On Sat, 1 Jan 2011 23:54:05 -0500
Robert Haas <robertmhaas@gmail.com> wrote:
> On Mon, Dec 27, 2010 at 10:16 PM, Robert Haas <robertmhaas@gmail.com> wrote:
> > On Sat, Dec 25, 2010 at 11:52 PM, Robert Haas <robertmhaas@gmail.com> wrote:
> >> I'm working on getting a first chunk of this committed.
> >
> > OK, here's the patch.
>
> I've now committed a version of this with a bunch of further
> revisions, corrections, and cleanup. It looks to me as though this
> patch was written based on the 9.0 code and not thoroughly updated for
> some of the 9.1 changes, but I think I cleaned most of that up. With
> a patch of this size, I am sure there are a few things I overlooked,
> so please point 'em out and I'll try to fix them promptly.
While testing the commit, I found that CREATE FOREIGN TABLE requires
unnecessary USAGE privilege on the FOREIGN DATA WRAPPER. SQL/MED
standard requires only USAGE on the SERVER as follows.
<quote>
1) If <foreign table definition> is contained in an SQL-client module,
then the enabled authorization identifiers shall include A.
2) The applicable privileges shall include the USAGE privilege on the
foreign-server identified by <foreign server name>.
3) Additional privileges, if any, necessary to execute <foreign table
definition> are implementation-defined.
</quote>
Sorry, this problem comes from original patch.
OTOH, the document about this specification which is written in "GRANT"
page is correct.
Regards,
--
Shigeru Hanada
