Allow neon_superuser to create event triggers

src/backend/commands/event_trigger.c

@@ -119,7 +119,7 @@ CreateEventTrigger(CreateEventTrigStmt *stmt)
 	 * this, but there are obvious privilege escalation risks which would have
 	 * to somehow be plugged first.
 	 */
-	if (!superuser())
+	if (!superuser() && !is_neon_superuser())
 		ereport(ERROR,
 				(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
 				 errmsg("permission denied to create event trigger \"%s\"",

src/backend/commands/publicationcmds.c

@@ -728,13 +728,6 @@ CheckPubRelationColumnList(char *pubname, List *tables,
 	}
 }
 
-static bool
-is_neon_superuser(void)
-{
-	Oid neon_superuser_oid = get_role_oid("neon_superuser", true /*missing_ok*/);
-	return neon_superuser_oid != InvalidOid && has_privs_of_role(GetUserId(), neon_superuser_oid);
-}
-
 /*
  * Create new publication.
  */

src/backend/utils/adt/acl.c

@@ -123,6 +123,19 @@ static AclResult pg_role_aclcheck(Oid role_oid, Oid roleid, AclMode mode);
 
 static void RoleMembershipCacheCallback(Datum arg, int cacheid, uint32 hashvalue);
 
+bool
+is_neon_superuser(void)
+{
+	return is_neon_superuser_arg(GetUserId());
+}
+
+bool
+is_neon_superuser_arg(Oid roleid)
+{
+	Oid neon_superuser_oid = get_role_oid("neon_superuser", true /*missing_ok*/);
+	return neon_superuser_oid != InvalidOid && has_privs_of_role(roleid, neon_superuser_oid);
+}
+
 
 /*
  * getid

src/include/miscadmin.h

@@ -381,6 +381,9 @@ extern const char *GetSystemUser(void);
 extern bool superuser(void);	/* current user is superuser */
 extern bool superuser_arg(Oid roleid);	/* given user is superuser */
 
+/* in utils/adt/acl.c */
+extern bool is_neon_superuser(void); /* current user is neon_superuser */
+extern bool is_neon_superuser_arg(Oid roleid); /* given user is neon_superuser */
 
 /*****************************************************************************
  *	  pmod.h --																 *