From 6c268df1276e9dd73e4d2cc89cf8787e8f186bda Mon Sep 17 00:00:00 2001 From: Stephen Frost Date: Wed, 6 Apr 2016 21:45:32 -0400 Subject: Add new catalog called pg_init_privs This new catalog holds the privileges which the system was initialized with at initdb time, along with any permissions set by extensions at CREATE EXTENSION time. This allows pg_dump (and any other similar use-cases) to detect when the privileges set on initdb-created or extension-created objects have been changed from what they were set to at initdb/extension-creation time and handle those changes appropriately. Reviews by Alexander Korotkov, Jose Luis Tallon --- doc/src/sgml/catalogs.sgml | 108 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) (limited to 'doc/src') diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 725bacee5dd..d6b60db0744 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -178,6 +178,11 @@ table inheritance hierarchy + + pg_init_privs + object initial privileges + + pg_language languages for writing functions @@ -3785,6 +3790,109 @@ + + <structname>pg_init_privs</structname> + + + pg_init_privs + + + + The catalog pg_init_privs records information about + the initial privileges of objects in the system. There is one entry + for each object in the database which has a non-default (non-NULL) + initial set of privileges. + + + + Objects can have initial privileges either by having those privileges set + when the system is initialized (by initdb) or when the + object is created during a CREATE EXTENSION and the + extension script sets initial privileges using the GRANT + system. Note that the system will automatically handle recording of the + privileges during the extension script and that extension authors need + only use the GRANT and REVOKE + statements in their script to have the privileges recorded. The + privtype column indicates if the initial privilege was + set by initdb or during a + CREATE EXTENSION command. + + + + Objects which have initial privileges set by initdb will + have entries where privtype is + 'i', while objects which have initial privileges set + by CREATE EXTENSION will have entries where + privtype is 'e'. + + + + <structname>pg_inherits</> Columns + + + + + Name + Type + References + Description + + + + + + objoid + oid + any OID column + The OID of the specific object + + + + classoid + oid + pg_class.oid + The OID of the system catalog the object is in + + + + objsubid + int4 + + + For a table column, this is the column number (the + objoid and classoid refer to the + table itself). For all other object types, this column is + zero. + + + + + privtype + char + + + A code defining the type of initial privilege of this object; see text + + + + + initprivs + aclitem[] + + + The initial access privileges; see + and + + for details + + + + + +
+ + + <structname>pg_language</structname> -- cgit v1.2.3