Re: [PATCH v2] use has_privs_for_role for predefined roles

Robert Haas <robertmhaas@gmail.com>

From: Robert Haas <robertmhaas@gmail.com>
To: Joe Conway <mail@joeconway.com>
Cc: Stephen Frost <sfrost@snowman.net>, Joshua Brindle <joshua.brindle@crunchydata.com>, "Bossart, Nathan" <bossartn@amazon.com>, Nathan Bossart <nathandbossart@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2022-04-04T13:05:00Z
Lists: pgsql-hackers
On Sat, Apr 2, 2022 at 1:32 PM Joe Conway <mail@joeconway.com> wrote:
> I saw that Robert added documentation and it already reads correctly I
> believe, except possibly an unrelated issue:
>
> 8<--------------
>       <para>
>        A role which replication whose privileges users are required to
> possess
>        in order to make use of the <literal>shell</literal> backup target.
>        If this is not set, any replication user may make use of the
>        <literal>shell</literal> backup target.
>       </para>
> 8<--------------
>
> Robert, should that actually be:
>   s/role which replication/role with replication/

Oh, good catch. Actually shouldn't "with replication" just be deleted?

Or maybe it needs to be reworded more, for clarity: "Replication users
must possess the privileges of this role in order to ..."

-- 
Robert Haas
EDB: http://www.enterprisedb.com



Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Fix a bug in roles_is_member_of.

  2. docs: Fix up some out-of-date references to INHERIT/NOINHERIT.

  3. Allow grant-level control of role inheritance behavior.

  4. Make role grant system more consistent with other privileges.

  5. Document basebackup_to_shell.required_role.