Re: patch: Add a separate TRUNCATE permission

> We've been through this before, I believe.. The concern is that it
> chews up another bit in the acl structure, leaving not a huge number
> left. My suggested approach to fixing this was to split the "grantable"
> bits up from the regular usage bits. That's, unfortunately, a
> non-trivial amount of work, however.

Writing this patch was more of a "learn the PostgreSQL source" project
for me than a feature that I, personally, have a need for, so I have
no dog in this race other than that, if the feature was actually not
wanted, then it shouldn't be on the TODO list, possibly causing people
to waste time implementing it. :-)

The question of using up all the bits seems purely speculative to me
at this point. I agree that we don't want to fritter them away, but
this is the only TODO item proposes using any of those bits. Tom's
complaint about your patch seems to have been that it uses three of
the five remaining ACL bits; this patch uses only one, and arguably
TRUNCATE is more like a DML command than a utility command (which, as
Tom pointed out, there are certainly too many of to ever allocate a
bit for each one).

I would argue that if we're ever going to start adding permissions for
things like those types of utility command then we ought to create
some separate mechanism for storing permissions that are not likely to
need to be checked very frequently. Then things like INSERT and
UPDATE that happen often can benefit from a 16-bit field, and things
like ANALYZE and ADD COLUMN that are only executed occasionally can
use a separate, more heavy-weight mechanism.

In any event, however we ultimately decide to implement it, we don't
need to solve this problem now.

> I think someone else submitted a patch for it last year too, actually.

I talked about submitting one last year but didn't actually do it
since it seemed to be the wrong point in the development cycle.

...Robert