On Thu, Nov 7, 2019 at 2:13 PM Stephen Frost <sfrost@snowman.net> wrote:
> I do not agree that we should just shift to using default roles instead
> of adding new options to GRANT because of an entirely internal
> implementation detail that we could fix (and should, as I've said for
> probably 10 years now...).
+1.
I'm not sure that Tom's latest design idea is a bad one, but I
strongly suspect that wrapping ourselves around the axle to work
around our unwillingness to widen a 16-bit quantity to 32 bits (or a
32 bit quantity to 64 bits) is a bad idea. Perhaps there are also
design ideas that we should consider, like separating "basic"
privileges and "extended" privileges or coming up with some altogether
new and better representation. But limiting ourselves to 4 more
privileges ever cannot be the right solution.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
