Postgres Pro
Downloads
Home   >   mailing lists

Re: "grant usage on schema" confers the ability to execute all user-defined functions in that schema, with needing to grant "execute" - Mailing list pgsql-general

From Dominique Devienne
Subject Re: "grant usage on schema" confers the ability to execute all user-defined functions in that schema, with needing to grant "execute"
Date
Msg-id CAFCRh-8VRSVPjtzB8QxrdzuZPSBrrHt4Wk81Rejairj6n_5aWw@mail.gmail.com
Whole thread Raw
In response to Re: "grant usage on schema" confers the ability to execute all user-defined functions in that schema, with needing to grant "execute"  (Bryn Llewellyn <bryn@yugabyte.com>)
Responses Re: "grant usage on schema" confers the ability to execute all user-defined functions in that schema, with needing to grant "execute"  (Bryn Llewellyn <bryn@yugabyte.com>)
List pgsql-general
Tree view 
On Sat, Feb 12, 2022 at 8:43 PM Bryn Llewellyn <bryn@yugabyte.com> wrote:
> I.e. three facts per row: grantee, privilege, and grantee. Then I did this:
> with c as (
>   select
>     proname::text                     as name,
>     pronamespace::regnamespace::text  as schema,
>     aclexplode(proacl)                as "aclexplode(proacl)"
>   from pg_catalog.pg_proc)
> select "aclexplode(proacl)" from c
> where name = 'q' and schema = 's';
>
> This is the result:
>      aclexplode(proacl)
> -----------------------------
>  (1494148,0,EXECUTE,f)
>  (1494148,1494148,EXECUTE,f)
>  (1494148,1494150,EXECUTE,f)

`aclexplode` is a table-valued function, so you normally use it in the
FROM clause.
Here's how I use it on schemas for example:

```
select nspname as name,
       nspowner::regrole::text as owner,
       grantor::regrole::text,
       grantee::regrole::text,
       privilege_type, is_grantable
  from pg_namespace
  left join lateral aclexplode(nspacl) on true
 where ...
 order by nspname
```

pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: FDW error on remote view
Next
From: Andrus
Date:
Subject: Re: How to split normal and overtime hours