"Vadim I. Passynkov" <pvi@axxent.ca> writes:
> But, next result is wrong.
> spidermon=# SELECT aclcontains ( ( SELECT relacl FROM pg_class where
> relname = 'objects_view' ), 'user pvi=w' );
> aclcontains
> -------------
> t
> (1 row)
aclcontains() is defined in a bizarre and useless fashion in pre-7.1
releases --- IIRC, it returns T in this example if there is an entry
mentioning user pvi in the ACL list, regardless of whether it grants
w access or not. This is changed for 7.1, but it still doesn't tell
you what you really want to know, which is whether pvi has w access
(possibly via a group) or not.
> How I can know permission for user/group before make real operations?
There's no good way at the moment. Sorry.
regards, tom lane
