| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Nikhil Sontakke <nikhil(dot)sontakke(at)enterprisedb(dot)com> |
| Cc: | Petr Jelinek <pjmodos(at)pjmodos(dot)net>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] DefaultACLs |
| Date: | 2009-07-17 13:05:18 |
| Message-ID: | 20090717130518.GP20436@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hey,
* Nikhil Sontakke (nikhil(dot)sontakke(at)enterprisedb(dot)com) wrote:
> > We can certainly do it either way, but I don't see much downside to
> > having a new enum and a number of downsides with modifying the existing
> > grant enums.
>
> Sure, I understand. But if we want to go the DefaultACLs way, then we
> need to change the "GRANT ON ALL" patch a bit too for the sake of
> uniformity - don't we? There is indeed benefit in managing ACLs for
> existing objects, so that patch has some value too.
I agree that they should be consistant. The GRANT ON ALL shares alot
more of the syntax with GRANT than DefaultACL though, which makes it a
more interesting question there. I can understand not wanting to
duplicate the GRANT syntax. I think my suggestion would be to add a
field to the structure passed around by GRANT which indicates if 'VIEW'
was requested or not in the command. This could be used both for GRANT
ON ALL and to allow 'GRANT ON VIEW blah' to verify that the relation
being granted on is a view.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Petr Jelinek | 2009-07-17 13:16:07 | Re: GRANT ON ALL IN schema |
| Previous Message | Nikhil Sontakke | 2009-07-17 13:00:13 | Re: [PATCH] DefaultACLs |