diff options
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/func.sgml | 8 | ||||
| -rw-r--r-- | doc/src/sgml/ref/grant.sgml | 43 | ||||
| -rw-r--r-- | doc/src/sgml/ref/revoke.sgml | 67 | ||||
| -rw-r--r-- | doc/src/sgml/release.sgml | 3 |
4 files changed, 78 insertions, 43 deletions
diff --git a/doc/src/sgml/func.sgml b/doc/src/sgml/func.sgml index 830d71779a5..b3de02ef067 100644 --- a/doc/src/sgml/func.sgml +++ b/doc/src/sgml/func.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/func.sgml,v 1.135 2003/01/23 01:22:59 tgl Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/func.sgml,v 1.136 2003/01/23 23:38:51 petere Exp $ PostgreSQL documentation --> @@ -5787,6 +5787,12 @@ SELECT has_table_privilege('myschema.mytable', 'select'); </para> <para> + To evaluate whether a user holds a grant option on the privilege, + append <literal> WITH GRANT OPTION</literal> to the privilege key + word; for example <literal>'UPDATE WITH GRANT OPTION'</literal>. + </para> + + <para> <xref linkend="functions-misc-schema-table"> shows functions that determine whether a certain object is <firstterm>visible</> in the current schema search path. A table is said to be visible if its diff --git a/doc/src/sgml/ref/grant.sgml b/doc/src/sgml/ref/grant.sgml index d8830498c69..5457a950ed1 100644 --- a/doc/src/sgml/ref/grant.sgml +++ b/doc/src/sgml/ref/grant.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.31 2002/11/21 23:34:43 petere Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.32 2003/01/23 23:38:53 petere Exp $ PostgreSQL documentation --> @@ -19,23 +19,23 @@ PostgreSQL documentation GRANT { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,...] | ALL [ PRIVILEGES ] } ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...] - TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] + TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ] GRANT { { CREATE | TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] } ON DATABASE <replaceable>dbname</replaceable> [, ...] - TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] + TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ] GRANT { EXECUTE | ALL [ PRIVILEGES ] } ON FUNCTION <replaceable>funcname</replaceable> ([<replaceable>type</replaceable>, ...]) [, ...] - TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] + TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ] GRANT { USAGE | ALL [ PRIVILEGES ] } ON LANGUAGE <replaceable>langname</replaceable> [, ...] - TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] + TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ] GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] } ON SCHEMA <replaceable>schemaname</replaceable> [, ...] - TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] + TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ] </synopsis> </refsynopsisdiv> @@ -63,13 +63,18 @@ GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] } <para> There is no need to grant privileges to the creator of an object, - as the creator has all privileges by default. - (The creator could, however, choose to revoke - some of his own privileges for safety.) Note that the ability to - grant and revoke privileges is inherent in the creator and cannot - be lost. The right to drop an object, or to alter it in any way - not described by a grantable right, is likewise inherent in the - creator, and cannot be granted or revoked. + as the creator has all privileges by default. (The creator could, + however, choose to revoke some of his own privileges for safety.) + Note that the right to drop an object, or to alter it in any way is + not described by a grantable right; it is inherent in the creator, + and cannot be granted or revoked. + </para> + + <para> + If <literal>WITH GRANT OPTION</literal> is specified, the recipient + of the privilege may in turn grant it to others. By default this + is not possible. Grant options can only be granted to individual + users, not groups or <literal>PUBLIC</literal>. </para> <para> @@ -269,7 +274,7 @@ lusitania=> \dp mytable Access privileges for database "lusitania" Schema | Table | Access privileges --------+---------+--------------------------------------- - public | mytable | {=r,miriam=arwdRxt,"group todos=arw"} + public | mytable | {=r/postgres,miriam=arwdRxt/postgres,"group todos=arw/postgres"} (1 row) </programlisting> The entries shown by <command>\dp</command> are interpreted thus: @@ -290,6 +295,9 @@ lusitania=> \dp mytable C -- CREATE T -- TEMPORARY arwdRxt -- ALL PRIVILEGES (for tables) + * -- grant option for preceding privilege + + /yyyy -- user who granted this privilege </programlisting> The above example display would be seen by user <literal>miriam</> after @@ -346,13 +354,12 @@ GRANT ALL PRIVILEGES ON kinds TO manuel; </para> <para> - The <acronym>SQL92</acronym> syntax for GRANT allows setting - privileges for individual columns within a table, and allows - setting a privilege to grant the same privileges to others: + The <acronym>SQL</acronym> syntax for <literal>GRANT</literal> + allows setting privileges for individual columns within a table: <synopsis> GRANT <replaceable class="PARAMETER">privilege</replaceable> [, ...] - ON <replaceable class="PARAMETER">object</replaceable> [ ( <replaceable class="PARAMETER">column</replaceable> [, ...] ) ] [, ...] + ON <replaceable class="PARAMETER">table</replaceable> [ ( <replaceable class="PARAMETER">column</replaceable> [, ...] ) ] [, ...] TO { PUBLIC | <replaceable class="PARAMETER">username</replaceable> [, ...] } [ WITH GRANT OPTION ] </synopsis> </para> diff --git a/doc/src/sgml/ref/revoke.sgml b/doc/src/sgml/ref/revoke.sgml index 345024bb7cc..e2ec87d5e7f 100644 --- a/doc/src/sgml/ref/revoke.sgml +++ b/doc/src/sgml/ref/revoke.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.24 2003/01/10 11:02:51 petere Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.25 2003/01/23 23:38:53 petere Exp $ PostgreSQL documentation --> @@ -16,31 +16,36 @@ PostgreSQL documentation <refsynopsisdiv> <synopsis> -REVOKE { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } +REVOKE [ GRANT OPTION FOR ] + { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,...] | ALL [ PRIVILEGES ] } ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...] FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] - [ RESTRICT ] + [ CASCADE | RESTRICT ] -REVOKE { { CREATE | TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] } +REVOKE [ GRANT OPTION FOR ] + { { CREATE | TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] } ON DATABASE <replaceable>dbname</replaceable> [, ...] FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] - [ RESTRICT ] + [ CASCADE | RESTRICT ] -REVOKE { EXECUTE | ALL [ PRIVILEGES ] } +REVOKE [ GRANT OPTION FOR ] + { EXECUTE | ALL [ PRIVILEGES ] } ON FUNCTION <replaceable>funcname</replaceable> ([<replaceable>type</replaceable>, ...]) [, ...] FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] - [ RESTRICT ] + [ CASCADE | RESTRICT ] -REVOKE { USAGE | ALL [ PRIVILEGES ] } +REVOKE [ GRANT OPTION FOR ] + { USAGE | ALL [ PRIVILEGES ] } ON LANGUAGE <replaceable>langname</replaceable> [, ...] FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] - [ RESTRICT ] + [ CASCADE | RESTRICT ] -REVOKE { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] } +REVOKE [ GRANT OPTION FOR ] + { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] } ON SCHEMA <replaceable>schemaname</replaceable> [, ...] FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] - [ RESTRICT ] + [ CASCADE | RESTRICT ] </synopsis> </refsynopsisdiv> @@ -70,8 +75,22 @@ REVOKE { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] } </para> <para> - The <literal>RESTRICT</literal> key word is currently only noise. - See also the compatibility notes below. + If <literal>GRANT OPTION FOR</literal> is specified, only the grant + option for the privilege is revoked, not the privilege itself. + </para> + + <para> + If a user holds a privilege with grant option and has granted it to + other users then the privileges held by those other users are + called dependent privileges. If the privilege or the grant option + held by the first user is being revoked and dependent privileges + exist, those dependent privileges are also revoked if + <literal>CASCADE</literal> is specified, else the revoke action + will fail. This recursive revocation only affects privileges that + were granted through a chain of users that is traceable to the user + that is the subject of this <literal>REVOKE</literal> command. + Thus, the affected users may effectively keep the privilege if it + was also granted through other users. </para> </refsect1> @@ -83,6 +102,16 @@ REVOKE { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] } display the privileges granted on existing objects. See also <xref linkend="sql-grant" endterm="sql-grant-title"> for information about the format. </para> + + <para> + A user can only revoke privileges that were granted directly by + that user. If, for example, user A has granted a privilege with + grant option to user B, and user B has in turned granted it to user + C, then user A cannot revoke the privilege directly from C. + Instead, user A could revoke the grant option from user B and use + the <literal>CASCADE</literal> option so that the privilege is + automatically revoked from user C. + </para> </refsect1> <refsect1 id="SQL-REVOKE-examples"> @@ -122,16 +151,8 @@ REVOKE [ GRANT OPTION FOR ] { SELECT | INSERT | UPDATE | DELETE | REFERENCES } FROM { PUBLIC | <replaceable class="parameter">username</replaceable> [, ...] } { RESTRICT | CASCADE } </synopsis> - </para> - - <para> - If user1 gives a privilege WITH GRANT OPTION to user2, - and user2 gives it to user3 then user1 can revoke - this privilege in cascade using the CASCADE keyword. - If user1 gives a privilege WITH GRANT OPTION to user2, - and user2 gives it to user3, then if user1 tries to revoke - this privilege it fails if he specifies the RESTRICT - keyword. + One of <literal>RESTRICT</literal> or <literal>CASCADE</literal> + is required. </para> </refsect2> </refsect1> diff --git a/doc/src/sgml/release.sgml b/doc/src/sgml/release.sgml index 2911e1828f9..18d71f5866b 100644 --- a/doc/src/sgml/release.sgml +++ b/doc/src/sgml/release.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.179 2003/01/20 18:54:44 tgl Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.180 2003/01/23 23:38:51 petere Exp $ --> <appendix id="release"> @@ -38,6 +38,7 @@ ON COMMIT options for temp tables extra_float_digits option allows pg_dump to dump float data accurately Long options for psql and pg_dump are now available on all platforms Read-only transactions +Object owners can allow grantees to grant the privilege to others (grant option) ]]></literallayout> </sect1> |