Re: SET ROLE documentation not entirely correct

On 4/27/19 4:02 PM, Joe Conway wrote:
> On 4/25/19 11:25 AM, Steven Winfield wrote:
>> Again, that's much clearer than what is currently there. It might help
>> if some of the language/definitions from pg_has_role() is used, though.
>>
>> For example:
>> A role X is a "MEMBER" of another role Y if there is a chain of GRANTs
>> from X to Y via zero or more intermediate roles. This allows X to
>> execute "SET ROLE Y".
>> Additionally X has "USAGE" of Y if X and all the intermediate roles (but
>> *not* necessarily Y) are marked INHERIT. In this case X automatically
>> has the privileges of Y, without the need to "SET ROLE Y".
>
> I've been whacking this around for the better part of the afternoon and
> came up with the attached. I think it is correct, and better than my
> previous proposal, but possibly need more polish. Comments welcome.

I've been sitting on this change a while and want to get it pushed.

Steven Winfield seemed happy with it -- any other comments before I
commit? Also this seems like it ought to be back-patched, but any
thoughts on that?

Thanks,

Joe

--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development