Skip site navigation (1) Skip section navigation (2)

Re: GRANT/REVOKE: Allow column-level privileges

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Euler Taveira de Oliveira <eulerto(at)yahoo(dot)com(dot)br>
Cc: kevin brintnall <kbrint(at)rufus(dot)net>, William ZHANG <uniware(at)zedware(dot)org>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: GRANT/REVOKE: Allow column-level privileges
Date: 2006-01-30 01:16:40
Message-ID: 24506.1138583800@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Euler Taveira de Oliveira <eulerto(at)yahoo(dot)com(dot)br> writes:
> --- kevin brintnall <kbrint(at)rufus(dot)net> escreveu:
>> if user matches an acl for the column
>>	.. and priv is granted, then permit
>>	.. else priv is not granted, reject
>> else fall through to table privileges

> Wouldn't it be more cheap to test the most-common-case table privileges
> first?

Also, the "reject" bit is wrong: if you have table-level privileges
then that implies privileges on all columns.  So it should be just
an additional test made after failing to find the desired table-level
privilege, and before erroring out.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Mark WoodwardDate: 2006-01-30 02:27:19
Subject: Re: Want to add to contrib.... xmldbx
Previous:From: Euler Taveira de OliveiraDate: 2006-01-30 00:28:02
Subject: Re: GRANT/REVOKE: Allow column-level privileges

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group