Skip site navigation (1) Skip section navigation (2)

Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: josh(at)agliodbs(dot)com
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema
Date: 2005-01-29 00:24:40
Message-ID: 28765.1106958280@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Josh Berkus <josh(at)agliodbs(dot)com> writes:
> Can't say I like either.     I'd prefer:

> GRANT [PERM] ON ALL TABLES IN SCHEMA [schemaname] TO [user];

I agree that this syntax seems more SQL-ish than relying on a wildcard.

> GRANT SELECT, UPDATE, INSERT ON TABLES IN SCHEMA public TO php-user;

> .. would set the defaults for any NEW tables created in public, and this 
> command:

> GRANT SELECT, UPDATE, INSERT ON TABLES IN SCHEMA public TO php-user CASCADE;

> ... would grant for existing tables as well.

This however seems a rather whimsical reinvention of the meaning of
CASCADE.  I'm not sure if we really need to support both immediate and
delayed inheritance of privileges from a schema, but if we do, let's
please use some other keyword than CASCADE to distinguish the cases.
Also it'd probably be better if they were independent commands, rather
than one subsuming the other as you suggest.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Josh BerkusDate: 2005-01-29 00:33:58
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema
Previous:From: Sailesh KrishnamurthyDate: 2005-01-28 23:42:09
Subject: Re: Group-count estimation statistics

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group