Re: [HACKERS] Inconsistent syntax in GRANT

Tom Lane wrote:
> Josh Berkus <josh(at)agliodbs(dot)com> writes:
> >> Uh, how are they different? You mean just UPDATE and none of the
> >> others do anything?
>
> > Yes, it would be nice to have real permissions for sequences, specifically
> > USE (which allows nextval() and currval()) and UPDATE (which would allow
> > setval() ). However, I don't know that the added functionality would
> > justify breaking backwards-compatibility.
>
> We could maintain backwards compatibility by continuing to accept the
> old equivalences when you say GRANT ON TABLE. But when you say GRANT ON
> SEQUENCE, I think it should use sequence-specific privilege keywords,
> and not allow the privileges that don't mean anything for sequences,
> like DELETE.

OK.

> I'm not sure offhand what keywords we'd want to use, but now is the time
> to look at it, *before* it becomes set in stone that GRANT ON SEQUENCE
> is just another spelling of GRANT ON TABLE.

Sequences do not support INSERT, UPDATE, or DELETE, but we overload
UPDATE to control nextval()/setval(), so I just allowed SELECT and
UPDATE. I am not sure it makes any sense to allow rules, references,
and triggers on sequences. However, using ALL or TABLE keywords you can
define those permissions to a sequence.

> (The subtext of this is that I don't have a lot of use for allowing
> variant syntaxes that don't actually do anything different ...)

FYI, SQL03 defines GRANT SEQUENCE.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073