Stephen Frost <sfrost@snowman.net> writes:
> * Jaime Casanova (jcasanov@systemguards.com.ec) wrote:
>> updating the patch with one that only extends inserts. though, i
>> haven't look at the col level privs patch yet.
> At least initially I wasn't planning to support column-level privileges
> for sequences, so I don't think it will affect you much. Do people
> think it makes sense to try and support that?
USAGE certainly wouldn't be column-level in any case --- it'd be a
privilege on the sequence as such. That end of it isn't the problem;
the problem is that column-level privileges on the table make it hard to
decide when to grant rights on the sequence, as I pointed out last time
round:
http://archives.postgresql.org/pgsql-hackers/2008-07/msg00624.php
> As your patch appears more ready-for-commit than the column-level
> privileges patch, I wouldn't worry about what code might have to move
> around, that'll be for me to deal with in a re-sync with HEAD once your
> patch is committed.
I think that's backwards. The above message raises serious concerns
about whether the USAGE-granting patch can be implemented at all in the
presence of column-level privileges. I think the right thing is to get
column privileges in and then see if it's possible to implement
USAGE-granting compatibly. I don't want to commit a patch that is
clearly going to be broken when (not if) column privileges arrive.
I note also that no response was given to my worries about pg_dump
behavior.
In short, this patch isn't much more ready to commit than it was
in the last fest.
regards, tom lane