[postgis-devel] [PostGIS] #1813: geometry_columns / geography_column table fails to take into account user permissions to table (was: geometry_columns table fails to take into account the current schema search_path)
PostGIS
trac at osgeo.org
Mon May 14 09:12:14 PDT 2012
#1813: geometry_columns / geography_column table fails to take into account user
permissions to table
---------------------+------------------------------------------------------
Reporter: chander | Owner: pramsey
Type: defect | Status: new
Priority: medium | Milestone: PostGIS 2.0.1
Component: postgis | Version: 2.0.x
Keywords: |
---------------------+------------------------------------------------------
Comment(by robe):
The geometry_columns view should follow the permission of
information_schema.tables.
Meaning, we don't care about current search path as long as the user in
question has SELECT, DELETE,UPDATE, or INSERT access to a table.
Even if a table is not in the current search path, as user can explicitly
select it by explicitly qualifying with the schema name, which many people
prefer doing.
That said it does seem like we are missing the:
has_table_privilege(c.oid, 'SELECT, INSERT, UPDATE, DELETE, TRUNCATE,
REFERENCES, TRIGGER'::text)
criteria for both geometry_columns and geography_columns. Not sure why we
left that out (perhaps the name is different in 8.4), since I vaguely
remember this coming up in conversation.
--
Ticket URL: <http://trac.osgeo.org/postgis/ticket/1813#comment:2>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.
More information about the postgis-devel
mailing list