Request a Demo
Home   >   mailing lists

Re: alter user/role CURRENT_USER - Mailing list pgsql-hackers

From Rushabh Lathia
Subject Re: alter user/role CURRENT_USER
Date
Msg-id CAGPqQf2COCK-2n2VA8aHqyEOTebqqFUVuEHFriVowpsaxGZ=FA@mail.gmail.com
Whole thread
In response to Re: alter user/role CURRENT_USER  (Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp>)
Responses Re: alter user/role CURRENT_USER
List pgsql-hackers
Tree view
Thanks Kyotaro,

I just did quickly looked at the patch and it does cover more syntax then
earlier patch. But still if doesn't not cover the all the part of syntax where
we can use CURRENT_USER/CURRENT_ROLE/USER/SESSION_USER. For example:

-- Not working
alter default privileges for role current_user grant SELECT ON TABLES TO current_user ;

-- Not working
grant user1 TO current_user;

Their might few more syntax like this.

I understand that patch is  sightly getting bigger and complex then what it was
originally proposed. Before going back to more review on latest patch I would
like to understand the requirement of this new feature. Also would like others
to comment on where/how we should restrict this feature ?

On Fri, Oct 24, 2014 at 1:59 PM, Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp> wrote:
Hi, here is the revised patch.

Attached files are the followings

 - 0001-ALTER-ROLE-CURRENT_USER_v2.patch  - the patch.

 - testset.tar.bz2 - test set. Run by typing 'make check' as a
   superuser of the running postgreSQL server. It creates "testdb"
   and some roles.

Documents are not edited this time.

----

Considering your comments, I found more points to modify.

 - CREATE SCHEMA (IF NOT EXISTS) .. AUTHORIZATION <role> ...

 - ALTER AGGREAGE/COLLATION/etc... OWNER TO <role>

 - CREATE/ALTER/DROP USER MAPPING FOR <role> SERVER ..

GRANT/REVOKE also takes role as an arguemnt but CURRENT_USER and
the similar keywords seem to be useless for them.

Finally, the new patch modifies the following points.

In gram.y,

 - RoleId's are replaced with RoleId_or_curruser in more places.
   It accepts CURRENT_USER/USER/CURRENT_ROLE/SESSION_USER.

 - ALTER USER ALL syntax is added. (not changed from the previous patch)

 - The non-terminal auth_ident now uses RoleId_or_curruser
   instead of RoleId. This affects CREATE/ALTER/DROP USER MAPPING

In user.c, new function ResolveRoleId() is added and used for all
role ID resolutions that correspond to the syntax changes in
parser. It is AlterRole() in user.c.

In foreigncmds.c, GetUserOidFromMapping() is removed and
ResolveRoleId is used instead.

In alter.c and tablecmds.c, all calls to get_role_oid()
correspond the the grammer change were replaced with
ResolveRoleId().

The modifications are a bit complicated so I provided a
comprehensive test set.


regards,

--
Kyotaro Horiguchi
NTT Open Source Software Center



--
Rushabh Lathia

pgsql-hackers by date:

Previous
From: Jim Nasby
Date:
Subject: Re: [BUGS] ltree::text not immutable?
Next
From: Rushabh Lathia
Date:
Subject: Re: CINE in CREATE TABLE AS ... and CREATE MATERIALIZED VIEW ...