473,396 Members | 1,789 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > postgresql database > questions > proposal: grant cascade to implicit sequences

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Proposal: GRANT cascade to implicit sequences

I'd like to propose that certain GRANTs on a table cascade to the
table's implicit sequences. In the current implementation (as of
7.4.5 and 8.0.0beta3), a table owner must typically issue GRANT
statements on both the table and its sequences to allow other users
to insert records into the table. The GRANT on the sequences seems
superfluous.

Consider, for example, what's probably the most common use of
sequences: a SERIAL type representing a table's primary key:

CREATE TABLE foo (
id SERIAL PRIMARY KEY,
item VARCHAR(32) NOT NULL
);

The table owner might issue the following GRANT:

GRANT SELECT, INSERT ON foo TO otheruser;

When the other user attempts to insert a record into the table, the
insert fails:

=> INSERT INTO foo (item) VALUES ('first item');
ERROR: permission denied for sequence foo_id_seq

In addition to granting permission for the table, the table owner
must also grant permission for the sequence that represents the
primary key (UPDATE allows nextval(), SELECT allows currval()):

GRANT UPDATE, SELECT ON foo_id_seq TO otheruser;

The other user's insert now works:

=> INSERT INTO foo (item) VALUES ('first item');
INSERT 0 1

The need to issue a GRANT for the implicit sequence seems superfluous:
the ability to insert records into a table typically also implies
the ability to use the thing that generates the primary keys. I
haven't considered all cases, but it seems reasonable that at least
{GRANT | REVOKE} {INSERT | ALL} on a table should cascade to the
appropriate permissions on the table's implicit sequences.

Comments? Can anybody think of why cascading GRANT and REVOKE to
implicit sequences might be A Bad Idea?

--
Michael Fuhr
http://www.fuhr.org/~mfuhr/

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 23 '05 #1
5 4949
On Wed, Oct 13, 2004 at 12:37:35AM -0600, Michael Fuhr wrote:
Comments? Can anybody think of why cascading GRANT and REVOKE to
implicit sequences might be A Bad Idea?


In current devel sources, ALTER OWNER cascades to implicit sequences.
It may be a precedent for making GRANT and REVOKE do so too.

--
Alvaro Herrera (<alvherre[a]dcc.uchile.cl>)
"Having your biases confirmed independently is how scientific progress is
made, and hence made our great society what it is today" (Mary Gardiner)
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org

Nov 23 '05 #2
On Wed, Oct 13, 2004 at 00:37:35 -0600,
Michael Fuhr <mi**@fuhr.org> wrote:
Comments? Can anybody think of why cascading GRANT and REVOKE to
implicit sequences might be A Bad Idea?


Since you can do odd things using explicit sequences, limiting implicit
sequences to make things convenient in the common case seems like a
reasonable goal.

If you go that route it may be a good idea to not allow direct grants and
revokes on implicit sequences and just have their access rights derived from
the tables.

I also think there is some merit in splitting the access rights for nextval
and setval, so that insert access grants access to nextval and update access
grants access to setval (or perhaps both nextval and setval). That way people
who can just insert in the table can't set the sequence number backwards.

---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match

Nov 23 '05 #3

Bruno Wolff III <br***@wolff.to> writes:
I also think there is some merit in splitting the access rights for nextval
and setval, so that insert access grants access to nextval and update access
grants access to setval (or perhaps both nextval and setval). That way people
who can just insert in the table can't set the sequence number backwards.


That might be a useful thing to do to sequences in general. Being able to
grant INSERT on a sequence to allow nextval without allowing setval could be
useful even for explicit sequences.

I can't think of a good approach for migration of old pg_dumps though, so
perhaps this is more trouble than it's worth.

Implicit sequences on the other hand can be migrated easily by ignoring all
explicit grants and just looking at the grants on the table.

--
greg
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org

Nov 23 '05 #4
Greg Stark <gs*****@mit.edu> writes:
I can't think of a good approach for migration of old pg_dumps though, so
perhaps this is more trouble than it's worth.
That would probably be the major objection to any redefinition of the
meanings of the individual sequence permissions. We could possibly
invent a couple of brand new permission bits though, and stipulate that
"UPDATE" incorporates them both.
Implicit sequences on the other hand can be migrated easily by ignoring all
explicit grants and just looking at the grants on the table.


It's not really that easy. Before we hack up the permissions system like
this I'd want to see a complete solution, which this is not, because it
doesn't work in the context of rules. Consider

CREATE TABLE t (id SERIAL ...);

CREATE VIEW v AS SELECT * FROM t;

CREATE RULE r AS ON INSERT TO v DO INSTEAD INSERT INTO t ...

GRANT INSERT ON v TO joeuser;

joeuser will be able to invoke the insertion rule, but nextval() will
still fail because it doesn't know about the rule context --- it'll
see joeuser as the current user, not the owner of the rule.

Eventually I'd like to replace the nextval('foo') notation with a parsed
construct foo.nextval, which is (a) Oracle compatible, (b) able to
withstand renamings of the foo sequence, and (c) amenable to having the
permissions check done during rangetable scanning, which would fix the
rule problem. There is some discussion of this in the pghackers archives.

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ma*******@postgresql.org so that your
message can get through to the mailing list cleanly

Nov 23 '05 #5

I looked over this thread and can't see any TODO item. Having GRANT
just propogate from the table to a SERIAL sequence doesn't work because
an INSERT into a table is an UPDATE of the sequence.

Is there a TODO here?

---------------------------------------------------------------------------

Tom Lane wrote:
Greg Stark <gs*****@mit.edu> writes:
I can't think of a good approach for migration of old pg_dumps though, so
perhaps this is more trouble than it's worth.


That would probably be the major objection to any redefinition of the
meanings of the individual sequence permissions. We could possibly
invent a couple of brand new permission bits though, and stipulate that
"UPDATE" incorporates them both.
Implicit sequences on the other hand can be migrated easily by ignoring all
explicit grants and just looking at the grants on the table.


It's not really that easy. Before we hack up the permissions system like
this I'd want to see a complete solution, which this is not, because it
doesn't work in the context of rules. Consider

CREATE TABLE t (id SERIAL ...);

CREATE VIEW v AS SELECT * FROM t;

CREATE RULE r AS ON INSERT TO v DO INSTEAD INSERT INTO t ...

GRANT INSERT ON v TO joeuser;

joeuser will be able to invoke the insertion rule, but nextval() will
still fail because it doesn't know about the rule context --- it'll
see joeuser as the current user, not the owner of the rule.

Eventually I'd like to replace the nextval('foo') notation with a parsed
construct foo.nextval, which is (a) Oracle compatible, (b) able to
withstand renamings of the foo sequence, and (c) amenable to having the
permissions check done during rangetable scanning, which would fix the
rule problem. There is some discussion of this in the pghackers archives.

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to ma*******@postgresql.org so that your
message can get through to the mailing list cleanly


--
Bruce Momjian | http://candle.pha.pa.us
pg***@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 23 '05 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

9
mutable list iterators - a proposal
by: Jess Austin | last post by:
hi, I like the way that Python does lists, and I love the way it does iterators. But I've decided I don't like what it does with iterators of lists. Lists are supposed to be mutable sequences,...
Python
30
Proposal: require 7-bit source str's
by: Hallvard B Furuseth | last post by:
Now that the '-*- coding: <charset> -*-' feature has arrived, I'd like to see an addition: # -*- str7bit:True -*- After the source file has been converted to Unicode, cause a parse error if a...
Python
7
Yet another decorator proposal
by: Marco Aschwanden | last post by:
Here is yet another decorator proposal: def sumSequencesLengths(var1, var2): """Computes something very important. __decorators__: staticmethod __parameters__: var1=Sequences var2=Sequences
Python
2
Rejecting the J2 decorators proposal
by: Guido van Rossum | last post by:
Robert and Python-dev, I've read the J2 proposal up and down several times, pondered all the issues, and slept on it for a night, and I still don't like it enough to accept it. The only reason...
Python
10
Feature Proposal: Sequence .join method
by: David Murmann | last post by:
Hi all! I could not find out whether this has been proposed before (there are too many discussion on join as a sequence method with different semantics). So, i propose a generalized .join method...
Python
3
Proposal: type deduction in assigments
by: steve donovan | last post by:
Hi everyone, I was wondering if anybody had made a proposal for deducing variable type in assigments. This is in effect exactly what is happening in "Dim list As new ArrayList()" and a variant...
C# / C Sharp
1
on cascade set null works on not null columns
by: Baldur Norddahl | last post by:
Hi, I just noticed that I could do this: webshop=# create table foo (bar text not null primary key); NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "foo_pkey" for table "foo"...
PostgreSQL Database
9
python concurrency proposal
by: corey.coughlin | last post by:
Alright, so I've been following some of the arguments about enhancing parallelism in python, and I've kind of been struck by how hard things still are. It seems like what we really need is a more...
Python
4
A proposal for attribute lookup failures
by: MonkeeSage | last post by:
Proposal: When an attribute lookup fails for an object, check the top-level (and local scope?) for a corresponding function or attribute and apply it as the called attribute if found, drop...
Python
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!