Re: add \dpS to psql

Andrew Dunstan <andrew@dunslane.net>

From: Andrew Dunstan <andrew@dunslane.net>
To: Nathan Bossart <nathandbossart@gmail.com>, Michael Paquier <michael@paquier.xyz>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Isaac Morland <isaac.morland@gmail.com>, Justin Pryzby <pryzby@telsasoft.com>, Pavel Luzanov <p.luzanov@postgrespro.ru>, pgsql-hackers@postgresql.org
Date: 2022-12-12T12:01:01Z
Lists: pgsql-hackers
On 2022-12-09 Fr 13:44, Nathan Bossart wrote:
> On Fri, Dec 09, 2022 at 10:40:55AM -0800, Nathan Bossart wrote:
>> On Fri, Dec 09, 2022 at 01:36:03PM +0900, Michael Paquier wrote:
>>> On Thu, Dec 08, 2022 at 09:15:03AM -0800, Nathan Bossart wrote:
>>>> The main idea behind this work is breaking out privileges into more
>>>> granular pieces.  If I want to create a role that only runs VACUUM on some
>>>> tables on the weekend, why ѕhould I have to also give it the ability to
>>>> ANALYZE, REFRESH, CLUSTER, and REINDEX?  IMHO we should really let the user
>>>> decide what set of privileges makes sense for their use-case.  I'm unsure
>>>> the grouping all these privileges together serves much purpose besides
>>>> preserving ACL bits.
>>> Hmm.  I'd like to think that we should keep a frugal mind here.  More
>>> bits are now available, but it does not strike me as a good idea to
>>> force their usage more than necessary, so grouping all these no-quite
>>> DDL commands into the same bag does not sound that bad to me.
>> Okay, it seems I am outnumbered.  I will work on updating the patch to add
>> an ACL_MAINTAIN bit and a pg_maintain_all_tables predefined role.
> Any thoughts on $SUBJECT?


Yeah, the discussion got way off into the weeds here. I think the
original proposal seems reasonable. Please add it to the next CF if you
haven't already.


cheers


andrew

--
Andrew Dunstan
EDB: https://www.enterprisedb.com




Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Fix psql \?'s entries for \dp and \z.

  2. psql: Add support for \dpS and \zS.

  3. Add grantable MAINTAIN privilege and pg_maintain role.