On 24.01.2023 20:16, David G. Johnston wrote:
Yeah, I noticed the lack too, then went a bit too far afield with
trying to compose a graph of the roles. I'm still working on that but
at this point it probably won't be something I try to get committed to
psql. Something more limited like this does need to be included.
Glad to hear that you're working on it.
I'm not too keen on the idea of converting the existing array into a
newline separated string. I would try hard to make the modification
here purely additional.
I agree with all of your arguments. A couple of months I tried to find
an acceptable variant in the background.
But apparently tried not very hard ))
In the end, the variant proposed in the patch seemed to me worthy to
show and
start a discussion. But I'm not sure that this is the best choice.
Another thing I did with the graph was have both "member" and
"memberof" columns in the output. In short, every grant row in
pg_auth_members appears twice, once in each column, so the role being
granted membership and the role into which membership is granted both
have visibility when you filter on them. For the role graph I took
this idea and extended out to an entire chain of roles (and also broke
out user and group separately) but I think doing the direct-grant only
here would still be a big improvement.
It will be interesting to see the result.
--
Pavel Luzanov