Re: Improve tab completion for ALTER DEFAULT PRIVILEGE and ALTER TABLE - Mailing list pgsql-hackers

From vignesh C
Subject Re: Improve tab completion for ALTER DEFAULT PRIVILEGE and ALTER TABLE
Date
Msg-id CALDaNm1RLiyeYZ7jPVwPKf0w_cr2zTQgcReWr7ueVJ_q+FEt0Q@mail.gmail.com
Whole thread Raw
In response to Re: Improve tab completion for ALTER DEFAULT PRIVILEGE and ALTER TABLE  (Shubham Khanna <khannashubham1197@gmail.com>)
Responses Re: Improve tab completion for ALTER DEFAULT PRIVILEGE and ALTER TABLE
Re: Improve tab completion for ALTER DEFAULT PRIVILEGE and ALTER TABLE
List pgsql-hackers
On Fri, 24 Nov 2023 at 18:37, Shubham Khanna
<khannashubham1197@gmail.com> wrote:
>
> n Fri, Nov 24, 2023 at 6:33 PM vignesh C <vignesh21@gmail.com> wrote:
> >
> > Hi,
> >
> > Improved tab completion for "ALTER DEFAULT PRIVILEGE" and "ALTER TABLE":
> > 1) GRANT, REVOKE and FOR USER keyword was not displayed in tab
> > completion of alter default privileges like the below statement:
> > ALTER DEFAULT PRIVILEGES GRANT INSERT ON tables TO PUBLIC;
> > ALTER DEFAULT PRIVILEGES REVOKE INSERT ON tables FROM PUBLIC;
> > ALTER DEFAULT PRIVILEGES FOR USER vignesh revoke INSERT ON tables FROM dba1;
> >
> > 2) USER was not displayed for "ALTER DEFAULT PRIVILEGES IN SCHEMA
> > public FOR " like in below statement:
> > ALTER DEFAULT PRIVILEGES IN SCHEMA public FOR USER dba1 GRANT INSERT
> > ON TABLES TO PUBLIC;
> >
> > 3) "FOR GRANT OPTION" was not display for "ALTER DEFAULT PRIVILEGES
> > REVOKE " like in below statement:
> > alter default privileges revoke grant option for select ON tables FROM dba1;
> >
> > 4) "DATA TYPE" was missing in "ALTER TABLE table-name ALTER COLUMN
> > column-name SET" like in:
> > ALTER TABLE t1 ALTER COLUMN c1 SET DATA TYPE text;
> >
> > Attached patch has the changes for the same.
>
> +    COMPLETE_WITH("ROLE", "USER");
> +  /* ALTER DEFAULT PRIVILEGES REVOKE */
> +  else if (Matches("ALTER", "DEFAULT", "PRIVILEGES", "REVOKE"))
> +    COMPLETE_WITH("SELECT", "INSERT", "UPDATE", "DELETE", "TRUNCATE",
> +            "REFERENCES", "TRIGGER", "CREATE", "EXECUTE", "USAGE",
> +            "MAINTAIN", "ALL", "GRANT OPTION FOR");
>
> I could not find "alter default privileges revoke maintain", should
> this be removed?

This was reverted as part of:
151c22deee66a3390ca9a1c3675e29de54ae73fc.
Revert MAINTAIN privilege and pg_maintain predefined role.

This reverts the following commits: 4dbdb82513, c2122aae63,
5b1a879943, 9e1e9d6560, ff9618e82a, 60684dd834, 4441fc704d,
and b5d6382496.  A role with the MAINTAIN privilege may be able to
use search_path tricks to escalate privileges to the table owner.
Unfortunately, it is too late in the v16 development cycle to apply
the proposed fix, i.e., restricting search_path when running
maintenance commands.

The attached v2 version has the changes for the same.

Regards,
Vignesh

Attachment

pgsql-hackers by date:

Previous
From: Heikki Linnakangas
Date:
Subject: Re: walwriter interacts quite badly with synchronous_commit=off
Next
From: jian he
Date:
Subject: Re: PATCH: Add REINDEX tag to event triggers