Re: pre-proposal: permissions made easier

Jeff Davis <pgsql@j-davis.com> writes:
> On Sun, 2009-06-28 at 14:32 -0400, Tom Lane wrote:
>> Jeff Davis <pgsql@j-davis.com> writes:
>>> My idea is to have a "GRANT mask":
>>> CREATE ROLE foo_ro GRANT (SELECT ON TABLE, USAGE ON SCHEMA) FROM foo;
>> 
>> You haven't really explained what "foo" is here.

> I meant for "foo" to be a user. "foo_ro" would be the read-only version,
> who has a strict subset of foo's permissions.

I see.  It seems like rather a complicated (and expensive) mechanism
for a pretty narrow use-case.  It'd only help for the cases where you
could define your permissions requirements that way.  I agree that
there are some such cases, but I think real-world problems tend to be
a bit more complicated than that.  I fear people would soon want
exceptions to the "strict subset" rule; and once you put that in,
the conceptual simplicity disappears, as does the ability to easily
verify what the set of GRANTs is doing.
        regards, tom lane