Re: Open 7.3 items - Mailing list pgsql-hackers

From Oliver Elphick
Subject Re: Open 7.3 items
Date
Msg-id 1030482359.5215.67.camel@linda
Whole thread Raw
In response to Re: Open 7.3 items  (Lamar Owen <lamar.owen@wgcr.org>)
Responses Re: Open 7.3 items
Re: Open 7.3 items
List pgsql-hackers
On Tue, 2002-08-27 at 21:05, Lamar Owen wrote:
> On Tuesday 27 August 2002 03:43 pm, Bruce Momjian wrote:
> > Lamar Owen wrote:
> > > On Tuesday 27 August 2002 03:19 pm, Bruce Momjian wrote:
> > > I thought it WAS resolved, to do:
> 
> > > > Tom likes this because it is the fewer global users who have to append
> > > > the '@'.
> 
> > > At least that was my perception of the uneasy consensus reached.
> 
> > OK, you have now split the vote because we have two for the change, and
> > two against.  Why do you prefer to tag the globals?  Is it Tom's
> > argument?  I think it is kind of strange to tag the globals when it is
> > the locals who have @ in their username, and when they do:
> 
> I agree with what Tom said, and understand why he said it.  And I thought you 
> did, too -- I have apparently misunderstood (again!) the issue.
> 
> In the local-enabled scheme, ISTM the majority of users will be local users.  
> The goal is transparent virtual databases -- at least that's what I consider 
> the goal.  As far as the user is concerned, the other databases might as well 
> not even exist -- all they are doing is connecting to their database.  Since 
> they have to give the database name as part of the connection, it just makes 
> sense that they should have the closest to default behavior.
> 
> In the case of a virtual hosting postmaster, global users would likely be 
> DBA's, although they might not be.  These users are going to be the 
> exception, not the rule -- thus a character to tag their 'exceptional' 
> nature.
> 
> You may not even want your virtual host local users to realize that there is 
> another user by that name.  Thus, the standard notation is the least 
> intrusive for the very users that need uninstrusive notation.

Has this behaviour been carried through into GRANT and REVOKE?  If the
object is transparency for local users, it should be possible in
database "test" to say "GRANT ... TO fred" and have "fred" understood as
"fred@test".

If that is the case, then I will support the current position.


It follows from the objective of transparency that, when reporting a
user name, local users should be reported without the database suffix,
i.e., "fred" not "fred@test".  Global users should be reported with the
trailing "@".  This should cause no problem, because we have no
cross-database communication; it should be impossible for "george@dummy"
to have any connection with database "test".

-- 
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight, UK                            
http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
========================================   "But the end of all things is at hand; be ye therefore      sober, and watch
untoprayer. And above all things      have fervent love among yourselves; for love shall       cover the multitude of
sins."     I Peter 4:7,8
 



pgsql-hackers by date:

Previous
From: Bruce Momjian
Date:
Subject: Re: Proposed GUC Variable
Next
From: Bruce Momjian
Date:
Subject: Re: Proposed GUC Variable