Re: improving user.c error messages

On 20.02.23 23:58, Nathan Bossart wrote:
>>> Similarly -- this is an existing issue but we might as well look at it -- in
>>> something like
>>>
>>> must be superuser or a role with privileges of the
>>> pg_write_server_files role
>>>
>>> the phrase "a role with the privileges of that other role" seems ambiguous.
>>> Doesn't it really mean you must be a member of that role?
>>
>> Membership alone is not sufficient. You must also inherit the privileges
>> of the role via the INHERIT option. I thought about making this something
>> like
>>
>> must have the INHERIT option on role %s
>>
>> but I'm not sure that's accurate either. That wording makes it sound lіke
>> you need to be granted membership to the role directly WITH INHERIT OPTION,
>> but what you really need is membership, direct or indirect, with an INHERIT
>> chain up to the role in question. However, it looks like "must have the
>> ADMIN option on role %s" is used to mean something similar, so perhaps I am
>> overthinking it.
>
> For now, I've reworded these as "must inherit privileges of".

I don't have a good mental model of all this role inheritance,
personally, but I fear that this change makes the messages more jargony
and less clear. Maybe the original wording was good enough.

A couple of other thoughts:

"admin option" is sort of a natural language term, I think, so we don't
need to parametrize it as "%s option". Also, there are no other
"options" in this context, I think.

A general thought: It seems we currently don't have any error messages
that address the user like "You must do this". Do we want to go there?
Should we try for a more impersonal wording like

"You must have the %s attribute to create roles."

"Current user must have the %s attribute to create roles."

"%s attribute is required to create roles."

By the way, I'm not sure what the separation between 0001 and 0002 is
supposed to be.