| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Euler Taveira de Oliveira <eulerto(at)yahoo(dot)com(dot)br> |
| Cc: | kevin brintnall <kbrint(at)rufus(dot)net>, William ZHANG <uniware(at)zedware(dot)org>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: GRANT/REVOKE: Allow column-level privileges |
| Date: | 2006-01-30 01:16:40 |
| Message-ID: | 24506.1138583800@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Euler Taveira de Oliveira <eulerto(at)yahoo(dot)com(dot)br> writes:
> --- kevin brintnall <kbrint(at)rufus(dot)net> escreveu:
>> if user matches an acl for the column
>> .. and priv is granted, then permit
>> .. else priv is not granted, reject
>> else fall through to table privileges
> Wouldn't it be more cheap to test the most-common-case table privileges
> first?
Also, the "reject" bit is wrong: if you have table-level privileges
then that implies privileges on all columns. So it should be just
an additional test made after failing to find the desired table-level
privilege, and before erroring out.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Woodward | 2006-01-30 02:27:19 | Re: Want to add to contrib.... xmldbx |
| Previous Message | Euler Taveira de Oliveira | 2006-01-30 00:28:02 | Re: GRANT/REVOKE: Allow column-level privileges |