<para>
The <command>GRANT</command> command has two basic variants: one
- that grants privileges on a database object (table, column, view, sequence,
- database, foreign-data wrapper, foreign server, function,
+ that grants privileges on a database object (table, column, view, foreign
+ table, sequence, database, foreign-data wrapper, foreign server, function,
procedural language, schema, or tablespace), and one that grants
membership in a role. These variants are similar in many ways, but
they are different enough to be described separately.
case ACL_KIND_FOREIGN_SERVER:
whole_mask = ACL_ALL_RIGHTS_FOREIGN_SERVER;
break;
- case ACL_KIND_FOREIGN_TABLE:
- whole_mask = ACL_ALL_RIGHTS_FOREIGN_TABLE;
- break;
default:
elog(ERROR, "unrecognized object kind: %d", objkind);
/* not reached, but keep compiler quiet */
all_privileges = ACL_ALL_RIGHTS_FOREIGN_SERVER;
errormsg = gettext_noop("invalid privilege type %s for foreign server");
break;
- case ACL_OBJECT_FOREIGN_TABLE:
- all_privileges = ACL_ALL_RIGHTS_FOREIGN_TABLE;
- errormsg = gettext_noop("invalid privilege type %s for foreign table");
- break;
default:
elog(ERROR, "unrecognized GrantStmt.objtype: %d",
(int) stmt->objtype);
{
case ACL_OBJECT_RELATION:
case ACL_OBJECT_SEQUENCE:
- case ACL_OBJECT_FOREIGN_TABLE:
ExecGrant_Relation(istmt);
break;
case ACL_OBJECT_DATABASE:
{
case ACL_OBJECT_RELATION:
case ACL_OBJECT_SEQUENCE:
- case ACL_OBJECT_FOREIGN_TABLE:
foreach(cell, objnames)
{
RangeVar *relvar = (RangeVar *) lfirst(cell);
errmsg("\"%s\" is not a sequence",
NameStr(pg_class_tuple->relname))));
- /* Used GRANT FOREIGN TABLE on a non-foreign-table? */
- if (istmt->objtype == ACL_OBJECT_FOREIGN_TABLE &&
- pg_class_tuple->relkind != RELKIND_FOREIGN_TABLE)
- ereport(ERROR,
- (errcode(ERRCODE_WRONG_OBJECT_TYPE),
- errmsg("\"%s\" is not a foreign table",
- NameStr(pg_class_tuple->relname))));
-
/* Adjust the default permissions based on object type */
if (istmt->all_privs && istmt->privileges == ACL_NO_RIGHTS)
{
if (pg_class_tuple->relkind == RELKIND_SEQUENCE)
this_privileges = ACL_ALL_RIGHTS_SEQUENCE;
- else if (pg_class_tuple->relkind == RELKIND_FOREIGN_TABLE)
- this_privileges = ACL_ALL_RIGHTS_FOREIGN_TABLE;
else
this_privileges = ACL_ALL_RIGHTS_RELATION;
}
this_privileges &= (AclMode) ACL_ALL_RIGHTS_SEQUENCE;
}
}
- else if (pg_class_tuple->relkind == RELKIND_FOREIGN_TABLE)
- {
- if (this_privileges & ~((AclMode) ACL_ALL_RIGHTS_FOREIGN_TABLE))
- {
- ereport(ERROR,
- (errcode(ERRCODE_INVALID_GRANT_OPERATION),
- errmsg("foreign table \"%s\" only supports SELECT privileges",
- NameStr(pg_class_tuple->relname))));
- }
- }
else
{
if (this_privileges & ~((AclMode) ACL_ALL_RIGHTS_RELATION))
case RELKIND_SEQUENCE:
old_acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
break;
- case RELKIND_FOREIGN_TABLE:
- old_acl = acldefault(ACL_OBJECT_FOREIGN_TABLE, ownerId);
- break;
default:
old_acl = acldefault(ACL_OBJECT_RELATION, ownerId);
break;
case RELKIND_SEQUENCE:
aclkind = ACL_KIND_SEQUENCE;
break;
- case RELKIND_FOREIGN_TABLE:
- aclkind = ACL_KIND_FOREIGN_TABLE;
- break;
default:
aclkind = ACL_KIND_CLASS;
break;
this_privileges &= (AclMode) ACL_SELECT;
}
- else if (pg_class_tuple->relkind == RELKIND_FOREIGN_TABLE &&
- this_privileges & ~((AclMode) ACL_SELECT))
- {
- /* Foreign tables have the same restriction as sequences. */
- ereport(WARNING,
- (errcode(ERRCODE_INVALID_GRANT_OPERATION),
- errmsg("foreign table \"%s\" only supports SELECT column privileges",
- NameStr(pg_class_tuple->relname))));
- this_privileges &= (AclMode) ACL_SELECT;
- }
expand_col_privileges(col_privs->cols, relOid,
this_privileges,
gettext_noop("permission denied for foreign-data wrapper %s"),
/* ACL_KIND_FOREIGN_SERVER */
gettext_noop("permission denied for foreign server %s"),
- /* ACL_KIND_FOREIGN_TABLE */
- gettext_noop("permission denied for foreign table %s"),
/* ACL_KIND_EXTENSION */
gettext_noop("permission denied for extension %s"),
};
gettext_noop("must be owner of foreign-data wrapper %s"),
/* ACL_KIND_FOREIGN_SERVER */
gettext_noop("must be owner of foreign server %s"),
- /* ACL_KIND_FOREIGN_TABLE */
- gettext_noop("must be owner of foreign table %s"),
/* ACL_KIND_EXTENSION */
gettext_noop("must be owner of extension %s"),
};
case RELKIND_SEQUENCE:
acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
break;
- case RELKIND_FOREIGN_TABLE:
- acl = acldefault(ACL_OBJECT_FOREIGN_TABLE, ownerId);
- break;
default:
acl = acldefault(ACL_OBJECT_RELATION, ownerId);
break;
projects / users / c2main / postgres.git / commitdiff