subject:"Re\[2\]\: doc \- improve description of default privileges"

Re[2]: doc - improve description of default privileges

2018-08-30 Thread Fabien COELHO



Hello Bradley,


comments on the patch ...


Thanks for the review.

1) I think that adding the "This privilege is abbreviated ... when 
displayed." lines to the privilege descriptions is redundant. The 
abbreviations are already listed after the "The entries shown by \dp are 
interpreted thus:" line. Just change that line to something like "The entries 
shown by the psql backslash commands, like \dp, are interpreted thus:".


Ok, removed.

2) I think that the psql command table should go with the current text on 
"Use psql's \dp command to obtain ..." rather than in the Examples section. 
It seems like changing the "For non-table objects there are other \d commands 
..." line to an introductory comment like "The following table lists the \d 
commands that are used for non-table objects along with the default 
privileges granted to the object's owner and PUBLIC.


Ok, moved to the previous section.

3) The table title, "Default hardcoded access privileges per object's type", 
seems incomplete because it does not mention the psql commands part of the 
table.


Ok, added reference to psql backslash commands in title.

Find v3 attached.

--
Fabien.diff --git a/doc/src/sgml/ref/grant.sgml b/doc/src/sgml/ref/grant.sgml
index ff64c7a3ba..51721805bf 100644
--- a/doc/src/sgml/ref/grant.sgml
+++ b/doc/src/sgml/ref/grant.sgml
@@ -183,6 +183,9 @@ GRANT role_name [, ...] TO 
command.
+summarizes the hardcoded
+   default privileges granted to all object's types with
+   their associated psql backslash commands.
   
 
   
@@ -533,7 +536,8 @@ GRANT role_name [, ...] TO 
-The entries shown by \dp are interpreted thus:
+The entries shown by psql backslash-commands,
+like \dp, are interpreted thus:
 
 rolename= -- privileges granted to a role
 = -- privileges granted to PUBLIC
@@ -594,6 +598,95 @@ GRANT SELECT (col1), UPDATE (col1) ON mytable TO miriam_rw;
 access privileges display.  A * will appear only when
 grant options have been explicitly granted to someone.

+
+   
+Default hardcoded access privileges per object's type, as shown by psql
+
+ 
+  
+   Object's type
+   psql \-command
+   Owner
+   PUBLIC
+  
+ 
+ 
+  
+   DATABASE
+   \l
+   CTc
+   Tc
+  
+  
+   DOMAIN
+   \dD+
+   U
+   U
+  
+  
+   FUNCTION or PROCEDURE
+   \df+
+   X
+   X
+  
+  
+   FOREIGN DATA WRAPPER
+   \dew+
+   U
+   
+  
+  
+   FOREIGN SERVER
+   \des+
+   U
+   
+  
+  
+   LANGUAGE
+   \dL+
+   U
+   U
+  
+  
+   LARGE OBJECT
+   
+   rw
+   
+  
+  
+   SCHEMA
+   \dn+
+   UC
+   
+  
+  
+  SEQUENCE
+  \dp
+  rwU
+  
+ 
+  
+   TABLE and relation-like objects
+   \dp
+   arwdDxt
+   
+  
+  
+   TABLESPACE
+   \db+
+   C
+   
+  
+  
+   TYPE
+   \dT+
+   U
+   U
+  
+ 
+
+   
+

Re[2]: doc - improve description of default privileges

2018-08-27 Thread Bradley DeJong


Hi Fabien,

Thanks for writing this up - in particular the psql backslash commands.

comments on the patch ...

1) I think that adding the "This privilege is abbreviated ... when 
displayed." lines to the privilege descriptions is redundant. The 
abbreviations are already listed after the "The entries shown by \dp are 
interpreted thus:" line. Just change that line to something like "The 
entries shown by the psql backslash commands, like \dp, are interpreted 
thus:".


2) I think that the psql command table should go with the current text 
on "Use psql's \dp command to obtain ..." rather than in the Examples 
section. It seems like changing the "For non-table objects there are 
other \d commands ..." line to an introductory comment like "The 
following table lists the \d commands that are used for non-table 
objects along with the default privileges granted to the object's owner 
and PUBLIC.


3) The table title, "Default hardcoded access privileges per object's 
type", seems incomplete because it does not mention the psql commands 
part of the table.



-- Original Message --
From: "Fabien COELHO" 
To: "PostgreSQL Developers" 
Sent: 8/4/2018 4:40:33 AM
Subject: Re: doc - improve description of default privileges



I have not found a convenient presentation of the default privileges 
for different objects, and how to display them (if possible, not 
always).


The information is partly provided within the GRANT description, and 
not very explicit: eg it is said that owners have all possible perms, 
but which they are is not said explicitely, although they are implied 
by the different GRANT sysnopsys. Then some objects are given perms 
for the PUBLIC.


The attached patch tries to improve the documentation, in particular 
with an added table to summarizes my findings, so that they are 
recorded somewhere.


The attached fixes the tablespace entry that I forgot to fill in full.

-- Fabien.

Re[2]: doc - improve description of default privileges

Re[2]: doc - improve description of default privileges

2 matches

Site Navigation

Mail list logo

Footer information