Hi all
I'm seeing lots of confusion from people about why:
REVOKE CONNECT ON DATABASE foo FROM someuser;
doesn't stop them connecting. Users seem to struggle to understand that:
- There's a default GRANT to public; and
- REVOKE removes existing permissions, it doesn't add deny rules
It'd really help if REVOKE consistently raised warnings when it didn't
actually revoke anything.
Even better, a special case for REVOKEs on objects that only have owner
and public permissions could say:
WARNING: REVOKE didn't remove any permissions for user <blah>. This
<table/db/whatever>
has default permissions, so there were no GRANTs for user <blah> to
revoke. See the documentation
for REVOKE for more information.
Opinions?
--
Craig Ringer
