Implementation of external data management #1158

[paradox1307]

Link to RFC - Distributed queries (Management of External Data) proposal

[paradox1307]

This is a draft implementation of external data management (SQL:MED). It will be improved after the metacache #7954 is merged.

[sim1984]

Are there any restrictions for users/roles on using foreign servers? I think there should be. That is, we should have something like:

GRANT USAGE ON SERVER <server_name>
TO <grantee_list> [WITH GRANT OPTION]
[{GRANTED BY | AS} [USER] <grantor>];

REVOKE [GRANT OPTION FOR]
USAGE ON SERVER <server_name>
FROM <grantee_list>
[{GRANTED BY | AS} [USER] <grantor>];

This is important, especially if the foreign server stores authentication data. Not every authenticated user should be able to use it in an EXECUTE STATEMENT.

[paradox1307]

Are there any restrictions for users/roles on using foreign servers? I think there should be.

Yes, there should be restrictions on using foreign servers. The MED standard requires GRANT/REVOKE USAGE ON FOREIGN SERVER. Implemented in df133b1 . Please note that when creating foreign tables and user mappings, USAGE checks have also been added, as required by the standard.

[sim1984]

Are there any restrictions for users/roles on using foreign servers? I think there should be.

Yes, there should be restrictions on using foreign servers. The MED standard requires GRANT/REVOKE USAGE ON FOREIGN SERVER. Implemented in df133b1 . Please note that when creating foreign tables and user mappings, USAGE checks have also been added, as required by the standard.

This should be described in the README.MED.md documentation.

[paradox1307]

This should be described in the README.MED.md documentation.

Added description GRANT/REVOKE USAGE ON FOREIGN SERVER to the documentation.