Re: [HACKERS] Re: [PATCHES] NO-CREATE-TABLE and NO-LOCK-TABLE - Mailing list pgsql-hackers

From Karel Zak - Zakkr
Subject Re: [HACKERS] Re: [PATCHES] NO-CREATE-TABLE and NO-LOCK-TABLE
Date
Msg-id Pine.LNX.3.96.1000301103330.29986B-100000@ara.zf.jcu.cz
Whole thread Raw
In response to Re: [HACKERS] Re: [PATCHES] NO-CREATE-TABLE and NO-LOCK-TABLE  (Peter Eisentraut <e99re41@DoCS.UU.SE>)
Responses Re: [HACKERS] Re: [PATCHES] NO-CREATE-TABLE and NO-LOCK-TABLE
List pgsql-hackers
On Tue, 29 Feb 2000, Peter Eisentraut wrote:

> On Tue, 29 Feb 2000, Karel Zak - Zakkr wrote:
> 
> > My acl idea:
> 
> > reloid  | user_insert        | group_insert | user_delete ..........etc
> > ---------------------------------------------------------
> > 12345   | {"karel", "peter"} | {"group1"}   | {"karel"}   ..........etc
> 
> This still has arrays. (shudder) Try getting the information 'Does Peter
> have access to x?' out of that. I was thinking along the lines of
As I say: we can use oid or string with oids instead array.

Example 
reloid  | user_insert | group_insert |--------------------------------------12345   | "1111,2222" | "545454"     |
.. parse these strings a easy and 'Does Peter have access to x?' is realy
simple.

> 
> create table pg_privilege/pg_acl/? (
>    objoid oid, -- not only reloid, but types, functions, etc.                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                 yes, yes, yes ! (the oracle allow grant priv. to            25(!) different features)
 

>    userid int,
If I understend you, you want save to one line information about one
user only (?), if yes this table will huge (sum(object) * sum(users)),
but probably fastly (because it not needs parse any array or string).
Hmm, perhaps it is not bad idea. What say the other?

>    privilege char, -- maybe 'U' update, 'I' insert, etc.
I really not sure if is good still create this monolithic string,
why not use one (bool) column for update one for insert ..etc?
It is fastly and easy (a string needs parse, etc).

>    grant_option bool
> )
It is goods if you agree with separate acl table :-)
> To be extended to cover column access as well. (Might have to be yet
> another table.) Mathematically, this will be slower (especially since you
> can't use SysCache on composite keys(???)) but similar schemas are
> employed throughout by triggers etc.

Yes, a speed will problem, it must be cached (in an separate acl cache?),
or after (connection) start create a temp table with acl for a current user 
and with relevant information only.                         Karel





pgsql-hackers by date:

Previous
From: Karel Zak - Zakkr
Date:
Subject: RE: [HACKERS] Cache query implemented
Next
From: Karel Zak - Zakkr
Date:
Subject: RE: [HACKERS] Bug report for 7.0beta1 in 'CREATE FUNCTION...'