Home > mailing lists

Re: Test if a database has any privilege granted to public - Mailing list pgsql-general

From	David G. Johnston
Subject	Re: Test if a database has any privilege granted to public
Date	December 15, 2022 23:26:29
Msg-id	CAKFQuwa1FwVNrL4aZFkGWJL3S7kmcNiJRR=d4pOzsAr6w94xUw@mail.gmail.com Whole thread Raw
In response to	Re: Test if a database has any privilege granted to public (Bryn Llewellyn <bryn@yugabyte.com>)
Responses	Re: Test if a database has any privilege granted to public (Bryn Llewellyn <bryn@yugabyte.com>)
List	pgsql-general

Tree view

On Thu, Dec 15, 2022 at 12:51 PM Bryn Llewellyn <bryn@yugabyte.com> wrote:

select datname::text
from pg_database
where 0::oid = any(select (aclexplode(datacl)).grantee)
or datacl is null;

That's easy if you know that you need to write this. But the need to do so seems to depend on pretty arcane knowledge that, as far as I can see, isn't documented.

The last paragraph of the privileges documentation says this explicitly:

If the “Access privileges” column is empty for a given object, it means the object has default privileges (that is, its privileges entry in the relevant system catalog is null). Default privileges always include all privileges for the owner, and can include some privileges for PUBLIC depending on the object type, as explained above.

https://www.postgresql.org/docs/current/ddl-priv.html

Or, you know, just use the provided functions that have been programmed with knowledge of how the system works.

https://www.postgresql.org/docs/current/functions-info.html#FUNCTIONS-INFO-ACCESS-TABLE

select has_database_privilege(0,current_database(),'CONNECT');

David J.

pgsql-general by date:

From: Bryn Llewellyn
Date: 15 December 2022, 22:51:07
Subject: Re: Test if a database has any privilege granted to public

From: Bryn Llewellyn
Date: 16 December 2022, 03:17:21
Subject: Re: Test if a database has any privilege granted to public

Re: Test if a database has any privilege granted to public - Mailing list pgsql-general

Previous

Next