Re: postgres function does not handle PUBLIC - expected?

Per my original email, we were calling the has_table_privilege function to revoke rather than simply revoking.
Thank you very much,
Sincerely,
Kasia

-----Original Message-----
From: Kevin Grittner [mailto:Kevin.Grittner@wicourts.gov]
Sent: Tuesday, August 10, 2010 1:00 PM
To: Kasia Tuszynska; Szymon Guz
Cc: pgsql-admin@postgresql.org
Subject: RE: [ADMIN] postgres function does not handle PUBLIC - expected?

Kasia Tuszynska <ktuszynska@esri.com> wrote:

> We found this issue because we can grant privs to public on a
> table, but could not revoke them.

Odd.

test=# create table t1 (c1 int primary key);
NOTICE:  CREATE TABLE / PRIMARY KEY will create implicit index
"t1_pkey" for table "t1"
CREATE TABLE
test=# grant insert on t1 to public;
GRANT
test=# revoke insert on t1 from public;
REVOKE
test=# revoke update on t1 from public;
REVOKE

> If I did not "know" that public was there how
> would I check for it's existence on Postgres?

You would need to go to the documentation.  Unfortunately, we don't
mention it on this page:

http://www.postgresql.org/docs/current/static/role-membership.html

As Andre pointed out, you can get a reasonable explanation on the
page describing the GRANT statement.

-Kevin