Re: psql: Add role's membership options to the \du+ command
David Zhang <david.zhang@highgo.ca>
From: David Zhang <david.zhang@highgo.ca>
To: "David G. Johnston" <david.g.johnston@gmail.com>
Cc: Pavel Luzanov <p.luzanov@postgrespro.ru>,
"pgsql-hackers@lists.postgresql.org" <pgsql-hackers@lists.postgresql.org>
Date: 2023-02-15T21:31:05Z
Lists: pgsql-hackers
On 2023-02-10 2:27 p.m., David G. Johnston wrote:
> On Fri, Feb 10, 2023 at 2:08 PM David Zhang <david.zhang@highgo.ca> wrote:
>
>
> I noticed the document psql-ref.sgml has been updated for both
> `du+` and
> `dg+`, but only `du` and `\du+` are covered in regression test. Is
> that
> because `dg+` is treated exactly the same as `du+` from testing
> point of
> view?
>
>
> Yes.
>
>
> The reason I am asking this question is that I notice that
> `pg_monitor`
> also has the detailed information, so not sure if more test cases
> required.
>
>
> Of course it does. Why does that bother you? And what does that have
> to do with the previous paragraph?
There is a default built-in role `pg_monitor` and the behavior changed
after the patch. If `\dg+` and `\du+` is treated as the same, and `make
check` all pass, then I assume there is no test case to verify the
output of `duS+`. My point is should we consider add a test case?
Before patch the output for `pg_monitor`,
postgres=# \duS+
List of roles
Role name | Attributes |
Member of | Description
-----------------------------+------------------------------------------------------------+--------------------------------------------------------------+-------------
alice | |
{pg_read_all_settings,pg_read_all_stats,pg_stat_scan_tables} |
pg_checkpoint | Cannot
login |
{} |
pg_database_owner | Cannot
login |
{} |
pg_execute_server_program | Cannot
login |
{} |
pg_maintain | Cannot
login |
{} |
pg_monitor | Cannot
login |
{pg_read_all_settings,pg_read_all_stats,pg_stat_scan_tables} |
pg_read_all_data | Cannot
login |
{} |
pg_read_all_settings | Cannot
login |
{} |
pg_read_all_stats | Cannot
login |
{} |
pg_read_server_files | Cannot
login |
{} |
pg_signal_backend | Cannot
login |
{} |
pg_stat_scan_tables | Cannot
login |
{} |
pg_use_reserved_connections | Cannot
login |
{} |
pg_write_all_data | Cannot
login |
{} |
pg_write_server_files | Cannot
login |
{} |
ubuntu | Superuser, Create role, Create DB,
Replication, Bypass RLS |
{} |
After patch the output for `pg_monitor`,
postgres=# \duS+
List of roles
Role name | Attributes
| Member of | Description
-----------------------------+------------------------------------------------------------+-----------------------------------------------+-------------
alice | |
pg_read_all_settings WITH ADMIN, INHERIT, SET+|
| |
pg_read_all_stats WITH INHERIT +|
| |
pg_stat_scan_tables |
pg_checkpoint | Cannot login
| |
pg_database_owner | Cannot login
| |
pg_execute_server_program | Cannot login
| |
pg_maintain | Cannot login
| |
pg_monitor | Cannot
login |
pg_read_all_settings WITH INHERIT, SET +|
| |
pg_read_all_stats WITH INHERIT, SET +|
| |
pg_stat_scan_tables WITH INHERIT, SET |
pg_read_all_data | Cannot login
| |
pg_read_all_settings | Cannot login
| |
pg_read_all_stats | Cannot login
| |
pg_read_server_files | Cannot login
| |
pg_signal_backend | Cannot login
| |
pg_stat_scan_tables | Cannot login
| |
pg_use_reserved_connections | Cannot login
| |
pg_write_all_data | Cannot login
| |
pg_write_server_files | Cannot login
| |
ubuntu | Superuser, Create role, Create DB,
Replication, Bypass RLS | |
Best regards,
David
>
> David J.
Commits
-
Add psql \drg command to display role grants.
- d65ddaca93f6 17.0 landed
- 0a1d2a7df852 16.0 landed