From 04e0708f4fb28af1aa4c56a4f103d5440042b192 Mon Sep 17 00:00:00 2001
From: Zsolt Parragi <zsolt.parragi@percona.com>
Date: Tue, 4 Feb 2025 19:43:46 +0000
Subject: [PATCH] fixing review comments

---
 contrib/pg_tde/expected/change_access_method.out     |  4 ++--
 .../pg_tde/expected/change_access_method_basic.out   |  8 ++++----
 contrib/pg_tde/src/pg_tde_event_capture.c            | 12 +-----------
 contrib/pg_tde/src/pg_tde_guc.c                      | 12 +++++++++++-
 4 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/contrib/pg_tde/expected/change_access_method.out b/contrib/pg_tde/expected/change_access_method.out
index 34c13058d3ac0..f97e027e93ac8 100644
--- a/contrib/pg_tde/expected/change_access_method.out
+++ b/contrib/pg_tde/expected/change_access_method.out
@@ -98,10 +98,10 @@ CREATE TABLE country_table3 (
      country_name    text unique not null,
      continent        text not null
 ) USING heap;
-psql:sql/change_access_method.inc:54: ERROR:  pg_tde.enforce_encryption is ON, only encrypted tables can be created.
+psql:sql/change_access_method.inc:54: ERROR:  pg_tde.enforce_encryption is ON, only the tde_heap access method is allowed.
  
 ALTER TABLE country_table SET access method  heap;
-psql:sql/change_access_method.inc:56: ERROR:  pg_tde.enforce_encryption is ON, only encrypted tables can be created.
+psql:sql/change_access_method.inc:56: ERROR:  pg_tde.enforce_encryption is ON, only the tde_heap access method is allowed.
 ALTER TABLE country_table2 SET access method  :tde_am;
 CREATE TABLE country_table3 (
      country_id        serial primary key,
diff --git a/contrib/pg_tde/expected/change_access_method_basic.out b/contrib/pg_tde/expected/change_access_method_basic.out
index 5d0aca316d20c..dc7f66bcaef85 100644
--- a/contrib/pg_tde/expected/change_access_method_basic.out
+++ b/contrib/pg_tde/expected/change_access_method_basic.out
@@ -123,18 +123,18 @@ CREATE TABLE country_table3 (
      country_name    text unique not null,
      continent        text not null
 ) USING heap;
-psql:sql/change_access_method.inc:54: ERROR:  pg_tde.enforce_encryption is ON, only encrypted tables can be created.
+psql:sql/change_access_method.inc:54: ERROR:  pg_tde.enforce_encryption is ON, only the tde_heap access method is allowed.
  
 ALTER TABLE country_table SET access method  heap;
-psql:sql/change_access_method.inc:56: ERROR:  pg_tde.enforce_encryption is ON, only encrypted tables can be created.
+psql:sql/change_access_method.inc:56: ERROR:  pg_tde.enforce_encryption is ON, only the tde_heap access method is allowed.
 ALTER TABLE country_table2 SET access method  :tde_am;
-psql:sql/change_access_method.inc:58: ERROR:  pg_tde.enforce_encryption is ON, only encrypted tables can be created.
+psql:sql/change_access_method.inc:58: ERROR:  pg_tde.enforce_encryption is ON, only the tde_heap access method is allowed.
 CREATE TABLE country_table3 (
      country_id        serial primary key,
      country_name    text unique not null,
      continent        text not null
 ) using :tde_am;
-psql:sql/change_access_method.inc:64: ERROR:  pg_tde.enforce_encryption is ON, only encrypted tables can be created.
+psql:sql/change_access_method.inc:64: ERROR:  pg_tde.enforce_encryption is ON, only the tde_heap access method is allowed.
 DROP TABLE country_table;
 DROP TABLE country_table2;
 DROP TABLE country_table3;
diff --git a/contrib/pg_tde/src/pg_tde_event_capture.c b/contrib/pg_tde/src/pg_tde_event_capture.c
index 66e71904486d8..3d85acfe7cceb 100644
--- a/contrib/pg_tde/src/pg_tde_event_capture.c
+++ b/contrib/pg_tde/src/pg_tde_event_capture.c
@@ -71,7 +71,7 @@ checkEncryptionClause(const char *accessMethod)
 	if (EnforceEncryption && !tdeCurrentCreateEvent.encryptMode)
 	{
 		ereport(ERROR,
-				(errmsg("pg_tde.enforce_encryption is ON, only encrypted tables can be created.")));
+				(errmsg("pg_tde.enforce_encryption is ON, only the tde_heap access method is allowed.")));
 	}
 }
 
@@ -156,8 +156,6 @@ pg_tde_ddl_command_start_capture(PG_FUNCTION_ARGS)
 		AlterTableStmt *stmt = (AlterTableStmt *) parsetree;
 		ListCell   *lcmd;
 
-		bool		isAccessMethodChange = false;
-
 		foreach(lcmd, stmt->cmds)
 		{
 			AlterTableCmd *cmd = (AlterTableCmd *) lfirst(lcmd);
@@ -166,19 +164,11 @@ pg_tde_ddl_command_start_capture(PG_FUNCTION_ARGS)
 			{
 				const char *accessMethod = cmd->name;
 
-				isAccessMethodChange = true;
-
 				tdeCurrentCreateEvent.eventType = TDE_TABLE_CREATE_EVENT;
 				tdeCurrentCreateEvent.relation = stmt->relation;
 				checkEncryptionClause(accessMethod);
 			}
 		}
-
-		if (EnforceEncryption && isAccessMethodChange && !tdeCurrentCreateEvent.encryptMode)
-		{
-			ereport(ERROR,
-					(errmsg("pg_tde.enforce_encryption is ON, only encrypted table access methods are allowed.")));
-		}
 	}
 #endif
 	PG_RETURN_NULL();
diff --git a/contrib/pg_tde/src/pg_tde_guc.c b/contrib/pg_tde/src/pg_tde_guc.c
index ce93ef0e26b2d..b406446d235fd 100644
--- a/contrib/pg_tde/src/pg_tde_guc.c
+++ b/contrib/pg_tde/src/pg_tde_guc.c
@@ -1,4 +1,14 @@
-
+/*-------------------------------------------------------------------------
+ *
+ * pg_tde_guc.c
+ *	  GUC variables for pg_tde
+ *
+ *
+ * IDENTIFICATION
+ *	  src/pg_tde_guc.c
+ *
+ *-------------------------------------------------------------------------
+ */
 
 #include "pg_tde_guc.h"
 #include "postgres.h"