I have added this syntax to the TODO list:
* Allow GRANT/REVOKE permissions to be applied to all schema objects with one
command
The proposed syntax is:
GRANT SELECT ON ALL TABLES IN public TO phpuser;
GRANT SELECT ON NEW TABLES IN public TO phpuser;
---
Hi *,
I will start implementing this stuff based on this syntax:
GRANT SELECT ON ALL TABLES IN public TO phpuser;
GRANT SELECT ON NEW TABLES IN public TO phpuser;
so there are two seperate commands to use.
is everybody fine with this aproach?
cheers,
Matthias
PS.: Tom, shouldn't we mention the fact
On Saturday 29 January 2005 09:14, Stephen Frost wrote:
> * Tom Lane ([EMAIL PROTECTED]) wrote:
> > Or just make the user enter two commands for this case. Aside from
> > syntactic simplicity, that might be a good idea anyway. The NEW TABLES
> > case is *fundamentally* different from every other
* Tom Lane ([EMAIL PROTECTED]) wrote:
> Or just make the user enter two commands for this case. Aside from
> syntactic simplicity, that might be a good idea anyway. The NEW TABLES
> case is *fundamentally* different from every other form of GRANT, in
> that it causes future actions. So it might
Josh Berkus writes:
> GRANT SELECT ON ALL, NEW TABLES IN public TO phpuser;
> ... does both.
Ah, I overlooked that part of your message. I think the above probably
doesn't work in bison, but if not we could spell it like
GRANT SELECT ON ALL AND NEW TABLES IN public TO phpuser;
Or just make t
Josh Berkus writes:
> Hmm, what about using, ALL and NEW? i.e.
> GRANT SELECT ON NEW TABLES IN public TO phpuser;
> GRANT SELECT ON ALL TABLES IN public TO phpuser;
That seems good to me. More generally it would be
GRANT perm [,...] ON NEW/ALL TABLES IN schema [,...] TO user [,...]
Tom,
> This however seems a rather whimsical reinvention of the meaning of
> CASCADE. ÂI'm not sure if we really need to support both immediate and
> delayed inheritance of privileges from a schema, but if we do, let's
> please use some other keyword than CASCADE to distinguish the cases.
> Also i
Josh Berkus writes:
> Can't say I like either. I'd prefer:
> GRANT [PERM] ON ALL TABLES IN SCHEMA [schemaname] TO [user];
I agree that this syntax seems more SQL-ish than relying on a wildcard.
> GRANT SELECT, UPDATE, INSERT ON TABLES IN SCHEMA public TO php-user;
> .. would set the defaul
Matt,
> a) accept some sort of wildcard for the grant on table syntax:
> Â Â GRANT ... ON TABLE schema.*
>
> b) use something like CASCADE for the grant on schema syntax:
> Â Â GRANT ... ON SCHEMA CASCADE
> Â Â In this case the grant on schema's need to swallow the permissions
> Â Â (SELECT, INSER
