* Kevin Grittner (kgri...@ymail.com) wrote: > Dean Rasheed <dean.a.rash...@gmail.com> wrote: > > >> Re-using the SQLSTATE 44000 is a bit iffy too. We should > >> probably define something to differentiate this, like: > >> > >> 44P01 ROW SECURITY WRITE POLICY VIOLATION > > > > Yes, that sounds sensible. > > I would be more inclined to use: > > 42501 ERRCODE_INSUFFICIENT_PRIVILEGE > > I know this is used 173 other places where a user attempts to do > something they are not authorized to do, so you would not be able > to differentiate the specific cause based on SQLSTATE if this is > used -- but why don't we feel that way about the other 173 causes? > Why does this security violation require a separate SQLSTATE?
I tend to agree with this and it feels more consistent. SQLSTATE is
already a very generic response system and knowing that it's a policy
violation instead of a GRANT violations strikes me as unlikely to be
terribly interesting at the level where you're just looking at the
SQLSTATE code.
Thanks!
Stephen
signature.asc
Description: Digital signature
