| From: | Corey Huinker <corey(dot)huinker(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Copying Permissions |
| Date: | 2016-11-03 14:54:40 |
| Message-ID: | CADkLM=dovdTM4LJ1-_YuNJWjeOU00XrwYvhU5v3-ZytBZ8zDbQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Craig's post yesterday about exposing syntax for disabling indexes reminded
me of another feature I think we're lacking in areas where we have to do
table management.
The issue is to create a *something* that has the exact permissions of
another *something*. Usually it's creating a table related to (but not yet
inheriting) a parent, but it could also be to drop and recreate a
*something*, making sure it has the same permissions it had before.
BEGIN;
CREATE VIEW dummy AS SELECT 1::text as dummy;
UPDATE pg_class
SET relacl = ( SELECT relacl FROM pg_class
WHERE oid = 'foo'::regclass)
WHERE oid = 'dummy'::regclass;
DROP VIEW foo;
CREATE VIEW foo AS <insert new view definition here>;
UPDATE pg_class
SET relacl = ( SELECT relacl FROM pg_class
WHERE oid = 'dummy'::regclass)
WHERE oid = 'foo'::regclass;
END;
I suppose I could have learned how to store a relacl as a scalar and just
saved it to a variable, but even then I'd have to twiddle with (and have
the permissions to twiddle with) pg_class.
So it'd be nice to:
ALTER TABLE bar SET PERMISSIONS FROM foo;
or maybe even
GRANT SAME PERMISSIONS ON VIEW bar FROM foo;
Thoughts?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2016-11-03 14:54:53 | Re: WAL consistency check facility |
| Previous Message | Robert Haas | 2016-11-03 14:51:39 | Re: plan_rows confusion with parallel queries |