Would it be necessary to disambiguate? Wouldn't individual_user's privileges be a union of all of the privileges of all
thegroups of which it is a part? That seems to be how it works in the core postgres functionality:
If local_group_1 is a role with privileges on table_a and table_b, and local_group_2 is a role with privileges on
table_c,then after
grant local_group_1 to individual_user;
grant local_group_2 to individual_user;
individual_user now has privileges on table_a, table_b, and table_c.
But if local_group_2 also has a user mapping on foreign_table_x, individual_user inherits the privileges on table_c,
butnot foreign_table_x.
Or am I misunderstanding you? Is there something about foreign tables that precludes the role inheritance from working
thesame way it does with native tables?
Thanks,
Natalie
> On Jul 16, 2015, at 1:16 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Natalie Wenz <nataliewenz@ebureau.com> writes:
>> Is there a way to tell postgres_fdw to allow individual_user to inherit
>> user mappings from groups of which it is a part?
>
> No. How would you disambiguate if the current role were a member of
> multiple groups?
>
> regards, tom lane
