Josh Berkus <josh(at)agliodbs(dot)com> writes:
> Hmm, what about using, ALL and NEW? i.e.
> GRANT SELECT ON NEW TABLES IN public TO phpuser;
> GRANT SELECT ON ALL TABLES IN public TO phpuser;
That seems good to me. More generally it would be
GRANT perm [,...] ON NEW/ALL TABLES IN schema [,...] TO user [,...]
which leaves us the freedom to later add
GRANT perm [,...] ON NEW/ALL FUNCTIONS IN schema [,...] TO user [,...]
and so on.
> Of course, this assumes that tables named "new" or "all" are not possible ...
> are those reserved?
As long as you aren't allowed to omit the word "TABLES", I think we can
do this without making ALL or NEW any more reserved than they are
already. I haven't actually tried it in bison though.
TABLES (and later FUNCTIONS, etc) isn't a keyword at all right now IIRC,
but as long as we can do this without making it reserved, I think that's
not a big objection.
regards, tom lane
In response to
pgsql-hackers by date
|Next:||From: Tom Lane||Date: 2005-01-29 00:43:14|
|Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema |
|Previous:||From: Josh Berkus||Date: 2005-01-29 00:33:58|
|Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema|