Remove old RULE privilege completely.

The RULE privilege for tables was removed in v8.2, but for backward compatibility, GRANT/REVOKE and privilege functions like has_table_privilege continued to accept the RULE keyword without any effect. After discussions on pgsql-hackers, it was agreed that this compatibility is no longer needed. Since it's been long enough since the deprecation, we've decided to fully remove support for RULE privilege, so GRANT/REVOKE and privilege functions will no longer accept it. Author: Fujii Masao Reviewed-by: Nathan Bossart Discussion: https://postgr.es/m/976a3581-6939-457f-b947-fc3dc836c083@oss.nttdata.com
2025-05-01 01:04:50 +03:00 · 2024-09-12 19:33:44 +09:00 · 2024-09-12 19:33:44 +09:00 · fefa76f70f
commit fefa76f70f
parent 811af9786b
4 changed files with 0 additions and 21 deletions
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@ -2641,8 +2641,6 @@ string_to_privilege(const char *privname)
 		return ACL_ALTER_SYSTEM;
 	if (strcmp(privname, "maintain") == 0)
 		return ACL_MAINTAIN;
 	if (strcmp(privname, "rule") == 0)
 		return 0;				/* ignore old RULE privileges */
 	ereport(ERROR,
 			(errcode(ERRCODE_SYNTAX_ERROR),
 			 errmsg("unrecognized privilege type \"%s\"", privname)));
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@ -341,9 +341,6 @@ aclparse(const char *s, AclItem *aip, Node *escontext)
 			case ACL_MAINTAIN_CHR:
 				read = ACL_MAINTAIN;
 				break;
 			case 'R':			/* ignore old RULE privileges */
 				read = 0;
 				break;
 			default:
 				ereturn(escontext, NULL,
 						(errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
@ -1639,7 +1636,6 @@ makeaclitem(PG_FUNCTION_ARGS)
 		{"SET", ACL_SET},
 		{"ALTER SYSTEM", ACL_ALTER_SYSTEM},
 		{"MAINTAIN", ACL_MAINTAIN},
 		{"RULE", 0},			/* ignore old RULE privileges */
 		{NULL, 0}
 	};
@ -2063,8 +2059,6 @@ convert_table_priv_string(text *priv_type_text)
 		{"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
 		{"MAINTAIN", ACL_MAINTAIN},
 		{"MAINTAIN WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_MAINTAIN)},
 		{"RULE", 0},			/* ignore old RULE privileges */
 		{"RULE WITH GRANT OPTION", 0},
 		{NULL, 0}
 	};
--- a/src/test/regress/expected/privileges.out
+++ b/src/test/regress/expected/privileges.out
@ -1422,15 +1422,6 @@ from (select oid from pg_roles where rolname = current_user) as t2;
 t
 (1 row)
 -- 'rule' privilege no longer exists, but for backwards compatibility
 -- has_table_privilege still recognizes the keyword and says FALSE
 select has_table_privilege(current_user,t1.oid,'rule')
 from (select oid from pg_class where relname = 'pg_authid') as t1;
 has_table_privilege 
 ---------------------
 f
 (1 row)
 select has_table_privilege(current_user,t1.oid,'references')
 from (select oid from pg_class where relname = 'pg_authid') as t1;
 has_table_privilege 
--- a/src/test/regress/sql/privileges.sql
+++ b/src/test/regress/sql/privileges.sql
@ -1004,10 +1004,6 @@ from (select oid from pg_roles where rolname = current_user) as t2;
 select has_table_privilege(t2.oid,'pg_authid','delete')
 from (select oid from pg_roles where rolname = current_user) as t2;
 -- 'rule' privilege no longer exists, but for backwards compatibility
 -- has_table_privilege still recognizes the keyword and says FALSE
 select has_table_privilege(current_user,t1.oid,'rule')
 from (select oid from pg_class where relname = 'pg_authid') as t1;
 select has_table_privilege(current_user,t1.oid,'references')
 from (select oid from pg_class where relname = 'pg_authid') as t1;