On Mon, 2009-06-29 at 10:52 -0700, Josh Berkus wrote:
> 1) ALTER SCHEMA SET DEFAULT PRIVILEGES statements which sets default
> permissions, by ROLE and object type, on new objects.
>
> 2) a statement to set privs on all existing objects by type and role
> within a schema.
I don't see why either of these things should be properties of the
schema. It seems to make much more sense for these defaults to be a
property of the user who creates the objects.
If #1 and #2 are both implemented as properties of the user, I think
that solves the use case I brought up. It would still be difficult to
see the overall scheme at a glance, but I don't think that's a major
problem.
Regards,Jeff Davis