Smaller access privilege changes
От | Peter Eisentraut |
---|---|
Тема | Smaller access privilege changes |
Дата | |
Msg-id | Pine.LNX.4.30.0105241250130.757-100000@peter.localdomain обсуждение исходный текст |
Ответы |
Re: Smaller access privilege changes
Re: Smaller access privilege changes |
Список | pgsql-hackers |
Since there is no plan yet how to do a wholesale overhaul of the ACL system, I'd like to stick a few improvements into the current implementation: * Make DELETE distinct from UPDATE privilege * rename the internal representation: s = select, i = insert, u = update, d = delete, R = rules * LOCK > AccessShare will require UPDATE or DELETE. This is not a change in effect. * Sequence nextval and setval will require UPDATE; DELETE won't do any longer. * COPY FROM will require INSERT privilege. It used to require UPDATE/DELETE, it think that is not correct.. * INSERT (the command) will require INSERT privilege. UPDATE/DELETE won't do any longer. (Why was this there?) * Implement SQL REFERENCES privilege: grant references on A to B will allow user B to create a foreign key referencing tableA as primary key. I'd also like to create a regression test. That will require creating some global users and groups in the installation where the test runs. I think as long as we name them "regressuser1", "regressgroup2", etc. this won't harm anyone. Comments? -- Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter
В списке pgsql-hackers по дате отправления: