I apologize for my carelessness. Error rollback code including all
completed "revoke". Therefore, users can create functions. If you add
another commit before "grant temp on schema public to sec_privilege;" it
will be seen that create a function is also not possible.
> 14
> 15 create database security with owner sec_owner;
> 16
> 17 \c security
> 18 \set AUTOCOMMIT off
> 19
> 20 begin transaction;
> 21
> 22 revoke all on database security from public;
> 23 revoke all on schema public from public;
> 24
> 25 grant connect on database security to sec_privilege;
> 26 grant connect on database security to sec_ordinary;
> 27
> 28 grant create on database security to sec_privilege;
> 29 grant create on schema public to sec_privilege;
insert commit here...
> 30
> 31 \set ON_ERROR_STOP off
> 32
> 33 -- This statement generates error: "ERROR: invalid privilege type
> TEMP for schema"
> 34 -- However without this statement, "create function" is fail... Why?
> 35 grant temp on schema public to sec_privilege;
> 36
> 37 commit;
> 38