Re: Why no pg_has_role(..., 'ADMIN')?
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Laurenz Albe <laurenz.albe@cybertec.at>,
Dominique Devienne <ddevienne@gmail.com>, pgsql-general@postgresql.org
Date: 2024-09-20T19:20:35Z
Lists: pgsql-general
Robert Haas <robertmhaas@gmail.com> writes: > On Fri, Sep 20, 2024 at 2:34 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: >> I'm now inclined to add wording within the pg_has_role entry, along >> the lines of >> >> WITH ADMIN OPTION or WITH GRANT OPTION can be added to any of >> these privilege types to test whether ADMIN privilege is held >> (all six spellings test the same thing). > I don't have an opinion about the details, but +1 for documenting it > somehow. I also think it's weird that we have six spellings that test > the same thing, none of which are $SUBJECT. pg_has_role seems a little > half-baked to me... Yeah. I think the original idea was to make it as parallel to has_table_privilege and friends as we could (but why did we then stick a pg_ prefix on it?). So that led to MEMBER WITH GRANT OPTION, and then the other spellings seem to have come along later. regards, tom lane
Commits
-
Doc: explain how to test ADMIN privilege with pg_has_role().
- cf9f6b468862 14.14 landed
- a47ad3a42ddd 17.0 landed
- a2ebf3274a43 18.0 landed
- 8e16522163ef 16.5 landed
- 77930c5e92d9 13.17 landed
- 23d44397321f 15.9 landed
- 0ce8008386ca 12.21 landed