| From: | Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH v2] use has_privs_for_role for predefined roles |
| Date: | 2021-10-27 21:35:03 |
| Message-ID: | CAGB+Vh7fgOfLtCG+01D8ch3icG2aEd38dvy9uavtKWrpf1_XZw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Oct 27, 2021 at 5:20 PM Joshua Brindle
<joshua(dot)brindle(at)crunchydata(dot)com> wrote:
>
> On Wed, Oct 27, 2021 at 5:16 PM Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> >
> > On Wed, Oct 27, 2021 at 5:14 PM Joshua Brindle
> > <joshua(dot)brindle(at)crunchydata(dot)com> wrote:
> > > Attached is an updated version of the patch to replace
> > > is_member_of_role with has_privs_for_role for predefined roles. It
> > > does not remove is_member_of_role from acl.h but it does add a warning
> > > not to use that function for privilege checking.
> > >
> > > Please consider this for the upcoming commitfest.
> >
> > I am not sure I understand what the advantage of this is supposed to be.
>
> Pre-defined roles currently do not operate the same way other roles do
> with respect to inheritance. The patchfile has an explanation and
> examples, I wasn't sure if that needed to be repeated in the email or
> not.
And FWIW several predefined role patches on the list currently
correctly use has_privs_for_role rather than is_memver_of_role so this
brings the older roles to be consistent with the newer ones being
proposed.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bossart, Nathan | 2021-10-27 21:38:49 | Re: [PATCH v2] use has_privs_for_role for predefined roles |
| Previous Message | Joshua Brindle | 2021-10-27 21:20:13 | Re: [PATCH v2] use has_privs_for_role for predefined roles |