On 2/22/17 2:51 AM, Pavel Stehule wrote:
The solution based on rights is elegant, but in this moment I cannot to see all possible impacts on performance - because it means new check for any call of any function. Maybe checking call stack can be good enough - I have not idea how often use case it it.
I think the simple solution to that is not to use proacl for this purpose but to add an oidvector to pg_proc that is a list of allowed callers. If the vector is kept sorted then it's a simple binary search.
BTW, I agree that this feature would be useful, as would PRIVATE, but they're two separate features.
-- Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX Experts in Analytics, Data Architecture and PostgreSQL Data in Trouble? Get it in Treble! http://BlueTreble.com 855-TREBLE2 (855-873-2532) -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers