Re: Version 14/15 documentation Section "Alter Default Privileges" - Mailing list pgsql-hackers

From Laurenz Albe
Subject Re: Version 14/15 documentation Section "Alter Default Privileges"
Date
Msg-id d3dcd30164a4f86588d33013e3bd41d7f576f17f.camel@cybertec.at
Whole thread Raw
In response to Re: Version 14/15 documentation Section "Alter Default Privileges"  (Bruce Momjian <bruce@momjian.us>)
Responses Re: Version 14/15 documentation Section "Alter Default Privileges"
Re: Version 14/15 documentation Section "Alter Default Privileges"
List pgsql-hackers
On Tue, 2023-11-07 at 17:30 -0500, Bruce Momjian wrote:
> You didn't seem to like my SET ROLE suggestion so I removed it.

I thought that the information that you can use SET ROLE to assume
the identity of another role is correct, but leads a bit too far
in the manual page of ALTER DEFAULT PRIVILEGES.

> > +  <para>
> > +   There is no way to change the default privileges for objects created by
> > +   arbitrary roles.  You have run <command>ALTER DEFAULT PRIVILEGES</command>
>
> I find the above sentence odd.  What is its purpose?

I cannot count how many times I have seen the complaint "I have run ALTER DEFAULT
PRIVILEGES, and now when some other user creates a table, the permissions are
unchanged". People tend to think that if you omit FOR ROLE, the change applies to
PUBLIC.

Your improved documentation of "target_role" already covers that somewhat, so if
you don't like the repetition, I'm alright with that.  I just thought it might
be worth stating it explicitly.

I think your patch is fine and ready to go.

Yours,
Laurenz Albe
>



pgsql-hackers by date:

Previous
From: Dean Rasheed
Date:
Subject: Re: Infinite Interval
Next
From: Daniel Gustafsson
Date:
Subject: Re: pgsql: Clean up role created in new subscription test.