On Saturday 10 October 2009 5:48:39 pm Massa, Harald Armin wrote:
> Adrian,
>
> While I was walking the dog I thought of a better solution.
>
> > sql_str = """ALTER TABLE %(xn)s OWNER TO xdev;
> > GRANT ALL ON TABLE %(xn)s TO xdev;
> > REVOKE ALL ON TABLE %(xn)s FROM PUBLIC;
> > GRANT SELECT ON TABLE %(xn)s TO PUBLIC;"""
> >
> > cur.execute(sql_str,{'xn':table_name})
> > --
>
> This will not work.
>
> Because: "xn" will be escaped as "data", that is... the resulting string
> will be:
>
> ALTER TABLE E'waschbaer' ONER TO xdev;
>
> which obviously is not what you want.
Thanks for pointing that out.
--
Adrian Klaver
aklaver@comcast.net