You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
…roups
Summary:
For grant/revoke:
Implemented GRANT / REVOKE for tablegroups. The following rights are available for
tablegroups: (ACL_CREATE). When a user has create rights on a tablegroup, they are able to create
tables within that tablegroup. Alternatively, they can do so by default if they are the owner of
that tablegroup or are a superuser. Usage is as follows:
```
GRANT { CREATE | ALL [PRIVILEGES] } ON TABLEGROUP tablegroup_name TO grant_role_spec [WITH GRANT
OPTION]
REVOKE [GRANT OPTION FOR] { CREATE | ALL [PRIVILEGES] } ON TABLEGROUP tablegroup_name FROM { [GROUP]
role_name | PUBLIC } [CASCADE | RESTRICT]
```
For alter default privileges:
At a per-database level (not per-schema as tablegroups can contain tables from multiple
schemas), a user (with sufficient privs) can define the default access privileges for all future
tablegroups and grant it to a user / role. The default access privs for non-superuser / non-owner of
a tablegroup are ACL_NO_RIGHTS. Users/roles can be granted ACL_CREATE on tablegroups which allows
them to create tables / indexes on tables they own in that tablegroup.
Usage is as follows:
```
ALTER DEFAULT PRIVILEGES GRANT { CREATE | ALL [PRIVILEGES] } ON TABLEGROUPS TO grant_role_spec [WITH
GRANT OPTION]
ALTER DEFAULT PRIVILEGSE REVOKE { CREATE | ALL [PRIVILEGES] } ON TABLEGROUPS FROM grant_role_spec
[CASCADE | RESTRICT]
```
Test Plan:
Updated the yb_tablegroup_permissions test as part of the tablegroup test suite. Can be run as
follows:
```
./yb_build.sh --java-test org.yb.pgsql.TestPgRegressTablegroup
```
Reviewers: jason, nicolas, neha
Reviewed By: neha
Subscribers: neha, yql
Differential Revision: https://phabricator.dev.yugabyte.com/D8958
Once tablegroups are implemented, we should be able to, at a database level, change the default privileges for a user on all future tablegroups.
The text was updated successfully, but these errors were encountered: