Add note about CreateStatistics()'s selective use of check_rights.

Commit 5e4fcbe531 added a check_rights parameter to this function
for use by ALTER TABLE commands that re-create statistics objects.
However, we intentionally ignore check_rights when verifying
relation ownership because this function's lookup could return a
different answer than the caller's.  This commit adds a note to
this effect so that we remember it down the road.

Reviewed-by: Noah Misch <[email protected]>
Backpatch-through: 14

diff --git a/src/backend/commands/statscmds.c b/src/backend/commands/statscmds.c
index 0cf0ea43f19b5dd428fcc491bd7fea41311e57b5..77b1a6e2dc51f68a58a6ac2f5b84fa3170e6d4fd 100644 (file)
--- a/src/backend/commands/statscmds.c
+++ b/src/backend/commands/statscmds.c
@@ -135,7 +135,13 @@ CreateStatistics(CreateStatsStmt *stmt, bool check_rights)
                            RelationGetRelationName(rel)),
                     errdetail_relkind_not_supported(rel->rd_rel->relkind)));
 
-       /* You must own the relation to create stats on it */
+       /*
+        * You must own the relation to create stats on it.
+        *
+        * NB: Concurrent changes could cause this function's lookup to find a
+        * different relation than a previous lookup by the caller, so we must
+        * perform this check even when check_rights == false.
+        */
        if (!object_ownercheck(RelationRelationId, RelationGetRelid(rel), stxowner))
            aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
                           RelationGetRelationName(rel));