Grant needed perms in add_node instead of requiring DBA to set up them.

Previous commit doc fix reverted accordingly.

Author: arssher

pg_shardman--0.0.2.sql

@@ -105,6 +105,7 @@ DECLARE
 	master_node_id int;
 	sys_id bigint;
 	conn_string_effective text = COALESCE(conn_string, super_conn_string);
+	conn_string_effective_user text;
 BEGIN
 	IF NOT shardman.is_shardlord()
 	THEN
@@ -113,18 +114,19 @@ BEGIN
 				   super_conn_string, conn_string, repl_group))::int;
 	END IF;
 
-	-- Insert new node in nodes table
+	-- Insert new node in nodes table.
+	-- We have to update system_id (and repl_group, for which we probably need
+	-- system_id) only after insert, because broadcast fetches connstring from
+	-- shardman.nodes itself.
 	INSERT INTO shardman.nodes (system_id, super_connection_string,
 								connection_string, replication_group)
 	VALUES (0, super_conn_string, conn_string_effective, '')
 		   RETURNING id INTO new_node_id;
 
-	-- We have to update system_id along with dependant repl_group after insert,
-	-- because otherwise broadcast will not work.
 	sys_id := shardman.broadcast(
 		format('%s:SELECT shardman.get_system_identifier();',
-			   new_node_id))::bigint;
-	IF EXISTS(SELECT 1 FROM shardman.nodes where system_id = sys_id) THEN
+			   new_node_id), super_connstr => true)::bigint;
+	IF EXISTS(SELECT 1 FROM shardman.nodes WHERE system_id = sys_id) THEN
 		RAISE EXCEPTION 'Node with system id % is already in the cluster', sys_id;
 	END IF;
 	UPDATE shardman.nodes SET system_id = sys_id WHERE id = new_node_id;
@@ -133,6 +135,19 @@ BEGIN
 		(CASE WHEN repl_group IS NULL THEN sys_id::text ELSE repl_group END)
 		WHERE id = new_node_id;
 
+	-- If conn_string is provided, make sure effective user has permissions on
+	-- shardman schema and postgres_fdw.
+	IF conn_string IS NOT NULL THEN
+		conn_string_effective_user := shardman.broadcast(
+			format('%s:SELECT current_user;', new_node_id),
+			super_connstr => false);
+		PERFORM shardman.broadcast(
+			format('{%s:GRANT USAGE ON FOREIGN DATA WRAPPER postgres_fdw TO %s;
+				   GRANT USAGE ON SCHEMA shardman TO %s;}',
+				   new_node_id, conn_string_effective_user, conn_string_effective_user),
+			super_connstr => true);
+	END IF;
+
 	-- Adjust replication channels within replication group.
 	-- We need all-to-all replication channels between all group members.
 	FOR node IN SELECT * FROM shardman.nodes WHERE replication_group = repl_group

readme.md

@@ -469,8 +469,6 @@ former is used for configuring logical replication, the latter for DDL and for
 setting up FDW, i.e. accessing the data. This separation serves two purposes:
   * It allows to work with the data without requiring superuser privileges.
   * It allows to set up pgbouncer, as replication can't go through it.
-If `conn_string` is employed, PostgreSQL user it allows to authenticate as must
-have `USAGE` permission on `postgres_fdw` FDW  and on `shardman` schema.
 If `conn_string` is `NULL`, `super_conn_string` is used everywhere.
 
 `repl_group` is the name of node's replication group. We have no explicit

tests/python/tests.py

@@ -839,7 +839,7 @@ def test_copy_from(self):
         self.lord.safe_psql(DBNAME, "drop table pt_text;")
         self.lord.destroy_cluster()
 
-# Create user joe and allow it to use shardman; configure pg_hba accordingly.
+# Create user joe for accessing data; configure pg_hba accordingly.
 # Unfortunately, we must use password, because postgres_fdw forbids passwordless
 # access for non-superusers
 def non_super_user_cbk(worker):
@@ -848,8 +848,6 @@ def non_super_user_cbk(worker):
                      set synchronous_commit to local;
 	             drop role if exists joe;
 	             create role joe login password '12345';
-	             grant usage on foreign data wrapper postgres_fdw to joe;
-	             grant all privileges on schema shardman to group joe;
                      """)
     worker.stop()
     hba_conf_path = os.path.join(worker.data_dir, "pg_hba.conf")