On Thu, Jan 31, 2013 at 03:49:36PM -0500, Peter Eisentraut wrote: > On 1/9/13 8:56 PM, Tom Lane wrote: > > However, it seems to me that this behavior is actually wrong for our > > purposes, as it represents a too-literal reading of the spec. The SQL > > standard has no concept of privileges on schemas, only ownership. > > We do have privileges on schemas, so it seems to me that the consistent > > thing would be for this view to show any schema that you either own or > > have some privilege on. That is the test should be more like > > > > pg_has_role(n.nspowner, 'USAGE') > > OR has_schema_privilege(n.oid, 'CREATE, USAGE') > > > > As things stand, a non-superuser won't see "public", "pg_catalog", > > nor even "information_schema" itself in this view, which seems a > > tad silly. > > I agree it would make sense to change this.
Is this the patch you want applied? The docs are fine? -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + It's impossible for everything to be true. +
diff --git a/src/backend/catalog/information_schema.sql b/src/backend/catalog/information_schema.sql new file mode 100644 index 95f267f..605bcbd *** a/src/backend/catalog/information_schema.sql --- b/src/backend/catalog/information_schema.sql *************** CREATE VIEW schemata AS *** 1502,1508 **** CAST(null AS sql_identifier) AS default_character_set_name, CAST(null AS character_data) AS sql_path FROM pg_namespace n, pg_authid u ! WHERE n.nspowner = u.oid AND pg_has_role(n.nspowner, 'USAGE'); GRANT SELECT ON schemata TO PUBLIC; --- 1502,1509 ---- CAST(null AS sql_identifier) AS default_character_set_name, CAST(null AS character_data) AS sql_path FROM pg_namespace n, pg_authid u ! WHERE n.nspowner = u.oid AND (pg_has_role(n.nspowner, 'USAGE') OR ! has_schema_privilege(n.oid, 'CREATE, USAGE')); GRANT SELECT ON schemata TO PUBLIC;
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers