diff options
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/ddl.sgml | 4 | ||||
| -rw-r--r-- | doc/src/sgml/func.sgml | 4 | ||||
| -rw-r--r-- | doc/src/sgml/information_schema.sgml | 14 | ||||
| -rw-r--r-- | doc/src/sgml/ref/grant.sgml | 26 | ||||
| -rw-r--r-- | doc/src/sgml/ref/lock.sgml | 5 | ||||
| -rw-r--r-- | doc/src/sgml/ref/revoke.sgml | 4 | ||||
| -rw-r--r-- | doc/src/sgml/ref/truncate.sgml | 5 | ||||
| -rw-r--r-- | doc/src/sgml/user-manag.sgml | 4 |
8 files changed, 40 insertions, 26 deletions
diff --git a/doc/src/sgml/ddl.sgml b/doc/src/sgml/ddl.sgml index 183d1e89f5f..94341df0f4b 100644 --- a/doc/src/sgml/ddl.sgml +++ b/doc/src/sgml/ddl.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/ddl.sgml,v 1.82 2008/05/09 23:32:03 tgl Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/ddl.sgml,v 1.83 2008/09/08 00:47:40 tgl Exp $ --> <chapter id="ddl"> <title>Data Definition</title> @@ -1356,7 +1356,7 @@ ALTER TABLE products RENAME TO items; <para> There are several different privileges: <literal>SELECT</>, <literal>INSERT</>, <literal>UPDATE</>, <literal>DELETE</>, - <literal>REFERENCES</>, <literal>TRIGGER</>, + <literal>TRUNCATE</>, <literal>REFERENCES</>, <literal>TRIGGER</>, <literal>CREATE</>, <literal>CONNECT</>, <literal>TEMPORARY</>, <literal>EXECUTE</>, and <literal>USAGE</>. The privileges applicable to a particular diff --git a/doc/src/sgml/func.sgml b/doc/src/sgml/func.sgml index c03863af99a..cb4e6f991b1 100644 --- a/doc/src/sgml/func.sgml +++ b/doc/src/sgml/func.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.445 2008/09/07 01:29:36 momjian Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.446 2008/09/08 00:47:40 tgl Exp $ --> <chapter id="functions"> <title>Functions and Operators</title> @@ -11369,7 +11369,7 @@ SELECT has_function_privilege('joeuser', 'myfunc(int, text)', 'execute'); The desired access privilege type is specified by a text string, which must evaluate to one of the values <literal>SELECT</literal>, <literal>INSERT</literal>, - <literal>UPDATE</literal>, <literal>DELETE</literal>, + <literal>UPDATE</literal>, <literal>DELETE</literal>, <literal>TRUNCATE</>, <literal>REFERENCES</literal>, or <literal>TRIGGER</literal>. (Case of the string is not significant, however.) An example is: diff --git a/doc/src/sgml/information_schema.sgml b/doc/src/sgml/information_schema.sgml index d4d51a34a03..7289e0bd456 100644 --- a/doc/src/sgml/information_schema.sgml +++ b/doc/src/sgml/information_schema.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/information_schema.sgml,v 1.33 2007/02/20 23:14:19 momjian Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/information_schema.sgml,v 1.34 2008/09/08 00:47:40 tgl Exp $ --> <chapter id="information-schema"> <title>The Information Schema</title> @@ -2820,9 +2820,9 @@ ORDER BY c.ordinal_position; <entry><type>character_data</type></entry> <entry> Type of the privilege: <literal>SELECT</literal>, - <literal>DELETE</literal>, <literal>INSERT</literal>, - <literal>UPDATE</literal>, <literal>REFERENCES</literal>, - or <literal>TRIGGER</literal> + <literal>INSERT</literal>, <literal>UPDATE</literal>, + <literal>DELETE</literal>, <literal>TRUNCATE</literal>, + <literal>REFERENCES</literal>, or <literal>TRIGGER</literal> </entry> </row> @@ -4406,9 +4406,9 @@ ORDER BY c.ordinal_position; <entry><type>character_data</type></entry> <entry> Type of the privilege: <literal>SELECT</literal>, - <literal>DELETE</literal>, <literal>INSERT</literal>, - <literal>UPDATE</literal>, <literal>REFERENCES</literal>, - or <literal>TRIGGER</literal> + <literal>INSERT</literal>, <literal>UPDATE</literal>, + <literal>DELETE</literal>, <literal>TRUNCATE</literal>, + <literal>REFERENCES</literal>, or <literal>TRIGGER</literal> </entry> </row> diff --git a/doc/src/sgml/ref/grant.sgml b/doc/src/sgml/ref/grant.sgml index c80a33c5074..295a7646575 100644 --- a/doc/src/sgml/ref/grant.sgml +++ b/doc/src/sgml/ref/grant.sgml @@ -1,5 +1,5 @@ <!-- -$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.70 2008/07/03 15:59:55 petere Exp $ +$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.71 2008/09/08 00:47:40 tgl Exp $ PostgreSQL documentation --> @@ -20,7 +20,7 @@ PostgreSQL documentation <refsynopsisdiv> <synopsis> -GRANT { { SELECT | INSERT | UPDATE | DELETE | REFERENCES | TRIGGER } +GRANT { { SELECT | INSERT | UPDATE | DELETE | TRUNCATE | REFERENCES | TRIGGER } [,...] | ALL [ PRIVILEGES ] } ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...] TO { [ GROUP ] <replaceable class="PARAMETER">rolename</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ] @@ -193,6 +193,16 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable </varlistentry> <varlistentry> + <term>TRUNCATE</term> + <listitem> + <para> + Allows <xref linkend="sql-truncate" endterm="sql-truncate-title"> on + the specified table. + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>REFERENCES</term> <listitem> <para> @@ -421,8 +431,8 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable => \z mytable Access privileges Schema | Name | Type | Access privileges ---------+---------+-------+---------------------- - public | mytable | table | miriam=arwdxt/miriam +--------+---------+-------+----------------------- + public | mytable | table | miriam=arwdDxt/miriam : =r/miriam : admin=arw/miriam (1 row) @@ -436,6 +446,7 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable w -- UPDATE ("write") a -- INSERT ("append") d -- DELETE + D -- TRUNCATE x -- REFERENCES t -- TRIGGER X -- EXECUTE @@ -443,7 +454,7 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable C -- CREATE c -- CONNECT T -- TEMPORARY - arwdxt -- ALL PRIVILEGES (for tables) + arwdDxt -- ALL PRIVILEGES (for tables) * -- grant option for preceding privilege /yyyy -- role that granted this privilege @@ -466,7 +477,7 @@ GRANT SELECT, UPDATE, INSERT ON mytable TO admin; object type, as explained above. The first <command>GRANT</> or <command>REVOKE</> on an object will instantiate the default privileges (producing, for example, - <literal>{miriam=arwdxt/miriam}</>) and then modify them per the + <literal>{miriam=arwdDxt/miriam}</>) and then modify them per the specified request. </para> @@ -524,7 +535,8 @@ GRANT admins TO joe; <para> <productname>PostgreSQL</productname> allows an object owner to revoke his own ordinary privileges: for example, a table owner can make the table - read-only to himself by revoking his own INSERT, UPDATE, and DELETE + read-only to himself by revoking his own <literal>INSERT</>, + <literal>UPDATE</>, <literal>DELETE</>, and <literal>TRUNCATE</> privileges. This is not possible according to the SQL standard. The reason is that <productname>PostgreSQL</productname> treats the owner's privileges as having been granted by the owner to himself; therefore he diff --git a/doc/src/sgml/ref/lock.sgml b/doc/src/sgml/ref/lock.sgml index 0c2cb8fe2e4..d32e6d364c8 100644 --- a/doc/src/sgml/ref/lock.sgml +++ b/doc/src/sgml/ref/lock.sgml @@ -1,5 +1,5 @@ <!-- -$PostgreSQL: pgsql/doc/src/sgml/ref/lock.sgml,v 1.48 2006/09/16 00:30:19 momjian Exp $ +$PostgreSQL: pgsql/doc/src/sgml/ref/lock.sgml,v 1.49 2008/09/08 00:47:40 tgl Exp $ PostgreSQL documentation --> @@ -155,7 +155,8 @@ where <replaceable class="PARAMETER">lockmode</replaceable> is one of: <para> <literal>LOCK TABLE ... IN ACCESS SHARE MODE</> requires <literal>SELECT</> privileges on the target table. All other forms of <command>LOCK</> - require <literal>UPDATE</> and/or <literal>DELETE</> privileges. + require at least one of <literal>UPDATE</>, <literal>DELETE</>, or + <literal>TRUNCATE</> privileges. </para> <para> diff --git a/doc/src/sgml/ref/revoke.sgml b/doc/src/sgml/ref/revoke.sgml index 190300d5339..86cee9d760c 100644 --- a/doc/src/sgml/ref/revoke.sgml +++ b/doc/src/sgml/ref/revoke.sgml @@ -1,5 +1,5 @@ <!-- -$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.47 2008/03/03 19:17:27 momjian Exp $ +$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.48 2008/09/08 00:47:40 tgl Exp $ PostgreSQL documentation --> @@ -21,7 +21,7 @@ PostgreSQL documentation <refsynopsisdiv> <synopsis> REVOKE [ GRANT OPTION FOR ] - { { SELECT | INSERT | UPDATE | DELETE | REFERENCES | TRIGGER } + { { SELECT | INSERT | UPDATE | DELETE | TRUNCATE | REFERENCES | TRIGGER } [,...] | ALL [ PRIVILEGES ] } ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...] FROM { [ GROUP ] <replaceable class="PARAMETER">rolename</replaceable> | PUBLIC } [, ...] diff --git a/doc/src/sgml/ref/truncate.sgml b/doc/src/sgml/ref/truncate.sgml index 152b6640d8f..f4ef810ce31 100644 --- a/doc/src/sgml/ref/truncate.sgml +++ b/doc/src/sgml/ref/truncate.sgml @@ -1,5 +1,5 @@ <!-- -$PostgreSQL: pgsql/doc/src/sgml/ref/truncate.sgml,v 1.27 2008/05/17 23:36:27 tgl Exp $ +$PostgreSQL: pgsql/doc/src/sgml/ref/truncate.sgml,v 1.28 2008/09/08 00:47:40 tgl Exp $ PostgreSQL documentation --> @@ -97,7 +97,8 @@ TRUNCATE [ TABLE ] <replaceable class="PARAMETER">name</replaceable> [, ... ] <title>Notes</title> <para> - Only the owner of a table can <command>TRUNCATE</> it. + You must have the <literal>TRUNCATE</literal> privilege on a table + to truncate it. </para> <para> diff --git a/doc/src/sgml/user-manag.sgml b/doc/src/sgml/user-manag.sgml index 871aef702c7..d4d9fcc5150 100644 --- a/doc/src/sgml/user-manag.sgml +++ b/doc/src/sgml/user-manag.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.39 2007/02/01 00:28:18 momjian Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.40 2008/09/08 00:47:40 tgl Exp $ --> <chapter id="user-manag"> <title>Database Roles and Privileges</title> @@ -293,7 +293,7 @@ ALTER ROLE myname SET enable_indexscan TO off; granted. There are several different kinds of privilege: <literal>SELECT</>, <literal>INSERT</>, <literal>UPDATE</>, <literal>DELETE</>, - <literal>REFERENCES</>, <literal>TRIGGER</>, + <literal>TRUNCATE</>, <literal>REFERENCES</>, <literal>TRIGGER</>, <literal>CREATE</>, <literal>CONNECT</>, <literal>TEMPORARY</>, <literal>EXECUTE</>, and <literal>USAGE</>. For more information on the different types of privileges supported by |