The annotation for "ERROR: language "foo" is not trusted" used to say
"HINT: Only superusers can use untrusted languages", which was fairly
poorly thought out. For one thing, it's not a hint about what to do,
but a statement of fact, which makes it errdetail. But also, this
fails to clarify things much, because there's a missing step in the
chain of reasoning. I think it's more useful to say "GRANT and REVOKE
are not allowed on untrusted languages, because only superusers can use
untrusted languages".
It's been like this for a long time, but given the lack of previous
complaints, I don't think this is worth back-patching.
Discussion: <1417.
1466289901@sss.pgh.pa.us>
(errcode(ERRCODE_WRONG_OBJECT_TYPE),
errmsg("language \"%s\" is not trusted",
NameStr(pg_language_tuple->lanname)),
- errhint("Only superusers can use untrusted languages.")));
+ errdetail("GRANT and REVOKE are not allowed on untrusted languages, "
+ "because only superusers can use untrusted languages.")));
/*
* Get owner ID and working copy of existing ACL. If there's no ACL,
GRANT USAGE ON LANGUAGE sql TO regressuser1; -- ok
GRANT USAGE ON LANGUAGE c TO PUBLIC; -- fail
ERROR: language "c" is not trusted
-HINT: Only superusers can use untrusted languages.
+DETAIL: GRANT and REVOKE are not allowed on untrusted languages, because only superusers can use untrusted languages.
SET SESSION AUTHORIZATION regressuser1;
GRANT USAGE ON LANGUAGE sql TO regressuser2; -- fail
WARNING: no privileges were granted for "sql"
projects / postgresql-pgindent.git / commitdiff