Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER

privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
author: Peter Eisentraut <peter_e@gmx.net> 2001-05-27 09:59:30 +0000
committer: Peter Eisentraut <peter_e@gmx.net> 2001-05-27 09:59:30 +0000
commit: 96147a6d1c15b7604838dcd5de5ebd771f551d96 (patch)
tree: 54ad7d06fff6c8d331194285bf3a7718630f5976 /src/backend/commands/command.c
parent: 52350c7ad965d856da74514f89b88ce4ffbd18e7 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/src/backend/commands/command.c b/src/backend/commands/command.c
index bc5153b8005..90cfba50be5 100644
--- a/src/backend/commands/command.c
+++ b/src/backend/commands/command.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.128 2001/05/21 14:22:11 wieck Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.129 2001/05/27 09:59:28 petere Exp $
  *
  * NOTES
  *	  The PerformAddAttribute() code, like most of the relation
@@ -1939,9 +1939,10 @@ LockTableCommand(LockStmt *lockstmt)
 		elog(ERROR, "LOCK TABLE: %s is not a table", lockstmt->relname);
 
 	if (lockstmt->mode == AccessShareLock)
-		aclresult = pg_aclcheck(lockstmt->relname, GetUserId(), ACL_RD);
+		aclresult = pg_aclcheck(lockstmt->relname, GetUserId(), ACL_SELECT);
 	else
-		aclresult = pg_aclcheck(lockstmt->relname, GetUserId(), ACL_WR);
+		aclresult = pg_aclcheck(lockstmt->relname, GetUserId(),
+								ACL_UPDATE | ACL_DELETE);
 
 	if (aclresult != ACLCHECK_OK)
 		elog(ERROR, "LOCK TABLE: permission denied");
author	Peter Eisentraut <peter_e@gmx.net>	2001-05-27 09:59:30 +0000
committer	Peter Eisentraut <peter_e@gmx.net>	2001-05-27 09:59:30 +0000
commit	96147a6d1c15b7604838dcd5de5ebd771f551d96 (patch)
tree	54ad7d06fff6c8d331194285bf3a7718630f5976 /src/backend/commands/command.c
parent	52350c7ad965d856da74514f89b88ce4ffbd18e7 (diff)