> TODO1: Allow GRANT/REVOKE permissions to be applied to all schema > objects with one command. > TODO2: Assign Permissions to schemas wich get automatically inherited > by objects created in the schema. > > a) should we pursue both of them? > b) how can a syntax for TODO1 look like? Anchored at 'GRANT ... ON > SCHEMA' or 'GRANT ... ON <objecttype>' ?
I vote no on a. Reason: it's relatively easy to do the same thing already. However if you do end up doing that, I'd suggest using 'CASCADE'. This is reasonably consistent with other dependency honoring commands in pg. What I would really like to see is TODO2: because this allows greater flexibility for controlling security. This is impossible in pg currently, and may be a slightly more sophisticated job. Good luck! Merlin ---------------------------(end of broadcast)--------------------------- TIP 7: don't forget to increase your free space map settings
