Dear Peter,
> > I needed these functions to browse aclitems from user land. I can
> > load them when necessary, but it seems to me that these accessors for
> > a backend type belong to the backend, so I submit them.
>
> Can you explain what you want to do from the user level?
Sure.
Before developing that point, I want to underline that it should be a
general principle to avoid "opaque" datatypes in pg that stores structured
information without being able to access them directly.
Either you trust the database as a general tool, and it can manipulate
its own data, or you do no trust it and you want any special system thing
to be "programmed" in C or whatever instead of "queried" from SQL.
As for the specifics:
I'm developing some "pg_advisor" schema that was discussed earlier, so as
to check the design, performance, system... coherency of a database. This
is developed in userland with simple relational queries on pg_catalog, and
some help by plpgsql if I cannot do without it.
Among many other things, I would like to check that granted rights are
granted by grantors who have a with grant option, for all possible objects
and users.
> We already have a bunch of functions for analyzing privileges.
Sure, but these has_privilege functions answer to specific questions. I
could do that with these functions, but they hide queries, and I think
that some joins would be enough to get all the answers directly without
sub-quering for all possible object and user. I order to do so, I need to
be able to read the "aclitem" type, so I added these accessors.
The patch just adds 5 2-lines C functions.
Have a nice day,
--
Fabien.
