From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
Cc: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, PostgreSQL-documentation <pgsql-docs(at)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com> |
Subject: | Re: CREATE ROLE inheritance details |
Date: | 2024-01-27 00:18:25 |
Message-ID: | ZbRL0TwcXjwJ7j-q@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-docs |
On Wed, Jan 17, 2024 at 02:32:47PM -0700, David G. Johnston wrote:
> I had a go at this.
>
> I went with a more "bullet item" approach with my wording for INHERIT/
> NOINHERIT.
I tried to address that.
> The entire paragraph regarding how the INHERIT "option" works, as opposed to
> the attribute, seems out of place where it was and the material is already
> covered in the GRANT page. We should either improve that page or extract this
> level of detail somewhere else, not try to clutter up the CREATE ROLE page with
> it.
Because the CREATE ROLE is the way to create roles, and GRANT does much
more than just grant membership, I ended up moving the details from the
GRANT page to the CREATE ROLE page.
> We consistently say what the default is for these attribute pairs, do so here
> as well.
I added that, I hope in all the right places.
> Turn the parenthetical in the IN ROLE section into actual assertive
> documentation of what the clause does. Tweak ROLE and ADMIN as well to fit in
> better.
Yes, that needed help.
> Reword the discussion regarding non-inheritance to be more direct.
>
> I added mention of the grantee aspect of privileges as a soft way of further
> pointing out that the IN ROLE, ROLE, ADMIN clauses are limited in what they can
> control in the resulting membership grants.
>
> I choose to use the phrasing "giving ... roles" for both parts of the sentence
> instead of switching to "... roles are given" for the second half. More of a
> style choice but I didn't think switching really added much and just makes it a
> bit wordier and possibly a bit more effort to mentally parse.
I adjusted that working, but in a different way. Patch attached.
I also found we didn't document that GRANT can be used to modify a
membership's attributes even after it is created; I added that.
Just a reminder, this is for PG 16 and master.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
Only you can decide what is important to you.
Attachment | Content-Type | Size |
---|---|---|
role.diff | text/x-diff | 9.6 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | David G. Johnston | 2024-01-28 17:11:18 | Re: CREATE ROLE inheritance details |
Previous Message | Fabrízio de Royes Mello | 2024-01-26 20:02:59 | Re: Add minimal C example and SQL registration example for custom table access methods. |