From c2379542bb4cdb1d3fb2c01b7d69008d310c7344 Mon Sep 17 00:00:00 2001
From: Varik Matevosyan <varikmatevosyan@gmail.com>
Date: Wed, 20 Nov 2024 00:48:30 +0400
Subject: [PATCH] fix permission issues when replicating ddl commands

---
 model/lantern/lantern_resource.rb | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/model/lantern/lantern_resource.rb b/model/lantern/lantern_resource.rb
index 81a2b43a3..1c24ccba2 100644
--- a/model/lantern/lantern_resource.rb
+++ b/model/lantern/lantern_resource.rb
@@ -120,13 +120,14 @@ def create_ddl_log
         id SERIAL PRIMARY KEY,
         object_tag TEXT,
         ddl_command TEXT,
-        timestamp TIMESTAMP
+        timestamp TIMESTAMP,
+        "session_user" TEXT
     );
     CREATE OR REPLACE FUNCTION log_ddl_changes()
     RETURNS event_trigger AS $$
     BEGIN
-      INSERT INTO ddl_log (object_tag, ddl_command, timestamp)
-              VALUES (tg_tag, current_query(), current_timestamp);
+      INSERT INTO ddl_log (object_tag, ddl_command, timestamp, "session_user")
+              VALUES (tg_tag, current_query(), current_timestamp, session_user);
     END;
     $$ LANGUAGE plpgsql
     SECURITY DEFINER;
@@ -155,7 +156,9 @@ def listen_ddl_log
    RETURNS TRIGGER AS $$
    BEGIN
        SET search_path TO public;
+       EXECUTE format('SET ROLE %I', NEW.session_user);
        EXECUTE NEW.ddl_command;
+       RESET ROLE;
        RETURN NEW;
    END;
    $$ LANGUAGE plpgsql;