| From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
|---|---|
| To: | Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp> |
| Cc: | tgl(at)sss(dot)pgh(dot)pa(dot)us, adam(dot)brightwell(at)crunchydatasolutions(dot)com, sfrost(at)snowman(dot)net, marti(at)juffo(dot)org, rushabh(dot)lathia(at)gmail(dot)com, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: alter user/role CURRENT_USER |
| Date: | 2015-03-02 18:37:10 |
| Message-ID: | 20150302183709.GC3291@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Kyotaro HORIGUCHI wrote:
> Hello, thank you for the comment.
>
> > Looking at this a bit, I'm not sure completely replacing RoleId with a
> > node is the best idea; some of the users of that production in the
> > grammar are okay with accepting only normal strings as names, and don't
> > need all the CURRENT_USER etc stuff.
>
> You're right. the productions don't need RoleSpec already uses
> char* for the role member in its *Stmt structs. I might have done
> a bit too much.
>
> Adding new nonterminal RoleId and using it makes a bit duplicate
> of check code for "public"/"none" and others but removes other
> redundant check for "!= CSTRING" from some production, CREATE
> ROLE/USER/GROUP, ALTER ROLE/USER/GROUP RENAME.
Thanks for doing the fiddly work here. Attached is a new version of
this patch. I simplified some things, including removing those rules
you added to RoleId. It seems to me that this problem:
> RoleId in the patch still has rule components for CURRENT_USER,
> SESSION_USER, and CURRENT_ROLE. Without them, the parser prints
> an error ununderstandable to users.
>
> | =# alter role current_user rename to "PuBlic";
> | ERROR: syntax error at or near "rename"
> | LINE 1: alter role current_user rename to "PuBlic";
> | ^
can be fixed without complicating the rest of the stuff simply by using
RoleSpec instead of RoleId and doing the error checks at the RenameStmt
production. Altering the current user and session user is disallowed
downstream, so there's no reason we can't just have gram.y throw the
same error when special node types are used; so we end up passing the
role name only (just as currently) and the error message remains clear.
I couldn't find any further problems with this version of the code,
though I also noticed that a lot of things are not being tested in the
regression tests, such as "create user public" or "alter user none". It
would be good to have tests for such cases, to avoid breaking them
accidentally. If you can spare some time to submit test cases for such
commands, I would be thankful.
I'm pretty sure, thought I haven't tried yet, that we can now remove the
PrivGrantee node completely.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-ALTER-USER-CURRENT_USER-v5.patch | text/x-diff | 53.0 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Kubečka | 2015-03-02 19:13:51 | Weirdly pesimistic estimates in optimizer |
| Previous Message | Bruce Momjian | 2015-03-02 18:28:56 | Re: pg_upgrade and rsync |