Hello all,
I am developing a mutli-user system using Postgres. I don't want to manage
my own user/group/permission tables, so I am going to use Postgres ones. But
I cannot parse ACLITEM types it returns. They are not convertible at all,
and the only logical operator defined on this type always returns TRUE, when
I try to find out if the certain user has certain access type to the table,
i.e.:
ikar=# SELECT relacl, relacl ~ 'user Vasya=w' AS canupdate FROM pg_class
WHERE relname = 't_order';
relacl | canupdate
-----------------+-----------
{"=","Vasya=r"} | t
(1 row)
We see, that user Vasya has only read access to the table (can only SELECT).
But the query returns TRUE when we compare this ACLITEM[] with 'user Vasya =
w' (it means that Vasya can UPDATE / DELETE the table).
Is it a bug, or I am doing something wrong?
Thanks,
Alex Bolenok.