| From: | Christoph Dalitz <christoph(dot)dalitz(at)hs-niederrhein(dot)de> |
|---|---|
| To: | PG Mailing List <pgsql-general(at)postgresql(dot)org> |
| Subject: | ALTER USER versus GRANT/REVOKE |
| Date: | 2002-08-30 08:35:37 |
| Message-ID: | 20020830103537.60d5925d.christoph.dalitz@hs-niederrhein.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Dear PG developers,
beeing used to Oracle, I am a bit confused by PG's SQL support for user rights:
Rather than with "GRANT createdb TO user" user rights are set via "ALTER USER".
Why?
I see the following problems with the current implementation:
a) It is not flexible for future extensions: you always need *two*
keywords for the ALTER USER statement (CREATETABLE/NOCREATETABLE etc.)
The User rights are boolean flags in pg_user, this requires changes
in this table for every little new right (CONNECT, CREATEFUNCTION...).
b) (More important) It does not allow for roles with a user defined
right profile. Eg. it should be possible for database administrators
to define a custom group (eg. "developers") with specific rights:
CREATE GROUP developers;
GRANT CONNECT, CREATETABLE, CREATEFUNCTION to developers;
Or is there some way to accomplish this with the current implementation?
Christoph Dalitz
| From | Date | Subject | |
|---|---|---|---|
| Next Message | jerome | 2002-08-30 09:21:55 | postmaster respawn....? |
| Previous Message | Gary Beberman | 2002-08-30 06:44:32 | How to uninstall PostgreSQL on OS X |