Re: Why sequence grant is separated from table? - Mailing list pgsql-admin

From Achilleas Mantzios
Subject Re: Why sequence grant is separated from table?
Date
Msg-id 51C2CF6D.8070704@matrix.gatewaynet.com
Whole thread Raw
In response to Re: Why sequence grant is separated from table?  (Szymon Guz <mabewlun@gmail.com>)
List pgsql-admin
On 19/06/2013 12:47, Szymon Guz wrote:
On 19 June 2013 11:35, Rural Hunter <ruralhunter@gmail.com> wrote:
I really hate the error "permission denied for sequence xxxxx" when I grant on a table but forget to grant additionally on the related sequence to users. Can the permission of table and related sequences be merged?


I can imagine a situation where you want a user to be granted rights on a table, to use sequence with curval and nextval functions, but not setval, as it can provide some database problems.

What's more, in general, you cannot say which sequence is used for which table, if the sequence is not owned by the table.

Right, there might be cases, when one sequence is used by more than one table. Like for instance when the user wishes to create a view on a union of two tables, with their IDs included, and still those IDs to be guaranteed to be unique across the union.
However, after I dumped a table recently whose sequence is shared by another table as wee i noticed this :

ALTER SEQUENCE vessels_id_seq OWNED BY vessels.id;

Which means that the initial relationship between the "creating" table and the sequence is preserved for the whole life of the table. This could tempt new users to think that it could be meaningful to bind those two in the GRANT.


Which permissions of a table do you want to merge with which permissions of sequences?

regards
Szymon


-- 
Achilleas Mantzios

pgsql-admin by date:

Previous
From: Thomas Kellerer
Date:
Subject: Re: Composite Unique Key - Doubt
Next
From: Rafał Radecki
Date:
Subject: PostgreSQL 8.4 - permissions for newly created tables?