Re: Problem with function aclcontains, features or bug?

"Vadim I. Passynkov" <pvi@axxent.ca> writes:
> But, next result is wrong.

> spidermon=# SELECT aclcontains ( ( SELECT relacl FROM pg_class where
> relname = 'objects_view' ), 'user pvi=w' );
>  aclcontains
> -------------
>  t
> (1 row)

aclcontains() is defined in a bizarre and useless fashion in pre-7.1
releases --- IIRC, it returns T in this example if there is an entry
mentioning user pvi in the ACL list, regardless of whether it grants
w access or not.  This is changed for 7.1, but it still doesn't tell
you what you really want to know, which is whether pvi has w access
(possibly via a group) or not.

> How I can know permission for user/group before make real operations?

There's no good way at the moment.  Sorry.

            regards, tom lane