Re: [HACKERS] Repetition of warning message while REVOKE

Fri, 05 Mar 2010 05:19:04 -0800 

* Tom Lane ([email protected]) wrote:
> One thought is that the column cases should be phrased more like
>       no privileges could be revoked for column "foo" of table "bar"
> Check the messages associated with DROP cascading for the canonical
> phrasing here, but I think that's what it is.

Looks like 'for column "foo" of relation "bar"' is more typical, so
that's what I did in the attached patch.  I also cleaned up a few other
things I noticed in looking through the various messages/comments.

        Thanks!

                Stephen

? src/backend/regex/.regcomp.c.swp
? src/pl/plpgsql/src/pl_scan.c
Index: src/backend/catalog/aclchk.c
===================================================================
RCS file: /projects/cvsroot/pgsql/src/backend/catalog/aclchk.c,v
retrieving revision 1.163
diff -c -r1.163 aclchk.c
*** src/backend/catalog/aclchk.c	26 Feb 2010 02:00:35 -0000	1.163
--- src/backend/catalog/aclchk.c	5 Mar 2010 13:16:48 -0000
***************
*** 304,327 ****
  	if (is_grant)
  	{
  		if (this_privileges == 0)
! 			ereport(WARNING,
! 					(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
! 				  errmsg("no privileges were granted for \"%s\"", objname)));
! 		else if (!all_privs && this_privileges != privileges)
! 			ereport(WARNING,
! 					(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
! 			 errmsg("not all privileges were granted for \"%s\"", objname)));
  	}
  	else
  	{
  		if (this_privileges == 0)
! 			ereport(WARNING,
! 					(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
! 			  errmsg("no privileges could be revoked for \"%s\"", objname)));
! 		else if (!all_privs && this_privileges != privileges)
! 			ereport(WARNING,
! 					(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
! 					 errmsg("not all privileges could be revoked for \"%s\"", objname)));
  	}
  
  	return this_privileges;
--- 304,365 ----
  	if (is_grant)
  	{
  		if (this_privileges == 0)
! 	   	{
! 			if (objkind == ACL_KIND_COLUMN && colname)
! 				ereport(WARNING,
! 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
! 					  errmsg("no privileges were granted for column \"%s\" of relation \"%s\"",
! 						  colname, objname)));
! 			else
! 				ereport(WARNING,
! 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
! 					  errmsg("no privileges were granted for \"%s\"", objname)));
! 		}
! 		else
! 		{	
! 			if (!all_privs && this_privileges != privileges)
! 			{
! 				if (objkind == ACL_KIND_COLUMN && colname)
! 					ereport(WARNING,
! 							(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
! 					 errmsg("not all privileges were granted for column \"%s\" of relation \"%s\"",
! 						 colname, objname)));
! 				else
! 					ereport(WARNING,
! 							(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
! 					 errmsg("not all privileges were granted for \"%s\"", objname)));
! 			}
! 		}
  	}
  	else
  	{
  		if (this_privileges == 0)
! 		{
! 			if (objkind == ACL_KIND_COLUMN && colname)
! 				ereport(WARNING,
! 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
! 				  errmsg("no privileges could be revoked for column \"%s\" of relation \"%s\"",
! 					  colname, objname)));
! 			else
! 				ereport(WARNING,
! 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
! 				  errmsg("no privileges could be revoked for \"%s\"", objname)));
! 		}
! 		else
! 		{
! 			if (!all_privs && this_privileges != privileges)
! 			{
! 				if (objkind == ACL_KIND_COLUMN && colname)
! 					ereport(WARNING,
! 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
! 						 errmsg("not all privileges could be revoked for column \"%s\" of relation \"%s\"",
! 							 colname, objname)));
! 				else
! 					ereport(WARNING,
! 						(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
! 						 errmsg("not all privileges could be revoked for \"%s\"", objname)));
! 			}
! 		}
  	}
  
  	return this_privileges;
***************
*** 1657,1664 ****
  		/*
  		 * The GRANT TABLE syntax can be used for sequences and non-sequences,
  		 * so we have to look at the relkind to determine the supported
! 		 * permissions.  The OR of table and sequence permissions were already
! 		 * checked.
  		 */
  		if (istmt->objtype == ACL_OBJECT_RELATION)
  		{
--- 1695,1702 ----
  		/*
  		 * The GRANT TABLE syntax can be used for sequences and non-sequences,
  		 * so we have to look at the relkind to determine the supported
! 		 * permissions.  The OR of relation and sequence permissions were
! 		 * already checked.
  		 */
  		if (istmt->objtype == ACL_OBJECT_RELATION)
  		{
***************
*** 3046,3052 ****
  		case ACLCHECK_NO_PRIV:
  			ereport(ERROR,
  					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
! 					 errmsg("permission denied for column %s of relation %s",
  							colname, objectname)));
  			break;
  		case ACLCHECK_NOT_OWNER:
--- 3084,3090 ----
  		case ACLCHECK_NO_PRIV:
  			ereport(ERROR,
  					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
! 					 errmsg("permission denied for column \"%s\" of relation \"%s\"",
  							colname, objectname)));
  			break;
  		case ACLCHECK_NOT_OWNER:

Attachment: signature.asc
Description: Digital signature

Reply via email to