* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> I've committed changes to add a "rolinherit" flag to pg_authid as per
> discussion. The pg_has_role function now distinguishes USAGE rights
> on a role (do you currently have the privileges of that role) from
> MEMBER rights (do you have the ability to SET ROLE to that role).
Great, thanks.
> A couple of loose ends remain:
>
> * Should is_admin_of_role pay attention to rolinherit? I suspect it
> should but can't quite face going through the SQL spec again to be sure.
> This only affects the right to GRANT role membership to someone else.
>
> * The information_schema needs another pass to see which pg_has_role
> usages ought to be testing USAGE instead of MEMBER. I think most of
> them should, but in and around applicable_roles and enabled_roles
> some more thought and spec-reading is needed.
I'll look into what the spec says for these, hopefully anoncvs is
working now...
> I'm planning on doing some documentation work next, and was hoping
> someone else would look at the above items.
Will do. I'll be using the SQL2003 draft. Should be able to run these
down later today.
Thanks,
Stephen
