Re: [PATCH] DefaultACLs

Petr Jelinek <pjmodos(at)pjmodos(dot)net> writes:
> Tom Lane wrote:
>> What I suggest as a way to resolve this last point is that a default ACL
>> should apply only to objects owned by the user who creates/modifies the
>> default ACL. In this view, the question of which schema the objects are
>> in is just an additional filter condition, not the primary determinant
>> of which objects a default ACL applies to. Every user has his own set
>> of default ACLs.
>>
> We could certainly do that. I wonder what we should do about inheritance
> of default privileges between the roles if we did this - should it just
> be what I set is mine and my parent roles do not affect me or should it
> get default privs from parent roles and merge them with mine when I
> create the object ?

I don't believe there is any "inheritance" needed or involved. A
default ACL would only be looked up for use at the instant of creating
an object, and what you'd look for is one owned by the same userID that
is going to own the object being created. Anything else will be too
complicated to be understandable. The commands that actually
create/alter a default ACL would work on those belonging to whatever
the effective userID is.

> Also when creating new default privileges entry
> should we use some template which would give owner all privileges like
> GRANT does when there are no existing privileges on object or should we
> just use blank and leave it to user to grant himself default privileges
> on objects he will create ?

It should start from the same initial state you'd have if you didn't
have a default ACL. Anything else violates the principle of least
astonishment.

regards, tom lane