Re: alter user/role CURRENT_USER

From: Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>
To: Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp>
Cc: tgl(at)sss(dot)pgh(dot)pa(dot)us, adam(dot)brightwell(at)crunchydatasolutions(dot)com, sfrost(at)snowman(dot)net, marti(at)juffo(dot)org, rushabh(dot)lathia(at)gmail(dot)com, pgsql-hackers(at)postgresql(dot)org
Subject: Re: alter user/role CURRENT_USER
Date: 2015-04-30 20:12:25
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

Kyotaro HORIGUCHI wrote:
> Thank you for completing this and very sorry not to respond these
> days.
> I understood that it is committed after I noticed that rebasing
> my code failed..

You'd do well to check your email, I guess :-)

> Although after committed, I found some issues as I looked on
> it. Please forgive me to comment it now after all this time.

> ====
> | =# alter role current_user rename to "PubLic";
> | ERROR: CURRENT_USER cannot be used as a role name
> | LINE 1: alter role current_user rename to "PubLic";
> | ^
> The error message sounds somewhat different from the intention. I
> think the following message would be clearer.
> | ERROR: CURRENT_USER cannot be used as a role name here

Okay, changed.

> ====
> The document sql-altergroup.html says
> | ALTER GROUP role_specification ADD USER user_name [, ... ]
> But current_user is also usable in user_name list. So the doc
> should be as following, but it would not be necessary to be fixed
> because it is an obsolete commnand..
> | ALTER GROUP role_specification ADD USER role_specification [, ... ]


> "ALTER GROUP role_spec ADD/DROP USER role_spec" is naturally
> denied so I think no additional description is needed.


> ====
> sql-alterpolicy.html
> "ALTER POLICY name ON table_name TO" also accepts current_user
> and so as the role to which the policy applies.


> # As a different topic, the syntax "ALTER POLICY <pname> ON
> # <tname> TO <user>" looks a bit wired, it might be better be to
> # be "ON <tname> APPLY TO <user>" but I shouldn't try to fix it
> # since it is a long standing syntax..

Yeah, it's a bit strange. Not a strong opinion. Maybe you should raise
it as a separate thread.

> ====
> sql-createtablespace.html
> sql-drop-owned.html, sql-reassign-owned.html


> ======
> sql-grant.html, sql-revoke.html,
> "GRANT <roles> TO <roles>" and "REVOKE <roles> FROM <roles>" are
> the modern equivalents of the deprecated syntaxes "ALTER <roles>
> ADD USER <roles>" and "ALTER <roles> DROP USER <roles>"
> respectively. But the current parser infrastructure doesn't allow
> coexistence of the two following syntaxes but I couldn't find the
> way to their coexistence.

I decided to leave this out. I think we should consider it as a new
patch for 9.6; these changes aren't as clear-cut as the rest of your
patch. I didn't want to have to research the ecpg changes.

Álvaro Herrera
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2015-04-30 20:17:33 Re: pgbench -f and vacuum
Previous Message Robert Haas 2015-04-30 20:02:16 Re: pgbench -f and vacuum