| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, Dominique Devienne <ddevienne(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Why no pg_has_role(..., 'ADMIN')? |
| Date: | 2024-09-20 19:20:35 |
| Message-ID: | 2529741.1726860035@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Fri, Sep 20, 2024 at 2:34 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> I'm now inclined to add wording within the pg_has_role entry, along
>> the lines of
>>
>> WITH ADMIN OPTION or WITH GRANT OPTION can be added to any of
>> these privilege types to test whether ADMIN privilege is held
>> (all six spellings test the same thing).
> I don't have an opinion about the details, but +1 for documenting it
> somehow. I also think it's weird that we have six spellings that test
> the same thing, none of which are $SUBJECT. pg_has_role seems a little
> half-baked to me...
Yeah. I think the original idea was to make it as parallel to
has_table_privilege and friends as we could (but why did we then
stick a pg_ prefix on it?). So that led to MEMBER WITH GRANT OPTION,
and then the other spellings seem to have come along later.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | veem v | 2024-09-20 20:01:23 | Re: IO related waits |
| Previous Message | Robert Haas | 2024-09-20 18:49:13 | Re: Why no pg_has_role(..., 'ADMIN')? |