Re: Column-Level Privileges

Stephen Frost <sfrost@snowman.net> writes:
> * Tom Lane (tgl@sss.pgh.pa.us) wrote:
>> * Some of the information_schema views are specified to respond to
>> per-column privileges; the column_privileges and columns views
>> certainly need work now to meet spec, and there might be others.

> Done.

I looked through the spec a bit.  If I'm reading it right, these
views should show columns that you have either table-level or
column-level privilege for:column_privilegescolumnskey_column_usagerole_column_grants

What's more, these views should show you tables/views that you have
column privilege on any column of, even if you haven't got any
full-table privileges:tablestable_constraintstable_privilegesviews

I thought about handling the tests for the latter by exposing
pg_attribute_aclcheck_all() as a function named something like
has_any_column_privilege().  However, that would amount to forcing a
nestloop-with-inner-indexscan join to pg_attribute for any table you
didn't have full-table privileges for; also it would bloat the syscache
in a database with lots of tables.  It might be better to expose that
join explicitly and let the planner try to decide what to do.  OTOH
I don't think the planner would be very smart about avoiding the join
if you do have full-table privileges.  Either way you slice it it could
be really slow :-(

Comments, better ideas?  Does anyone think I misread the spec?
        regards, tom lane