postgres function does not handle PUBLIC - expected?

postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:08:20 von Kasia Tuszynska

--_000_232B5217AD58584C87019E8933556D110211D1AE9Fredmx2esric om_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hello Postgres Gurus,

Is it expected behavior for the has_table_privilege postgres function to no=
t handle the user PUBLIC? Or should I submit a bug?

The has_table_privilege function does not handle PUBLIC - the following que=
ries returns the error:
SELECT has_table_privilege ('PUBLIC','bob.gdb.test1','SELECT') AS SELECT,
has_table_privilege ('PUBLIC','bob.gdb.test1','INSERT') AS INSERT,
has_table_privilege ('PUBLIC','bob.gdb.test1','DELETE') AS DELETE,
has_table_privilege ('PUBLIC','bob.gdb.test1','UPDATE') AS UPDATE;

ERROR: role "PUBLIC" does not exist
SQL state: 42704

SELECT has_table_privilege ('public','bob.gdb.test1','SELECT') AS SELECT,
has_table_privilege ('public','bob.gdb.test1','INSERT') AS INSERT,
has_table_privilege ('public','bob.gdb.test1','DELETE') AS DELETE,
has_table_privilege ('public','bob.gdb.test1','UPDATE') AS UPDATE;

ERROR: role "public" does not exist
SQL state: 42704
Thank you,
Sincerley,
Kasia

--_000_232B5217AD58584C87019E8933556D110211D1AE9Fredmx2esric om_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:x=3D"urn:schemas-microsoft-com:office:excel" xmlns:p=3D"urn:schemas-m=
icrosoft-com:office:powerpoint" xmlns:a=3D"urn:schemas-microsoft-com:office=
:access" xmlns:dt=3D"uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s=3D"=
uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs=3D"urn:schemas-microsof=
t-com:rowset" xmlns:z=3D"#RowsetSchema" xmlns:b=3D"urn:schemas-microsoft-co=
m:office:publisher" xmlns:ss=3D"urn:schemas-microsoft-com:office:spreadshee=
t" xmlns:c=3D"urn:schemas-microsoft-com:office:component:spread sheet" xmlns=
:odc=3D"urn:schemas-microsoft-com:office:odc" xmlns:oa=3D"urn:schemas-micro=
soft-com:office:activation" xmlns:html=3D"http://www.w3.org/TR/REC-html40" =
xmlns:q=3D"http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc=3D"http://m=
icrosoft.com/officenet/conferencing" xmlns:D=3D"DAV:" xmlns:Repl=3D"http://=
schemas.microsoft.com/repl/" xmlns:mt=3D"http://schemas.microsoft.com/share=
point/soap/meetings/" xmlns:x2=3D"http://schemas.microsoft.com/office/excel=
/2003/xml" xmlns:ppda=3D"http://www.passport.com/NameSpace.xsd" xmlns:ois=
=3D"http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir=3D"http://=
schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds=3D"http://www.w3=
..org/2000/09/xmldsig#" xmlns:dsp=3D"http://schemas.microsoft.com/sharepoint=
/dsp" xmlns:udc=3D"http://schemas.microsoft.com/data/udc" xmlns:xsd=3D"http=
://www.w3.org/2001/XMLSchema" xmlns:sub=3D"http://schemas.microsoft.com/sha=
repoint/soap/2002/1/alerts/" xmlns:ec=3D"http://www.w3.org/2001/04/xmlenc#"=
xmlns:sp=3D"http://schemas.microsoft.com/sharepoint/" xmlns:sps=3D"http://=
schemas.microsoft.com/sharepoint/soap/" xmlns:xsi=3D"http://www.w3.org/2001=
/XMLSchema-instance" xmlns:udcs=3D"http://schemas.microsoft.com/data/udc/so=
ap" xmlns:udcxf=3D"http://schemas.microsoft.com/data/udc/xmlfile " xmlns:udc=
p2p=3D"http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf=3D"http:/=
/schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss=3D"http://sche=
mas.microsoft.com/office/2006/digsig-setup" xmlns:dssi=3D"http://schemas.mi=
crosoft.com/office/2006/digsig" xmlns:mdssi=3D"http://schemas.openxmlformat=
s.org/package/2006/digital-signature" xmlns:mver=3D"http://schemas.openxmlf=
ormats.org/markup-compatibility/2006" xmlns:m=3D"http://schemas.microsoft.c=
om/office/2004/12/omml" xmlns:mrels=3D"http://schemas.openxmlformats.org/pa=
ckage/2006/relationships" xmlns:spwp=3D"http://microsoft.com/sharepoint/web=
partpages" xmlns:ex12t=3D"http://schemas.microsoft.com/exchange/service s/20=
06/types" xmlns:ex12m=3D"http://schemas.microsoft.com/exchange/service s/200=
6/messages" xmlns:pptsl=3D"http://schemas.microsoft.com/sharepoint/soap/ Sli=
deLibrary/" xmlns:spsl=3D"http://microsoft.com/webservices/SharePointPor tal=
Server/PublishedLinksService" xmlns:Z=3D"urn:schemas-microsoft-com:" xmlns:=
st=3D"" xmlns=3D"http://www.w3.org/TR/REC-html40">


>









Hello Postgres Gurus, p>



 =



Is it expected behavior =
for the
has_table_privilege postgres function to not handle the user PUBLIC? Or sho=
uld
I submit a bug?



ans-serif";
color:navy'> 



ans-serif";
color:navy'>The has_table_privilege function does not handle PUBLIC –=
the
following queries returns the error:



..0pt;
font-family:"Arial","sans-serif";color:navy'>SELECT has_table_privilege
('PUBLIC','
-serif";
color:#1F497D'>bob
","sans-serif";
color:navy'>.gdb.test1','SELECT') AS SELECT,



..0pt;
font-family:"Arial","sans-serif";color:navy'>has_table_privi lege ('PUBLIC',=
'
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:#1F497D'>b=
ob style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:navy'>.gdb=
..test1','INSERT')
AS INSERT,



..0pt;
font-family:"Arial","sans-serif";color:navy'>has_table_privi lege ('PUBLIC',=
'
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:#1F497D'>b=
ob style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:navy'>.gdb=
..test1','DELETE')
AS DELETE,



..0pt;
font-family:"Arial","sans-serif";color:navy'>has_table_privi lege ('PUBLIC',=
'
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:#1F497D'>b=
ob style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:navy'>.gdb=
..test1','UPDATE')
AS UPDATE;



..0pt;
font-family:"Arial","sans-serif";color:navy'> 



..0pt;
font-family:"Arial","sans-serif";color:navy'>ERROR:  role
"PUBLIC" does not exist



..0pt;
font-family:"Arial","sans-serif";color:navy'>SQL state: 42704 pan>



..0pt;
font-family:"Arial","sans-serif";color:navy'> 



..0pt;
font-family:"Arial","sans-serif";color:navy'>SELECT has_table_privilege
('public','
-serif";
color:#1F497D'>bob
","sans-serif";
color:navy'>.gdb.test1','SELECT') AS SELECT,



..0pt;
font-family:"Arial","sans-serif";color:navy'>has_table_privi lege ('public',=
'
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:#1F497D'>b=
ob style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:navy'>.gdb=
..test1','INSERT')
AS INSERT,



..0pt;
font-family:"Arial","sans-serif";color:navy'>has_table_privi lege ('public',=
'
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:#1F497D'>b=
ob style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:navy'>.gdb=
..test1','DELETE')
AS DELETE,



..0pt;
font-family:"Arial","sans-serif";color:navy'>has_table_privi lege ('public',=
'
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:#1F497D'>b=
ob style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";c olor:navy'>.gdb=
..test1','UPDATE')
AS UPDATE;



..0pt;
font-family:"Arial","sans-serif";color:navy'> 



..0pt;
font-family:"Arial","sans-serif";color:navy'>ERROR: role "public"
does not exist



..0pt;
font-family:"Arial","sans-serif";color:navy'>SQL state: 42704 pan>



ans-serif";
color:#1F497D'>Thank you,



Sincerley, pan>



Kasia =









--_000_232B5217AD58584C87019E8933556D110211D1AE9Fredmx2esric om_--

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:10:50 von Szymon Guz

--0015175cd5f63536a3048d7ce411
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

2010/8/10 Kasia Tuszynska

> Hello Postgres Gurus,
>
>
>
> Is it expected behavior for the has_table_privilege postgres function to
> not handle the user PUBLIC? Or should I submit a bug?
>
>
>
> The has_table_privilege function does not handle PUBLIC â€=93 the fol=
lowing
> queries returns the error:
>
> SELECT has_table_privilege ('PUBLIC','bob.gdb.test1','SELECT') AS SELECT,
>
> has_table_privilege ('PUBLIC','bob.gdb.test1','INSERT') AS INSERT,
>
> has_table_privilege ('PUBLIC','bob.gdb.test1','DELETE') AS DELETE,
>
> has_table_privilege ('PUBLIC','bob.gdb.test1','UPDATE') AS UPDATE;
>
>
>
> ERROR: role "PUBLIC" does not exist
>
> SQL state: 42704
>
>
>
> SELECT has_table_privilege ('public','bob.gdb.test1','SELECT') AS SELECT,
>
> has_table_privilege ('public','bob.gdb.test1','INSERT') AS INSERT,
>
> has_table_privilege ('public','bob.gdb.test1','DELETE') AS DELETE,
>
> has_table_privilege ('public','bob.gdb.test1','UPDATE') AS UPDATE;
>
>
>
> ERROR: role "public" does not exist
>
> SQL state: 42704
>
> Thank you,
>
> Sincerley,
>
> Kasia
>

Do you have any role that is named PUBLIC? I think that you don't have one.
Check e.g. in the table pg_user.

regards
Szymon

--0015175cd5f63536a3048d7ce411
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

2010/8/10 Kasia Tuszynska <=
>
r>
1px #ccc solid;padding-left:1ex;">













Hello Postgres Gurus,<=
/span>



 



Is it expected behavio=
r for the
has_table_privilege postgres function to not handle the user PUBLIC? Or sho=
uld
I submit a bug?



  span>



The has_=
table_privilege function does not handle PUBLIC â€=93 the
following queries returns the error:



10.0pt;color:navy">SELECT has_table_privilege
('PUBLIC','
">bob.gdb.test1',=
9;SELECT') AS SELECT,



10.0pt;color:navy">has_table_privilege ('PUBLIC',' style=3D"font-size:10.0pt;color:#1F497D">bob :10.0pt;color:navy">.gdb.test1','INSERT')
AS INSERT,



10.0pt;color:navy">has_table_privilege ('PUBLIC',' style=3D"font-size:10.0pt;color:#1F497D">bob :10.0pt;color:navy">.gdb.test1','DELETE')
AS DELETE,



10.0pt;color:navy">has_table_privilege ('PUBLIC',' style=3D"font-size:10.0pt;color:#1F497D">bob :10.0pt;color:navy">.gdb.test1','UPDATE')
AS UPDATE;



10.0pt;color:navy"> 



10.0pt;color:navy">ERROR:  role
"PUBLIC" does not exist



10.0pt;color:navy">SQL state: 42704



10.0pt;color:navy"> 



10.0pt;color:navy">SELECT has_table_privilege
('public','
">bob.gdb.test1',=
9;SELECT') AS SELECT,



10.0pt;color:navy">has_table_privilege ('public',' style=3D"font-size:10.0pt;color:#1F497D">bob :10.0pt;color:navy">.gdb.test1','INSERT')
AS INSERT,



10.0pt;color:navy">has_table_privilege ('public',' style=3D"font-size:10.0pt;color:#1F497D">bob :10.0pt;color:navy">.gdb.test1','DELETE')
AS DELETE,



10.0pt;color:navy">has_table_privilege ('public',' style=3D"font-size:10.0pt;color:#1F497D">bob :10.0pt;color:navy">.gdb.test1','UPDATE')
AS UPDATE;



10.0pt;color:navy"> 



10.0pt;color:navy">ERROR: role "public"
does not exist



10.0pt;color:navy">SQL state: 42704



Thank=
you,



Sincerley,



Kasia









Do you have any role that is named PUBLIC? I th=
ink that you don't have one. Check e.g. in the table pg_user.
>
regards
Szymon


--0015175cd5f63536a3048d7ce411--

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:26:05 von Kasia Tuszynska

--_000_232B5217AD58584C87019E8933556D110211D1AEDAredmx2esric om_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

U3p5bW9uLA0KVGhlIFBVQkxJQyByb2xlIGlzIGEgZGVmYXVsdCwgbm9uIGxv Z2luIHJvbGUsIHRo
YXQgaXMgY3JlYXRlZCB3aXRoIGV2ZXJ5IHBvc3RncmVzIGNsdXN0ZXIvaW5z dGFuY2UuDQpUbyBt
eSBrbm93bGVkZ2UgUFVCTElDICBpcyBhIHN0YW5kYXJkIHVzZXIgaW4gYW55 IHJkYm1zLiBTbywg
ZXhpc3RlbmNlIG9mIHB1YmxpYyBpcyBub3QgdGhlIGlzc3VlIGhlcmUuDQpT aW5jZXJlbHksDQpL
YXNpYQ0KDQpGcm9tOiBTenltb24gR3V6IFttYWlsdG86bWFiZXdsdW5AZ21h aWwuY29tXQ0KU2Vu
dDogVHVlc2RheSwgQXVndXN0IDEwLCAyMDEwIDEyOjExIFBNDQpUbzogS2Fz aWEgVHVzenluc2th
DQpDYzogcGdzcWwtYWRtaW5AcG9zdGdyZXNxbC5vcmcNClN1YmplY3Q6IFJl OiBbQURNSU5dIHBv
c3RncmVzIGZ1bmN0aW9uIGRvZXMgbm90IGhhbmRsZSBQVUJMSUMgLSBleHBl Y3RlZD8NCg0KMjAx
MC84LzEwIEthc2lhIFR1c3p5bnNrYSA8a3R1c3p5bnNrYUBlc3JpLmNvbTxt YWlsdG86a3R1c3p5
bnNrYUBlc3JpLmNvbT4+DQpIZWxsbyBQb3N0Z3JlcyBHdXJ1cywNCg0KSXMg aXQgZXhwZWN0ZWQg
YmVoYXZpb3IgZm9yIHRoZSBoYXNfdGFibGVfcHJpdmlsZWdlIHBvc3RncmVz IGZ1bmN0aW9uIHRv
IG5vdCBoYW5kbGUgdGhlIHVzZXIgUFVCTElDPyBPciBzaG91bGQgSSBzdWJt aXQgYSBidWc/DQoN
ClRoZSBoYXNfdGFibGVfcHJpdmlsZWdlIGZ1bmN0aW9uIGRvZXMgbm90IGhh bmRsZSBQVUJMSUMg
4oCTIHRoZSBmb2xsb3dpbmcgcXVlcmllcyByZXR1cm5zIHRoZSBlcnJvcjoN ClNFTEVDVCBoYXNf
dGFibGVfcHJpdmlsZWdlICgnUFVCTElDJywnYm9iLmdkYi50ZXN0MScsJ1NF TEVDVCcpIEFTIFNF
TEVDVCwNCmhhc190YWJsZV9wcml2aWxlZ2UgKCdQVUJMSUMnLCdib2IuZ2Ri LnRlc3QxJywnSU5T
RVJUJykgQVMgSU5TRVJULA0KaGFzX3RhYmxlX3ByaXZpbGVnZSAoJ1BVQkxJ QycsJ2JvYi5nZGIu
dGVzdDEnLCdERUxFVEUnKSBBUyBERUxFVEUsDQpoYXNfdGFibGVfcHJpdmls ZWdlICgnUFVCTElD
JywnYm9iLmdkYi50ZXN0MScsJ1VQREFURScpIEFTIFVQREFURTsNCg0KRVJS T1I6ICByb2xlICJQ
VUJMSUMiIGRvZXMgbm90IGV4aXN0DQpTUUwgc3RhdGU6IDQyNzA0DQoNClNF TEVDVCBoYXNfdGFi
bGVfcHJpdmlsZWdlICgncHVibGljJywnYm9iLmdkYi50ZXN0MScsJ1NFTEVD VCcpIEFTIFNFTEVD
VCwNCmhhc190YWJsZV9wcml2aWxlZ2UgKCdwdWJsaWMnLCdib2IuZ2RiLnRl c3QxJywnSU5TRVJU
JykgQVMgSU5TRVJULA0KaGFzX3RhYmxlX3ByaXZpbGVnZSAoJ3B1YmxpYycs J2JvYi5nZGIudGVz
dDEnLCdERUxFVEUnKSBBUyBERUxFVEUsDQpoYXNfdGFibGVfcHJpdmlsZWdl ICgncHVibGljJywn
Ym9iLmdkYi50ZXN0MScsJ1VQREFURScpIEFTIFVQREFURTsNCg0KRVJST1I6 IHJvbGUgInB1Ymxp
YyIgZG9lcyBub3QgZXhpc3QNClNRTCBzdGF0ZTogNDI3MDQNClRoYW5rIHlv dSwNClNpbmNlcmxl
eSwNCkthc2lhDQoNCkRvIHlvdSBoYXZlIGFueSByb2xlIHRoYXQgaXMgbmFt ZWQgUFVCTElDPyBJ
IHRoaW5rIHRoYXQgeW91IGRvbid0IGhhdmUgb25lLiBDaGVjayBlLmcuIGlu IHRoZSB0YWJsZSBw
Z191c2VyLg0KDQpyZWdhcmRzDQpTenltb24NCg==

--_000_232B5217AD58584C87019E8933556D110211D1AEDAredmx2esric om_
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64

PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwi IHhtbG5zOm89InVy
bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6 dz0idXJuOnNjaGVt
YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6eD0idXJuOnNj aGVtYXMtbWljcm9z
b2Z0LWNvbTpvZmZpY2U6ZXhjZWwiIHhtbG5zOnA9InVybjpzY2hlbWFzLW1p Y3Jvc29mdC1jb206
b2ZmaWNlOnBvd2VycG9pbnQiIHhtbG5zOmE9InVybjpzY2hlbWFzLW1pY3Jv c29mdC1jb206b2Zm
aWNlOmFjY2VzcyIgeG1sbnM6ZHQ9InV1aWQ6QzJGNDEwMTAtNjVCMy0xMWQx LUEyOUYtMDBBQTAw
QzE0ODgyIiB4bWxuczpzPSJ1dWlkOkJEQzZFM0YwLTZEQTMtMTFkMS1BMkEz LTAwQUEwMEMxNDg4
MiIgeG1sbnM6cnM9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206cm93c2V0 IiB4bWxuczp6PSIj
Um93c2V0U2NoZW1hIiB4bWxuczpiPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQt Y29tOm9mZmljZTpw
dWJsaXNoZXIiIHhtbG5zOnNzPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29t Om9mZmljZTpzcHJl
YWRzaGVldCIgeG1sbnM6Yz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpv ZmZpY2U6Y29tcG9u
ZW50OnNwcmVhZHNoZWV0IiB4bWxuczpvZGM9InVybjpzY2hlbWFzLW1pY3Jv c29mdC1jb206b2Zm
aWNlOm9kYyIgeG1sbnM6b2E9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206 b2ZmaWNlOmFjdGl2
YXRpb24iIHhtbG5zOmh0bWw9Imh0dHA6Ly93d3cudzMub3JnL1RSL1JFQy1o dG1sNDAiIHhtbG5z
OnE9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3NvYXAvZW52ZWxvcGUv IiB4bWxuczpydGM9
Imh0dHA6Ly9taWNyb3NvZnQuY29tL29mZmljZW5ldC9jb25mZXJlbmNpbmci IHhtbG5zOkQ9IkRB
VjoiIHhtbG5zOlJlcGw9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20v cmVwbC8iIHhtbG5z
Om10PSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQv c29hcC9tZWV0aW5n
cy8iIHhtbG5zOngyPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29m ZmljZS9leGNlbC8y
MDAzL3htbCIgeG1sbnM6cHBkYT0iaHR0cDovL3d3dy5wYXNzcG9ydC5jb20v TmFtZVNwYWNlLnhz
ZCIgeG1sbnM6b2lzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3No YXJlcG9pbnQvc29h
cC9vaXMvIiB4bWxuczpkaXI9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5j b20vc2hhcmVwb2lu
dC9zb2FwL2RpcmVjdG9yeS8iIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9y Zy8yMDAwLzA5L3ht
bGRzaWcjIiB4bWxuczpkc3A9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5j b20vc2hhcmVwb2lu
dC9kc3AiIHhtbG5zOnVkYz0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNv bS9kYXRhL3VkYyIg
eG1sbnM6eHNkPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIg eG1sbnM6c3ViPSJo
dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3NoYXJlcG9pbnQvc29hcC8y MDAyLzEvYWxlcnRz
LyIgeG1sbnM6ZWM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5j IyIgeG1sbnM6c3A9
Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2ludC8iIHht bG5zOnNwcz0iaHR0
cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9zaGFyZXBvaW50L3NvYXAvIiB4 bWxuczp4c2k9Imh0
dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxu czp1ZGNzPSJodHRw
Oi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2RhdGEvdWRjL3NvYXAiIHhtbG5z OnVkY3hmPSJodHRw
Oi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2RhdGEvdWRjL3htbGZpbGUiIHht bG5zOnVkY3AycD0i
aHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9kYXRhL3VkYy9wYXJ0dG9w YXJ0IiB4bWxuczp3
Zj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9zaGFyZXBvaW50L3Nv YXAvd29ya2Zsb3cv
IiB4bWxuczpkc3NzPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29m ZmljZS8yMDA2L2Rp
Z3NpZy1zZXR1cCIgeG1sbnM6ZHNzaT0iaHR0cDovL3NjaGVtYXMubWljcm9z b2Z0LmNvbS9vZmZp
Y2UvMjAwNi9kaWdzaWciIHhtbG5zOm1kc3NpPSJodHRwOi8vc2NoZW1hcy5v cGVueG1sZm9ybWF0
cy5vcmcvcGFja2FnZS8yMDA2L2RpZ2l0YWwtc2lnbmF0dXJlIiB4bWxuczpt dmVyPSJodHRwOi8v
c2NoZW1hcy5vcGVueG1sZm9ybWF0cy5vcmcvbWFya3VwLWNvbXBhdGliaWxp dHkvMjAwNiIgeG1s
bnM6bT0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS9vZmZpY2UvMjAw NC8xMi9vbW1sIiB4
bWxuczptcmVscz0iaHR0cDovL3NjaGVtYXMub3BlbnhtbGZvcm1hdHMub3Jn L3BhY2thZ2UvMjAw
Ni9yZWxhdGlvbnNoaXBzIiB4bWxuczpzcHdwPSJodHRwOi8vbWljcm9zb2Z0 LmNvbS9zaGFyZXBv
aW50L3dlYnBhcnRwYWdlcyIgeG1sbnM6ZXgxMnQ9Imh0dHA6Ly9zY2hlbWFz Lm1pY3Jvc29mdC5j
b20vZXhjaGFuZ2Uvc2VydmljZXMvMjAwNi90eXBlcyIgeG1sbnM6ZXgxMm09 Imh0dHA6Ly9zY2hl
bWFzLm1pY3Jvc29mdC5jb20vZXhjaGFuZ2Uvc2VydmljZXMvMjAwNi9tZXNz YWdlcyIgeG1sbnM6
cHB0c2w9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vc2hhcmVwb2lu dC9zb2FwL1NsaWRl
TGlicmFyeS8iIHhtbG5zOnNwc2w9Imh0dHA6Ly9taWNyb3NvZnQuY29tL3dl YnNlcnZpY2VzL1No
YXJlUG9pbnRQb3J0YWxTZXJ2ZXIvUHVibGlzaGVkTGlua3NTZXJ2aWNlIiB4 bWxuczpaPSJ1cm46
c2NoZW1hcy1taWNyb3NvZnQtY29tOiIgeG1sbnM6c3Q9IiYjMTsiIHhtbG5z PSJodHRwOi8vd3d3
LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCg0KPGhlYWQ+DQo8bWV0YSBodHRw LWVxdWl2PUNvbnRl
bnQtVHlwZSBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0K PG1ldGEgbmFtZT1H
ZW5lcmF0b3IgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTIgKGZpbHRlcmVk IG1lZGl1bSkiPg0K
PHN0eWxlPg0KPCEtLQ0KIC8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCiBAZm9u dC1mYWNlDQoJe2Zv
bnQtZmFtaWx5OiJDYW1icmlhIE1hdGgiOw0KCXBhbm9zZS0xOjIgNCA1IDMg NSA0IDYgMyAyIDQ7
fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDYWxpYnJpOw0KCXBhbm9z ZS0xOjIgMTUgNSAy
IDIgMiA0IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6VGFo b21hOw0KCXBhbm9z
ZS0xOjIgMTEgNiA0IDMgNSA0IDQgMiA0O30NCiAvKiBTdHlsZSBEZWZpbml0 aW9ucyAqLw0KIHAu
TXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29Ob3JtYWwNCgl7bWFy Z2luOjBpbjsNCglt
YXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjEyLjBwdDsNCglm b250LWZhbWlseToi
VGltZXMgTmV3IFJvbWFuIiwic2VyaWYiO30NCmE6bGluaywgc3Bhbi5Nc29I eXBlcmxpbmsNCgl7
bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1k ZWNvcmF0aW9uOnVu
ZGVybGluZTt9DQphOnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93 ZWQNCgl7bXNvLXN0
eWxlLXByaW9yaXR5Ojk5Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29y YXRpb246dW5kZXJs
aW5lO30NCnNwYW4uRW1haWxTdHlsZTE3DQoJe21zby1zdHlsZS10eXBlOnBl cnNvbmFsLXJlcGx5
Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7DQoJY29s b3I6IzFGNDk3RDt9
DQouTXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQtb25s eTt9DQpAcGFnZSBX
b3JkU2VjdGlvbjENCgl7c2l6ZTo4LjVpbiAxMS4waW47DQoJbWFyZ2luOjEu MGluIDEuMGluIDEu
MGluIDEuMGluO30NCmRpdi5Xb3JkU2VjdGlvbjENCgl7cGFnZTpXb3JkU2Vj dGlvbjE7fQ0KLS0+
DQo8L3N0eWxlPg0KPCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQogPG86c2hh cGVkZWZhdWx0cyB2
OmV4dD0iZWRpdCIgc3BpZG1heD0iMTAyNiIgLz4NCjwveG1sPjwhW2VuZGlm XS0tPjwhLS1baWYg
Z3RlIG1zbyA5XT48eG1sPg0KIDxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0 Ij4NCiAgPG86aWRt
YXAgdjpleHQ9ImVkaXQiIGRhdGE9IjEiIC8+DQogPC9vOnNoYXBlbGF5b3V0 PjwveG1sPjwhW2Vu
ZGlmXS0tPg0KPC9oZWFkPg0KDQo8Ym9keSBsYW5nPUVOLVVTIGxpbms9Ymx1 ZSB2bGluaz1wdXJw
bGU+DQoNCjxkaXYgY2xhc3M9V29yZFNlY3Rpb24xPg0KDQo8cCBjbGFzcz1N c29Ob3JtYWw+PHNw
YW4gc3R5bGU9J2ZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6IkNhbGli cmkiLCJzYW5zLXNl
cmlmIjsNCmNvbG9yOiMxRjQ5N0QnPlN6eW1vbiw8bzpwPjwvbzpwPjwvc3Bh bj48L3A+DQoNCjxw
IGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1zaXplOjExLjBw dDtmb250LWZhbWls
eToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiOw0KY29sb3I6IzFGNDk3RCc+VGhl IFBVQkxJQyByb2xl
IGlzIGEgZGVmYXVsdCwgbm9uIGxvZ2luIHJvbGUsIHRoYXQgaXMgY3JlYXRl ZA0Kd2l0aCBldmVy
eSBwb3N0Z3JlcyBjbHVzdGVyL2luc3RhbmNlLjxvOnA+PC9vOnA+PC9zcGFu PjwvcD4NCg0KPHAg
Y2xhc3M9TXNvTm9ybWFsPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTEuMHB0 O2ZvbnQtZmFtaWx5
OiJDYWxpYnJpIiwic2Fucy1zZXJpZiI7DQpjb2xvcjojMUY0OTdEJz5UbyBt eSBrbm93bGVkZ2Ug
UFVCTElDwqAgaXMgYSBzdGFuZGFyZCB1c2VyIGluIGFueSByZGJtcy4gU28s IGV4aXN0ZW5jZQ0K
b2YgcHVibGljIGlzIG5vdCB0aGUgaXNzdWUgaGVyZS48bzpwPjwvbzpwPjwv c3Bhbj48L3A+DQoN
CjxwIGNsYXNzPU1zb05vcm1hbD48c3BhbiBzdHlsZT0nZm9udC1zaXplOjEx LjBwdDtmb250LWZh
bWlseToiQ2FsaWJyaSIsInNhbnMtc2VyaWYiOw0KY29sb3I6IzFGNDk3RCc+ U2luY2VyZWx5LDxv
OnA+PC9vOnA+PC9zcGFuPjwvcD4NCg0KPHAgY2xhc3M9TXNvTm9ybWFsPjxz cGFuIHN0eWxlPSdm
b250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiJDYWxpYnJpIiwic2Fucy1z ZXJpZiI7DQpjb2xv
cjojMUY0OTdEJz5LYXNpYSA8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQoNCjxw IGNsYXNzPU1zb05v
cm1hbD48c3BhbiBzdHlsZT0nZm9udC1zaXplOjExLjBwdDtmb250LWZhbWls eToiQ2FsaWJyaSIs
InNhbnMtc2VyaWYiOw0KY29sb3I6IzFGNDk3RCc+PG86cD4mbmJzcDs8L286 cD48L3NwYW4+PC9w
Pg0KDQo8ZGl2IHN0eWxlPSdib3JkZXI6bm9uZTtib3JkZXItdG9wOnNvbGlk ICNCNUM0REYgMS4w
cHQ7cGFkZGluZzozLjBwdCAwaW4gMGluIDBpbic+DQoNCjxwIGNsYXNzPU1z b05vcm1hbD48Yj48
c3BhbiBzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseToiVGFo b21hIiwic2Fucy1z
ZXJpZiInPkZyb206PC9zcGFuPjwvYj48c3Bhbg0Kc3R5bGU9J2ZvbnQtc2l6 ZToxMC4wcHQ7Zm9u
dC1mYW1pbHk6IlRhaG9tYSIsInNhbnMtc2VyaWYiJz4gU3p5bW9uIEd1eg0K W21haWx0bzptYWJl
d2x1bkBnbWFpbC5jb21dIDxicj4NCjxiPlNlbnQ6PC9iPiBUdWVzZGF5LCBB dWd1c3QgMTAsIDIw
MTAgMTI6MTEgUE08YnI+DQo8Yj5Ubzo8L2I+IEthc2lhIFR1c3p5bnNrYTxi cj4NCjxiPkNjOjwv
Yj4gcGdzcWwtYWRtaW5AcG9zdGdyZXNxbC5vcmc8YnI+DQo8Yj5TdWJqZWN0 OjwvYj4gUmU6IFtB
RE1JTl0gcG9zdGdyZXMgZnVuY3Rpb24gZG9lcyBub3QgaGFuZGxlIFBVQkxJ QyAtIGV4cGVjdGVk
PzxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCg0KPC9kaXY+DQoNCjxwIGNsYXNz PU1zb05vcm1hbD48
bzpwPiZuYnNwOzwvbzpwPjwvcD4NCg0KPGRpdj4NCg0KPHAgY2xhc3M9TXNv Tm9ybWFsPjIwMTAv
OC8xMCBLYXNpYSBUdXN6eW5za2EgJmx0OzxhDQpocmVmPSJtYWlsdG86a3R1 c3p5bnNrYUBlc3Jp
LmNvbSI+a3R1c3p5bnNrYUBlc3JpLmNvbTwvYT4mZ3Q7PG86cD48L286cD48 L3A+DQoNCjxkaXY+
DQoNCjxkaXY+DQoNCjxwIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1h cmdpbi10b3AtYWx0
OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8nPjxzcGFuDQpzdHls ZT0nY29sb3I6IzFG
NDk3RCc+SGVsbG8gUG9zdGdyZXMgR3VydXMsPC9zcGFuPjxvOnA+PC9vOnA+ PC9wPg0KDQo8cCBj
bGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRv O21zby1tYXJnaW4t
Ym90dG9tLWFsdDphdXRvJz48c3Bhbg0Kc3R5bGU9J2NvbG9yOiMxRjQ5N0Qn PiZuYnNwOzwvc3Bh
bj48bzpwPjwvbzpwPjwvcD4NCg0KPHAgY2xhc3M9TXNvTm9ybWFsIHN0eWxl PSdtc28tbWFyZ2lu
LXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byc+PHNw YW4NCnN0eWxlPSdj
b2xvcjojMUY0OTdEJz5JcyBpdCBleHBlY3RlZCBiZWhhdmlvciBmb3IgdGhl IGhhc190YWJsZV9w
cml2aWxlZ2UNCnBvc3RncmVzIGZ1bmN0aW9uIHRvIG5vdCBoYW5kbGUgdGhl IHVzZXIgUFVCTElD
PyBPciBzaG91bGQgSSBzdWJtaXQgYSBidWc/PC9zcGFuPjxvOnA+PC9vOnA+ PC9wPg0KDQo8cCBj
bGFzcz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRv O21zby1tYXJnaW4t
Ym90dG9tLWFsdDphdXRvJz48c3Bhbg0Kc3R5bGU9J2ZvbnQtc2l6ZToxMC4w cHQ7Y29sb3I6bmF2
eSc+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KDQo8cCBjbGFzcz1N c29Ob3JtYWwgc3R5
bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9t LWFsdDphdXRvJz48
c3Bhbg0Kc3R5bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7Y29sb3I6bmF2eSc+VGhl IGhhc190YWJsZV9w
cml2aWxlZ2UgZnVuY3Rpb24gZG9lcyBub3QNCmhhbmRsZSBQVUJMSUMg4oCT IHRoZSBmb2xsb3dp
bmcgcXVlcmllcyByZXR1cm5zIHRoZSBlcnJvcjo8L3NwYW4+PG86cD48L286 cD48L3A+DQoNCjxw
IGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1 dG87bXNvLW1hcmdp
bi1ib3R0b20tYWx0OmF1dG87DQptYXJnaW4tbGVmdDouNWluJz48c3BhbiBz dHlsZT0nZm9udC1z
aXplOjEwLjBwdDtjb2xvcjpuYXZ5Jz5TRUxFQ1QNCmhhc190YWJsZV9wcml2 aWxlZ2UgKCdQVUJM
SUMnLCc8L3NwYW4+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7Y29s b3I6IzFGNDk3RCc+
Ym9iPC9zcGFuPjxzcGFuDQpzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtjb2xv cjpuYXZ5Jz4uZ2Ri
LnRlc3QxJywnU0VMRUNUJykgQVMgU0VMRUNULCA8L3NwYW4+PG86cD48L286 cD48L3A+DQoNCjxw
IGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1 dG87bXNvLW1hcmdp
bi1ib3R0b20tYWx0OmF1dG87DQptYXJnaW4tbGVmdDouNWluJz48c3BhbiBz dHlsZT0nZm9udC1z
aXplOjEwLjBwdDtjb2xvcjpuYXZ5Jz5oYXNfdGFibGVfcHJpdmlsZWdlDQoo J1BVQkxJQycsJzwv
c3Bhbj48c3BhbiBzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtjb2xvcjojMUY0 OTdEJz5ib2I8L3Nw
YW4+PHNwYW4NCnN0eWxlPSdmb250LXNpemU6MTAuMHB0O2NvbG9yOm5hdnkn Pi5nZGIudGVzdDEn
LCdJTlNFUlQnKSBBUyBJTlNFUlQsIDwvc3Bhbj48bzpwPjwvbzpwPjwvcD4N Cg0KPHAgY2xhc3M9
TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28t bWFyZ2luLWJvdHRv
bS1hbHQ6YXV0bzsNCm1hcmdpbi1sZWZ0Oi41aW4nPjxzcGFuIHN0eWxlPSdm b250LXNpemU6MTAu
MHB0O2NvbG9yOm5hdnknPmhhc190YWJsZV9wcml2aWxlZ2UNCignUFVCTElD JywnPC9zcGFuPjxz
cGFuIHN0eWxlPSdmb250LXNpemU6MTAuMHB0O2NvbG9yOiMxRjQ5N0QnPmJv Yjwvc3Bhbj48c3Bh
bg0Kc3R5bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7Y29sb3I6bmF2eSc+LmdkYi50 ZXN0MScsJ0RFTEVU
RScpIEFTIERFTEVURSwgPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KDQo8cCBj bGFzcz1Nc29Ob3Jt
YWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4t Ym90dG9tLWFsdDph
dXRvOw0KbWFyZ2luLWxlZnQ6LjVpbic+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6 ZToxMC4wcHQ7Y29s
b3I6bmF2eSc+aGFzX3RhYmxlX3ByaXZpbGVnZQ0KKCdQVUJMSUMnLCc8L3Nw YW4+PHNwYW4gc3R5
bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7Y29sb3I6IzFGNDk3RCc+Ym9iPC9zcGFu PjxzcGFuDQpzdHls
ZT0nZm9udC1zaXplOjEwLjBwdDtjb2xvcjpuYXZ5Jz4uZ2RiLnRlc3QxJywn VVBEQVRFJykgQVMg
VVBEQVRFOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCg0KPHAgY2xhc3M9TXNv Tm9ybWFsIHN0eWxl
PSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1h bHQ6YXV0bzsNCm1h
cmdpbi1sZWZ0Oi41aW4nPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTAuMHB0 O2NvbG9yOm5hdnkn
PiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCg0KPHAgY2xhc3M9TXNv Tm9ybWFsIHN0eWxl
PSdtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1h bHQ6YXV0bzsNCm1h
cmdpbi1sZWZ0Oi41aW4nPjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTAuMHB0 O2NvbG9yOm5hdnkn
PkVSUk9SOiZuYnNwOyByb2xlDQomcXVvdDtQVUJMSUMmcXVvdDsgZG9lcyBu b3QgZXhpc3Q8L3Nw
YW4+PG86cD48L286cD48L3A+DQoNCjxwIGNsYXNzPU1zb05vcm1hbCBzdHls ZT0nbXNvLW1hcmdp
bi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQpt YXJnaW4tbGVmdDou
NWluJz48c3BhbiBzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtjb2xvcjpuYXZ5 Jz5TUUwgc3RhdGU6
IDQyNzA0PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KDQo8cCBjbGFzcz1Nc29O b3JtYWwgc3R5bGU9
J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFs dDphdXRvOw0KbWFy
Z2luLWxlZnQ6LjVpbic+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7 Y29sb3I6bmF2eSc+
Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KDQo8cCBjbGFzcz1Nc29O b3JtYWwgc3R5bGU9
J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFs dDphdXRvOw0KbWFy
Z2luLWxlZnQ6LjVpbic+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7 Y29sb3I6bmF2eSc+
U0VMRUNUDQpoYXNfdGFibGVfcHJpdmlsZWdlICgncHVibGljJywnPC9zcGFu PjxzcGFuIHN0eWxl
PSdmb250LXNpemU6MTAuMHB0O2NvbG9yOiMxRjQ5N0QnPmJvYjwvc3Bhbj48 c3Bhbg0Kc3R5bGU9
J2ZvbnQtc2l6ZToxMC4wcHQ7Y29sb3I6bmF2eSc+LmdkYi50ZXN0MScsJ1NF TEVDVCcpIEFTIFNF
TEVDVCwgPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KDQo8cCBjbGFzcz1Nc29O b3JtYWwgc3R5bGU9
J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFs dDphdXRvOw0KbWFy
Z2luLWxlZnQ6LjVpbic+PHNwYW4gc3R5bGU9J2ZvbnQtc2l6ZToxMC4wcHQ7 Y29sb3I6bmF2eSc+
aGFzX3RhYmxlX3ByaXZpbGVnZQ0KKCdwdWJsaWMnLCc8L3NwYW4+PHNwYW4g c3R5bGU9J2ZvbnQt
c2l6ZToxMC4wcHQ7Y29sb3I6IzFGNDk3RCc+Ym9iPC9zcGFuPjxzcGFuDQpz dHlsZT0nZm9udC1z
aXplOjEwLjBwdDtjb2xvcjpuYXZ5Jz4uZ2RiLnRlc3QxJywnSU5TRVJUJykg QVMgSU5TRVJULCA8
L3NwYW4+PG86cD48L286cD48L3A+DQoNCjxwIGNsYXNzPU1zb05vcm1hbCBz dHlsZT0nbXNvLW1h
cmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87 DQptYXJnaW4tbGVm
dDouNWluJz48c3BhbiBzdHlsZT0nZm9udC1zaXplOjEwLjBwdDtjb2xvcjpu YXZ5Jz5oYXNfdGFi
bGVfcHJpdmlsZWdlDQooJ3B1YmxpYycsJzwvc3Bhbj48c3BhbiBzdHlsZT0n Zm9udC1zaXplOjEw
LjBwdDtjb2xvcjojMUY0OTdEJz5ib2I8L3NwYW4+PHNwYW4NCnN0eWxlPSdm b250LXNpemU6MTAu
MHB0O2NvbG9yOm5hdnknPi5nZGIudGVzdDEnLCdERUxFVEUnKSBBUyBERUxF VEUsIDwvc3Bhbj48
bzpwPjwvbzpwPjwvcD4NCg0KPHAgY2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdt c28tbWFyZ2luLXRv
cC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzsNCm1hcmdp bi1sZWZ0Oi41aW4n
PjxzcGFuIHN0eWxlPSdmb250LXNpemU6MTAuMHB0O2NvbG9yOm5hdnknPmhh c190YWJsZV9wcml2
aWxlZ2UNCigncHVibGljJywnPC9zcGFuPjxzcGFuIHN0eWxlPSdmb250LXNp emU6MTAuMHB0O2Nv
bG9yOiMxRjQ5N0QnPmJvYjwvc3Bhbj48c3Bhbg0Kc3R5bGU9J2ZvbnQtc2l6 ZToxMC4wcHQ7Y29s
b3I6bmF2eSc+LmdkYi50ZXN0MScsJ1VQREFURScpIEFTIFVQREFURTs8L3Nw YW4+PG86cD48L286
cD48L3A+DQoNCjxwIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdp bi10b3AtYWx0OmF1
dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQptYXJnaW4tbGVmdDou NWluJz48c3BhbiBz
dHlsZT0nZm9udC1zaXplOjEwLjBwdDtjb2xvcjpuYXZ5Jz4mbmJzcDs8L3Nw YW4+PG86cD48L286
cD48L3A+DQoNCjxwIGNsYXNzPU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdp bi10b3AtYWx0OmF1
dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQptYXJnaW4tbGVmdDou NWluJz48c3BhbiBz
dHlsZT0nZm9udC1zaXplOjEwLjBwdDtjb2xvcjpuYXZ5Jz5FUlJPUjogcm9s ZQ0KJnF1b3Q7cHVi
bGljJnF1b3Q7IGRvZXMgbm90IGV4aXN0PC9zcGFuPjxvOnA+PC9vOnA+PC9w Pg0KDQo8cCBjbGFz
cz1Nc29Ob3JtYWwgc3R5bGU9J21zby1tYXJnaW4tdG9wLWFsdDphdXRvO21z by1tYXJnaW4tYm90
dG9tLWFsdDphdXRvOw0KbWFyZ2luLWxlZnQ6LjVpbic+PHNwYW4gc3R5bGU9 J2ZvbnQtc2l6ZTox
MC4wcHQ7Y29sb3I6bmF2eSc+U1FMIHN0YXRlOiA0MjcwNDwvc3Bhbj48bzpw PjwvbzpwPjwvcD4N
Cg0KPHAgY2xhc3M9TXNvTm9ybWFsIHN0eWxlPSdtc28tbWFyZ2luLXRvcC1h bHQ6YXV0bzttc28t
bWFyZ2luLWJvdHRvbS1hbHQ6YXV0byc+PHNwYW4NCnN0eWxlPSdmb250LXNp emU6MTAuMHB0O2Nv
bG9yOiMxRjQ5N0QnPlRoYW5rIHlvdSw8L3NwYW4+PG86cD48L286cD48L3A+ DQoNCjxwIGNsYXNz
PU1zb05vcm1hbCBzdHlsZT0nbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNv LW1hcmdpbi1ib3R0
b20tYWx0OmF1dG8nPjxzcGFuDQpzdHlsZT0nY29sb3I6IzFGNDk3RCc+U2lu Y2VybGV5LDwvc3Bh
bj48bzpwPjwvbzpwPjwvcD4NCg0KPHAgY2xhc3M9TXNvTm9ybWFsIHN0eWxl PSdtc28tbWFyZ2lu
LXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byc+PHNw YW4NCnN0eWxlPSdj
b2xvcjojMUY0OTdEJz5LYXNpYSA8L3NwYW4+PG86cD48L286cD48L3A+DQoN CjwvZGl2Pg0KDQo8
L2Rpdj4NCg0KPC9kaXY+DQoNCjxwIGNsYXNzPU1zb05vcm1hbD48bzpwPiZu YnNwOzwvbzpwPjwv
cD4NCg0KPGRpdj4NCg0KPHAgY2xhc3M9TXNvTm9ybWFsPkRvIHlvdSBoYXZl IGFueSByb2xlIHRo
YXQgaXMgbmFtZWQgUFVCTElDPyBJIHRoaW5rIHRoYXQgeW91DQpkb24ndCBo YXZlIG9uZS4gQ2hl
Y2sgZS5nLiBpbiB0aGUgdGFibGUgcGdfdXNlci48bzpwPjwvbzpwPjwvcD4N Cg0KPC9kaXY+DQoN
CjxkaXY+DQoNCjxwIGNsYXNzPU1zb05vcm1hbD48bzpwPiZuYnNwOzwvbzpw PjwvcD4NCg0KPC9k
aXY+DQoNCjxkaXY+DQoNCjxwIGNsYXNzPU1zb05vcm1hbD5yZWdhcmRzPG86 cD48L286cD48L3A+
DQoNCjwvZGl2Pg0KDQo8ZGl2Pg0KDQo8cCBjbGFzcz1Nc29Ob3JtYWw+U3p5 bW9uPG86cD48L286
cD48L3A+DQoNCjwvZGl2Pg0KDQo8L2Rpdj4NCg0KPC9ib2R5Pg0KDQo8L2h0 bWw+DQo=

--_000_232B5217AD58584C87019E8933556D110211D1AEDAredmx2esric om_--

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:34:45 von alvherre

Excerpts from Kasia Tuszynska's message of mar ago 10 15:08:20 -0400 2010=
:
> Hello Postgres Gurus,
>=20
> Is it expected behavior for the has_table_privilege postgres function t=
o not handle the user PUBLIC? Or should I submit a bug?
>=20
> The has_table_privilege function does not handle PUBLIC - the following=
queries returns the error:
> SELECT has_table_privilege ('PUBLIC','bob.gdb.test1','SELECT') AS SELEC=
T,
> has_table_privilege ('PUBLIC','bob.gdb.test1','INSERT') AS INSERT,
> has_table_privilege ('PUBLIC','bob.gdb.test1','DELETE') AS DELETE,
> has_table_privilege ('PUBLIC','bob.gdb.test1','UPDATE') AS UPDATE;
>=20
> ERROR: role "PUBLIC" does not exist

Yeah, this is a bug, see

http://archives.postgresql.org/message-id/4399EF7A-9419-4F84 -B51A-A55C5EF=
AC12A%40nasby.net

--=20
Álvaro Herrera
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

--=20
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:35:16 von Szymon Guz

--001636834228965f42048d7d3bc2
Content-Type: text/plain; charset=UTF-8

2010/8/10 Kasia Tuszynska

> Szymon,
>
> The PUBLIC role is a default, non login role, that is created with every
> postgres cluster/instance.
>
> To my knowledge PUBLIC is a standard user in any rdbms. So, existence of
> public is not the issue here.
>
> Sincerely,
>
> Kasia
>
>
No, there is no PUBLIC default role in ANY rdbms. In PostgreSQL there is
PUBLIC schema, not role. In my PostgreSQL database there wasn't any such
role... but I'll check that now... ok, I've checked, I've got 15 roles, none
is names PUBLIC, what's more, I don't have any roles that cannot login.

run simple query: SELECT rolname FROM pg_roles; and check the existence of
the PUBLIC role.

regards
Szymon Guz

--001636834228965f42048d7d3bc2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

2010/8/10 Kasia Tuszynska <=
>
r>
1px #ccc solid;padding-left:1ex;">













Szymo=
n,



The P=
UBLIC role is a default, non login role, that is created
with every postgres cluster/instance.



To my=
knowledge PUBLIC  is a standard user in any rdbms. So, existence
of public is not the issue here.



Since=
rely,



Kasia=



n>


No, there is no PUBLIC d=
efault role in ANY rdbms. In PostgreSQL there is PUBLIC schema, not role. I=
n my PostgreSQL database there wasn't any such role... but I'll che=
ck that now... ok, I've checked, I've got 15 roles, none is names P=
UBLIC, what's more, I don't have any roles that cannot login.


run simple query: SELECT rolname FROM pg_roles; and che=
ck the existence of the PUBLIC role.

regards
=
Szymon Guz
 


--001636834228965f42048d7d3bc2--

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:37:27 von charlie derr

Kasia Tuszynska wrote:
> Szymon,
>=20
> The PUBLIC role is a default, non login role, that is created with ever=
y=20
> postgres cluster/instance.
>=20
> To my knowledge PUBLIC is a standard user in any rdbms. So, existence=20
> of public is not the issue here.
>=20
> Sincerely,
>=20
> Kasia
>=20


Kasia,
I think your assumption is wrong. I've been using postgres for a lot=
of years and never saw a PUBLIC role created=20
by default in all the installations I've ever done. It's certainly possi=
ble that various other RDBMSs may assume the=20
existence of such a role/user, but my experience is that the only default=
role in "our world" is named postgres.

So I think this does have everything to do with your issue. Why don'=
t you give it a shot and try to create a user=20
named PUBLIC?

good luck,
~c

> =20
>=20
> *From:* Szymon Guz [mailto:mabewlun@gmail.com]
> *Sent:* Tuesday, August 10, 2010 12:11 PM
> *To:* Kasia Tuszynska
> *Cc:* pgsql-admin@postgresql.org
> *Subject:* Re: [ADMIN] postgres function does not handle PUBLIC - expec=
ted?
>=20
> =20
>=20
> 2010/8/10 Kasia Tuszynska com>>
>=20
> Hello Postgres Gurus,
>=20
> =20
>=20
> Is it expected behavior for the has_table_privilege postgres function t=
o=20
> not handle the user PUBLIC? Or should I submit a bug?
>=20
> =20
>=20
> The has_table_privilege function does not handle PUBLIC â€=93 the f=
ollowing=20
> queries returns the error:
>=20
> SELECT has_table_privilege ('PUBLIC','bob.gdb.test1','SELECT') AS SELEC=
T,
>=20
> has_table_privilege ('PUBLIC','bob.gdb.test1','INSERT') AS INSERT,
>=20
> has_table_privilege ('PUBLIC','bob.gdb.test1','DELETE') AS DELETE,
>=20
> has_table_privilege ('PUBLIC','bob.gdb.test1','UPDATE') AS UPDATE;
>=20
> =20
>=20
> ERROR: role "PUBLIC" does not exist
>=20
> SQL state: 42704
>=20
> =20
>=20
> SELECT has_table_privilege ('public','bob.gdb.test1','SELECT') AS SELEC=
T,
>=20
> has_table_privilege ('public','bob.gdb.test1','INSERT') AS INSERT,
>=20
> has_table_privilege ('public','bob.gdb.test1','DELETE') AS DELETE,
>=20
> has_table_privilege ('public','bob.gdb.test1','UPDATE') AS UPDATE;
>=20
> =20
>=20
> ERROR: role "public" does not exist
>=20
> SQL state: 42704
>=20
> Thank you,
>=20
> Sincerley,
>=20
> Kasia
>=20
> =20
>=20
> Do you have any role that is named PUBLIC? I think that you don't have=20
> one. Check e.g. in the table pg_user.
>=20
> =20
>=20
> regards
>=20
> Szymon
>=20


--=20
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

Re: postgres function does not handle PUBLIC -

am 10.08.2010 21:40:37 von Kevin Grittner

Szymon Guz wrote:

> No, there is no PUBLIC default role in ANY rdbms. In PostgreSQL
> there is PUBLIC schema, not role. In my PostgreSQL database there
> wasn't any such role... but I'll check that now... ok, I've
> checked, I've got 15 roles, none is names PUBLIC, what's more, I
> don't have any roles that cannot login.
>
> run simple query: SELECT rolname FROM pg_roles; and check the
> existence of the PUBLIC role.

Yeah, it's automatically there in a shadowy sort of way. Try this,
for example, in your cluster with no PUBLIC role:

test=# revoke create on database test from public;
REVOKE
test=# grant select on pg_class to public;
GRANT

-Kevin

--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:49:38 von Szymon Guz

--00163630fe61f4e34e048d7d6e44
Content-Type: text/plain; charset=UTF-8

2010/8/10 Kevin Grittner

> Szymon Guz wrote:
>
> > No, there is no PUBLIC default role in ANY rdbms. In PostgreSQL
> > there is PUBLIC schema, not role. In my PostgreSQL database there
> > wasn't any such role... but I'll check that now... ok, I've
> > checked, I've got 15 roles, none is names PUBLIC, what's more, I
> > don't have any roles that cannot login.
> >
> > run simple query: SELECT rolname FROM pg_roles; and check the
> > existence of the PUBLIC role.
>
> Yeah, it's automatically there in a shadowy sort of way. Try this,
> for example, in your cluster with no PUBLIC role:
>
> test=# revoke create on database test from public;
> REVOKE
> test=# grant select on pg_class to public;
> GRANT
>
>
well... surprisingly that works... does the public role exist in the SQL
standard? why it is not in the pg_roles table?

Szymon

--00163630fe61f4e34e048d7d6e44
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable



2010/8/10 Kevin Grittner r"><Kevin.Grittner@wicour=
ts.gov
>

0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Szymon Guz <mabe=
wlun@gmail.com
> wrote:



> No, there is no PUBLIC default role in ANY rdbms. In PostgreSQL

> there is PUBLIC schema, not role. In my PostgreSQL database there

> wasn't any such role... but I'll check that now... ok, I'v=
e

> checked, I've got 15 roles, none is names PUBLIC, what's more,=
I

> don't have any roles that cannot login.

>

> run simple query: SELECT rolname FROM pg_roles; and check the

> existence of the PUBLIC role.



Yeah, it's automatically there in a shadowy sort of way.  Tr=
y this,

for example, in your cluster with no PUBLIC role:



test=3D# revoke create on database test from public;

REVOKE

test=3D# grant select on pg_class to public;

GRANT



well...=
 surprisingly that works... does the public role exist in the SQL=
standard? why it is not in the pg_roles table?

Sz=
ymon





--00163630fe61f4e34e048d7d6e44--

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:50:03 von Kasia Tuszynska

Kevin,
I know public is there from using it every day, but if it were not for you =
post I would not know how to prove it, none of the views, graphical admin t=
ools etc. display it as a user.=20

We found this issue because we can grant privs to public on a table, but co=
uld not revoke them. If I did not "know" that public was there ( because in=
my experience it is there in oracle, sql server and the Informix dbs) how =
would I check for it's existence on Postgres?

Thank you,
Kasia

-----Original Message-----
From: Kevin Grittner [mailto:Kevin.Grittner@wicourts.gov]=20
Sent: Tuesday, August 10, 2010 12:41 PM
To: Kasia Tuszynska; Szymon Guz
Cc: pgsql-admin@postgresql.org
Subject: Re: [ADMIN] postgres function does not handle PUBLIC - expected?

Szymon Guz wrote:
=20
> No, there is no PUBLIC default role in ANY rdbms. In PostgreSQL
> there is PUBLIC schema, not role. In my PostgreSQL database there
> wasn't any such role... but I'll check that now... ok, I've
> checked, I've got 15 roles, none is names PUBLIC, what's more, I
> don't have any roles that cannot login.
>=20
> run simple query: SELECT rolname FROM pg_roles; and check the
> existence of the PUBLIC role.
=20
Yeah, it's automatically there in a shadowy sort of way. Try this,
for example, in your cluster with no PUBLIC role:
=20
test=3D# revoke create on database test from public;
REVOKE
test=3D# grant select on pg_class to public;
GRANT
=20
-Kevin


--=20
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 21:56:37 von Szymon Guz

--0015175cba8aea8dfe048d7d8750
Content-Type: text/plain; charset=UTF-8

2010/8/10 Kasia Tuszynska

> Kevin,
> I know public is there from using it every day, but if it were not for you
> post I would not know how to prove it, none of the views, graphical admin
> tools etc. display it as a user.
>
> We found this issue because we can grant privs to public on a table, but
> could not revoke them. If I did not "know" that public was there ( because
> in my experience it is there in oracle, sql server and the Informix dbs) how
> would I check for it's existence on Postgres?
>
> Thank you,
> Kasia


"The key word PUBLIC refers to the implicitly defined group of all roles."
http://www.postgresql.org/docs/8.4/static/sql-revoke.html


So PUBLIC seems
to be a kind of magical role. I didn't know that, sorry for my previous, a
little bit confusing email.

regards
Szymon

--0015175cba8aea8dfe048d7d8750
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable



2010/8/10 Kasia Tuszynska tr"><><=
/span>
er-left:1px #ccc solid;padding-left:1ex;">
Kevin,

I know public is there from using it every day, but if it were not for you =
post I would not know how to prove it, none of the views, graphical admin t=
ools etc. display it as a user.



We found this issue because we can grant privs to public on a table, but co=
uld not revoke them. If I did not "know" that public was there ( =
because in my experience it is there in oracle, sql server and the Informix=
dbs) how would I check for it's existence on Postgres?




Thank you,

Kasia

"=
The key word PUBLIC refers to the implicitly defined group of all roles.&qu=
ot;
ke.html">http://www.postgresql.org/docs/8.4/static/sql-revok e.html >


s/8.4/static/sql-revoke.html">So PUBLIC seems to be a kind of magical r=
ole. I didn't know that, sorry for my previous, a little bit confusing =
email.


regards
Szymon

=C2=
=A0


--0015175cba8aea8dfe048d7d8750--

Re: postgres function does not handle PUBLIC -

am 10.08.2010 22:00:29 von Kevin Grittner

Kasia Tuszynska wrote:

> We found this issue because we can grant privs to public on a
> table, but could not revoke them.

Odd.

test=# create table t1 (c1 int primary key);
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index
"t1_pkey" for table "t1"
CREATE TABLE
test=# grant insert on t1 to public;
GRANT
test=# revoke insert on t1 from public;
REVOKE
test=# revoke update on t1 from public;
REVOKE

> If I did not "know" that public was there how
> would I check for it's existence on Postgres?

You would need to go to the documentation. Unfortunately, we don't
mention it on this page:

http://www.postgresql.org/docs/current/static/role-membershi p.html

As Andre pointed out, you can get a reasonable explanation on the
page describing the GRANT statement.

-Kevin

--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

Re: postgres function does not handle PUBLIC - expected?

am 10.08.2010 22:00:42 von charlie derr

Please ignore my previous response, there's no value there.

List traffic in the meantime (since I composed and sent it) has far more good information.

sorry,
~c

--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

Re: postgres function does not handle PUBLIC - expected?

am 11.08.2010 00:02:48 von Kasia Tuszynska

Per my original email, we were calling the has_table_privilege function to =
revoke rather than simply revoking.=20
Thank you very much,
Sincerely,
Kasia=20

-----Original Message-----
From: Kevin Grittner [mailto:Kevin.Grittner@wicourts.gov]=20
Sent: Tuesday, August 10, 2010 1:00 PM
To: Kasia Tuszynska; Szymon Guz
Cc: pgsql-admin@postgresql.org
Subject: RE: [ADMIN] postgres function does not handle PUBLIC - expected?

Kasia Tuszynska wrote:
=20
> We found this issue because we can grant privs to public on a
> table, but could not revoke them.
=20
Odd.
=20
test=3D# create table t1 (c1 int primary key);
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index
"t1_pkey" for table "t1"
CREATE TABLE
test=3D# grant insert on t1 to public;
GRANT
test=3D# revoke insert on t1 from public;
REVOKE
test=3D# revoke update on t1 from public;
REVOKE
=20
> If I did not "know" that public was there how=20
> would I check for it's existence on Postgres?
=20
You would need to go to the documentation. Unfortunately, we don't
mention it on this page:
=20
http://www.postgresql.org/docs/current/static/role-membershi p.html
=20
As Andre pointed out, you can get a reasonable explanation on the
page describing the GRANT statement.
=20
-Kevin


--=20
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin