From 5c5cb200f7fdf66d507d77fa16f27ea5acfa272d Mon Sep 17 00:00:00 2001
From: Halil Ozan Akgul <hozanakgul@gmail.com>
Date: Wed, 24 Feb 2021 19:03:07 +0300
Subject: [PATCH] Adds GRANT for public to citus_tables

---
 src/backend/distributed/sql/citus--10.0-1--10.0-2.sql      | 2 ++
 .../distributed/sql/downgrades/citus--10.0-2--10.0-1.sql   | 2 ++
 src/test/regress/expected/multi_multiuser.out              | 7 +++++++
 src/test/regress/sql/multi_multiuser.sql                   | 5 +++++
 4 files changed, 16 insertions(+)

diff --git a/src/backend/distributed/sql/citus--10.0-1--10.0-2.sql b/src/backend/distributed/sql/citus--10.0-1--10.0-2.sql
index 813591cd3..746674a5a 100644
--- a/src/backend/distributed/sql/citus--10.0-1--10.0-2.sql
+++ b/src/backend/distributed/sql/citus--10.0-1--10.0-2.sql
@@ -1,3 +1,5 @@
 -- citus--10.0-1--10.0-2
 
 #include "../../columnar/sql/columnar--10.0-1--10.0-2.sql"
+
+GRANT SELECT ON public.citus_tables TO public;
diff --git a/src/backend/distributed/sql/downgrades/citus--10.0-2--10.0-1.sql b/src/backend/distributed/sql/downgrades/citus--10.0-2--10.0-1.sql
index c418000fd..988d288a1 100644
--- a/src/backend/distributed/sql/downgrades/citus--10.0-2--10.0-1.sql
+++ b/src/backend/distributed/sql/downgrades/citus--10.0-2--10.0-1.sql
@@ -1,2 +1,4 @@
 /* citus--10.0-2--10.0-1.sql */
 #include "../../../columnar/sql/downgrades/columnar--10.0-2--10.0-1.sql"
+
+REVOKE SELECT ON public.citus_tables FROM public;
diff --git a/src/test/regress/expected/multi_multiuser.out b/src/test/regress/expected/multi_multiuser.out
index 32c14b06f..01b4516e8 100644
--- a/src/test/regress/expected/multi_multiuser.out
+++ b/src/test/regress/expected/multi_multiuser.out
@@ -287,6 +287,13 @@ ERROR:  permission denied for table stripe
 -- (since citus extension has a dependency to it)
 DROP TABLE columnar.chunk;
 ERROR:  must be owner of table chunk
+-- test whether a read-only user can read from citus_tables view
+SELECT distribution_column FROM citus_tables WHERE table_name = 'test'::regclass;
+ distribution_column
+---------------------------------------------------------------------
+ id
+(1 row)
+
 -- check no permission
 SET ROLE no_access;
 EXECUTE prepare_insert(1);
diff --git a/src/test/regress/sql/multi_multiuser.sql b/src/test/regress/sql/multi_multiuser.sql
index 576728e91..0cdca30d3 100644
--- a/src/test/regress/sql/multi_multiuser.sql
+++ b/src/test/regress/sql/multi_multiuser.sql
@@ -184,6 +184,11 @@ INSERT INTO columnar.stripe VALUES(99);
 -- (since citus extension has a dependency to it)
 DROP TABLE columnar.chunk;
 
+
+-- test whether a read-only user can read from citus_tables view
+SELECT distribution_column FROM citus_tables WHERE table_name = 'test'::regclass;
+
+
 -- check no permission
 SET ROLE no_access;