Postgres Pro
Downloads
Home   >   mailing lists

Re: [COMMITTERS] pgsql: Use a bitmask to represent role attributes - Mailing list pgsql-hackers

From José Luis Tallón
Subject Re: [COMMITTERS] pgsql: Use a bitmask to represent role attributes
Date
Msg-id 5499AA36.3070908@adv-solutions.net
Whole thread Raw
In response to Re: [COMMITTERS] pgsql: Use a bitmask to represent role attributes  (Bruce Momjian <bruce@momjian.us>)
Responses Re: [COMMITTERS] pgsql: Use a bitmask to represent role attributes  (David G Johnston <david.g.johnston@gmail.com>)
List pgsql-hackers
Tree view 
On 12/23/2014 06:06 PM, Bruce Momjian wrote:
> On Tue, Dec 23, 2014 at 11:34:09AM -0500, Tom Lane wrote:
>> Stephen Frost <sfrost@snowman.net> writes:
>>> If that's the only consideration for this, well, that's certainly quite
>>> straight-forward to change in the other direction too.  The new function
>>> suggested by Andres actually makes it really easy to get a textual list
>>> of all the role attributes which a role has from the bitmask too.
>> We could have that regardless of the representation, if the function is
>> defined along the lines of "given a user OID, give me a text string
>> representing the user's attributes".  However, that only helps for
>> pg_dumpall and any other clients whose requirement is exactly satisfied
>> by a string that fits into CREATE/ALTER USER.  The current formatting
>> of psql's \du, for example, absolutely requires adding more client-side
>> code every time we add a property; whether the catalog representation is
>> bools or a bitmask really isn't going to change the pain level much there.
> I am with Tom on this --- there is more wasted space in the 'name'
> column pg_authid.rolname than by shoving 40 boolean values into a
> bitmap.  Adding the complexity of a bitmap doesn't make sense here.
Well, the code simplification alone might be worth the effort... and it 
does make adding additional attributes easier.

> I also apologize for the late feedback.
>
> Offtopic, what I would really _love_ to see improved is our display of
> object permissions:
>
>                                      Access privileges
>      Schema |  Name  | Type  |     Access privileges     | Column privileges | Policies
>     --------+--------+-------+---------------------------+-------------------+----------
>      public | crypto | table | postgres=arwdDxt/postgres+|                   |
>             |        |       | =r/postgres               |                   |
>
> That is nasty user display ---  it looks like line noise.

Hmm...  http://www.postgresql.org/docs/9.4/static/sql-grant.html does 
describe the mapping from letters to permissions, but I agree that it 
could be easier for beginners.
Any idea on how this display can be made more "human friendly"? (just 
for the sake of discussion --- I don't think I have time to do much 
about that, unfortunately)


Cheers,
    / J.L.

pgsql-hackers by date:

Previous
From: Andres Freund
Date:
Subject: Re: Suppressing elog.c context messages (was Re: Wait free LW_SHARED acquisition)
Next
From: David G Johnston
Date:
Subject: Re: Proposal: two new role attributes and/or capabilities?