Re: Things I don't like about \du's "Attributes" column

From: Pavel Luzanov <p(dot)luzanov(at)postgrespro(dot)ru>
To: "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>
Cc: Jim Nasby <jim(dot)nasby(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject: Re: Things I don't like about \du's "Attributes" column
Date: 2024-01-28 20:29:58
Message-ID: 509eb6f2-7028-405c-a058-f6add8522911@postgrespro.ru
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 23.01.2024 01:59, David G. Johnston wrote:
>
> The attribute names correspond to the keywords of the CREATE ROLE command.
> The attributes are listed in the same order as in the documentation.
> (I think that the LOGIN attribute should be moved to the first place,
> both in the documentation and in the command.)
>
> I'd just flip INHERIT and LOGIN

ok

> I'm strongly in favor of using mixed-case for the attributes.  The SQL
> Command itself doesn't care about capitalization and it is much easier
> on the eyes.  I'm also strongly in favor of newlines, as can be seen
> by the default bootstrap superuser entry putting everything on one
> line eats up 65 characters.
>
>               List of roles
>  Role name | Attributes  | Password? | Valid until | Connection limit
> | Description
> -----------+-------------+-----------+-------------+------------------+-------------
>  davidj    | Superuser  +| no        |             |       -1 |
>            | CreateDB   +|           |             |          |
>            | CreateRole +|           |             |          |
>            | Inherit    +|           |             |          |
>            | Login      +|           |             |          |
>            | Replication+|           |             |          |
>            | BypassRLS   |           |             |          |
> (1 row)

ok, I will continue with this display variant.

>
> As noted by Peter this patch didn't update the two affected expected
> output files. psql.out and, due to the system view change, rules.out. 
> That particular change requires a documentation update to the pg_roles
> system view page.

Yes, I was waiting for the direction of implementation to appear. Now it is there.

> I'd suggest pulling out this system view change into its own patch.

But within this thread or new one?

On 23.01.2024 05:30, David G. Johnston wrote:
> On Sun, Jan 21, 2024 at 2:35 PM Pavel Luzanov
> <p(dot)luzanov(at)postgrespro(dot)ru> wrote:
>
> List of roles
> Role name | Attributes | Password? | Valid until | Connection limit
> -----------+-------------+-----------+------------------------+------------------
> admin | INHERIT | no | | -1
> alice | SUPERUSER +| yes | infinity | 5
>
> I think I'm in the minority on believing that these describe outputs
> should not be beholden to internal implementation details.

Yes, I prefer real column values. But it can be discussed.

> But seeing a -1 in the limit column is just jarring to my
> sensibilities.  I suggest displaying blank (not null, \pset should not
> influence this) if the connection limit is "no limit", only showing
> positive numbers when there is meaningful exceptional information for
> the user to absorb.

The connection limit can be set to 0. What should be displayed in this case, blank or 0?
The connection limit can be set for superusers. What should be displayed in this case,
blank or actual non-effective value?
CREATE|ALTER ROLE commands allow incorrect values to be set for 'Conn limit' and 'Valid until'.
How can the administrator see them and fix them?

These are my reasons for real column values.

--
Pavel Luzanov
Postgres Professional:https://postgrespro.com

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message David G. Johnston 2024-01-28 20:41:03 Re: Things I don't like about \du's "Attributes" column
Previous Message Dmitry Dolgov 2024-01-28 20:09:05 Re: Schema variables - new implementation for Postgres 15