Re: Why no pg_has_role(..., 'ADMIN')?

From: Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
To: Dominique Devienne <ddevienne(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org
Cc: robertmhaas(at)gmail(dot)com
Subject: Re: Why no pg_has_role(..., 'ADMIN')?
Date: 2024-09-20 16:37:49
Message-ID: 42cf78d42a376bf05ca9f5776ad29edc30e784d5.camel@cybertec.at
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Fri, 2024-09-20 at 17:26 +0200, Dominique Devienne wrote:
> To find out whether a ROLE can DROP another in v16+.
> Prior to v16, just having CREATEROLE was enough,
> so it didn't really seem necessary.
>
> But knowing whether DROP ROLE will work,
> w/o invalidating the current transaction,
> seems like something quite useful to know now, no?
>
> I can query pg_auth_members for admin_option,
> but only easily for direct membership. Taking into
> account indirect membership, which I assume applies,
> is exactly why pg_has_role() exists, no?

That would be a useful addition, yes.

Yours,
Laurenz Albe

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Robert Haas 2024-09-20 16:51:01 Re: Why no pg_has_role(..., 'ADMIN')?
Previous Message Dominique Devienne 2024-09-20 15:26:10 Why no pg_has_role(..., 'ADMIN')?