Re: [PATCH v2] use has_privs_for_role for predefined roles
Joshua Brindle <joshua.brindle@crunchydata.com>
From: Joshua Brindle <joshua.brindle@crunchydata.com>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Nathan Bossart <nathandbossart@gmail.com>,
Joe Conway <mail@joeconway.com>, Tom Lane <tgl@sss.pgh.pa.us>, "Bossart, Nathan" <bossartn@amazon.com>, Stephen Frost <sfrost@snowman.net>,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2022-02-09T21:51:18Z
Lists: pgsql-hackers
On Wed, Feb 9, 2022 at 3:58 PM Robert Haas <robertmhaas@gmail.com> wrote: > > On Wed, Feb 9, 2022 at 1:13 PM Nathan Bossart <nathandbossart@gmail.com> wrote: > > I do wonder if users find the differences between predefined roles and role > > attributes confusing. INHERIT doesn't govern role attributes, but it will > > govern predefined roles when this patch is applied. Maybe the role > > attribute system should eventually be deprecated in favor of using > > predefined roles for everything. Or perhaps the predefined roles should be > > converted to role attributes. > > I couldn't agree more. Apparently it's even confusing to developers, > because otherwise (1) we wouldn't have the problem the patch proposes > to fix in the first place and (2) I would have immediately been > convinced of the value of the patch once it showed up. Since those > things didn't happen, this is apparently confusing to (1) whoever > wrote the code that this patch fixes and (2) me. > My original patch removed is_member_of to address #1 above, but that was rejected[1]. There is now a warning in the header beside it to hopefully dissuade improper usage going forward. 1. https://www.postgresql.org/message-id/254275.1635357633%40sss.pgh.pa.us
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Fix a bug in roles_is_member_of.
- 0101f770a05b 16.0 landed
-
docs: Fix up some out-of-date references to INHERIT/NOINHERIT.
- 620ac285483f 16.0 landed
-
Allow grant-level control of role inheritance behavior.
- e3ce2de09d81 16.0 landed
-
Make role grant system more consistent with other privileges.
- ce6b672e4455 16.0 cited
-
Document basebackup_to_shell.required_role.
- 26a0c025e233 15.0 landed