Currently, it's only possible to grant/revoke execute on functions to roles.
I think it would be useful in many situations, both for documentation purposes, but also for increased security, to in a precise way control what other function(s) are allowed to execute a specific function.
This would be useful for functions that are not supposed to be used manually by any human or any other function(s) than the few places where the function makes sense to use.
Thoughts?
I had similar idea. The possibility to specify a list of functions can have a performance impact when ACL can be too long.
Just idea - what is based on idea "using schema like package". We can introduce new kind of functions X, that cannot be executed on toplevel - and can be executed only from standard functions defined in same schema.
Usage of X functions can be locked in schema.
It allow similar functionality to your proposal, but the check can be faster - and you don't need to maintain list of enabled caller functions.
