Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
[PATCH] DefaultACLs
Hello, this is first public version of our DefaultACLs patch as described on http://wiki.postgresql.org/wiki/DefaultACL . It allows GRANT/REVOKE permissions to be inherited by objects based on schema permissions at create type by use of ALTER SCHEMA foo SET DEFAULT PRIVILEGES ON TABLE SELECT TO bar syntax. There is also ADD and DROP for appending and removing those default privileges. It works for tables, views, sequences and functions. More info about syntax and some previous discussion is on wiki. There is also GRANT DEFAULT PRIVILEGES ON tablename which *replaces* current object privileges with the default ones. Only owner can do both of those commands (ALTER SCHEMA can be done only by schema owner and GRANT can be done only by object owner). It adds new catalog table which stores the default permissions for given schema and object type. We didn't add syscache entry for that as Stephen Frost didn't feel we should do that (yet). Three functions were also exported from aclchk.c because most of the ALTER SCHEMA stuff is done in schemacmds.c. The current version is fully working and includes some regression tests. There is however no documentation at this moment. Patch is against current Git HEAD (it is context diff). -- Regards Petr Jelinek (PJMODOS)
Attachment: defaultacls.diff.gz
Description: application/x-tar (15.8 KB)
Description: application/x-tar (15.8 KB)
Responses
- Re: [PATCH] DefaultACLs at 2009-07-16 10:02:59 from Nikhil Sontakke
- Re: [PATCH] DefaultACLs at 2009-07-17 19:42:20 from Joshua Tolley
- Re: [PATCH] DefaultACLs at 2009-07-18 01:46:44 from Joshua Tolley
pgsql-hackers by date
Next: From: Stefan Kaltenbrunner Date: 2009-07-14 21:33:30 Subject: Re: Launching commitfest.postgresql.org Previous: From: Kenneth Marshall Date: 2009-07-14 21:06:45 Subject: Re: WIP: Deferrable unique constraints