Skip site navigation (1) Skip section navigation (2)

Re: information schema/aclexplode doesn't know about default privileges

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: information schema/aclexplode doesn't know about default privileges
Date: 2011-11-27 22:29:50
Message-ID: 19426.1322432990@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> This ought to show EXECUTE privilege on the new function, but it
> doesn't, because proacl is null, and nothing in the information schema
> handles that specially.

> I've pondered some ways to fix that.  One would be to add a variant of
> aclexplode() that takes a parameter telling which catalog the acl datum
> came from, and aclexplode() could then substitute the data received
> acldefault() for null values.  The other way would be to handle this
> entirely in the information schema SQL (either using some coalesce calls
> or perhaps a UNION).  But that would mean duplicating the knowledge of
> acldefault() in a second remote place.  So I'm thinking that handling it
> in aclexplode() would be better.

+1.  It would be a really bad idea for the acldefault() logic to be
duplicated someplace else, especially in SQL code where grepping for the
relevant macros wouldn't even find it.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Peter EisentrautDate: 2011-11-27 22:49:46
Subject: hiding variable-length fields from Form_pg_* structs
Previous:From: Dimitri FontaineDate: 2011-11-27 21:52:26
Subject: Re: Prep object creation hooks, and related sepgsql updates

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group