Josh Berkus <josh@agliodbs.com> writes:
>> Uh, how are they different? You mean just UPDATE and none of the
>> others do anything?
> Yes, it would be nice to have real permissions for sequences, specifically
> USE (which allows nextval() and currval()) and UPDATE (which would allow
> setval() ). However, I don't know that the added functionality would
> justify breaking backwards-compatibility.
We could maintain backwards compatibility by continuing to accept the
old equivalences when you say GRANT ON TABLE. But when you say GRANT ON
SEQUENCE, I think it should use sequence-specific privilege keywords,
and not allow the privileges that don't mean anything for sequences,
like DELETE.
I'm not sure offhand what keywords we'd want to use, but now is the time
to look at it, *before* it becomes set in stone that GRANT ON SEQUENCE
is just another spelling of GRANT ON TABLE.
(The subtext of this is that I don't have a lot of use for allowing
variant syntaxes that don't actually do anything different ...)
regards, tom lane
