Received: from maia.hub.org (maia-5.hub.org [200.46.204.29])
	by mail.postgresql.org (Postfix) with ESMTP id 5047AB5DC1A
	for <pgsql-docs-postgresql.org@mail.postgresql.org>;
	Sat, 15 Oct 2011 11:08:19 -0300 (ADT)
Received: from mail.postgresql.org ([200.46.204.86])
	by maia.hub.org (mx1.hub.org [200.46.204.29]) (amavisd-maia, port 10024)
	with ESMTP id 58781-01 for
	<pgsql-docs-postgresql.org@mail.postgresql.org>;
	Sat, 15 Oct 2011 14:08:12 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.8.0-rc2
Received: from momjian.us (momjian.us [70.90.9.53])
	by mail.postgresql.org (Postfix) with ESMTP id 4D7E7B5DC1C
	for <pgsql-docs@postgresql.org>; Sat, 15 Oct 2011 11:08:12 -0300 (ADT)
Received: (from bruce@localhost) by momjian.us (8.11.6/8.11.6) id
 p9FE8CK02232;
	Sat, 15 Oct 2011 10:08:12 -0400 (EDT)
From: Bruce Momjian <bruce@momjian.us>
Message-Id: <201110151408.p9FE8CK02232@momjian.us>
Subject: Re: DROP TABLE can be issued by schema owner as well
 as table owner
In-Reply-To: 
 <CA+TgmoYTJgMpkeNV=QUr=rEL5z=fGpceTUy8Y11pPxNax9Q0yw@mail.gmail.com>
To: Robert Haas <robertmhaas@gmail.com>
Date: Sat, 15 Oct 2011 10:08:11 -0400 (EDT)
CC: Derrick Rice <derrick.rice@gmail.com>, pgsql-docs@postgresql.org
X-Mailer: ELM [version 2.4ME+ PL124 (25)]
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="ELM1318687691-6644-1_"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: Maia Mailguard 1.0.1
X-Spam-Status: No, hits=-2.404 tagged_above=-5 required=5 tests=BAYES_00=-1.9,
	RP_MATCHES_RCVD=-0.504
X-Spam-Level: 
X-Archive-Number: 201110/52
X-Sequence-Number: 7052


--ELM1318687691-6644-1_
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"


Robert Haas wrote:
> On Fri, Oct 14, 2011 at 11:11 AM, Bruce Momjian <bruce@momjian.us> wrote:
> > Robert Haas wrote:
> >> On Thu, Oct 13, 2011 at 10:06 AM, Bruce Momjian <bruce@momjian.us> wrote:
> >> > I applied the following documentation patch to clarify this issue, and
> >> > used generic wording "user with the proper permissions".
> >>
> >> That doesn't seem like an improvement; what permissions are proper?
> >
> > No idea, but it hints that other users can do it too. ?I thought too
> > specific was too complex for this case.
> 
> I disagree.  I think it's the purpose of documentation to be specific.
>  The code says:
> 
>         /* Allow DROP to either table owner or schema owner */
>         if (!pg_class_ownercheck(relOid, GetUserId()) &&
>             !pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
>             aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
>                            rel->relname);
> 
> So the command can be executed by the owner of the table, the owner of
> the containing schema, or the superuser.
> 
> That seems simple enough.

OK, done.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + It's impossible for everything to be true. +

--ELM1318687691-6644-1_
Content-Transfer-Encoding: 7bit
Content-Type: text/x-diff
Content-Disposition: inline; filename="/rtmp/drop"

diff --git a/doc/src/sgml/ref/drop_table.sgml b/doc/src/sgml/ref/drop_table.sgml
new file mode 100644
index 239767f..fc51c7c
*** a/doc/src/sgml/ref/drop_table.sgml
--- b/doc/src/sgml/ref/drop_table.sgml
*************** DROP TABLE [ IF EXISTS ] <replaceable cl
*** 30,36 ****
  
    <para>
     <command>DROP TABLE</command> removes tables from the database.
!    Only its owner and users with the proper permissions can drop a
     table.  To empty a table of rows
     without destroying the table, use <xref linkend="sql-delete">
     or <xref linkend="sql-truncate">.
--- 30,36 ----
  
    <para>
     <command>DROP TABLE</command> removes tables from the database.
!    Only the table owner, the schema owner, and superuser can drop a
     table.  To empty a table of rows
     without destroying the table, use <xref linkend="sql-delete">
     or <xref linkend="sql-truncate">.

--ELM1318687691-6644-1_--