Re: Allow placeholders in ALTER ROLE w/o superuser

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Alexander Korotkov <aekorotkov(at)gmail(dot)com>
Cc: Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>, nathandbossart(at)gmail(dot)com, steve(at)supabase(dot)io, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Allow placeholders in ALTER ROLE w/o superuser
Date: 2022-11-18 21:33:19
Message-ID: 2271312.1668807199@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Alexander Korotkov <aekorotkov(at)gmail(dot)com> writes:
> This makes sense. But do we really need to store the OID of the role?
> validate_option_array_item() already checks if the placeholder option
> passes validation for PGC_SUSET. So, we can just save a flag
> indicating that this check was not successful. If so, then the value
> stored can be only used for PGC_USERSET. Do you think this would be
> correct?

Meh ... doesn't seem like much of an improvement. You still need
to store something that's not there now. This also seems to require
some shaky assumptions about decisions having been made when storing
still being valid later on. Given the possibility of granting or
revoking permissions for SET, I think we don't really want it to act
that way.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Justin Pryzby 2022-11-18 21:37:31 Re: fix stats_fetch_consistency value in postgresql.conf.sample
Previous Message Alexander Korotkov 2022-11-18 21:26:27 Re: Allow placeholders in ALTER ROLE w/o superuser