Re: replacing role-level NOINHERIT with a grant-level option

On Thu, Aug 25, 2022 at 10:19:39AM -0400, Robert Haas wrote:
> I read through this again and found a comment that needed to be
> updated, so I did that, bumped catversion, and committed this.

[commit e3ce2de]

> @@ -4735,8 +4735,8 @@ initialize_acl(void)
>
> /*
> * In normal mode, set a callback on any syscache invalidation of rows
> - * of pg_auth_members (for roles_is_member_of()), pg_authid (for
> - * has_rolinherit()), or pg_database (for roles_is_member_of())
> + * of pg_auth_members (for roles_is_member_of()) pg_database (for
> + * roles_is_member_of())
> */
> CacheRegisterSyscacheCallback(AUTHMEMROLEMEM,
> RoleMembershipCacheCallback,

I agree one could remove the "CacheRegisterSyscacheCallback(AUTHOID, ...)".
This updated the comment as though the patch were including that removal, but
AUTHOID remains. Also, that comment needs s/pg_database/or &/.

These sites didn't change in v16 and may or may not warrant change:

doc/src/sgml/catalogs.sgml:1522: <structfield>rolinherit</structfield> <type>bool</type>
doc/src/sgml/system-views.sgml:2585: <structfield>rolinherit</structfield> <type>bool</type>
src/include/catalog/pg_authid.h:36: bool rolinherit; /* inherit privileges from other roles? */

I likely would leave pg_authid.h as-is but change the doc/ phrases.

https://postgr.es/m/17901-93eacb513e503f43%40postgresql.org led me to notice
that v16 always inherits the implicit membership in role pg_database_owner,
with no way to override like one could in v15. That message's test procedure
doesn't "fail" in v16. I think that's fine, but I'm mentioning it since
pg_database_owner didn't appear upthread.