2

There is a useful function in PostgreSQL 9.5 called aclexplode() but I can't seem to find any official documentation on it.

Should I avoid using it? Is it technically an unstable API?

sourcenouveau
  • 29,356
  • 35
  • 146
  • 243
  • I didn't find much for it either. Though, [from this post](http://stackoverflow.com/questions/22315030/retrieving-all-object-privileges-for-specific-role): that function is only handy for querying system information tables for permission details. For any other use I'd say it is not recommended. -- Also, [it has a backport](https://pgxn.org/dist/aclexplode/) for ancient versions as well. – pozs Apr 26 '17 at 15:17
  • What does it do? Maybe there is a different solution to the problem you are trying to solve. –  Apr 26 '17 at 15:27
  • I am looking for an easy way to break out individual ACL privileges in `pg_database.datacl`. The `aclexplode()` function works great for this. – sourcenouveau Apr 26 '17 at 15:48
  • 1
    Postgres has over 2600 internal functions that are not officially documented. They are available and sometimes I use some of them. I see no reason why their use would be inappropriate. `aclexplode ()` is probably used to create `information_schema.table_privileges`. – klin Apr 26 '17 at 15:50

1 Answers1

4

Yes, you can rely on it. This function is finally documented in upcoming PostgreSQL 12 (commit).

aclexplode returns an aclitem array as a set rows. Output columns are grantor oid, grantee oid (0 for PUBLIC), granted privilege as text (SELECT, ...) and whether the prilivege is grantable as boolean. makeaclitem performs the inverse operation.

sourcenouveau
  • 29,356
  • 35
  • 146
  • 243
Egor Rogov
  • 5,278
  • 24
  • 38