Add note about CreateStatistics()'s selective use of check_rights.

Commit 5e4fcbe531 added a check_rights parameter to this function
for use by ALTER TABLE commands that re-create statistics objects.
However, we intentionally ignore check_rights when verifying
relation ownership because this function's lookup could return a
different answer than the caller's.  This commit adds a note to
this effect so that we remember it down the road.

Reviewed-by: Noah Misch <[email protected]>
Backpatch-through: 14

diff --git a/src/backend/commands/statscmds.c b/src/backend/commands/statscmds.c
index 0cf0ea43f19b5dd428fcc491bd7fea41311e57b5..77b1a6e2dc51f68a58a6ac2f5b84fa3170e6d4fd 100644 (file)
--- a/src/backend/commands/statscmds.c
+++ b/src/backend/commands/statscmds.c
@@ -135,7 +135,13 @@ CreateStatistics(CreateStatsStmt *stmt, bool check_rights)
                                                        RelationGetRelationName(rel)),
                                         errdetail_relkind_not_supported(rel->rd_rel->relkind)));
 
-               /* You must own the relation to create stats on it */
+               /*
+                * You must own the relation to create stats on it.
+                *
+                * NB: Concurrent changes could cause this function's lookup to find a
+                * different relation than a previous lookup by the caller, so we must
+                * perform this check even when check_rights == false.
+                */
                if (!object_ownercheck(RelationRelationId, RelationGetRelid(rel), stxowner))
                        aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
                                                   RelationGetRelationName(rel));