On 16 October 2014 20:04, Robert Haas <robertmh...@gmail.com> wrote: >>> I'd suggest calling these capabilities, and allow: >>> >>> GRANT CAPABILITY whatever TO somebody; >> >> So, we went back to just role attributes to avoid the keyword issue.. >> The above would require making 'CAPABILITY' a reserved word, and there >> really isn't a 'good' already-reserved word we can use there that I >> found. > > Ah, good point. Using ALTER ROLE is better. Maybe we should do ALTER > ROLE .. [ ADD | DROP ] CAPABILITY x. That would still require making > CAPABILITY a keyword, but it could be unreserved.
I thought you had it right first time. It is mighty annoying that some privileges are GRANTed and others ALTER ROLEd. And we did agree earlier to call these capabilities. How about GRANT EXECUTE [PRIVILEGES] ON CAPABILITY foo TO bar; That is similar to granting execution privs on a function. And I think gets round the keyword issue? -- Simon Riggs http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers