Re: Allow placeholders in ALTER ROLE w/o superuser - Mailing list pgsql-hackers

From Nathan Bossart
Subject Re: Allow placeholders in ALTER ROLE w/o superuser
Date
Msg-id 20220719165339.GB3716275@nathanxps13
Whole thread Raw
In response to Re: Allow placeholders in ALTER ROLE w/o superuser  (Steve Chavez <steve@supabase.io>)
Responses Re: Allow placeholders in ALTER ROLE w/o superuser
List pgsql-hackers
On Tue, Jul 19, 2022 at 12:55:14AM -0500, Steve Chavez wrote:
> Taking your options into consideration, for me the correct behaviour should
> be:
> 
> - The ALTER ROLE placeholder should always be stored with a PGC_USERSET
> GucContext. It's a placeholder anyway, so it should be the less restrictive
> one. If the user wants to define it as PGC_SUSET or other this should be
> done through a custom extension.
> - When an extension claims the placeholder, we should check the
> DefineCustomXXXVariable GucContext with PGC_USERSET. If there's a match,
> then the value gets applied, otherwise WARN or ERR.
>   The role GUCs get applied at login time right? So at this point we can
> WARN or ERR about the defined role GUCs.
> 
> What do you think?

Hm.  I would expect ALTER ROLE to store the PGC_SUSET context when executed
by a superuser or a role with privileges via pg_parameter_acl.  Storing all
placeholder GUC settings as PGC_USERSET would make things more restrictive
than they are today.  For example, it would no longer be possible to apply
any ALTER ROLE settings from superusers for placeholders that later become
custom GUCS.

-- 
Nathan Bossart
Amazon Web Services: https://aws.amazon.com



pgsql-hackers by date:

Previous
From: Nathan Bossart
Date:
Subject: Re: Autovacuum worker spawning strategy
Next
From: Simon Riggs
Date:
Subject: StrategyAM for IndexAMs