"Aasmund Midttun Godal" <postgresql@envisity.com> writes:
> Today it seems that the following rules governs the permissions of sequences:
> SELECT - allow you to select * from seq_name;
> INSERT - no effect
> UPDATE - allows nextval, setval - and yes implicitly currval
> DELETE - no effect
> I suggest nextval is moved into the insert permission as this is quite
> natural
It looks like an update to me; in particular, it allows you to determine
the old state of the sequence, and thus has read+write semantics not
only write semantics.
> normally you only need to call nextval when you insert a new value
> into a table. I think this issue is important because setting the
> sequence to a value lower than the max value in a table will cause
> errors for other users.
This seems to be exceedingly SERIAL-centric thinking; there are other
uses for sequences than serials.
It might make sense to allow either INSERT or UPDATE permission to
grant nextval() access, while still requiring UPDATE for setval().
But I'm not convinced yet ...
regards, tom lane
