From 729205571e81b4767efc42ad7beb53663e08d1ff Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Tue, 20 Dec 2011 00:05:19 +0200 Subject: Add support for privileges on types This adds support for the more or less SQL-conforming USAGE privilege on types and domains. The intent is to be able restrict which users can create dependencies on types, which restricts the way in which owners can alter types. reviewed by Yeb Havinga --- src/backend/parser/gram.y | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'src/backend/parser') diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y index c3e0ee1877d..e0ff49f048a 100644 --- a/src/backend/parser/gram.y +++ b/src/backend/parser/gram.y @@ -558,7 +558,7 @@ static void processCASbits(int cas_bits, int location, const char *constrType, TABLE TABLES TABLESPACE TEMP TEMPLATE TEMPORARY TEXT_P THEN TIME TIMESTAMP TO TRAILING TRANSACTION TREAT TRIGGER TRIM TRUE_P - TRUNCATE TRUSTED TYPE_P + TRUNCATE TRUSTED TYPE_P TYPES_P UNBOUNDED UNCOMMITTED UNENCRYPTED UNION UNIQUE UNKNOWN UNLISTEN UNLOGGED UNTIL UPDATE USER USING @@ -5434,6 +5434,14 @@ privilege_target: n->objs = $2; $$ = n; } + | DOMAIN_P any_name_list + { + PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); + n->targtype = ACL_TARGET_OBJECT; + n->objtype = ACL_OBJECT_DOMAIN; + n->objs = $2; + $$ = n; + } | LANGUAGE name_list { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); @@ -5466,6 +5474,14 @@ privilege_target: n->objs = $2; $$ = n; } + | TYPE_P any_name_list + { + PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); + n->targtype = ACL_TARGET_OBJECT; + n->objtype = ACL_OBJECT_TYPE; + n->objs = $2; + $$ = n; + } | ALL TABLES IN_P SCHEMA name_list { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); @@ -5680,6 +5696,7 @@ defacl_privilege_target: TABLES { $$ = ACL_OBJECT_RELATION; } | FUNCTIONS { $$ = ACL_OBJECT_FUNCTION; } | SEQUENCES { $$ = ACL_OBJECT_SEQUENCE; } + | TYPES_P { $$ = ACL_OBJECT_TYPE; } ; -- cgit v1.2.3