Fix the problem of GRANTs creating "dangling" privileges not directly

traceable to grant options. As per my earlier proposal, a GRANT made by a role member has to be recorded as being granted by the role that actually holds the grant option, and not the member.
author: Tom Lane 2005-10-10 18:49:04 +0000
committer: Tom Lane 2005-10-10 18:49:04 +0000
commit: 91783061517b740e07f7dbf24f980e4641ba7d83 (patch)
tree: 75095d1d27bc494124ca5db81a095ca35a7ecb9a /src/include
parent: d7527540f2dd8f831d4a0ec82a92c59b0d0a8c62 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h
index 1f216009098..9fd551f28ca 100644
--- a/src/include/utils/acl.h
+++ b/src/include/utils/acl.h
@@ -7,7 +7,7 @@
  * Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $PostgreSQL: pgsql/src/include/utils/acl.h,v 1.83 2005/07/26 16:38:29 tgl Exp $
+ * $PostgreSQL: pgsql/src/include/utils/acl.h,v 1.84 2005/10/10 18:49:04 tgl Exp $
  *
  * NOTES
  *	  An ACL array is simply an array of AclItems, representing the union
@@ -215,6 +215,10 @@ extern bool is_member_of_role(Oid member, Oid role);
 extern bool is_admin_of_role(Oid member, Oid role);
 extern void check_is_member_of_role(Oid member, Oid role);
 
+extern void select_best_grantor(Oid roleId, AclMode privileges,
+								const Acl *acl, Oid ownerId,
+								Oid *grantorId, AclMode *grantOptions);
+
 extern void initialize_acl(void);
 
 /*
author	Tom Lane	2005-10-10 18:49:04 +0000
committer	Tom Lane	2005-10-10 18:49:04 +0000
commit	91783061517b740e07f7dbf24f980e4641ba7d83 (patch)
tree	75095d1d27bc494124ca5db81a095ca35a7ecb9a /src/include
parent	d7527540f2dd8f831d4a0ec82a92c59b0d0a8c62 (diff)