| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: For foreign keys, check REFERENCES privilege only on the referen |
| Date: | 2017-03-31 22:11:48 |
| Message-ID: | E1cu4lo-0006rb-Di@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
For foreign keys, check REFERENCES privilege only on the referenced table.
We were requiring that the user have REFERENCES permission on both the
referenced and referencing tables --- but this doesn't seem to have any
support in the SQL standard, which says only that you need REFERENCES
permission on the referenced table. And ALTER TABLE ADD FOREIGN KEY has
already checked that you own the referencing table, so the check could
only fail if a table owner has revoked his own REFERENCES permission.
Moreover, the symmetric interpretation of this permission is unintuitive
and confusing, as per complaint from Paul Jungwirth. So let's drop the
referencing-side check.
In passing, do a bit of wordsmithing on the GRANT reference page so that
all the privilege types are described in similar fashion.
Discussion: https://postgr.es/m/8940.1490906755@sss.pgh.pa.us
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/64d4da511c012faff8ac309595620938a43c6817
Modified Files
--------------
doc/src/sgml/ref/create_table.sgml | 8 +++++---
doc/src/sgml/ref/grant.sgml | 19 +++++++++----------
src/backend/commands/tablecmds.c | 8 ++++++--
3 files changed, 20 insertions(+), 15 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2017-04-01 00:19:49 | pgsql: Fix typos. |
| Previous Message | Robert Haas | 2017-03-31 21:36:20 | pgsql: Improve documentation for table partitioning. |