From: | opldupuy(at)gmail(dot)com |
---|---|
To: | pgsql-bugs(at)postgresql(dot)org |
Subject: | BUG #14540: REASSIGN OWNED cannot reassign from a USER to a ROLE |
Date: | 2017-02-10 15:33:29 |
Message-ID: | 20170210153329.6106.55713@wrigleys.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 14540
Logged by: Olivier DUPUY
Email address: opldupuy(at)gmail(dot)com
PostgreSQL version: 9.6.1
Operating system: Linux
Description:
I have a database 'owned' by a role.
Users within this role create schemas, tables... in this database. I have
not much control on who does that (frameworks) but ideally, all these
resources should belong to the role.
Our database 'users' have a limited lifetime (Vault).
When a user is dropped, I want all his owned resources to be returned to the
role.
REASSIGN ROLE
https://www.postgresql.org/docs/current/static/sql-reassign-owned.html can
reassign bud sadly it is only from role A to role B. The documentation lets
no doubt about that.
Finding manually all the possible owned resources then reassign them is a
complex task.
When you DROP USER the operation fails if this user still owns something so
the ownership information is at hand already.
I highly suggest extending REASSIGN OWNED to:
- reassign USER resources to ROLE first (current user has to be in the
target role as now)
- reassign USER resources to USER next
I don't see a use case for ROLE to USER but someone may have the need too.
Thanks
Olivier
From | Date | Subject | |
---|---|---|---|
Next Message | Cliff Inbau | 2017-02-10 16:12:49 | Re: BUG #14536: Centos 7 gdal-libs Dependency Problem |
Previous Message | Vladimir Svedov | 2017-02-10 09:10:19 | Re: BUG #14538: streaming replication same wal missing |