Fix documentation error: GRANT/REVOKE for roles only accept role names
as grantees, not PUBLIC ... and you can't say GROUP either. Noted by Brian Hurt.
This commit is contained in:
parent
efc861a842
commit
9649b182a1
|
@ -1,5 +1,5 @@
|
||||||
<!--
|
<!--
|
||||||
$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.59 2006/07/20 18:00:03 momjian Exp $
|
$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.60 2006/08/02 16:29:49 tgl Exp $
|
||||||
PostgreSQL documentation
|
PostgreSQL documentation
|
||||||
-->
|
-->
|
||||||
|
|
||||||
|
@ -50,8 +50,7 @@ GRANT { CREATE | ALL [ PRIVILEGES ] }
|
||||||
ON TABLESPACE <replaceable>tablespacename</> [, ...]
|
ON TABLESPACE <replaceable>tablespacename</> [, ...]
|
||||||
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ]
|
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ]
|
||||||
|
|
||||||
GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
|
GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable class="PARAMETER">username</replaceable> [, ...] [ WITH ADMIN OPTION ]
|
||||||
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH ADMIN OPTION ]
|
|
||||||
</synopsis>
|
</synopsis>
|
||||||
</refsynopsisdiv>
|
</refsynopsisdiv>
|
||||||
|
|
||||||
|
@ -325,6 +324,12 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
|
||||||
Roles having <literal>CREATEROLE</> privilege can grant or revoke
|
Roles having <literal>CREATEROLE</> privilege can grant or revoke
|
||||||
membership in any role that is not a superuser.
|
membership in any role that is not a superuser.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
Unlike the case with privileges, membership in a role cannot be granted
|
||||||
|
to <literal>PUBLIC</>. Note also that this form of the command does not
|
||||||
|
allow the noise word <literal>GROUP</>.
|
||||||
|
</para>
|
||||||
</refsect2>
|
</refsect2>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
<!--
|
<!--
|
||||||
$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.38 2006/04/30 21:15:33 tgl Exp $
|
$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.39 2006/08/02 16:29:49 tgl Exp $
|
||||||
PostgreSQL documentation
|
PostgreSQL documentation
|
||||||
-->
|
-->
|
||||||
|
|
||||||
|
@ -65,8 +65,7 @@ REVOKE [ GRANT OPTION FOR ]
|
||||||
[ CASCADE | RESTRICT ]
|
[ CASCADE | RESTRICT ]
|
||||||
|
|
||||||
REVOKE [ ADMIN OPTION FOR ]
|
REVOKE [ ADMIN OPTION FOR ]
|
||||||
<replaceable class="PARAMETER">role</replaceable> [, ...]
|
<replaceable class="PARAMETER">role</replaceable> [, ...] FROM <replaceable class="PARAMETER">username</replaceable> [, ...]
|
||||||
FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
|
|
||||||
[ CASCADE | RESTRICT ]
|
[ CASCADE | RESTRICT ]
|
||||||
</synopsis>
|
</synopsis>
|
||||||
</refsynopsisdiv>
|
</refsynopsisdiv>
|
||||||
|
@ -119,6 +118,8 @@ REVOKE [ ADMIN OPTION FOR ]
|
||||||
<para>
|
<para>
|
||||||
When revoking membership in a role, <literal>GRANT OPTION</> is instead
|
When revoking membership in a role, <literal>GRANT OPTION</> is instead
|
||||||
called <literal>ADMIN OPTION</>, but the behavior is similar.
|
called <literal>ADMIN OPTION</>, but the behavior is similar.
|
||||||
|
Note also that this form of the command does not
|
||||||
|
allow the noise word <literal>GROUP</>.
|
||||||
</para>
|
</para>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.35 2006/04/30 21:15:32 tgl Exp $ -->
|
<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.36 2006/08/02 16:29:49 tgl Exp $ -->
|
||||||
|
|
||||||
<chapter id="user-manag">
|
<chapter id="user-manag">
|
||||||
<title>Database Roles and Privileges</title>
|
<title>Database Roles and Privileges</title>
|
||||||
|
@ -375,7 +375,9 @@ REVOKE <replaceable>group_role</replaceable> FROM <replaceable>role1</replaceabl
|
||||||
</synopsis>
|
</synopsis>
|
||||||
You can grant membership to other group roles, too (since there isn't
|
You can grant membership to other group roles, too (since there isn't
|
||||||
really any distinction between group roles and non-group roles). The
|
really any distinction between group roles and non-group roles). The
|
||||||
only restriction is that you can't set up circular membership loops.
|
database will not let you set up circular membership loops. Also,
|
||||||
|
it is not permitted to grant membership in a role to
|
||||||
|
<literal>PUBLIC</literal>.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
|
|
Loading…
Reference in a new issue