Home > mailing lists

Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema - Mailing list pgsql-hackers

From	Josh Berkus
Subject	Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema
Date	January 29, 2005 03:30:23
Msg-id	200501281633.59100.josh@agliodbs.com Whole thread Raw
In response to	Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema
List	pgsql-hackers

Tree view

Tom,

> This however seems a rather whimsical reinvention of the meaning of
> CASCADE.  I'm not sure if we really need to support both immediate and
> delayed inheritance of privileges from a schema, but if we do, let's
> please use some other keyword than CASCADE to distinguish the cases.
> Also it'd probably be better if they were independent commands, rather
> than one subsuming the other as you suggest.

Hmm, what about using, ALL and NEW?   i.e.

GRANT SELECT ON NEW TABLES IN public TO phpuser;
GRANT SELECT ON ALL TABLES IN public TO phpuser;

The first sets defaults for new objects, the second sets permissions on
existing tables, and this:

GRANT SELECT ON ALL, NEW TABLES IN public TO phpuser;

... does both.

Of course, this assumes that tables named "new" or "all" are not possible ...
are those reserved?

--
--Josh

Josh Berkus
Aglio Database Solutions
San Francisco

pgsql-hackers by date:

From: Tom Lane
Date: 29 January 2005, 03:25:12
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema

From: Tom Lane
Date: 29 January 2005, 03:40:32
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema

Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema - Mailing list pgsql-hackers

Previous

Next