Skip site navigation (1) Skip section navigation (2)

DROP OWNED again

From: Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>
To: Patches <pgsql-patches(at)postgresql(dot)org>
Subject: DROP OWNED again
Date: 2005-11-18 19:54:30
Message-ID: 20051118195430.GA26861@surnet.cl (view raw or flat)
Thread:
Lists: pgsql-patchespgsql-www
People,

Here is the patch for DROP OWNED (finally!).  This patch implements two
new commands, DROP OWNED and REASSIGN OWNED BY.

DROP OWNED drops the objects owned by any of a list of roles (in the
current database, of course).  It also revokes all privileges that have
been granted to any of them.  One must have privileges of all the
mentioned roles in order to be able to do this.  (So a superuser can do
it for any role, and in the simple case a role can do it only to
itself.)

REASSIGN OWNED gives the objects away to some other role.  It doesn't
touch grants.  So if a role has been granted something and you want to
drop it but keep the objects, you must do REASSIGN OWNED and then DROP
OWNED.  One must have all privileges of all the mentioned roles in
order to do this, including the receiving role.

The idea of all this is that if you want to drop a role, you first issue
a DROP ROLE, note all the databases on which it says it has dependences,
connect to each and issue REASSIGN OWNED and/or DROP OWNED as
appropiate, and finally issue DROP ROLE again.  This eases dropping a
role (or that is the theory anyway).

The patch is missing regression tests.  I will include them when I apply
it.  I intend to apply it tomorrow or so, unless somebody has (strong?
Is the time when people "strongly objected" to things gone?) objections
to it.

-- 
Alvaro Herrera                                http://www.PlanetPostgreSQL.org
"La rebeldía es la virtud original del hombre" (Arthur Schopenhauer)

Responses

pgsql-www by date

Next:From: Tom LaneDate: 2005-11-19 00:59:04
Subject: Re: DROP OWNED again
Previous:From: Stephen FrostDate: 2005-11-18 15:08:50
Subject: Re: BUG #2052: Federal Agency Tech Hub Refuses to Accept Postgresql on Network because of Security Vulnerabilities

pgsql-patches by date

Next:From: Andrew DunstanDate: 2005-11-18 22:42:36
Subject: drop if exists - first piece
Previous:From: Tom LaneDate: 2005-11-18 15:06:47
Subject: Re: Minor comment update for DELETE

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group