On Tue, Jul 19, 2022 at 12:55:14AM -0500, Steve Chavez wrote:
> Taking your options into consideration, for me the correct behaviour should
> be:
>
> - The ALTER ROLE placeholder should always be stored with a PGC_USERSET
> GucContext. It's a placeholder anyway, so it should be the less restrictive
> one. If the user wants to define it as PGC_SUSET or other this should be
> done through a custom extension.
> - When an extension claims the placeholder, we should check the
> DefineCustomXXXVariable GucContext with PGC_USERSET. If there's a match,
> then the value gets applied, otherwise WARN or ERR.
> The role GUCs get applied at login time right? So at this point we can
> WARN or ERR about the defined role GUCs.
>
> What do you think?
Hm. I would expect ALTER ROLE to store the PGC_SUSET context when executed
by a superuser or a role with privileges via pg_parameter_acl. Storing all
placeholder GUC settings as PGC_USERSET would make things more restrictive
than they are today. For example, it would no longer be possible to apply
any ALTER ROLE settings from superusers for placeholders that later become
custom GUCS.
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com