You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Doc: fix old oversights in GRANT/REVOKE documentation.
The GRANTED BY clause in GRANT/REVOKE ROLE has been there since 2005
but was never documented. I'm not sure now whether that was just an
oversight or was intentional (given the limited capability of the
option). But seeing that pg_dumpall does emit code that uses this
option, it seems like not documenting it at all is a bad idea.
Also, when we upgraded the syntax to allow CURRENT_USER/SESSION_USER
as the privilege recipient, the role form of GRANT was incorrectly
not modified to show that, and REVOKE's docs weren't touched at all.
Although I'm not that excited about GRANTED BY, the other oversight
seems serious enough to justify a back-patch.
Discussion: https://postgr.es/m/3070.1581526786@sss.pgh.pa.us
Copy file name to clipboardExpand all lines: doc/src/sgml/ref/grant.sgml
+20-4
Original file line number
Diff line number
Diff line change
@@ -79,14 +79,16 @@ GRANT { USAGE | ALL [ PRIVILEGES ] }
79
79
ON TYPE <replaceable>type_name</replaceable> [, ...]
80
80
TO <replaceable class="parameter">role_specification</replaceable> [, ...] [ WITH GRANT OPTION ]
81
81
82
+
GRANT <replaceable class="parameter">role_name</replaceable> [, ...] TO <replaceable class="parameter">role_specification</replaceable> [, ...]
83
+
[ WITH ADMIN OPTION ]
84
+
[ GRANTED BY <replaceable class="parameter">role_specification</replaceable> ]
85
+
82
86
<phrase>where <replaceable class="parameter">role_specification</replaceable> can be:</phrase>
83
87
84
88
[ GROUP ] <replaceable class="parameter">role_name</replaceable>
85
89
| PUBLIC
86
90
| CURRENT_USER
87
91
| SESSION_USER
88
-
89
-
GRANT <replaceable class="parameter">role_name</replaceable> [, ...] TO <replaceable class="parameter">role_name</replaceable> [, ...] [ WITH ADMIN OPTION ]
90
92
</synopsis>
91
93
</refsynopsisdiv>
92
94
@@ -236,10 +238,17 @@ GRANT <replaceable class="parameter">role_name</replaceable> [, ...] TO <replace
236
238
or revoke membership in any role that is not a superuser.
237
239
</para>
238
240
241
+
<para>
242
+
If <literal>GRANTED BY</literal> is specified, the grant is recorded as
243
+
having been done by the specified role. Only database superusers may
244
+
use this option, except when it names the same role executing the command.
245
+
</para>
246
+
239
247
<para>
240
248
Unlike the case with privileges, membership in a role cannot be granted
241
-
to <literal>PUBLIC</literal>. Note also that this form of the command does not
242
-
allow the noise word <literal>GROUP</literal>.
249
+
to <literal>PUBLIC</literal>. Note also that this form of the command
250
+
does not allow the noise word <literal>GROUP</literal>
251
+
in <replaceable class="parameter">role_specification</replaceable>.
243
252
</para>
244
253
</refsect2>
245
254
</refsect1>
@@ -398,6 +407,13 @@ GRANT admins TO joe;
398
407
to roles.
399
408
</para>
400
409
410
+
<para>
411
+
The SQL standard allows the <literal>GRANTED BY</literal> option to
412
+
be used in all forms of <command>GRANT</command>. PostgreSQL only
413
+
supports it when granting role membership, and even then only superusers
414
+
may use it in nontrivial ways.
415
+
</para>
416
+
401
417
<para>
402
418
The SQL standard provides for a <literal>USAGE</literal> privilege
403
419
on other kinds of objects: character sets, collations,
0 commit comments