On Sat, 1 Jan 2011 23:54:05 -0500 Robert Haas <robertmh...@gmail.com> wrote: > On Mon, Dec 27, 2010 at 10:16 PM, Robert Haas <robertmh...@gmail.com> wrote: > > On Sat, Dec 25, 2010 at 11:52 PM, Robert Haas <robertmh...@gmail.com> wrote: > >> I'm working on getting a first chunk of this committed. > > > > OK, here's the patch. > > I've now committed a version of this with a bunch of further > revisions, corrections, and cleanup. It looks to me as though this > patch was written based on the 9.0 code and not thoroughly updated for > some of the 9.1 changes, but I think I cleaned most of that up. With > a patch of this size, I am sure there are a few things I overlooked, > so please point 'em out and I'll try to fix them promptly.
While testing the commit, I found that CREATE FOREIGN TABLE requires unnecessary USAGE privilege on the FOREIGN DATA WRAPPER. SQL/MED standard requires only USAGE on the SERVER as follows. <quote> 1) If <foreign table definition> is contained in an SQL-client module, then the enabled authorization identifiers shall include A. 2) The applicable privileges shall include the USAGE privilege on the foreign-server identified by <foreign server name>. 3) Additional privileges, if any, necessary to execute <foreign table definition> are implementation-defined. </quote> Sorry, this problem comes from original patch. OTOH, the document about this specification which is written in "GRANT" page is correct. Regards, -- Shigeru Hanada
20110105-no_fdw_check.patch
Description: Binary data
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
