| From: | Josh Berkus <josh(at)agliodbs(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema |
| Date: | 2005-01-29 00:33:58 |
| Message-ID: | 200501281633.59100.josh@agliodbs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom,
> This however seems a rather whimsical reinvention of the meaning of
> CASCADE. I'm not sure if we really need to support both immediate and
> delayed inheritance of privileges from a schema, but if we do, let's
> please use some other keyword than CASCADE to distinguish the cases.
> Also it'd probably be better if they were independent commands, rather
> than one subsuming the other as you suggest.
Hmm, what about using, ALL and NEW? i.e.
GRANT SELECT ON NEW TABLES IN public TO phpuser;
GRANT SELECT ON ALL TABLES IN public TO phpuser;
The first sets defaults for new objects, the second sets permissions on
existing tables, and this:
GRANT SELECT ON ALL, NEW TABLES IN public TO phpuser;
... does both.
Of course, this assumes that tables named "new" or "all" are not possible ...
are those reserved?
--
--Josh
Josh Berkus
Aglio Database Solutions
San Francisco
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-01-29 00:39:00 | Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema |
| Previous Message | Tom Lane | 2005-01-29 00:24:40 | Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema |