Re: ALTER DEFAULT PRIVILEGES FOR ROLE is broken

On 04/29/2013 09:59 AM, Tom Lane wrote:
> Josh Berkus <josh@agliodbs.com> writes:
>> This moves the general brokenness of this feature from a bug to (a) a
>> documentation issue and (b) unusably fussy.  For (a), I think we need
>> the following line in the docs:
> 
>> DEFAULT PRIVILEGES may only be granted to a ROLE which already has
>> CREATE permission on the specified schema.
> 
> As I pointed out to you last night, it does already say that.
> I think the problem here is that we're just throwing a generic
> permissions failure rather than identifying the particular permission
> needed.

Yeah, a better error message would help a lot.  My first thought was
"WTF?  I'm the superuser, whaddya mean, 'permission denied'"?

-- 
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com