pgsql: Allow choosing specific grantors via GRANT/REVOKE ... GRANTED BY
| От | Nathan Bossart |
|---|---|
| Тема | pgsql: Allow choosing specific grantors via GRANT/REVOKE ... GRANTED BY |
| Дата | |
| Msg-id | E1w3GTX-000WGQ-0c@gemulon.postgresql.org обсуждение исходный текст |
| Список | pgsql-committers |
Allow choosing specific grantors via GRANT/REVOKE ... GRANTED BY. Except for GRANT and REVOKE on roles, the GRANTED BY clause currently only accepts the current role to match the SQL standard. And even if an acceptable grantor (i.e., the current role) is specified, Postgres ignores it and chooses the "best" grantor for the command. Allowing the user to select a specific grantor would allow better control over the precise behavior of GRANT/REVOKE statements. This commit adds that ability. For consistency with select_best_grantor(), we only permit choosing grantor roles for which the current role inherits privileges. Author: Nathan Bossart <nathandbossart@gmail.com> Co-authored-by: Tom Lane <tgl@sss.pgh.pa.us> Discussion: https://postgr.es/m/aRYLkTpazxKhnS_w%40nathan Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/dd1398f1378799acc60c3ed85d82439b2ff69141 Modified Files -------------- doc/src/sgml/ref/grant.sgml | 8 ++--- doc/src/sgml/ref/revoke.sgml | 8 ++++- src/backend/catalog/aclchk.c | 31 ++++++----------- src/backend/utils/adt/acl.c | 33 +++++++++++++++--- src/include/nodes/parsenodes.h | 2 +- src/include/utils/acl.h | 2 +- src/include/utils/aclchk_internal.h | 1 + src/test/regress/expected/privileges.out | 60 +++++++++++++++++++++++++++++++- src/test/regress/sql/privileges.sql | 34 ++++++++++++++++++ 9 files changed, 145 insertions(+), 34 deletions(-)
В списке pgsql-committers по дате отправления: