> On 20/03/2023 13:50 CET Dominique Devienne <ddevienne@xxxxxxxxx> wrote: > > On Mon, Mar 20, 2023 at 1:18 PM Erik Wienhold <ewie@xxxxxxxxx> wrote: > > > On 20/03/2023 11:52 CET Dominique Devienne <ddevienne@xxxxxxxxx> wrote: > > > What does a NULL AclItem[] mean exactly? > > > > It means that the object has default privileges (before any GRANT or REVOKE > > is executed). For databases this means full privileges for the database owner > > and the CONNECT and TEMPORARY privileges for PUBLIC. So any user can connect > > if allowed by pg_hba.conf. > > > > https://www.postgresql.org/docs/current/ddl-priv.html > > Thanks Erik. But then, how come aclexplode() is not showing these > default/implicit privileges? > > Is there a SQL function returning those per-type default provileges? > That I could then coalesce() datacl with? Use acldefault. Pass in ownerId=0 to get the privileges for PUBLIC. https://www.postgresql.org/docs/current/functions-info.html#FUNCTIONS-ACLITEM-FN-TABLE -- Erik
