On Sun, 2009-06-28 at 14:32 -0400, Tom Lane wrote:
> Jeff Davis <pgsql@j-davis.com> writes:
> > My idea is to have a "GRANT mask":
> > CREATE ROLE foo_ro GRANT (SELECT ON TABLE, USAGE ON SCHEMA) FROM foo;
>
> You haven't really explained what "foo" is here. If it's a single
> object then I don't think this offers any leverage. If it's a
> placeholder or class representative of some kind, then maybe, but
> in that case you've entirely failed to convey the point ...
>
I meant for "foo" to be a user. "foo_ro" would be the read-only version,
who has a strict subset of foo's permissions.
Regards,Jeff Davis