In commit
31eae6028eca4, some documents were not updated to show the new
capability; fix that. Also, the error message you get when CURRENT_USER
and SESSION_USER are used in a context that doesn't accept them could be
clearer about it being a problem only in those contexts; so add the
word "here".
Author: Kyotaro HORIGUCHI
His patch submission also included changes to GRANT/REVOKE, but those
seemed more controversial, so I left them out. We can reconsider these
changes later.
<synopsis>
ALTER POLICY <replaceable class="parameter">name</replaceable> ON <replaceable class="parameter">table_name</replaceable>
[ RENAME TO <replaceable class="PARAMETER">new_name</replaceable> ]
- [ TO { <replaceable class="parameter">role_name</replaceable> | PUBLIC } [, ...] ]
+ [ TO { <replaceable class="parameter">role_name</replaceable> | PUBLIC | CURRENT_USER | SESSION_USER } [, ...] ]
[ USING ( <replaceable class="parameter">using_expression</replaceable> ) ]
[ WITH CHECK ( <replaceable class="parameter">check_expression</replaceable> ) ]
</synopsis>
<synopsis>
CREATE POLICY <replaceable class="parameter">name</replaceable> ON <replaceable class="parameter">table_name</replaceable>
[ FOR { ALL | SELECT | INSERT | UPDATE | DELETE } ]
- [ TO { <replaceable class="parameter">role_name</replaceable> | PUBLIC } [, ...] ]
+ [ TO { <replaceable class="parameter">role_name</replaceable> | PUBLIC | CURRENT_USER | SESSION_USER } [, ...] ]
[ USING ( <replaceable class="parameter">using_expression</replaceable> ) ]
[ WITH CHECK ( <replaceable class="parameter">check_expression</replaceable> ) ]
</synopsis>
<refsynopsisdiv>
<synopsis>
CREATE TABLESPACE <replaceable class="parameter">tablespace_name</replaceable>
- [ OWNER <replaceable class="parameter">user_name</replaceable> ]
+ [ OWNER { <replaceable>new_owner</replaceable> | CURRENT_USER | SESSION_USER } ]
LOCATION '<replaceable class="parameter">directory</replaceable>'
[ WITH ( <replaceable class="PARAMETER">tablespace_option</replaceable> = <replaceable class="PARAMETER">value</replaceable> [, ... ] ) ]
</synopsis>
<refsynopsisdiv>
<synopsis>
-DROP OWNED BY <replaceable class="PARAMETER">name</replaceable> [, ...] [ CASCADE | RESTRICT ]
+DROP OWNED BY { <replaceable class="PARAMETER">name</replaceable> | CURRENT_USER | SESSION_USER } [, ...] [ CASCADE | RESTRICT ]
</synopsis>
</refsynopsisdiv>
<refsynopsisdiv>
<synopsis>
-REASSIGN OWNED BY <replaceable class="PARAMETER">old_role</replaceable> [, ...] TO <replaceable class="PARAMETER">new_role</replaceable>
+REASSIGN OWNED BY { <replaceable class="PARAMETER">old_role</replaceable> | CURRENT_USER | SESSION_USER } [, ...]
+ TO { <replaceable class="PARAMETER">new_role</replaceable> | CURRENT_USER | SESSION_USER }
</synopsis>
</refsynopsisdiv>
case ROLESPEC_SESSION_USER:
ereport(ERROR,
(errcode(ERRCODE_RESERVED_NAME),
- errmsg("%s cannot be used as a role name",
+ errmsg("%s cannot be used as a role name here",
"SESSION_USER"),
parser_errposition(@1)));
case ROLESPEC_CURRENT_USER:
ereport(ERROR,
(errcode(ERRCODE_RESERVED_NAME),
- errmsg("%s cannot be used as a role name",
+ errmsg("%s cannot be used as a role name here",
"CURRENT_USER"),
parser_errposition(@1)));
}
CREATE ROLE "session_user";
CREATE ROLE "user";
CREATE ROLE current_user; -- error
-ERROR: CURRENT_USER cannot be used as a role name
+ERROR: CURRENT_USER cannot be used as a role name here
LINE 1: CREATE ROLE current_user;
^
CREATE ROLE current_role; -- error
LINE 1: CREATE ROLE current_role;
^
CREATE ROLE session_user; -- error
-ERROR: SESSION_USER cannot be used as a role name
+ERROR: SESSION_USER cannot be used as a role name here
LINE 1: CREATE ROLE session_user;
^
CREATE ROLE user; -- error
projects / thirdparty / postgresql.git / commitdiff
