Re: use has_privs_of_role() for pg_hba.conf

Greetings,

* Nathan Bossart (nathandbossart(at)gmail(dot)com) wrote:
> On Sat, Oct 08, 2022 at 11:46:50AM -0400, Robert Haas wrote:
> > Now there may be some other scenario in which the patch is going in
> > exactly the right direction, and if I knew what it was, maybe I'd
> > agree that the patch was a great idea. But I haven't seen anything
> > like that on the thread. Basically, the argument is just that the
> > change would make things more consistent. However, it might be an
> > abuse of the term. If you go out and buy blue curtains because you
> > have a blue couch, that's consistent interior decor. If you go out and
> > buy a blue car because you have a blue couch, that's not really
> > consistent anything, it's just two fairly-unrelated things that are
> > both blue.
>
> I believe I started this thread after reviewing the remaining uses of
> is_member_of_role() after 6198420 was committed and wondering whether this
> case was an oversight. If upon closer inspection we think that mere
> membership is appropriate for pg_hba.conf, I'm fully prepared to go and
> mark this commitfest entry as Rejected. It obviously does not seem as
> clear-cut as 6198420. And I'll admit I don't have a concrete use-case in
> hand to justify the behavior change.

Looks like we've already ended up there, but my recollection of this is
that it was very much intentional to use is_member_of_role() here.
Perhaps it should have been better commented (as all uses of
is_member_of_role() instead of has_privs_of_role() really should have
lots of comments as to exactly why it makes sense in those cases).

Thanks,

Stephen