2006/5/24, Dave Page <dpage(at)vale-housing(dot)co(dot)uk>:
> > -----Original Message-----
> > From: pgadmin-support-owner(at)postgresql(dot)org
> > [mailto:pgadmin-support-owner(at)postgresql(dot)org] On Behalf Of
> > Thomas Sondag
> > Sent: 24 May 2006 17:28
> > To: pgadmin-support(at)postgresql(dot)org
> > Subject: [pgadmin-support] Proposed Patchs
> > Hi,
> > With PostgreSQL 8.1 and new ROLE object remplacing traditional
> > USER/GROUP, I was a bit confuse using the dlgProperty and
> > dlgSecurityProperty dialog because I can only select USER (ROLE with
> > LOGIN privilege) for owner and GROUP (ROLE without LOGIN privilege)
> > for privileges .
> > And I not sure this comportment can match all PostgreSQL 8.1 usages
> > scenarios (like one of my case).
> > This proposed patch :
> > - change owner and privilege list to get the full ROLE list.
> How is this different from the current behaviour if the Show Users for
> Privileges option is turned on? The whole point there is to promote the
> use of group based permissions rather than user based for both
> simplicity (because the list only shows the groups), and for cleanliness
> of design (users come and go, groups tend to be more permanent). In 8.1+
> of course, we simply replace users and groups with roles with or without
> the login flag.
Hum, I miss this option ... sorry, but the main difference with the
current behaviour is for object owning. The main idea was to set
object owner to a group like that :
database foo -> group foo
schema bar -> group bar
schema bar read user -> user toto
I don't know if that's a good policy, but this case may exist, we may
add an option like "Show Group for object owning" ?
This is not the appropriate list to talk about that, but I'm realy
interested in a good practice guide for privilege and owning
management for PostgreSQL, like create an admin account without
superuser right, use samerole in pg_hba.conf and so on ...
> > - select by default currently connected ROLE in the owner list
> > (replacing the blank filed) for new object creation
The last bug I have is for database creation, I don't know how to get
the current login.
> > - remove pg_global in the available tablespace list
> Probably a good idea, yes.
> > - select current user default tablespace in tablespace list
> > (replacing the blank filed, yes I don't like blank field) for new
> > object creation
> Regards, Dave.
> ---------------------------(end of broadcast)---------------------------
> TIP 3: Have you checked our extensive FAQ?
In response to
pgadmin-support by date
|Next:||From: Dave Page||Date: 2006-05-29 19:22:10|
|Subject: Re: Proposed Patchs|
|Previous:||From: plaschke||Date: 2006-05-29 07:29:05|
|Subject: pgadmin does not display null in boolean field|