Re: fixing CREATEROLE
David G. Johnston <david.g.johnston@gmail.com>
From: "David G. Johnston" <david.g.johnston@gmail.com>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Alvaro Herrera <alvherre@alvh.no-ip.org>, Mark Dilger <mark.dilger@enterprisedb.com>, "walther@technowledgy.de" <walther@technowledgy.de>, "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2025-05-05T15:23:05Z
Lists: pgsql-hackers
On Monday, May 5, 2025, Robert Haas <robertmhaas@gmail.com> wrote: > On Thu, May 1, 2025 at 2:22 PM Robert Haas <robertmhaas@gmail.com> wrote: > > > The other approach would be to do what we do for the role options and > just specify everything explicitly in the dump. The GUC is only a default > specifier so let's not leave room for defaults in the dump file. > > > > +1 for considering that option, although I am not sure which way is > better. > > Actually, on further reflection, this doesn't work, right? > Doh. I was thinking this was controlling admin/inherit/set defaults but you are correct this controls whether additional commands are emitted automatically instead of having to make it so manually. David J.
Commits
-
Add new GUC createrole_self_grant.
- e5b8a4c098ad 16.0 landed
-
Restrict the privileges of CREATEROLE users.
- cf5eb37c5ee0 16.0 landed
-
Pass down current user ID to AddRoleMems and DelRoleMems.
- 39cffe95f2c5 16.0 landed
-
Refactor permissions-checking for role grants.
- 25bb03166b16 16.0 landed
-
Improve documentation of the CREATEROLE attibute.
- 0b496bc9881f 11.19 landed
- 1a5ff7be2696 12.14 landed
- 5dac191edf18 13.10 landed
- 1c77873727df 16.0 landed
- 5136c3fb575b 14.7 landed
- aa26980ca081 15.2 landed
-
Make role grant system more consistent with other privileges.
- ce6b672e4455 16.0 cited