| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Evgeniy Efimkin <efimkin(at)yandex-team(dot)ru> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Дмитрий Сарафанников <dsarafan(at)yandex-team(dot)ru>, Андрей Бородин <x4mmm(at)yandex-team(dot)ru>, Владимир Бородин <root(at)simply(dot)name> |
| Subject: | Re: Special role for subscriptions |
| Date: | 2018-11-03 16:20:49 |
| Message-ID: | 20181103162049.GV4184@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings,
* Evgeniy Efimkin (efimkin(at)yandex-team(dot)ru) wrote:
> In postgresql 10 and 11 only superuser can create/alter subscriptions.
> If there was a special role (like pg_monitor), it would be more easy to grant control on subscriptions.
> I can make a patch if there are no objections against it.
I think the short answer is 'yes, we should let non-superusers do that',
but the longer answer is:
What level of access makes sense for managing subscriptions? Should
there be a way to say "user X is allowed to create a subscription for
remote system Y, but only for tables that exist in schema Q"?
My general feeling is 'yes', though, of course, I don't want to say that
we have to have all of that before we move forward with allowing
non-superusers to create subscriptions, but I do think we want to make
sure that we have a well thought-out path for how to get from where we
are now to a system which has a lot more granularity, and to do our best
to try avoiding any paths that might paint us into a corner.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2018-11-03 16:34:44 | Re: partitioned indexes and tablespaces |
| Previous Message | Pavel Raiskup | 2018-11-03 16:19:40 | plruby: rb_iterate symbol clash with libruby.so |