Fix a problem introduced with #1101 and optimize privilege handling

* If a db user belonged to a role which had a privilege, the user would
  not have the privilege added as the role gave the appearance that the
  user already had it.  Fixed to always check the privileges specific to
  the user.
* Make fewer db queries to determine if privileges need to be changed
  and change them (was four for each privilege.  Now two for each object
  that has a set of privileges changed).

database/postgresql/postgresql_user.py

@@ -431,8 +431,6 @@ def revoke_privileges(cursor, user, privs):
     check_funcs = dict(table=has_table_privileges, database=has_database_privileges)
 
     changed = False
-    revoke_funcs = dict(table=revoke_table_privilege, database=revoke_database_privilege)
-    check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
     for type_ in privs:
         for name, privileges in privs[type_].iteritems():
             # Check that any of the privileges requested to be removed are
@@ -446,8 +444,9 @@ def revoke_privileges(cursor, user, privs):
 def grant_privileges(cursor, user, privs):
     if privs is None:
         return False
-    grant_funcs = dict(table=grant_table_privilege, database=grant_database_privilege)
+
-    check_funcs = dict(table=has_table_privilege, database=has_database_privilege)
+    grant_funcs = dict(table=grant_table_privileges, database=grant_database_privileges)
+    check_funcs = dict(table=has_table_privileges, database=has_database_privileges)
 
     grant_funcs = dict(table=grant_table_privileges, database=grant_database_privileges)
     check_funcs = dict(table=has_table_privileges, database=has_database_privileges)