTITION OF xyz.tab DEFAULT;
getredash · Jun 6, 2024 · 17fe69f · 17fe69f
1 parent bceaab0
commit 17fe69f
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/redash/query_runner/pg.py b/redash/query_runner/pg.py
@@ -231,7 +231,9 @@ def _get_tables(self, schema):
         ON a.attrelid = c.oid
         AND a.attnum > 0
         AND NOT a.attisdropped
-        WHERE c.relkind IN ('m', 'f', 'p') AND has_table_privilege(s.nspname || '.' || c.relname, 'select')
+        WHERE c.relkind IN ('m', 'f', 'p')
+        AND has_table_privilege(s.nspname || '.' || c.relname, 'select')
+        AND has_schema_privilege(s.nspname, 'usage')
 
         UNION