Remove old RULE privilege completely.

The RULE privilege for tables was removed in v8.2, but for backward
compatibility, GRANT/REVOKE and privilege functions like
has_table_privilege continued to accept the RULE keyword without
any effect.

After discussions on pgsql-hackers, it was agreed that this compatibility
is no longer needed. Since it's been long enough since the deprecation,
we've decided to fully remove support for RULE privilege,
so GRANT/REVOKE and privilege functions will no longer accept it.

Author: Fujii Masao
Reviewed-by: Nathan Bossart
Discussion: https://postgr.es/m/976a3581-6939-457f-b947-fc3dc836c083@oss.nttdata.com

diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index a44ccee3b681fc949c27c9ed201628f808978d08..d2abc48fd8d1f586fa92d6c1e76e0355c78a1a19 100644 (file)
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -2641,8 +2641,6 @@ string_to_privilege(const char *privname)
        return ACL_ALTER_SYSTEM;
    if (strcmp(privname, "maintain") == 0)
        return ACL_MAINTAIN;
-   if (strcmp(privname, "rule") == 0)
-       return 0;               /* ignore old RULE privileges */
    ereport(ERROR,
            (errcode(ERRCODE_SYNTAX_ERROR),
             errmsg("unrecognized privilege type \"%s\"", privname)));

diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index d7b39140b3d2210273a1e74d6ca69acac4e6a38e..4ad222b8d10b5d3bb6b703884ed0c33ed93ab721 100644 (file)
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -341,9 +341,6 @@ aclparse(const char *s, AclItem *aip, Node *escontext)
            case ACL_MAINTAIN_CHR:
                read = ACL_MAINTAIN;
                break;
-           case 'R':           /* ignore old RULE privileges */
-               read = 0;
-               break;
            default:
                ereturn(escontext, NULL,
                        (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
@@ -1639,7 +1636,6 @@ makeaclitem(PG_FUNCTION_ARGS)
        {"SET", ACL_SET},
        {"ALTER SYSTEM", ACL_ALTER_SYSTEM},
        {"MAINTAIN", ACL_MAINTAIN},
-       {"RULE", 0},            /* ignore old RULE privileges */
        {NULL, 0}
    };
 
@@ -2063,8 +2059,6 @@ convert_table_priv_string(text *priv_type_text)
        {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
        {"MAINTAIN", ACL_MAINTAIN},
        {"MAINTAIN WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_MAINTAIN)},
-       {"RULE", 0},            /* ignore old RULE privileges */
-       {"RULE WITH GRANT OPTION", 0},
        {NULL, 0}
    };
 

diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out
index fab0cc800fcdd87c27dcddc934525bfe4b02d672..430f09711498380f36ab21db7c9be7908109c787 100644 (file)
--- a/src/test/regress/expected/privileges.out
+++ b/src/test/regress/expected/privileges.out
@@ -1422,15 +1422,6 @@ from (select oid from pg_roles where rolname = current_user) as t2;
  t
 (1 row)
 
--- 'rule' privilege no longer exists, but for backwards compatibility
--- has_table_privilege still recognizes the keyword and says FALSE
-select has_table_privilege(current_user,t1.oid,'rule')
-from (select oid from pg_class where relname = 'pg_authid') as t1;
- has_table_privilege 
----------------------
- f
-(1 row)
-
 select has_table_privilege(current_user,t1.oid,'references')
 from (select oid from pg_class where relname = 'pg_authid') as t1;
  has_table_privilege 

diff --git a/src/test/regress/sql/privileges.sql b/src/test/regress/sql/privileges.sql
index ae338e8cc8ea6e15209a50af908e28be98e5bd83..e55b32f9d45b5919a7c0830230c601d3d2de4bdd 100644 (file)
--- a/src/test/regress/sql/privileges.sql
+++ b/src/test/regress/sql/privileges.sql
@@ -1004,10 +1004,6 @@ from (select oid from pg_roles where rolname = current_user) as t2;
 select has_table_privilege(t2.oid,'pg_authid','delete')
 from (select oid from pg_roles where rolname = current_user) as t2;
 
--- 'rule' privilege no longer exists, but for backwards compatibility
--- has_table_privilege still recognizes the keyword and says FALSE
-select has_table_privilege(current_user,t1.oid,'rule')
-from (select oid from pg_class where relname = 'pg_authid') as t1;
 select has_table_privilege(current_user,t1.oid,'references')
 from (select oid from pg_class where relname = 'pg_authid') as t1;