Add grantable MAINTAIN privilege and pg_maintain role.
Allows VACUUM, ANALYZE, REINDEX, REFRESH MATERIALIZED VIEW, CLUSTER,
and LOCK TABLE.
Effectively reverts 4441fc704d. Instead of creating separate
privileges for VACUUM, ANALYZE, and other maintenance commands, group
them together under a single MAINTAIN privilege.
Author: Nathan Bossart
Discussion: https://postgr.es/m/20221212210136.GA449764@nathanxps13
Discussion: https://postgr.es/m/45224.1670476523@sss.pgh.pa.us
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/60684dd834a222fefedd49b19d1f0a6189c1632e
Modified Files
--------------
doc/src/sgml/ddl.sgml | 42 ++----
doc/src/sgml/func.sgml | 3 +-
doc/src/sgml/ref/alter_default_privileges.sgml | 4 +-
doc/src/sgml/ref/analyze.sgml | 9 +-
doc/src/sgml/ref/cluster.sgml | 8 +-
doc/src/sgml/ref/grant.sgml | 5 +-
doc/src/sgml/ref/lock.sgml | 16 ++-
doc/src/sgml/ref/refresh_materialized_view.sgml | 5 +-
doc/src/sgml/ref/reindex.sgml | 13 +-
doc/src/sgml/ref/revoke.sgml | 2 +-
doc/src/sgml/ref/vacuum.sgml | 9 +-
doc/src/sgml/user-manag.sgml | 19 ++-
src/backend/catalog/aclchk.c | 35 ++---
src/backend/commands/analyze.c | 2 +-
src/backend/commands/cluster.c | 18 ++-
src/backend/commands/indexcmds.c | 36 +++--
src/backend/commands/lockcmds.c | 3 +
src/backend/commands/matview.c | 3 +-
src/backend/commands/tablecmds.c | 16 ++-
src/backend/commands/vacuum.c | 17 +--
src/backend/parser/gram.y | 7 -
src/backend/utils/adt/acl.c | 22 +--
src/bin/pg_dump/dumputils.c | 3 +-
src/bin/pg_dump/t/002_pg_dump.pl | 2 +-
src/bin/psql/tab-complete.c | 5 +-
src/include/catalog/catversion.h | 2 +-
src/include/catalog/pg_authid.dat | 9 +-
src/include/commands/tablecmds.h | 5 +-
src/include/nodes/parsenodes.h | 5 +-
src/include/utils/acl.h | 7 +-
src/test/regress/expected/dependency.out | 20 +--
src/test/regress/expected/privileges.out | 181 +++++++++++++-----------
src/test/regress/expected/rowsecurity.out | 32 ++---
src/test/regress/expected/vacuum.out | 6 -
src/test/regress/sql/dependency.sql | 2 +-
src/test/regress/sql/privileges.sql | 121 ++++++++--------
36 files changed, 340 insertions(+), 354 deletions(-)