From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
---|---|
To: | Bryn Llewellyn <bryn(at)yugabyte(dot)com> |
Cc: | Tom Lane PostgreSQL <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Ron <ronljohnsonjr(at)gmail(dot)com>, pgsql-general list <pgsql-general(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Test if a database has any privilege granted to public |
Date: | 2022-12-15 20:26:29 |
Message-ID: | CAKFQuwa1FwVNrL4aZFkGWJL3S7kmcNiJRR=d4pOzsAr6w94xUw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Thu, Dec 15, 2022 at 12:51 PM Bryn Llewellyn <bryn(at)yugabyte(dot)com> wrote:
>
>
>
>
>
> *select datname::textfrom pg_databasewhere 0::oid = any(select
> (aclexplode(datacl)).grantee)or datacl is null;*
> That's easy if you know that you need to write this. But the need to do so
> seems to depend on pretty arcane knowledge that, as far as I can see, isn't
> documented.
>
>
The last paragraph of the privileges documentation says this explicitly:
If the “Access privileges” column is empty for a given object, it means the
object has default privileges (that is, its privileges entry in the
relevant system catalog is null). Default privileges always include all
privileges for the owner, and can include some privileges for PUBLIC
depending on the object type, as explained above.
https://www.postgresql.org/docs/current/ddl-priv.html
Or, you know, just use the provided functions that have been
programmed with knowledge of how the system works.
https://www.postgresql.org/docs/current/functions-info.html#FUNCTIONS-INFO-ACCESS-TABLE
select has_database_privilege(0,current_database(),'CONNECT');
David J.
From | Date | Subject | |
---|---|---|---|
Next Message | Bryn Llewellyn | 2022-12-16 00:17:21 | Re: Test if a database has any privilege granted to public |
Previous Message | Bryn Llewellyn | 2022-12-15 19:51:07 | Re: Test if a database has any privilege granted to public |