Smaller access privilege changes

Since there is no plan yet how to do a wholesale overhaul of the ACL
system, I'd like to stick a few improvements into the current
implementation:

* Make DELETE distinct from UPDATE privilege

* rename the internal representation: s = select, i = insert, u = update, d = delete, R = rules

* LOCK > AccessShare will require UPDATE or DELETE.  This is not a change in effect.

* Sequence nextval and setval will require UPDATE; DELETE won't do any longer.

* COPY FROM will require INSERT privilege.  It used to require UPDATE/DELETE, it think that is not correct..

* INSERT (the command) will require INSERT privilege.  UPDATE/DELETE won't do any longer.  (Why was this there?)

* Implement SQL REFERENCES privilege:  grant references on A to B will allow user B to create a foreign key referencing
tableA as primary key.
 

I'd also like to create a regression test.  That will require creating
some global users and groups in the installation where the test runs.  I
think as long as we name them "regressuser1", "regressgroup2", etc. this
won't harm anyone.

Comments?

-- 
Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter