Re: about truncate

On Thu, Jan 08, 2009 at 02:39:52PM +0200, Peter Eisentraut wrote:
> David Fetter wrote:
>> +1 for adding recursion to GRANT/REVOKE :)
>
> This area is under SQL standard control, so we can't really invent our  
> own behavior.
>
> Consider the following:
>
> CREATE TABLE persons (name, email);
> CREATE TABLE employees (grade, salary) INHERITS (persons);
>
> GRANT SELECT ON persons TO allstaff;  -- ???
> GRANT SELECT ON employees TO managers;
>
> What you want in practice is that allstaff can read only those columns  
> of employees that come from the persons table.  Both recursive and  
> nonrecursive GRANT do the wrong thing here.

What *would* do the right thing here, or would anything?

Cheers,
David (not getting into the design decisions implicit in the above
tables, which IMHO is not right)
-- 
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fetter@gmail.com

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate