Home > mailing lists

Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema
Date	January 29, 2005 03:40:32
Msg-id	28910.1106959140@sss.pgh.pa.us Whole thread Raw
In response to	Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema (Josh Berkus <josh@agliodbs.com>)
List	pgsql-hackers

Tree view

Josh Berkus <josh@agliodbs.com> writes:
> Hmm, what about using, ALL and NEW?   i.e.

> GRANT SELECT ON NEW TABLES IN public TO phpuser;
> GRANT SELECT ON ALL TABLES IN public TO phpuser;

That seems good to me.  More generally it would be
GRANT perm [,...] ON NEW/ALL TABLES IN schema [,...] TO user [,...]

which leaves us the freedom to later add
GRANT perm [,...] ON NEW/ALL FUNCTIONS IN schema [,...] TO user [,...]

and so on.

> Of course, this assumes that tables named "new" or "all" are not possible ...
> are those reserved?

As long as you aren't allowed to omit the word "TABLES", I think we can
do this without making ALL or NEW any more reserved than they are
already.  I haven't actually tried it in bison though.

TABLES (and later FUNCTIONS, etc) isn't a keyword at all right now IIRC,
but as long as we can do this without making it reserved, I think that's
not a big objection.
        regards, tom lane

pgsql-hackers by date:

From: Josh Berkus
Date: 29 January 2005, 03:30:23
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema

From: Tom Lane
Date: 29 January 2005, 03:43:38
Subject: Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema

Re: [pgsql-hackers] Allow GRANT/REVOKE permissions to be applied to all schema - Mailing list pgsql-hackers

Previous

Next