| From: | Pavel Luzanov <p(dot)luzanov(at)postgrespro(dot)ru> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Rafia Sabih <rafia(dot)pghackers(at)gmail(dot)com>, "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jim Nasby <jim(dot)nasby(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Things I don't like about \du's "Attributes" column |
| Date: | 2024-07-27 06:18:45 |
| Message-ID: | bb439036-95ad-416b-88e5-e0d7bef525bf@postgrespro.ru |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 23.07.2024 15:53, Robert Haas wrote:
> On Mon, Jul 22, 2024 at 5:19 PM Pavel Luzanov<p(dot)luzanov(at)postgrespro(dot)ru> wrote:
>> Visible but inaccessible objects in system catalogs increase the volume
>> of command output unnecessarily. Why do I need to know the list of all
>> schemas in the database if I only have access to the public schema?
>> The same applies to inaccessible tables, views, functions, etc.
>>
>> Not for safety, but for convenience, it might be worth having a set of views
>> that show only those rows of the system catalog (with *acl column) that
>> the user has access to. Either as the object owner, or through the privileges.
>> Directly or indirectly through role membership.
> So, I wasn't actually aware that anyone had a big problem in this
> area. I thought that most of the junk you might see in \d<whatever>
> output would be hidden either because the objects you don't care about
> are not in your search_path or because they are system objects. I
> agree that doesn't help with schemas, but most people don't have a
> huge number of schemas, and even if you do, you don't necessarily need
> to look at the list all that frequently.
Maybe. But it would be better not to see unnecessary objects in the
system catalogs. Especially for GUI tools. Back to the subject.
> So, personally, if I were going to work on a redesign in this area, I
> would look into making \du <username> work like \d <tablename>. That
> is, it would tell you every single thing there is to know about a
> user. Role attributes. Roles in which this role has membership. Roles
> that are a member of this row. Objects of all sorts this object owns.
> Permissions this role has on objects of all sorts. Role settings. All
> of it in SQL-ish format like we do with the footer when you run \d.
> Then I would make \du work like \d: a minimal amount of basic
> information about every role in the list, like whether it's a
> superuser and whether they can log in.
Yes, I still like this idea.
A little later I will try to make a patch in this direction.
--
Pavel Luzanov
Postgres Professional:https://postgrespro.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ayush Vatsa | 2024-07-27 06:24:54 | Help Needed with Including External SQL Script in Extension Script |
| Previous Message | Tatsuo Ishii | 2024-07-27 05:55:04 | Re: Protocol question regarding Portal vs Cursor |