| From: | Dave Page <dpage(at)postgresql(dot)org> |
|---|---|
| To: | Erwin Brandstetter <brandstetter(at)falter(dot)at> |
| Cc: | pgadmin-hackers(at)postgresql(dot)org |
| Subject: | Re: SQL for CREATE ROLE xxx SUPERUSER |
| Date: | 2007-08-17 08:56:20 |
| Message-ID: | 46C562B4.6090701@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
Erwin Brandstetter wrote:
> dpage(at)postgresql(dot)org wrote:
>> Erwin Brandstetter wrote:
>>> Hi Dave!
>>>
>>> But is the line needed at all?
>>> Clearly it works the same way with just "CREATE ROLE tester SUPERUSER".
>>
>> It's not the same thing - pg_authid.rolsuper is the superuser flag,
>> pg_authid.rolcatupdate is the catalog update flag. It cannot be set
>> with CREATE or UPDATE ROLE, and is required for even a superuser to
>> directly update the catalogs (postgres has it by default though).
>
> The point is to cover the non-standard-setting of this flag.
> _Every_ superuser gets this flag per default (at least in my tests in pg
> 8.1 and 8.2). The update line is redundant in this case.
> If I set the flag to false in the catalog, then the update line vanishes
> from the reverse engineered SQL.
> So, the present logic works for non-superusers, but is backwards for
> superusers.
Ahh, gotcha. Fixed in SVN (ie. it now revokes catalog update if you
create a superuser with that option).
Thanks, Dave.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | svn | 2007-08-17 09:37:11 | SVN Commit by dpage: r6569 - trunk/pgadmin3/pgadmin/schema |
| Previous Message | svn | 2007-08-17 08:55:05 | SVN Commit by dpage: r6568 - in trunk/pgadmin3/pgadmin: dlg schema |