[YSQL][Role] YBM User is unable to install extension earthdistance with yb-db-admin role #29936
Description
Jira Link: DB-19793
Description
In YBM context, user will not be able to install extensions like earthdistance.
Specifically, user with role yb-db-admin is unable to install extension earthdistance
fyi
yugabyte=# create user user_2 login PASSWORD 'password' CREATEDB;
CREATE ROLE
yugabyte=# create database yb2;
CREATE DATABASE
yugabyte=# grant yb_db_admin to user_2;
GRANT ROLE
yugabyte=# grant yb_extension to user_2;
GRANT ROLE
yugabyte=# grant usage, create on schema public to user_2;
GRANT
Connect with new user user_2:
yb2=> select current_user;
current_user
--------------
user_2
(1 row)
yb2=> create extension earthdistance cascade;
NOTICE: installing required extension "cube"
WARNING: 'extension' is a beta feature!
HINT: To suppress this warning, set the 'ysql_beta_feature_extension' yb-tserver gflag to true.
(Set 'ysql_beta_features' yb-tserver gflag to true to suppress the warning for all beta features.)
WARNING: 'extension' is a beta feature!
HINT: To suppress this warning, set the 'ysql_beta_feature_extension' yb-tserver gflag to true.
(Set 'ysql_beta_features' yb-tserver gflag to true to suppress the warning for all beta features.)
ERROR: must be superuser to alter a type
yb2=> \du
List of roles
Role name | Attributes | Member of
--------------+------------------------------------------------------------+----------------------------
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
user_1 | Create DB | {yb_extension}
user_2 | Create DB | {yb_extension,yb_db_admin}
yb_db_admin | No inheritance, Cannot login | {}
yb_extension | Cannot login | {}
yb_fdw | Cannot login | {}
yugabyte | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
Issue Type
kind/bug
Warning: Please confirm that this issue does not contain any sensitive information
- I confirm this issue does not contain any sensitive information.