| From: | vignesh C <vignesh21(at)gmail(dot)com> |
|---|---|
| To: | Shubham Khanna <khannashubham1197(at)gmail(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Improve tab completion for ALTER DEFAULT PRIVILEGE and ALTER TABLE |
| Date: | 2023-11-27 16:28:00 |
| Message-ID: | CALDaNm1RLiyeYZ7jPVwPKf0w_cr2zTQgcReWr7ueVJ_q+FEt0Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, 24 Nov 2023 at 18:37, Shubham Khanna
<khannashubham1197(at)gmail(dot)com> wrote:
>
> n Fri, Nov 24, 2023 at 6:33 PM vignesh C <vignesh21(at)gmail(dot)com> wrote:
> >
> > Hi,
> >
> > Improved tab completion for "ALTER DEFAULT PRIVILEGE" and "ALTER TABLE":
> > 1) GRANT, REVOKE and FOR USER keyword was not displayed in tab
> > completion of alter default privileges like the below statement:
> > ALTER DEFAULT PRIVILEGES GRANT INSERT ON tables TO PUBLIC;
> > ALTER DEFAULT PRIVILEGES REVOKE INSERT ON tables FROM PUBLIC;
> > ALTER DEFAULT PRIVILEGES FOR USER vignesh revoke INSERT ON tables FROM dba1;
> >
> > 2) USER was not displayed for "ALTER DEFAULT PRIVILEGES IN SCHEMA
> > public FOR " like in below statement:
> > ALTER DEFAULT PRIVILEGES IN SCHEMA public FOR USER dba1 GRANT INSERT
> > ON TABLES TO PUBLIC;
> >
> > 3) "FOR GRANT OPTION" was not display for "ALTER DEFAULT PRIVILEGES
> > REVOKE " like in below statement:
> > alter default privileges revoke grant option for select ON tables FROM dba1;
> >
> > 4) "DATA TYPE" was missing in "ALTER TABLE table-name ALTER COLUMN
> > column-name SET" like in:
> > ALTER TABLE t1 ALTER COLUMN c1 SET DATA TYPE text;
> >
> > Attached patch has the changes for the same.
>
> + COMPLETE_WITH("ROLE", "USER");
> + /* ALTER DEFAULT PRIVILEGES REVOKE */
> + else if (Matches("ALTER", "DEFAULT", "PRIVILEGES", "REVOKE"))
> + COMPLETE_WITH("SELECT", "INSERT", "UPDATE", "DELETE", "TRUNCATE",
> + "REFERENCES", "TRIGGER", "CREATE", "EXECUTE", "USAGE",
> + "MAINTAIN", "ALL", "GRANT OPTION FOR");
>
> I could not find "alter default privileges revoke maintain", should
> this be removed?
This was reverted as part of:
151c22deee66a3390ca9a1c3675e29de54ae73fc.
Revert MAINTAIN privilege and pg_maintain predefined role.
This reverts the following commits: 4dbdb82513, c2122aae63,
5b1a879943, 9e1e9d6560, ff9618e82a, 60684dd834, 4441fc704d,
and b5d6382496. A role with the MAINTAIN privilege may be able to
use search_path tricks to escalate privileges to the table owner.
Unfortunately, it is too late in the v16 development cycle to apply
the proposed fix, i.e., restricting search_path when running
maintenance commands.
The attached v2 version has the changes for the same.
Regards,
Vignesh
| Attachment | Content-Type | Size |
|---|---|---|
| v2-0002-Fix-missing-tab-completion-in-ALTER-TABLE-table-n.patch | text/x-patch | 1.3 KB |
| v2-0001-Fix-missing-tab-completion-in-ALTER-DEFAULT-PRIVI.patch | text/x-patch | 2.7 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | jian he | 2023-11-27 16:28:50 | Re: PATCH: Add REINDEX tag to event triggers |
| Previous Message | Dominique Devienne | 2023-11-27 16:14:46 | Re: Emitting JSON to file using COPY TO |