Re: SEQUENCE keyword is option on GRANT

On Mon, Mar 31, 2025 at 9:55 PM David G. Johnston
<david(dot)g(dot)johnston(at)gmail(dot)com> wrote:
>
>
> On Monday, March 31, 2025, PG Doc comments form <noreply(at)postgresql(dot)org> wrote:
>>
>> The following documentation comment has been logged on the website:
>>
>> Page: https://www.postgresql.org/docs/17/sql-grant.html
>> Description:
>>
>> The documentation indicates that they keyword SEQUENCE must precede the
>> sequence_name in a GRANT, but in my experience it is optional:
>>
>> colin(at)adinkra:~$ psql
>> psql (17.4 (Debian 17.4-1.pgdg120+2))
>> Type "help" for help.
>>
>> colin(at)[local]:colin=> create sequence x;
>> CREATE SEQUENCE
>> colin(at)[local]:colin=> grant select on x to public; -- should fail but
>> works
>>
>
> Sequences are relations (see pg_class) so the [TABLE] variant is able to target them, which is what you’ve written here.
>

but

ON { SEQUENCE sequence_name [, ...]

need change to

ON { [SEQUENCE] sequence_name [, ...]

in grant.sgml

but play around more.

src6=# create table y();
src6=# create sequence ys;

grant select on table ys to public; --ok
grant usage on table ys to public; --ok
grant update on table ys to public; ---ok.

grant insert on table ys to public; ---ok.
WARNING: sequence "ys" only supports USAGE, SELECT, and UPDATE privileges

grant update on sequence y to public;
ERROR: "y" is not a sequence

grant insert on sequence y to public;
ERROR: invalid privilege type INSERT for sequence

so
GRANT { { USAGE | SELECT | UPDATE }
[, ...] | ALL [ PRIVILEGES ] }
ON { SEQUENCE sequence_name [, ...]

really should be

GRANT { { USAGE | SELECT | UPDATE }
[, ...] | ALL [ PRIVILEGES ] }
ON { [{SEQUENCE | TABLE}] sequence_name [, ...]