My 0.02ยค: this creates an exception for anyone trying to parse the output. I would have preferred empty logically meaning no rights, and the default being spelled out explicitely.Uh, who'd be trying to parse the output of \dp?
Ok. Maybe humans?Note that 'No privileges' could be somehow interpreted as "default privileges" (no "special/given" privileges) or as "no permissions at all", so there is still some ambiguity, at least for me.
We could certainly consider the explicit-default approach (and it's one of the options I suggested), but to my mind we should evaluate the options entirely on what humans find readable, with exactly zero weight to machine readability.
Ok. So I agree with your suggestion, on the ground of avoiding a special output syntax in one particular case if possible.
Attached is a quick and dirty attempt at regenerating default privileges from dp query, with an added join on roles & and test on kind.
I'm not 100% sure of the list of privileges for all types, and I do not like much having them in a query like that because in the unlikely event that a new one is added, the query output suddenly becomes false.
From a programming point of view there is another pain with that approachas "describe.c" uses "printACLColumn", but this version would need the kind and the owner role as well, and it seems that all 11 instances of printACLColumn should be adapted as well.
As for David point of breaking anything from a user perspective, as the current output is currently ambiguous thus unreliable/unusable, I think it is more a bug fix than anything else.
-- Fabien.
dp.sql
Description: application/sql
