Added to TODO:
o %Allow per-database permissions to be set via GRANT
Allow database connection checks based on GRANT rules in
addition to the existing access checks in pg_hba.conf.
and remove:
o %Allow pg_hba.conf settings to be controlled via SQL
Hi,
I read the discussion thread once again and unless I am absolutely
and totally on the wrong track this is what I understood from the
general plan to be. The current pg_hba.conf provides the famous
the host based mechanism to connect to a database.
In order to add the discussed functionality
Gevik Babakhani [EMAIL PROTECTED] writes:
Would it be correct to state that: only the authentication
is checked (username and password) when connecting to the
server and not the any kind of privilege to access a database.
Well, that would be the typical usage, ie, people relying on CONNECT
On Thu, 2006-04-20 at 14:14 -0400, Tom Lane wrote:
Gevik Babakhani [EMAIL PROTECTED] writes:
Would it be correct to state that: only the authentication
is checked (username and password) when connecting to the
server and not the any kind of privilege to access a database.
Well, that
Gevik Babakhani wrote:
I'm not sure if you realize it, but this should be an extremely small
patch. In particular, if you think you need to change the parser then
you are already off on the wrong track. The parser doesn't know
anything about specific privilege types (as of 8.1 anyway).
Cool :) Thank you :)
On Thu, 2006-04-20 at 15:05 -0400, Alvaro Herrera wrote:
Gevik Babakhani wrote:
I'm not sure if you realize it, but this should be an extremely small
patch. In particular, if you think you need to change the parser then
you are already off on the wrong track.
Alvaro Herrera [EMAIL PROTECTED] writes:
It should be easy to make this code understand a new privilege type.
Another point worth making: most of the actual patch will probably
consist of teaching the ACL datatype code about another possible
bit-value in ACL masks. A lot of the generic