Bruce Momjian <pgman@candle.pha.pa.us> writes:
> Tom Lane wrote:
>> Just ignore the inapplicable permissions during pg_dump. I think you're
>> making this harder than it needs to be...
> I don't think we should allow GRANT DELETE ON seq in 8.2 for invalid
> permission.
That's fine, but pg_dump has to continue to work against old servers,
so it's going to have to be coded to ignore inapplicable permissions
anyway. Contorting the server-side code to avoid that is pointless.
> Ignoring your insult, the code is structured this way:
> check all permission bits
> call object-type-specific routine
> loop over each object and set permission bits
> so, to fix this, I would need to move the permission bit checks into
> object-type-specific routines so that I could check the permission bits
> for each object, rather than once in a single place.
You'd have to allow the union of relation and sequence rights during the
conversion to bitmask form in ExecuteGrantStmt, and then check more
closely inside the per-object loop in ExecGrant_Relation, but that
doesn't seem like a showstopper to me. It certainly seems more pleasant
than exposing bizarre restrictions to users because we're sharing code
between the cases.
regards, tom lane