(2011/04/26 5:42), Robert Haas wrote:
> OK. Turned out a little more cleanup was needed to make this all the
> way consistent with how we handle views; I have now done that.
I noticed that some fixes would be needed for consistency about foreign
table privileges. Attached patch includes fixes below:
1) psql doesn't complete FOREIGN TABLE after GRANT/REVOKE.
2) pg_dump uses GRANT .. ON TABLE for foreign tables, instead of ON
FOREIGN TABLE.
3) GRANT document mentions that ALL TABLES includes foreign tables too.
4) Rows of information_schema.foreign_tables/foreign_table_options are
visible to users who have any privileges on the foreign table.
Regards,
--
Shigeru Hanada
diff --git a/doc/src/sgml/ref/grant.sgml b/doc/src/sgml/ref/grant.sgml
index 93e8332..689aba5 100644
*** a/doc/src/sgml/ref/grant.sgml
--- b/doc/src/sgml/ref/grant.sgml
*************** GRANT <replaceable class="PARAMETER">rol
*** 101,107 ****
There is also an option to grant privileges on all objects of the same
type within one or more schemas. This functionality is currently supported
only for tables, sequences, and functions (but note that <literal>ALL
! TABLES</> is considered to include views).
</para>
<para>
--- 101,107 ----
There is also an option to grant privileges on all objects of the same
type within one or more schemas. This functionality is currently supported
only for tables, sequences, and functions (but note that <literal>ALL
! TABLES</> is considered to include views and foreign tables).
</para>
<para>
diff --git a/src/backend/catalog/information_schema.sql
b/src/backend/catalog/information_schema.sql
index c623fb7..452a0ea 100644
*** a/src/backend/catalog/information_schema.sql
--- b/src/backend/catalog/information_schema.sql
*************** CREATE VIEW _pg_foreign_tables AS
*** 2557,2564 ****
WHERE w.oid = s.srvfdw
AND u.oid = c.relowner
AND (pg_has_role(c.relowner, 'USAGE')
! OR has_table_privilege(c.oid, 'SELECT')
! OR has_any_column_privilege(c.oid, 'SELECT'))
AND n.oid = c.relnamespace
AND c.oid = t.ftrelid
AND c.relkind = 'f'
--- 2557,2564 ----
WHERE w.oid = s.srvfdw
AND u.oid = c.relowner
AND (pg_has_role(c.relowner, 'USAGE')
! OR has_table_privilege(c.oid, 'SELECT, INSERT, UPDATE, DELETE,
TRUNCATE, REFERENCES, TRIGGER')
! OR has_any_column_privilege(c.oid, 'SELECT, INSERT, UPDATE,
REFERENCES'))
AND n.oid = c.relnamespace
AND c.oid = t.ftrelid
AND c.relkind = 'f'
diff --git a/src/bin/pg_dump/pg_dump.c b/src/bin/pg_dump/pg_dump.c
index 30366d2..e474a69 100644
*** a/src/bin/pg_dump/pg_dump.c
--- b/src/bin/pg_dump/pg_dump.c
*************** dumpTable(Archive *fout, TableInfo *tbin
*** 11804,11810 ****
namecopy = strdup(fmtId(tbinfo->dobj.name));
dumpACL(fout, tbinfo->dobj.catId, tbinfo->dobj.dumpId,
(tbinfo->relkind == RELKIND_SEQUENCE) ?
"SEQUENCE" :
- (tbinfo->relkind == RELKIND_FOREIGN_TABLE) ?
"FOREIGN TABLE" :
"TABLE",
namecopy, NULL, tbinfo->dobj.name,
tbinfo->dobj.namespace->dobj.name,
tbinfo->rolname,
--- 11804,11809 ----
diff --git a/src/bin/psql/tab-complete.c b/src/bin/psql/tab-complete.c
index 3ef2fa4..02f4aea 100644
*** a/src/bin/psql/tab-complete.c
--- b/src/bin/psql/tab-complete.c
*************** psql_completion(char *text, int start, i
*** 2234,2240 ****
" UNION
SELECT 'DATABASE'"
" UNION
SELECT 'FOREIGN DATA WRAPPER'"
" UNION
SELECT 'FOREIGN SERVER'"
- " UNION
SELECT 'FOREIGN TABLE'"
" UNION
SELECT 'FUNCTION'"
" UNION
SELECT 'LANGUAGE'"
" UNION
SELECT 'LARGE OBJECT'"
--- 2234,2239 ----
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
