Josh Berkus <[email protected]> writes:
> On 04/29/2013 09:59 AM, Tom Lane wrote:
>> As I pointed out to you last night, it does already say that.
>> I think the problem here is that we're just throwing a generic
>> permissions failure rather than identifying the particular permission
>> needed.
> Yeah, a better error message would help a lot. My first thought was
> "WTF? I'm the superuser, whaddya mean, 'permission denied'"?
Right. I wonder if there's any good reason why we shouldn't extend
aclerror() to, in all cases, add a DETAIL line along the lines of
ERROR: permission denied for schema web
DETAIL: This operation requires role X to have privilege Y.
Is there any scenario where this'd be exposing too much info?
regards, tom lane
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
