Hi
> I don't understand. The code should look like this:
>
> if (acl in pg_database == NULL)
> acl = acldefault
> else
> acl = acl in pg_database
> if (has_permission(acl, user, ACL_CONNECT))
> can connect
> else
> can't connect
>
To my surprise the code you described above was already there :)
function aclchk.c:pg_database_aclmask:1696
snip...
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
aclDatum = (Datum) 0;
}
However the original acldefault:case:ACL_OBJECT_DATABASE only had
ACL_CREATE_TEMP as default for PUBLIC. I thought by adding ACL_CONNECT
to the world_owner makes connecting to a database available for public,
which is the required behavior as discussed yesterday.
Original...
case ACL_OBJECT_DATABASE:
world_default = ACL_CREATE_TEMP /* NO_RIGHTS! */
owner_default = ACL_ALL_RIGHTS_DATABASE;
break;
Proposed....
case ACL_OBJECT_DATABASE:
world_default = ACL_CREATE_TEMP | ACL_CONNECT; /* NO_RIGHTS! */
owner_default = ACL_ALL_RIGHTS_DATABASE;
break;
Would the above be correct?
The following is how I tested the code above.
1. make new new compile/install and initdb.
2. run createdb <enter> (database pgdev is created)
3. psql <enter> (login with user pgdev to pgdev)
4. create role user1 login; and then quit.
5. psql -U user1 -d pgdev (login success. this is the backward
compatible and the required behavior I guess we wanted)
6. quit and login with psql like step in 3
7.
GRANT CONNECTION ON DATABASE pgdev to pgdev;
(this would overwrite the ACL NULL. The public ACL still exists.)
REVOKE CONNECTION ON DATABASE pgdev from PUBLIC; and the quit
(public cannot login to pgdev anymore :) only the owner )
8. psql -U user1 -d pgdev (login fails this time
psql: FATAL: couldn't connect to database pgdev
DETAIL: User user1 doesn't have the CONNECTION privilege for database
pgdev.
)
9. quit and login with psql like step in 3
GRANT CONNECTION ON DATABASE pgdev to user1; and quit.
10. psql -U user1 -d pgdev (login success and the {user1=c/pgdev}
is added to the ACL)
* end test *************************
If the above is okay and correct. Then I guess for simple systems one
could only enter the line below in pg_hba.conf
"host/hostssel all all (whatever IP) (whatever option)"
and by granting ACL_CONNECT to roles could keep
the pg_hba.conf simple and short.
New test patch:
http://www.xs4all.nl/~gevik/patch/patch-0.2.diff
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
