Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb0bcf8a

Browse files
committed
Restructure AclItem representation so that we can have more than eight
different privilege bits (might as well make use of the space we werewasting on padding). EXECUTE and USAGE bits for procedures, languagesnow are separate privileges instead of being overlaid on SELECT. Addprivileges for namespaces and databases. The GRANT and REVOKE commandswork for these object types, but we don't actually enforce the privilegesyet...
1 parentad201b8 commitb0bcf8a

File tree

20 files changed

+832
-510
lines changed

20 files changed

+832
-510
lines changed

‎doc/src/sgml/catalogs.sgml

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
<!--
22
Documentation of the system catalogs, directed toward PostgreSQL developers
3-
$Header: /cvsroot/pgsql/doc/src/sgml/catalogs.sgml,v 2.42 2002/04/16 23:08:09 tgl Exp $
3+
$Header: /cvsroot/pgsql/doc/src/sgml/catalogs.sgml,v 2.43 2002/04/21 00:26:42 tgl Exp $
44
-->
55

66
<chapter id="catalogs">
@@ -825,7 +825,7 @@
825825
<entry>
826826
If true then this database can be used in the
827827
<quote>TEMPLATE</quote> clause of <command>CREATE
828-
DATABASE</command> to createthe new database as a clone of
828+
DATABASE</command> to createa new database as a clone of
829829
this one.
830830
</entry>
831831
</row>
@@ -890,6 +890,13 @@
890890
<entry></entry>
891891
<entry>Session defaults for run-time configuration variables</entry>
892892
</row>
893+
894+
<row>
895+
<entry>datacl</entry>
896+
<entry><type>aclitem[]</type></entry>
897+
<entry></entry>
898+
<entry>Access permissions</entry>
899+
</row>
893900
</tbody>
894901
</tgroup>
895902
</table>

‎doc/src/sgml/ref/grant.sgml

Lines changed: 48 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.21 2002/02/2122:39:36 momjian Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.22 2002/04/2100:26:42 tgl Exp $
33
PostgreSQL documentation
44
-->
55

@@ -18,7 +18,11 @@ PostgreSQL documentation
1818
<synopsis>
1919
GRANT { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER }
2020
[,...] | ALL [ PRIVILEGES ] }
21-
ON [ TABLE ] <replaceable class="PARAMETER">objectname</replaceable> [, ...]
21+
ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...]
22+
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
23+
24+
GRANT { { CREATE | TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] }
25+
ON DATABASE <replaceable>dbname</replaceable> [, ...]
2226
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
2327

2428
GRANT { EXECUTE | ALL [ PRIVILEGES ] }
@@ -28,6 +32,10 @@ GRANT { EXECUTE | ALL [ PRIVILEGES ] }
2832
GRANT { USAGE | ALL [ PRIVILEGES ] }
2933
ON LANGUAGE <replaceable>langname</replaceable> [, ...]
3034
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
35+
36+
GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
37+
ON SCHEMA <replaceable>schemaname</replaceable> [, ...]
38+
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
3139
</synopsis>
3240
</refsynopsisdiv>
3341

@@ -36,7 +44,8 @@ GRANT { USAGE | ALL [ PRIVILEGES ] }
3644

3745
<para>
3846
The <command>GRANT</command> command gives specific permissions on
39-
an object (table, view, sequence, function, procedural language) to
47+
an object (table, view, sequence, database, function, procedural language,
48+
or schema) to
4049
one or more users or groups of users. These permissions are added
4150
to those already granted, if any.
4251
</para>
@@ -144,6 +153,29 @@ GRANT { USAGE | ALL [ PRIVILEGES ] }
144153
</listitem>
145154
</varlistentry>
146155

156+
<varlistentry>
157+
<term>CREATE</term>
158+
<listitem>
159+
<para>
160+
For databases, allows new schemas to be created in the database.
161+
</para>
162+
<para>
163+
For schemas, allows new objects to be created within the specified
164+
schema.
165+
</para>
166+
</listitem>
167+
</varlistentry>
168+
169+
<varlistentry>
170+
<term>TEMPORARY</term>
171+
<term>TEMP</term>
172+
<listitem>
173+
<para>
174+
Allows temporary tables to be created while using the database.
175+
</para>
176+
</listitem>
177+
</varlistentry>
178+
147179
<varlistentry>
148180
<term>EXECUTE</term>
149181
<listitem>
@@ -159,10 +191,16 @@ GRANT { USAGE | ALL [ PRIVILEGES ] }
159191
<term>USAGE</term>
160192
<listitem>
161193
<para>
162-
Allowsthe use of the specifiedprocedurallanguage for the
163-
creation of functions in that language. This is the only type
194+
For procedural languages, allowsthe use of the specified language for
195+
thecreation of functions in that language. This is the only type
164196
of privilege that is applicable to procedural languages.
165197
</para>
198+
<para>
199+
For schemas, allows the use of objects contained in the specified
200+
schema (assuming that the objects' own privilege requirements are
201+
met). Essentially this allows the grantee to <quote>look up</>
202+
objects within the schema.
203+
</para>
166204
</listitem>
167205
</varlistentry>
168206

@@ -226,7 +264,11 @@ GRANT { USAGE | ALL [ PRIVILEGES ] }
226264
R -- RULE
227265
x -- REFERENCES
228266
t -- TRIGGER
229-
arwdRxt -- ALL PRIVILEGES
267+
X -- EXECUTE
268+
U -- USAGE
269+
C -- CREATE
270+
T -- TEMPORARY
271+
arwdRxt -- ALL PRIVILEGES (for tables)
230272
</programlisting>
231273
</para>
232274

‎doc/src/sgml/ref/revoke.sgml

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.21 2002/02/2122:39:36 momjian Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.22 2002/04/2100:26:42 tgl Exp $
33
PostgreSQL documentation
44
-->
55

@@ -18,7 +18,11 @@ PostgreSQL documentation
1818
<synopsis>
1919
REVOKE { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER }
2020
[,...] | ALL [ PRIVILEGES ] }
21-
ON [ TABLE ] <replaceable class="PARAMETER">object</replaceable> [, ...]
21+
ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...]
22+
FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
23+
24+
REVOKE { { CREATE | TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] }
25+
ON DATABASE <replaceable>dbname</replaceable> [, ...]
2226
FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
2327

2428
REVOKE { EXECUTE | ALL [ PRIVILEGES ] }
@@ -28,6 +32,10 @@ REVOKE { EXECUTE | ALL [ PRIVILEGES ] }
2832
REVOKE { USAGE | ALL [ PRIVILEGES ] }
2933
ON LANGUAGE <replaceable>langname</replaceable> [, ...]
3034
FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
35+
36+
REVOKE { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
37+
ON SCHEMA <replaceable>schemaname</replaceable> [, ...]
38+
FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
3139
</synopsis>
3240
</refsynopsisdiv>
3341

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp