Re: doc - improve description of default privileges - Mailing list pgsql-hackers

From Tom Lane
Subject Re: doc - improve description of default privileges
Date
Msg-id 4878.1542240212@sss.pgh.pa.us
Whole thread Raw
In response to Re: doc - improve description of default privileges  (Fabien COELHO <coelho@cri.ensmp.fr>)
Responses Re: doc - improve description of default privileges
List pgsql-hackers
Progress on this patch seems to be blocked on the question of whether
we want to keep enlarging the amount of psql-specific information
in the GRANT reference page, or move that all somewhere else.

FWIW, I think I agree with Peter's position that moving it somewhere
else is the better option.  Section 5.6 "Privileges" seems like a
reasonable choice.

One reason for preferring that is that I don't think putting a <table> in
a reference page is a great idea.  I tried the patch in HEAD, and what
I see is that the table cross-reference renders as "Table 244", which is
a number that has no chance at all of holding still for any long period.
It's especially weird to read that in "man GRANT.7", where you're
supposedly reading a standalone document.  And while my version of "man"
makes a valiant effort to render the table in ASCII, it still doesn't look
great, and older man versions might do very poorly with that.  So I'm for
moving this to a part of the docs where we only need to worry about two
output formats not three.

A few thoughts on other issues:

* Perhaps we could fix Peter's complaint about the "Owner" column by
relabeling it "All Privileges".  I'd be inclined to label the last
column "Default PUBLIC Privileges", too, if we can fit that in.

* The phrase "relation-like objects" seems way too vague, especially since
one has to read it as excluding sequences, which surely are relations for
most purposes.  Is there a good reason not to just leave that entry as
"TABLE", full stop?  Or maybe it could be "TABLE, VIEW, etc" or some such.

* I don't think the use of "hardcoded" adds anything.

* Is it worth adding another table matching privilege names ("INSERT")
with their aclitem letters ("a"), rather than having the semi-formal
format currently appearing in grant.sgml?  There's also some related
material in 9.25 with the aclitem functions; it'd be worth unifying
that too maybe.

            regards, tom lane


pgsql-hackers by date:

Previous
From: Alvaro Herrera
Date:
Subject: Re: Speeding up INSERTs and UPDATEs to partitioned tables
Next
From: Tom Lane
Date:
Subject: Re: PostgreSQL Limits and lack of documentation about them.