| From: | Gevik Babakhani <pgdev(at)xs4all(dot)nl> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: TODO item pg_hba.conf |
| Date: | 2006-04-20 19:15:03 |
| Message-ID: | 1145560503.23834.12.camel@voyager.truesoftware.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Cool :) Thank you :)
On Thu, 2006-04-20 at 15:05 -0400, Alvaro Herrera wrote:
> Gevik Babakhani wrote:
>
> > > I'm not sure if you realize it, but this should be an extremely small
> > > patch. In particular, if you think you need to change the parser then
> > > you are already off on the wrong track. The parser doesn't know
> > > anything about specific privilege types (as of 8.1 anyway). It'd be
> > > worth your while to study how the existing privileges on databases
> > > are handled, eg, exactly what places know about the TEMP privilege.
> >
> > To study the existing privileges is the first thing on my list. Because
> > I am new to this, it is sometimes difficult to know what is already
> > there, and what is possible or not. Your advice in GOLD. Thank you :)
>
> This is how a GRANT/REVOKE works:
>
> 1. the command is parsed by the parser (parser/gram.y)
> 2. a node is created, type GrantStmt
> 3. the node is picked up by the traffic cop (tcop/utility.c)
> 4. It's passed to ExecuteGrantStmt (commands/aclchk.c)
> 5. It's converted to internal form and passed to ExecGrant_Database
>
> Notice the handling of "WITH GRANT OPTION", and observe that the test is
> "reversed" on REVOKE, which seems awfully unintuitive.
>
> It should be easy to make this code understand a new privilege type.
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Larry Rosenman | 2006-04-20 19:17:35 | Re: Unresolved Win32 bug reports |
| Previous Message | Larry Rosenman | 2006-04-20 19:14:52 | Re: Unresolved Win32 bug reports |