this is first public version of our DefaultACLs patch as described on
It allows GRANT/REVOKE permissions to be inherited by objects based on
schema permissions at create type by use of ALTER SCHEMA foo SET DEFAULT
PRIVILEGES ON TABLE SELECT TO bar syntax. There is also ADD and DROP for
appending and removing those default privileges. It works for tables,
views, sequences and functions. More info about syntax and some previous
discussion is on wiki.
There is also GRANT DEFAULT PRIVILEGES ON tablename which *replaces*
current object privileges with the default ones. Only owner can do both
of those commands (ALTER SCHEMA can be done only by schema owner and
GRANT can be done only by object owner).
It adds new catalog table which stores the default permissions for given
schema and object type. We didn't add syscache entry for that as Stephen
Frost didn't feel we should do that (yet). Three functions were also
exported from aclchk.c because most of the ALTER SCHEMA stuff is done in
The current version is fully working and includes some regression tests.
There is however no documentation at this moment.
Patch is against current Git HEAD (it is context diff).
Petr Jelinek (PJMODOS)
pgsql-hackers by date
|Next:||From: Stefan Kaltenbrunner||Date: 2009-07-14 21:33:30|
|Subject: Re: Launching commitfest.postgresql.org|
|Previous:||From: Kenneth Marshall||Date: 2009-07-14 21:06:45|
|Subject: Re: WIP: Deferrable unique constraints|