Re: Why sequence grant is separated from table?

From: Rural Hunter <ruralhunter(at)gmail(dot)com>
To: Szymon Guz <mabewlun(at)gmail(dot)com>
Cc: "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org>
Subject: Re: Why sequence grant is separated from table?
Date: 2013-06-19 10:06:11
Message-ID: 51C18293.4030904@gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">于 2013/6/19 17:47, Szymon Guz 写道:<br>
</div>
<blockquote
cite="mid:CAFjNrYto7C0G_2+UFLcWng3T6rZih5t54P0tRO4w+_Z0wONxMA(at)mail(dot)gmail(dot)com"
type="cite">
<div dir="ltr">On 19 June 2013 11:35, Rural Hunter <span
dir="ltr">&lt;<a moz-do-not-send="true"
href="mailto:ruralhunter(at)gmail(dot)com" target="_blank">ruralhunter(at)gmail(dot)com</a>&gt;</span>
wrote:<br>
<div class="gmail_extra">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">I really
hate the error "permission denied for sequence xxxxx" when
I grant on a table but forget to grant additionally on the
related sequence to users. Can the permission of table and
related sequences be merged?<span class="HOEnZb"><font
color="#888888"><br>
<br>
</font></span></blockquote>
<div><br>
</div>
<div style="">I can imagine a situation where you want a
user to be granted rights on a table, to use sequence with
curval and nextval functions, but not setval, as it can
provide some database problems.</div>
</div>
</div>
</div>
</blockquote>
oh, is it possible to separately grant nextval and setval on
sequence currently?<br>
<blockquote
cite="mid:CAFjNrYto7C0G_2+UFLcWng3T6rZih5t54P0tRO4w+_Z0wONxMA(at)mail(dot)gmail(dot)com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div style=""><br>
</div>
<div style="">What's more, in general, you cannot say which
sequence is used for which table, if the sequence is not
owned by the table.</div>
</div>
</div>
</div>
</blockquote>
Can we get it from the column definition such as a serial column?<br>
<blockquote
cite="mid:CAFjNrYto7C0G_2+UFLcWng3T6rZih5t54P0tRO4w+_Z0wONxMA(at)mail(dot)gmail(dot)com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div style=""><br>
</div>
<div style="">Which permissions of a table do you want to
merge with which permissions of sequences?</div>
</div>
</div>
</div>
</blockquote>
At least granting insert on a table means to grant update on the
sequence used by serial columns.<br>
<blockquote
cite="mid:CAFjNrYto7C0G_2+UFLcWng3T6rZih5t54P0tRO4w+_Z0wONxMA(at)mail(dot)gmail(dot)com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div style=""><br>
</div>
<div style="">regards</div>
<div style="">Szymon</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>

Attachment Content-Type Size
unknown_filename text/html 3.1 KB

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Szymon Guz 2013-06-19 10:15:26 Re: Why sequence grant is separated from table?
Previous Message Szymon Guz 2013-06-19 09:47:30 Re: Why sequence grant is separated from table?