Privileges on functions and procedural languages

doc/src/sgml/ref/create_function.sgml

@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.30 2001/12/08 03:24:34 thomas Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.31 2002/02/18 23:11:02 petere Exp $
 -->
 
 <refentry id="SQL-CREATEFUNCTION">
@@ -270,6 +270,17 @@ CREATE [ OR REPLACE ] FUNCTION <replaceable class="parameter">name</replaceable>
     definition without breaking objects that refer to the function.
    </para>
 
+  <para>
+   To be able to define a function, the user must have the
+   <literal>USAGE</literal> privilege on the language.
+  </para>
+
+  <para>
+   By default, only the owner (creator) of the function has the right
+   to execute it.  Other users must be granted the
+   <literal>EXECUTE</literal> privilege on the function to be able to
+   use it.
+  </para>
  </refsect1>
 
   
@@ -369,7 +380,9 @@ Point * complex_to_point (Complex *z)
 
   <para>
    <xref linkend="sql-dropfunction">,
+   <xref linkend="sql-grant">,
    <xref linkend="sql-load">,
+   <xref linkend="sql-revoke">,
    <citetitle>PostgreSQL Programmer's Guide</citetitle>
   </para>
  </refsect1>

doc/src/sgml/ref/create_language.sgml

@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_language.sgml,v 1.20 2001/12/08 03:24:34 thomas Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_language.sgml,v 1.21 2002/02/18 23:11:02 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -203,8 +203,8 @@ ERROR:  PL handler function <replaceable class="parameter">funcname</replaceable
    lanname   | lanispl | lanpltrusted | lanplcallfoid | lancompiler
 -------------+---------+--------------+---------------+-------------
  internal    | f       | f            |             0 | n/a
- C           | f       | f            |             0 | /bin/cc
- sql         | f       | f            |             0 | postgres
+ c           | f       | f            |             0 | /bin/cc
+ sql         | f       | t            |             0 | postgres
 </screen>
   </para>
 
@@ -212,6 +212,13 @@ ERROR:  PL handler function <replaceable class="parameter">funcname</replaceable
    At present, the definition of a procedural language cannot be
    changed once it has been created.
   </para>
+
+  <para>
+   To be able to use a procedural language, a user must be granted the
+   <literal>USAGE</literal> privilege.  The
+   <command>createlang</command> program automatically grants
+   permissions to everyone if the language is known to be trusted.
+  </para>
  </refsect1>
 
  <refsect1 id="sql-createlanguage-examples">
@@ -257,6 +264,8 @@ CREATE LANGUAGE plsample
     <member><xref linkend="sql-createfunction"></member>
     <member><xref linkend="app-droplang"></member>
     <member><xref linkend="sql-droplanguage"></member>
+    <member><xref linkend="sql-grant"></member>
+    <member><xref linkend="sql-revoke"></member>
     <member><citetitle>PostgreSQL Programmer's Guide</citetitle></member>
    </simplelist>
   </para>

doc/src/sgml/ref/grant.sgml

@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.19 2002/01/20 22:19:57 petere Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.20 2002/02/18 23:11:02 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -19,6 +19,14 @@ PostgreSQL documentation
 GRANT { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,...] | ALL [ PRIVILEGES ] }
     ON [ TABLE ] <replaceable class="PARAMETER">objectname</replaceable> [, ...]
     TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
+
+GRANT { EXECUTE | ALL [ PRIVILEGES ] }
+    ON FUNCTION <replaceable>funcname</replaceable> ([<replaceable>type</replaceable>, ...]) [, ...]
+    TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
+
+GRANT { USAGE | ALL [ PRIVILEGES ] }
+    ON LANGUAGE <replaceable>langname</replaceable> [, ...]
+    TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
 </synopsis>
  </refsynopsisdiv>
 
@@ -27,8 +35,9 @@ GRANT { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,..
 
   <para>
    The <command>GRANT</command> command gives specific permissions on
-   an object (table, view, sequence) to one or more users or groups of users.
-   These permissions are added to those already granted, if any.
+   an object (table, view, sequence, function, procedural language) to
+   one or more users or groups of users.  These permissions are added
+   to those already granted, if any.
   </para>
 
   <para>
@@ -134,14 +143,36 @@ GRANT { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,..
      </listitem>
     </varlistentry>
 
+    <varlistentry>
+     <term>EXECUTE</term>
+     <listitem>
+      <para>
+       Allows the use of the specified function and the use of any
+       operators that are implemented on top of the function.  This is
+       the only type of privilege that is applicable to functions.
+      </para>
+     </listitem>
+    </varlistentry>
+
+    <varlistentry>
+     <term>USAGE</term>
+     <listitem>
+      <para>
+       Allows the use of the specified procedural language for the
+       creation of functions in that language.  This is the only type
+       of privilege that is applicable to procedural languages.
+      </para>
+     </listitem>
+    </varlistentry>
+
     <varlistentry>
      <term>ALL PRIVILEGES</term>
      <listitem>
       <para>
-       Grant all of the above privileges at once.  The
-       <literal>PRIVILEGES</literal> key word is optional in
-       <productname>PostgreSQL</productname>, though it is
-       required by strict SQL.
+       Grant all of the privileges applicable to the object at once.
+       The <literal>PRIVILEGES</literal> key word is optional in
+       <productname>PostgreSQL</productname>, though it is required by
+       strict SQL.
       </para>
      </listitem>
     </varlistentry>

doc/src/sgml/ref/revoke.sgml

@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.19 2001/12/08 03:24:39 thomas Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.20 2002/02/18 23:11:03 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -19,6 +19,14 @@ PostgreSQL documentation
 REVOKE { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,...] | ALL [ PRIVILEGES ] }
     ON [ TABLE ] <replaceable class="PARAMETER">object</replaceable> [, ...]
     FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
+
+REVOKE { EXECUTE | ALL [ PRIVILEGES ] }
+    ON FUNCTION <replaceable>funcname</replaceable> ([<replaceable>type</replaceable>, ...]) [, ...]
+    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
+
+REVOKE { USAGE | ALL [ PRIVILEGES ] }
+    ON LANGUAGE <replaceable>langname</replaceable> [, ...]
+    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
 </synopsis>
  </refsynopsisdiv>