Tom Lane wrote:
> Peter Eisentraut <peter_e@gmx.net> writes:
>>>> This area is under SQL standard control, so we can't really invent our
>>>> own behavior.
>
>>> What *would* do the right thing here, or would anything?
>
>> I think we don't need GRANT to be recursive, but instead the permission
>> checks at runtime should allow
>> SELECT * FROM persons;
>> to succeed even if there are no permissions on "employees".
>
> Hmm, if we are supposing that the spec should control this, then
> surely we can find chapter and verse spelling out what should happen.
The SQL standard uses a recursive-by-default language. For example, the
rules for the DELETE command state:
"""
6) Case:
a) If <target table> contains ONLY, then the rows for which the result
of the <search condition> is True
and for which there is no subrow in a proper subtable of T are
identified for deletion from T.
b) Otherwise, the rows for which the result of the <search condition> is
True are identified for deletion
from T.
"""
So when the SQL standard says, privileges are granted on this table, or
$action is done on that table, it means, in PostgreSQL terms, the table
and its children.
