PostgreSQL 9.5以前的版本,pg_authid有个字段rolcatupdate,用来标记用户是否有更新catalog的权限。 如果rolcatupdate=false,即使是超级用户也不能更新catalog。
但是在9.5以后,这个字段被删掉了,如下commit:
http://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=bb8582abf3c4db18b508627a52effd43672f9410
Remove rolcatupdate
This role attribute is an ancient PostgreSQL feature, but could only be
set by directly updating the system catalogs, and it doesn't have any
clearly defined use.
Author: Adam Brightwell <adam.brightwell@crunchydatasolutions.com>因此你在9.5的版本看不到pg_authid的字段rolcatupdate了。
然而EDB有个用来增量同步Oracle, PostgreSQL数据的工具xDB,这个工具需要用到这个权限,更新pg_class.relhastriggers字段来禁用触发器。
例子:
digoal=# create table tab(id int);
CREATE TABLE
digoal=# create or replace function tg() returns trigger as
$$
digoal$# declare
digoal$# begin
digoal$# raise notice 'trigged';
digoal$# return null;
digoal$# end;
digoal$#
$$
language plpgsql strict;
CREATE FUNCTION
digoal=# create trigger tg after insert on tab for each row execute procedure tg();
CREATE TRIGGER
digoal=# insert into tab values (1);
NOTICE: trigged
INSERT 0 1更新pg_class.relhastriggers = false,就看不到这个触发器了。
digoal=# update pg_class set relhastriggers =false where relname='tab';
UPDATE 1
digoal=# insert into tab values (1);
INSERT 0 1
digoal=# insert into tab values (2);
INSERT 0 1
digoal=# insert into tab values (3);
INSERT 0 1
digoal=# \d+ tab
Table "public.tab"
Column | Type | Modifiers | Storage | Stats target | Description
--------+---------+-----------+---------+--------------+-------------
id | integer | | plain | |
digoal=# update pg_class set relhastriggers =true where relname='tab';
UPDATE 1
digoal=# \d+ tab
Table "public.tab"
Column | Type | Modifiers | Storage | Stats target | Description
--------+---------+-----------+---------+--------------+-------------
id | integer | | plain | |
Triggers:
tg AFTER INSERT ON tab FOR EACH ROW EXECUTE PROCEDURE tg()使用这种语法也可禁用触发器
digoal=# alter table tab disable trigger tg;
ALTER TABLE
digoal=# \d+ tab
Table "public.tab"
Column | Type | Modifiers | Storage | Stats target | Description
--------+---------+-----------+---------+--------------+-------------
id | integer | | plain | |
Disabled user triggers:
tg AFTER INSERT ON tab FOR EACH ROW EXECUTE PROCEDURE tg()这种方法禁用触发器实际上是改动pg_trigger.tgenabled
digoal=# \d pg_trigger
Table "pg_catalog.pg_trigger"
Column | Type | Modifiers
----------------+--------------+-----------
tgrelid | oid | not null
tgname | name | not null
tgfoid | oid | not null
tgtype | smallint | not null
tgenabled | "char" | not null
tgisinternal | boolean | not null
tgconstrrelid | oid | not null
tgconstrindid | oid | not null
tgconstraint | oid | not null
tgdeferrable | boolean | not null
tginitdeferred | boolean | not null
tgnargs | smallint | not null
tgattr | int2vector | not null
tgargs | bytea | not null
tgqual | pg_node_tree |
Indexes:
"pg_trigger_oid_index" UNIQUE, btree (oid)
"pg_trigger_tgrelid_tgname_index" UNIQUE, btree (tgrelid, tgname)
"pg_trigger_tgconstraint_index" btree (tgconstraint)
digoal=# insert into tab values (2);
INSERT 0 1
digoal=# alter table tab enable trigger tg;
ALTER TABLE
digoal=# insert into tab values (2);
NOTICE: trigged
INSERT 0 1赋予普通用户alter table enable|disable trigger的权限
digoal=# grant trigger on table tab to digoal;
GRANT
digoal=# \c digoal digoal
digoal=# alter table tab disable trigger tg;
ALTER TABLE
