Skip site navigation (1) Skip section navigation (2)

Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: josh(at)agliodbs(dot)com
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema
Date: 2005-01-29 00:39:00
Message-ID: 28910.1106959140@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Josh Berkus <josh(at)agliodbs(dot)com> writes:
> Hmm, what about using, ALL and NEW?   i.e.

> GRANT SELECT ON NEW TABLES IN public TO phpuser;
> GRANT SELECT ON ALL TABLES IN public TO phpuser;

That seems good to me.  More generally it would be

	GRANT perm [,...] ON NEW/ALL TABLES IN schema [,...] TO user [,...]

which leaves us the freedom to later add

	GRANT perm [,...] ON NEW/ALL FUNCTIONS IN schema [,...] TO user [,...]

and so on.

> Of course, this assumes that tables named "new" or "all" are not possible ...
> are those reserved?

As long as you aren't allowed to omit the word "TABLES", I think we can
do this without making ALL or NEW any more reserved than they are
already.  I haven't actually tried it in bison though.

TABLES (and later FUNCTIONS, etc) isn't a keyword at all right now IIRC,
but as long as we can do this without making it reserved, I think that's
not a big objection.

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: Tom LaneDate: 2005-01-29 00:43:14
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema
Previous:From: Josh BerkusDate: 2005-01-29 00:33:58
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group