| From: | nielsgron(at)gmail(dot)com |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: 8.1 removed functions |
| Date: | 2005-12-29 01:34:47 |
| Message-ID: | 1135820087.586504.32950@f14g2000cwb.googlegroups.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi Tom,
With PG 8.0 I was using a query using makeaclitem() and aclcontains()
to extract permissions. Here is a sample query for database
permissions ...
SELECT
((grantee.name)::character varying) AS grantee,
((nc.datname)::character varying) AS database,
(pr."type") AS privilege_type,
(
CASE
WHEN aclcontains(nc.datacl, makeaclitem(grantee.usesysid,
grantee.grosysid, u_grantor.usesysid, pr."type", true))
THEN 'YES'::text
ELSE 'NO'::text
END) AS is_grantable,
('NO') AS with_hierarchy
FROM
pg_database nc,
pg_user u_grantor,
((((( SELECT pg_user.usesysid, 0, pg_user.usename FROM pg_user )
UNION ALL
( SELECT 0, pg_group.grosysid, pg_group.groname FROM pg_group
)
)) UNION ALL ( SELECT 0, 0, 'PUBLIC' ) )) grantee(usesysid, grosysid,
name),
((((( SELECT 'CREATE' ) UNION ALL ( SELECT 'TEMP' ) )) UNION ALL (
SELECT 'USAGE' ) )) pr("type")
WHERE
aclcontains(nc.datacl, makeaclitem(grantee.usesysid, grantee.grosysid,
u_grantor.usesysid, pr."type", false))
AND (grantee.name = 'postgres'::name)
What is the recommended manner to extract object permissions for 8.1
now that these functions are not available?
regards,
-Niels
| From | Date | Subject | |
|---|---|---|---|
| Next Message | xiapw | 2005-12-29 02:09:01 | I want to know how to improve the security of postgresql |
| Previous Message | Ted Byers | 2005-12-29 01:28:39 | Re: [Bulk] Re: Final stored procedure question, for now anyway |