doc - improve description of default privileges

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

doc - improve description of default privileges

Fabien COELHO-3

I have not found a convenient presentation of the default privileges for
different objects, and how to display them (if possible, not always).

The information is partly provided within the GRANT description, and not
very explicit: eg it is said that owners have all possible perms, but
which they are is not said explicitely, although they are implied by the
different GRANT sysnopsys. Then some objects are given perms for the
PUBLIC.

The attached patch tries to improve the documentation, in particular with
an added table to summarizes my findings, so that they are recorded
somewhere.

--
Fabien.

doc-default-perms-1.patch (11K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: doc - improve description of default privileges

Fabien COELHO-3

> I have not found a convenient presentation of the default privileges for
> different objects, and how to display them (if possible, not always).
>
> The information is partly provided within the GRANT description, and not very
> explicit: eg it is said that owners have all possible perms, but which they
> are is not said explicitely, although they are implied by the different GRANT
> sysnopsys. Then some objects are given perms for the PUBLIC.
>
> The attached patch tries to improve the documentation, in particular with an
> added table to summarizes my findings, so that they are recorded somewhere.
The attached fixes the tablespace entry that I forgot to fill in full.

--
Fabien.

doc-default-perms-2.patch (11K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re[2]: doc - improve description of default privileges

Brad DeJong-2
Hi Fabien,

Thanks for writing this up - in particular the psql backslash commands.

comments on the patch ...

1) I think that adding the "This privilege is abbreviated ... when
displayed." lines to the privilege descriptions is redundant. The
abbreviations are already listed after the "The entries shown by \dp are
interpreted thus:" line. Just change that line to something like "The
entries shown by the psql backslash commands, like \dp, are interpreted
thus:".

2) I think that the psql command table should go with the current text
on "Use psql's \dp command to obtain ..." rather than in the Examples
section. It seems like changing the "For non-table objects there are
other \d commands ..." line to an introductory comment like "The
following table lists the \d commands that are used for non-table
objects along with the default privileges granted to the object's owner
and PUBLIC.

3) The table title, "Default hardcoded access privileges per object's
type", seems incomplete because it does not mention the psql commands
part of the table.


------ Original Message ------
From: "Fabien COELHO" <[hidden email]>
To: "PostgreSQL Developers" <[hidden email]>
Sent: 8/4/2018 4:40:33 AM
Subject: Re: doc - improve description of default privileges

>
>>I have not found a convenient presentation of the default privileges
>>for different objects, and how to display them (if possible, not
>>always).
>>
>>The information is partly provided within the GRANT description, and
>>not very explicit: eg it is said that owners have all possible perms,
>>but which they are is not said explicitely, although they are implied
>>by the different GRANT sysnopsys. Then some objects are given perms
>>for the PUBLIC.
>>
>>The attached patch tries to improve the documentation, in particular
>>with an added table to summarizes my findings, so that they are
>>recorded somewhere.
>
>The attached fixes the tablespace entry that I forgot to fill in full.
>
>-- Fabien.


Reply | Threaded
Open this post in threaded view
|

Re[2]: doc - improve description of default privileges

Fabien COELHO-3

Hello Bradley,

> comments on the patch ...

Thanks for the review.

> 1) I think that adding the "This privilege is abbreviated ... when
> displayed." lines to the privilege descriptions is redundant. The
> abbreviations are already listed after the "The entries shown by \dp are
> interpreted thus:" line. Just change that line to something like "The entries
> shown by the psql backslash commands, like \dp, are interpreted thus:".

Ok, removed.

> 2) I think that the psql command table should go with the current text on
> "Use psql's \dp command to obtain ..." rather than in the Examples section.
> It seems like changing the "For non-table objects there are other \d commands
> ..." line to an introductory comment like "The following table lists the \d
> commands that are used for non-table objects along with the default
> privileges granted to the object's owner and PUBLIC.

Ok, moved to the previous section.

> 3) The table title, "Default hardcoded access privileges per object's type",
> seems incomplete because it does not mention the psql commands part of the
> table.

Ok, added reference to psql backslash commands in title.

Find v3 attached.

--
Fabien.

doc-default-perms-3.patch (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re[3]: doc - improve description of default privileges

Brad DeJong-2
on 2018-08-30, Fabien Coelho wrote ...
 > ... Find v3 attached. ...

Hi Fabien,

As we're coming up on the end of this commitfest ...

Is the reviewer supposed to move this to "ready for committer" or is the
author supposed to do that?

Is the reviewer supposed to explicitly state "I've looked at your v3
patch and have no further suggestions" (which is true) or is a lack of
additional comments normally taken as acceptance?


Cheers.


Reply | Threaded
Open this post in threaded view
|

Re: Re[3]: doc - improve description of default privileges

Tom Lane-2
"Bradley DeJong" <[hidden email]> writes:
> Is the reviewer supposed to move this to "ready for committer" or is the
> author supposed to do that?

The reviewer does that, indicating signoff.

                        regards, tom lane

Reply | Threaded
Open this post in threaded view
|

Re: Re[3]: doc - improve description of default privileges

Brad DeJong-2
On 2018-09-12 Tom Lane wrote ...
> The reviewer does that, indicating signoff.
Thanks. I have now changed the status to "Ready for Committer".