Re: pre-proposal: permissions made easier

From: Jeff Davis <pgsql(at)j-davis(dot)com>
To: David Fetter <david(at)fetter(dot)org>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: pre-proposal: permissions made easier
Date: 2009-06-28 22:06:30
Message-ID: 1246226790.23359.74.camel@jdavis
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Sun, 2009-06-28 at 14:16 -0700, David Fetter wrote:
> > The users I'm targeting with my idea are: * Users who have a fairly
> > simple set of users and permissions, and who want a simple picture
> > of the permissions in their system for reassurance/verification.
>
> I don't know of a case that started simple and stayed there without a
> lot of design up front. In other words, those who'd benefit by such a
> thing are generally not those who'd want a shortcut.

I think that the 3 user types I outlined are a fairly reasonable
permissions scheme for a significant set of applications. I have used
that in the past, and generally speaking, I didn't need to make lots of
strange exceptions.

> > * Users who don't currently use separate permissions, but might
> > start if it's simpler to do simple things.
>
> This is a matter of education, not tools. The problem here is not
> that permissions are unavailable, but that people are failing to use
> them.

I don't think education is the answer. These users aren't necessarily
ignorant, but just don't want to hack up scripts to manage permissions
for what they perceive are simple schemes.

If the user imagines a well-defined but simple scheme, and it takes a
lot of awkward scripts to accomplish it, I think we've missed something.
A "reporting user" seems like a perfectly normal kind of user to create,
and yet it's very awkward to do.

> > The performance issue is something to consider, but I think it would
> > just be an extra catalog lookup (for each level), and the users of
> > this feature would probably be willing to pay that cost.
>
> Where did this come up?

Tom mentioned that it might be expensive to check permissions, which I
assume was due to the extra catalog lookups required. I don't think it's
a major concern, nor would it affect normal permissions checks, unless I
missed something.

Regards,
Jeff Davis

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Jeff Davis 2009-06-28 22:07:43 Re: pre-proposal: permissions made easier
Previous Message Stephen Frost 2009-06-28 22:03:48 Re: pre-proposal: permissions made easier