On Tue, 2023-11-07 at 17:30 -0500, Bruce Momjian wrote:
> You didn't seem to like my SET ROLE suggestion so I removed it.
I thought that the information that you can use SET ROLE to assume
the identity of another role is correct, but leads a bit too far
in the manual page of ALTER DEFAULT PRIVILEGES.
> > + <para>
> > + There is no way to change the default privileges for objects created by
> > + arbitrary roles. You have run <command>ALTER DEFAULT PRIVILEGES</command>
>
> I find the above sentence odd. What is its purpose?
I cannot count how many times I have seen the complaint "I have run ALTER DEFAULT
PRIVILEGES, and now when some other user creates a table, the permissions are
unchanged". People tend to think that if you omit FOR ROLE, the change applies to
PUBLIC.
Your improved documentation of "target_role" already covers that somewhat, so if
you don't like the repetition, I'm alright with that. I just thought it might
be worth stating it explicitly.
I think your patch is fine and ready to go.
Yours,
Laurenz Albe
>
