Skip site navigation (1) Skip section navigation (2)

Re: RFC: roles

From: "Dave Page" <dpage(at)vale-housing(dot)co(dot)uk>
To: "Andreas Pflug" <pgadmin(at)pse-consulting(dot)de>,"pgadmin-hackers" <pgadmin-hackers(at)postgresql(dot)org>
Subject: Re: RFC: roles
Date: 2005-08-01 12:43:52
Message-ID: E7F85A1B5FF8D44C8A1AF6885BC9A0E4AC9683@ratbert.vale-housing.co.uk (view raw or flat)
Thread:
Lists: pgadmin-hackers
Hi Andreas 

> -----Original Message-----
> From: pgadmin-hackers-owner(at)postgresql(dot)org 
> [mailto:pgadmin-hackers-owner(at)postgresql(dot)org] On Behalf Of 
> Andreas Pflug
> Sent: 31 July 2005 13:40
> To: pgadmin-hackers
> Subject: [pgadmin-hackers] RFC: roles
> 
> I had a look at roles, and was wondering about the best way 
> to support them.
> 
> Purely, it's not a problem at all: just expose pg_authid and
> pg_auth_members in dialogs/lists.
> 
> OTOH, it might be quite confusing for 1st time users that 
> there are only
> roles with some attributes, no users and groups. Should we have two
> modes for it: The reduced view with users and groups (where a 
> group may
> be a group member too) and an enhanced view that allows all 
> role features?
> Additionally, this has also some impact on the security properties,
> since a role that may login currently wouldn't be exposed as 
> grantee by 
> default.
> 
> Thoughts?

I think I would be inclined just to have the full view of everything.
Roles effectively deprecate users and groups, so I don't think we should
try to fool the user into thinking they are still there. For convenience
though, perhaps we should notate which roles have login somehow -
perhaps a trailing asterisk?

Regards, Dave.

Responses

pgadmin-hackers by date

Next:From: svnDate: 2005-08-01 13:02:33
Subject: SVN Commit by andreas: r4383 - trunk/pgadmin3
Previous:From: Andreas PflugDate: 2005-07-31 12:40:04
Subject: RFC: roles

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group