Re: Auditing extension for PostgreSQL (Take 2)
| От | David Steele |
|---|---|
| Тема | Re: Auditing extension for PostgreSQL (Take 2) |
| Дата | |
| Msg-id | 552EA272.1040906@pgmasters.net обсуждение исходный текст |
| Ответ на | Re: Auditing extension for PostgreSQL (Take 2) (Tatsuo Ishii <ishii@postgresql.org>) |
| Список | pgsql-hackers |
On 4/14/15 8:37 PM, Tatsuo Ishii wrote: > BTW, in my understanding pg_audit allows to track a table access even > if it's used in a view. I think this is a nice feature and it would be > better explicitly stated in the document and the test case is better > included in the regression test. > > Here is a sample session: > > CREATE TABLE test2 (id INT); > CREATE VIEW vtest2 AS SELECT * FROM test2; > GRANT SELECT ON TABLE public.test2 TO auditor; > GRANT SELECT ON TABLE public.vtest2 TO auditor; > SELECT * FROM vtest2; > NOTICE: AUDIT: SESSION,1,1,READ,SELECT,,,SELECT * FROM vtest2; > NOTICE: AUDIT: OBJECT,1,1,READ,SELECT,VIEW,public.vtest2,SELECT * FROM vtest2; > NOTICE: AUDIT: OBJECT,1,1,READ,SELECT,TABLE,public.test2,SELECT * FROM vtest2; That's the idea! In the documentation I throw around the word "relation" pretty liberally, but you are right that some clarification would be helpful. I have added a few parenthetical statements to the docs that should make them clearer. I also took your suggestion and added a view regression test. Both are in patch v9 which I attached to my previous email on this thread. Thank you for taking the time to have a look. -- - David Steele david@pgmasters.net
В списке pgsql-hackers по дате отправления: