Module org.postgresql.pljava

Package org.postgresql.pljava.model

Interface CatalogObject.AccessControlled<T extends CatalogObject.Grant>

Type Parameters:

T - The subtype of Grant that applies to catalog objects of this type.

All Known Subinterfaces:

Attribute, Database, ProceduralLanguage, RegClass, RegClass.Known<T>, RegNamespace, RegProcedure<M>, RegRole, RegRole.Grantee, RegType, RegType.Unresolved

Enclosing interface:

CatalogObject

public static interface CatalogObject.AccessControlled<T extends CatalogObject.Grant>

Interface for any catalog object with an access control list (a list of some type of Grant).

Method Summary

Modifier and Type	Method	Description
List<T>	grants()	Simple list of direct grants.
List<T>	grants(RegRole grantee)	Computed list of (possibly transitive) grants to grantee.

Method Details

grants

List<T> grants()

Simple list of direct grants.

For any T except Grant.OnRole, simply returns the list of grants directly found in this catalog object's ACL. When T is Grant.OnRole, this catalog object is a RegRole, and the result contains a Grant.OnRole for every role R that is directly a member of the role this catalog object represents; each such grant has maySetRole() by definition, and mayExercisePrivileges() if and only if R has inherit.

grants

List<T> grants(RegRole grantee)

Computed list of (possibly transitive) grants to grantee.

For any T except Grant.OnRole, a list of grants to grantee assembled from: direct grants in this object's ACL to PUBLIC, or to grantee, or to any role R for which R.grants(grantee).mayExercisePrivileges() is true.

When T is Grant.OnRole, this catalog object is a RegRole, and the result contains a Grant.OnRole for which maySetRole() is true if a membership path from grantee to this role exists, and mayExercisePrivileges() is true if such a path exists using only roles with inherit() true. (The inherit() status of this object itself is not considered.)