| From: | "Joel Jacobson" <joel(at)compiler(dot)org> |
|---|---|
| To: | "Alvaro Herrera" <alvherre(at)alvh(dot)no-ip(dot)org> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Add pg_ownerships and pg_privileges system views |
| Date: | 2024-12-16 15:23:08 |
| Message-ID: | eaf80db4-476d-4dfb-9768-990bb64f6da6@app.fastmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi hackers,
As noted in previous feedback, relying on pg_shdepend leads to a less-than-ideal
behavior: no privileges are displayed for an object until at least one privilege
is granted to a role other than the owner, as explained by Alvaro:
On Sun, Oct 20, 2024, at 12:14, Alvaro Herrera wrote:
> Now, depending on pg_shdepend for this means that you don't report
> anything for an object until a GRANT to another user has been executed.
> For example if you REVOKE some priv from the object owner, nothing is
> shown until a GRANT is done for another user (and at that point onwards,
> privs by the owner are shown). This seems less than ideal, but I'm not
> sure how to do different, other than ditching the use of pg_shdepend
> entirely.
I'm considering withdrawing this patch, due to this awkwardness.
Do we still want pg_ownerships? If so, I can submit it as a separate patch.
Are there any idea on how to address the underlying dependency issue so that
pg_privileges can report owner privileges consistently from the start,
without requiring a subsequent grant to another user?
/Joel
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2024-12-16 15:33:59 | Re: Improving default column names/aliases of subscript text expressions |
| Previous Message | Joel Jacobson | 2024-12-16 15:09:36 | Re: New "single" COPY format |