Fix documentation error: GRANT/REVOKE for roles only accept role names

as grantees, not PUBLIC ... and you can't say GROUP either. Noted by Brian Hurt.
20 years ago · dc84334f1e
parent 8aa826a965
commit dc84334f1e
3 changed files with 16 additions and 8 deletions
--- a/doc/src/sgml/ref/grant.sgml
+++ b/doc/src/sgml/ref/grant.sgml
@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.50 2005/10/20 19:18:01 tgl Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.50.2.1 2006/08/02 16:30:00 tgl Exp $
 PostgreSQL documentation
 -->

@ -45,8 +45,7 @@ GRANT { CREATE | ALL [ PRIVILEGES ] }
    ON TABLESPACE <replaceable>tablespacename</> [, ...]
    TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ]

-GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
-    TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH ADMIN OPTION ]
+GRANT <replaceable class="PARAMETER">role</replaceable> [, ...] TO <replaceable class="PARAMETER">username</replaceable> [, ...] [ WITH ADMIN OPTION ]
 </synopsis>
 </refsynopsisdiv>

@ -300,6 +299,12 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
   Roles having <literal>CREATEROLE</> privilege can grant or revoke
   membership in any role that is not a superuser.
  </para>
+
+  <para>
+   Unlike the case with privileges, membership in a role cannot be granted
+   to <literal>PUBLIC</>.  Note also that this form of the command does not
+   allow the noise word <literal>GROUP</>.
+  </para>
 </refsect2>
 </refsect1>

--- a/doc/src/sgml/ref/revoke.sgml
+++ b/doc/src/sgml/ref/revoke.sgml
@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.35 2005/10/20 19:18:01 tgl Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.35.2.1 2006/08/02 16:30:00 tgl Exp $
 PostgreSQL documentation
 -->

@ -58,8 +58,7 @@ REVOKE [ GRANT OPTION FOR ]
    [ CASCADE | RESTRICT ]

 REVOKE [ ADMIN OPTION FOR ]
-    <replaceable class="PARAMETER">role</replaceable> [, ...]
-    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
+    <replaceable class="PARAMETER">role</replaceable> [, ...] FROM <replaceable class="PARAMETER">username</replaceable> [, ...]
    [ CASCADE | RESTRICT ]
 </synopsis>
 </refsynopsisdiv>
@ -112,6 +111,8 @@ REVOKE [ ADMIN OPTION FOR ]
  <para>
   When revoking membership in a role, <literal>GRANT OPTION</> is instead
   called <literal>ADMIN OPTION</>, but the behavior is similar.
+   Note also that this form of the command does not
+   allow the noise word <literal>GROUP</>.
  </para>
 </refsect1>

--- a/doc/src/sgml/user-manag.sgml
+++ b/doc/src/sgml/user-manag.sgml
@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.33 2005/10/20 19:18:00 tgl Exp $
+$PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.33.2.1 2006/08/02 16:29:59 tgl Exp $
 -->

 <chapter id="user-manag">
@ -377,7 +377,9 @@ REVOKE <replaceable>group_role</replaceable> FROM <replaceable>role1</replaceabl
 </synopsis>
   You can grant membership to other group roles, too (since there isn't
   really any distinction between group roles and non-group roles).  The
-   only restriction is that you can't set up circular membership loops.
+   database will not let you set up circular membership loops.  Also,
+   it is not permitted to grant membership in a role to
+   <literal>PUBLIC</literal>.
  </para>

  <para>