Re: superuser() shortcuts

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Andres Freund <andres(at)2ndquadrant(dot)com>
Cc: Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Adam Brightwell <adam(dot)brightwell(at)crunchydatasolutions(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: superuser() shortcuts
Date: 2014-11-26 15:24:21
Message-ID: 20141126152421.GA28859@tamriel.snowman.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

* Andres Freund (andres(at)2ndquadrant(dot)com) wrote:
> On 2014-11-26 10:18:20 -0500, Stephen Frost wrote:
> > * Andres Freund (andres(at)2ndquadrant(dot)com) wrote:
> > > I don't see how you read the contrary from the guidelines:
> > > > The primary message should be short, factual, and avoid reference to
> > > > implementation details such as specific function names. "Short" means
> > > > "should fit on one line under normal conditions". Use a detail message
> > > > if needed to keep the primary message short, or if you feel a need to
> > > > mention implementation details such as the particular system call that
> > > > failed. Both primary and detail messages should be factual. Use a hint
> > > > message for suggestions about what to do to fix the problem, especially
> > > > if the suggestion might not always be applicable. It's quite common
> > > > that you'll only see the actual error message in logs and displayed
> > > > error messages.
> >
> > Having to be the owner of a relation to TRUNCATE it was an
> > implementation detail, and one which changed back in 2008.
> >
> > Needing to have the replication role attribute is an implementation
> > detail. It's not the error- the error is *permission denied to do X*.
>
> That's just plain absurd. If the user needs to explicitly configure that
> permission it's damned sure not just a implementation detail.

The implementation detail is that it's not part of the normal
GRANT/REVOKE privilege system, which is why it's useful to note it in
the detail and why we don't need to add an errdetail along the lines of
'You must have SELECT rights on relation X to SELECT from it'.

Thanks,

Stephen

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2014-11-26 15:27:51 Re: issue in postgresql 9.1.3 in using arrow key in Solaris platform
Previous Message Andres Freund 2014-11-26 15:23:00 Re: superuser() shortcuts