Le 13/10/2010 23:20, Guillaume Lelarge a écrit :
> Hi Kasia,
>
> Le 13/10/2010 22:21, Kasia Tuszynska a écrit :
>> [...]
>> Thanks for your reply I did a bit more testing with the superuser priv issue, and now I came to the conclusion that pgAdminIII may be doing something silly.
>>
>
> Sure, that happens more than I would like.
>
>> I created a user: bob
>>
>> In pgAdminIII I checked off the box for: can inherit from parent role, can create db object, superuser
>> Got the following sql:
>> CREATE ROLE bob LOGIN
>> ENCRYPTED PASSWORD 'md51e9484aace238e7cb2609130fd87646e'
>> SUPERUSER INHERIT CREATEDB NOCREATEROLE;
>> UPDATE pg_authid SET rolcapupdate=false WHERE rolname='bob';
>>
>> Than I created bobb
>> In pgAdminIII I checked off the box for: can inherit from parent role, can create db object, superuser, Can modify catalog directly
>> Got the following sql:
>> CREATE ROLE bobb LOGIN
>> ENCRYPTED PASSWORD 'md51e9484aace238e7cb2609130fd87646e'
>> SUPERUSER INHERIT CREATEDB NOCREATEROLE;
>>
>> Conclusion:
>> Sql level superuser = pgAdminIII superuser + can modify catalog directly
>>
>> This is misleading, I would call it a pgAdminIII bug but who knows maybe it is a feature...
>>
>
> I would not call it a feature. I find this misleading too. I'm too tired
> right now to work on a fix, but it'll be easy and quick to do.
>
> I have a few things to commit tomorrow. I'll try to work on this at the
> same time.
>
I commited a fix. It should be available when 1.12.2 will be released.
--
Guillaume
http://www.postgresql.fr
http://dalibo.com