11<!--
2- $PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.68 2008/05/05 01:21:03 adunstan Exp $
2+ $PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.69 2008/05/28 00:45:40 tgl Exp $
33PostgreSQL documentation
44-->
55
@@ -135,10 +135,15 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable
135135 <term>SELECT</term>
136136 <listitem>
137137 <para>
138- Allows <xref linkend="sql-select" endterm="sql-select-title"> from any column of the
139- specified table, view, or sequence. Also allows the use of
140- <xref linkend="sql-copy" endterm="sql-copy-title"> TO. For sequences, this
141- privilege also allows the use of the <function>currval</function> function.
138+ Allows <xref linkend="sql-select" endterm="sql-select-title"> from
139+ any column of the specified table, view, or sequence.
140+ Also allows the use of
141+ <xref linkend="sql-copy" endterm="sql-copy-title"> TO.
142+ This privilege is also needed to reference existing column values in
143+ <xref linkend="sql-update" endterm="sql-update-title"> or
144+ <xref linkend="sql-delete" endterm="sql-delete-title">.
145+ For sequences, this privilege also allows the use of the
146+ <function>currval</function> function.
142147 </para>
143148 </listitem>
144149 </varlistentry>
@@ -147,8 +152,9 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable
147152 <term>INSERT</term>
148153 <listitem>
149154 <para>
150- Allows <xref linkend="sql-insert" endterm="sql-insert-title"> of a new row into the
151- specified table. Also allows <xref linkend="sql-copy" endterm="sql-copy-title"> FROM.
155+ Allows <xref linkend="sql-insert" endterm="sql-insert-title"> of a new
156+ row into the specified table.
157+ Also allows <xref linkend="sql-copy" endterm="sql-copy-title"> FROM.
152158 </para>
153159 </listitem>
154160 </varlistentry>
@@ -158,10 +164,15 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable
158164 <listitem>
159165 <para>
160166 Allows <xref linkend="sql-update" endterm="sql-update-title"> of any
161- column of the specified table. <literal>SELECT ... FOR UPDATE</literal>
167+ column of the specified table.
168+ (In practice, any nontrivial <command>UPDATE</> command will require
169+ <literal>SELECT</> privilege as well, since it must reference table
170+ columns to determine which rows to update, and/or to compute new
171+ values for columns.)
172+ <literal>SELECT ... FOR UPDATE</literal>
162173 and <literal>SELECT ... FOR SHARE</literal>
163- also require this privilege (besides the
164- <literal>SELECT</literal> privilege) . For sequences, this
174+ also require this privilege, in addition to the
175+ <literal>SELECT</literal> privilege. For sequences, this
165176 privilege allows the use of the <function>nextval</function> and
166177 <function>setval</function> functions.
167178 </para>
@@ -172,8 +183,11 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable
172183 <term>DELETE</term>
173184 <listitem>
174185 <para>
175- Allows <xref linkend="sql-delete" endterm="sql-delete-title"> of a row from the
176- specified table.
186+ Allows <xref linkend="sql-delete" endterm="sql-delete-title"> of a row
187+ from the specified table.
188+ (In practice, any nontrivial <command>DELETE</> command will require
189+ <literal>SELECT</> privilege as well, since it must reference table
190+ columns to determine which rows to delete.)
177191 </para>
178192 </listitem>
179193 </varlistentry>
@@ -235,7 +249,7 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable
235249 <term>TEMP</term>
236250 <listitem>
237251 <para>
238- Allows temporary tables to be created while using the database.
252+ Allows temporary tables to be created while using the specified database.
239253 </para>
240254 </listitem>
241255 </varlistentry>
0 commit comments