Re: Why no pg_has_role(..., 'ADMIN')?
Laurenz Albe <laurenz.albe@cybertec.at>
From: Laurenz Albe <laurenz.albe@cybertec.at>
To: Dominique Devienne <ddevienne@gmail.com>, pgsql-general@postgresql.org
Cc: robertmhaas@gmail.com
Date: 2024-09-20T16:37:49Z
Lists: pgsql-general
On Fri, 2024-09-20 at 17:26 +0200, Dominique Devienne wrote: > To find out whether a ROLE can DROP another in v16+. > Prior to v16, just having CREATEROLE was enough, > so it didn't really seem necessary. > > But knowing whether DROP ROLE will work, > w/o invalidating the current transaction, > seems like something quite useful to know now, no? > > I can query pg_auth_members for admin_option, > but only easily for direct membership. Taking into > account indirect membership, which I assume applies, > is exactly why pg_has_role() exists, no? That would be a useful addition, yes. Yours, Laurenz Albe
Commits
-
Doc: explain how to test ADMIN privilege with pg_has_role().
- cf9f6b468862 14.14 landed
- a47ad3a42ddd 17.0 landed
- a2ebf3274a43 18.0 landed
- 8e16522163ef 16.5 landed
- 77930c5e92d9 13.17 landed
- 23d44397321f 15.9 landed
- 0ce8008386ca 12.21 landed