Extend ALTER DEFAULT PRIVILEGES for large objects - Mailing list pgsql-hackers

From Yugo NAGATA
Subject Extend ALTER DEFAULT PRIVILEGES for large objects
Date
Msg-id 20240424115242.236b499b2bed5b7a27f7a418@sraoss.co.jp
Whole thread Raw
Responses Re: Extend ALTER DEFAULT PRIVILEGES for large objects
List pgsql-hackers
Hi,

Currently, ALTER DEFAULT PRIVILEGE doesn't support large objects,
so if we want to allow users other than the owner to use the large
object, we need to grant a privilege on it every time a large object
is created. One of our clients feels that this is annoying, so I would
like propose to extend  ALTER DEFAULT PRIVILEGE to large objects. 

Here are the new actions allowed in abbreviated_grant_or_revoke;

+GRANT { { SELECT | UPDATE }
+    [, ...] | ALL [ PRIVILEGES ] }
+    ON LARGE OBJECTS
+    TO { [ GROUP ] role_name | PUBLIC } [, ...] [ WITH GRANT OPTION ]

+REVOKE [ GRANT OPTION FOR ]
+    { { SELECT | UPDATE }
+    [, ...] | ALL [ PRIVILEGES ] }
+    ON LARGE OBJECTS
+    FROM { [ GROUP ] role_name | PUBLIC } [, ...]
+    [ CASCADE | RESTRICT ]

A new keyword OBJECTS is introduced for using plural form in the syntax
as other supported objects. A schema name is not allowed to be specified
for large objects since any large objects don't belong to a schema.

The attached patch is originally proposed by Haruka Takatsuka
and some fixes and tests are made by me. 

Regards,
Yugo Nagata

-- 
Yugo NAGATA <nagata@sraoss.co.jp>

Attachment

pgsql-hackers by date:

Previous
From: David Rowley
Date:
Subject: Re: Streaming I/O, vectored I/O (WIP)
Next
From: Michael Paquier
Date:
Subject: Re: Cleanup: remove unused fields from nodes