Re: add \dpS to psql - Mailing list pgsql-hackers

From Tom Lane
Subject Re: add \dpS to psql
Date
Msg-id 45224.1670476523@sss.pgh.pa.us
Whole thread Raw
In response to Re: add \dpS to psql  (Nathan Bossart <nathandbossart@gmail.com>)
Responses Re: add \dpS to psql
List pgsql-hackers
Nathan Bossart <nathandbossart@gmail.com> writes:
> On Wed, Dec 07, 2022 at 11:48:20PM -0500, Isaac Morland wrote:
>> My previous analysis
>> shows that there is no vast hidden demand for new privilege bits. If we
>> implement MAINTAIN to control access to VACUUM, ANALYZE, REFRESH, CLUSTER,
>> and REINDEX, we will cover everything that I can find that has seriously
>> discussed on this list, and still leave 3 unused bits for future expansion.

> If we added CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX as individual
> privilege bits, we'd still have 13 remaining for future use.

I think the appropriate question is not "have we still got bits left?".
It should be more like "under what plausible scenario would it be useful
to grant somebody CLUSTER but not VACUUM privileges on a table?".

I'm really thinking that MAINTAIN is the right level of granularity
here.  Or maybe it's worth segregating exclusive-lock from
not-exclusive-lock maintenance.  But I really fail to see how it's
useful to distinguish CLUSTER from REINDEX, say.

            regards, tom lane



pgsql-hackers by date:

Previous
From: Isaac Morland
Date:
Subject: Re: add \dpS to psql
Next
From: Peter Smith
Date:
Subject: Re: PGDOCS - Logical replication GUCs - added some xrefs