Re: [HACKERS] DROP PRIVILEGES OWNED BY
On Thu, Dec 18, 2014 at 1:43 AM, Marko Tiikkaja ma...@joh.to wrote: I don't have a problem with that. It would probably work, too, since FROM is already fully reserved. Marking patch as returned with feedback as there has been no input from Marko in the last couple of weeks. -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] DROP PRIVILEGES OWNED BY
On 12/15/2014 02:43 AM, Marko Tiikkaja wrote: This week I had a problem where I wanted to drop only the privileges a certain role had in the system, while keeping all the objects. I couldn't figure out a reasonable way to do that, so I've attached a patch for this to this email. Please consider it for inclusion into 9.5. The syntax is: DROP PRIVILEGES OWNED BY role [, ...] I at some point decided to implement it as a new command instead of changing DropOwnedStmt, and I think that might have been a mistake. It might have made more sense to instead teach DROP OWNED to accept a specification of which things to drop. But the proposal is more important than such details, I think. DROP seems like the wrong verb here. DROP is used for deleting objects, while REVOKE is used for removing permissions from them. REVOKE already has something similar: REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA public FROM heikki; Following that style, how about making the syntax: REVOKE ALL PRIVILEGES ON ALL OBJECTS FROM role or just: REVOKE ALL PRIVILEGES FROM role; - Heikki -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
Re: [HACKERS] DROP PRIVILEGES OWNED BY
On 12/17/14 5:37 PM, Heikki Linnakangas wrote: On 12/15/2014 02:43 AM, Marko Tiikkaja wrote: The syntax is: DROP PRIVILEGES OWNED BY role [, ...] DROP seems like the wrong verb here. DROP is used for deleting objects, while REVOKE is used for removing permissions from them. REVOKE already has something similar: REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA public FROM heikki; Following that style, how about making the syntax: REVOKE ALL PRIVILEGES FROM role; I don't have a problem with that. It would probably work, too, since FROM is already fully reserved. .marko -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
