Home > mailing lists

Re: "paths" between two ROLEs - Mailing list pgsql-general

From	Dominique Devienne
Subject	Re: "paths" between two ROLEs
Date	June 13, 2023 18:11:18
Msg-id	CAFCRh-_Y4XP=+6EVStq7AC5_k+waVvSetZp6MhoQ+8b9p+YJug@mail.gmail.com Whole thread Raw
In response to	Re: "paths" between two ROLEs (Joe Conway <mail@joeconway.com>)
List	pgsql-general

Tree view

On Tue, Jun 13, 2023 at 2:20 PM Joe Conway <mail@joeconway.com> wrote:

On 6/13/23 04:17, Dominique Devienne wrote:
> To troubleshoot and validate that emulation, I'd like to introspect ROLE
> membership to:
>
> 1) Output the ROLE "path(s)" between any two ROLEs.[...]
> 2) Output all target ROLEs [...] a given LOGIN USER has access to.

This shows the path between roles taken which provides a particular
privilege for a particular object:

https://github.com/CrunchyData/crunchy_check_access

It might do for you as-is, or at least you can use it as an example.

Thanks. I'd never seem a nested-for-loop with recursive calls of a function, returning rows.

Interesting mix of SQL and procedural / imperative code to generate a view-like output.

Not quite what I was looking for though. But thank you for sharing. Very instructional. --DD

PS: I'll try to work out the SQL myself then, and if I get stuck, I'll ask a more actionable question with where I'm at so far.

pgsql-general by date:

From: Tom Lane
Date: 13 June 2023, 18:06:53
Subject: Re: Reproducing incorrect order with order by in a subquery

From: Ruslan Zakirov
Date: 13 June 2023, 20:55:25
Subject: Re: Reproducing incorrect order with order by in a subquery

Re: "paths" between two ROLEs - Mailing list pgsql-general

Previous

Next