| From: | Erik Wienhold <ewie(at)ewie(dot)name> |
|---|---|
| To: | Dominique Devienne <ddevienne(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: NULL pg_database.datacl |
| Date: | 2023-03-20 13:18:30 |
| Message-ID: | 1479824139.962974.1679318310954@office.mailbox.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> On 20/03/2023 13:50 CET Dominique Devienne <ddevienne(at)gmail(dot)com> wrote:
>
> On Mon, Mar 20, 2023 at 1:18 PM Erik Wienhold <ewie(at)ewie(dot)name> wrote:
> > > On 20/03/2023 11:52 CET Dominique Devienne <ddevienne(at)gmail(dot)com> wrote:
> > > What does a NULL AclItem[] mean exactly?
> >
> > It means that the object has default privileges (before any GRANT or REVOKE
> > is executed). For databases this means full privileges for the database owner
> > and the CONNECT and TEMPORARY privileges for PUBLIC. So any user can connect
> > if allowed by pg_hba.conf.
> >
> > https://www.postgresql.org/docs/current/ddl-priv.html
>
> Thanks Erik. But then, how come aclexplode() is not showing these
> default/implicit privileges?
>
> Is there a SQL function returning those per-type default provileges?
> That I could then coalesce() datacl with?
Use acldefault. Pass in ownerId=0 to get the privileges for PUBLIC.
https://www.postgresql.org/docs/current/functions-info.html#FUNCTIONS-ACLITEM-FN-TABLE
--
Erik
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dominique Devienne | 2023-03-20 13:41:34 | Re: NULL pg_database.datacl |
| Previous Message | Inzamam Shafiq | 2023-03-20 12:57:51 | Oracle to PostgreSQL Migration |