[HACKERS] Privileges

Simon Riggs Mon, 19 Apr 2010 14:28:07 -0700

There is a command to set privileges

  GRANT SELECT ON ALL TABLES IN SCHEMA foo TO PUBLIC;


and a command to set default privileges

  ALTER DEFAULT PRIVILEGES IN SCHEMA foo
  GRANT SELECT ON TABLES TO PUBLIC;

In the first command the ALL is required, whereas in the second command
the ALL must be absent.

ISTM that the ALL should be optional in both cases.
Same thing is true for FUNCTIONS and SEQUENCES.

Both options are new in 9.0.

Any objections to implementing this simple patch?

-- 
 Simon Riggs           www.2ndQuadrant.com

*** a/src/backend/parser/gram.y
--- b/src/backend/parser/gram.y
***************
*** 4658,4663 **** privilege_target:
--- 4658,4671 ----
  					n->objs = $2;
  					$$ = n;
  				}
+ 			| TABLES IN_P SCHEMA name_list
+ 				{
+ 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
+ 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
+ 					n->objtype = ACL_OBJECT_RELATION;
+ 					n->objs = $4;
+ 					$$ = n;
+ 				}
  			| ALL TABLES IN_P SCHEMA name_list
  				{
  					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
***************
*** 4666,4671 **** privilege_target:
--- 4674,4687 ----
  					n->objs = $5;
  					$$ = n;
  				}
+ 			| SEQUENCES IN_P SCHEMA name_list
+ 				{
+ 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
+ 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
+ 					n->objtype = ACL_OBJECT_SEQUENCE;
+ 					n->objs = $4;
+ 					$$ = n;
+ 				}
  			| ALL SEQUENCES IN_P SCHEMA name_list
  				{
  					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
***************
*** 4674,4679 **** privilege_target:
--- 4690,4703 ----
  					n->objs = $5;
  					$$ = n;
  				}
+ 			| FUNCTIONS IN_P SCHEMA name_list
+ 				{
+ 					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
+ 					n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
+ 					n->objtype = ACL_OBJECT_FUNCTION;
+ 					n->objs = $4;
+ 					$$ = n;
+ 				}
  			| ALL FUNCTIONS IN_P SCHEMA name_list
  				{
  					PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
***************
*** 4869,4877 **** DefACLAction:
  		;
  
  defacl_privilege_target:
! 			TABLES			{ $$ = ACL_OBJECT_RELATION; }
! 			| FUNCTIONS		{ $$ = ACL_OBJECT_FUNCTION; }
! 			| SEQUENCES		{ $$ = ACL_OBJECT_SEQUENCE; }
  		;
  
  
--- 4893,4904 ----
  		;
  
  defacl_privilege_target:
! 			ALL		TABLES			{ $$ = ACL_OBJECT_RELATION; }
! 			|		TABLES			{ $$ = ACL_OBJECT_RELATION; }
! 			| ALL	FUNCTIONS		{ $$ = ACL_OBJECT_FUNCTION; }
! 			| 	 	FUNCTIONS		{ $$ = ACL_OBJECT_FUNCTION; }
! 			| ALL	SEQUENCES		{ $$ = ACL_OBJECT_SEQUENCE; }
! 			| 		SEQUENCES		{ $$ = ACL_OBJECT_SEQUENCE; }
  		;

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[HACKERS] Privileges

Reply via email to