On Mon, Mar 8, 2021 at 4:41 PM David G. Johnston <david.g.johns...@gmail.com> wrote:
> On Thu, Feb 18, 2021 at 6:18 PM Bossart, Nathan <bossa...@amazon.com> > wrote: > >> On 2/17/21 2:12 PM, David G. Johnston wrote: >> > On Wednesday, February 17, 2021, Bossart, Nathan <bossa...@amazon.com >> > <mailto:bossa...@amazon.com>> wrote: >> > >> > >> > postgres=# ALTER ROLE test1 SET ROLE test2; >> > ALTER ROLE >> > >> > >> > I would not have expected this to work - “role” isn’t a >> > configuration_parameter. Its actually cool that it does, but this doc >> fix >> > should address this oversight as well. >> >> Here's a patch that adds "role" and "session authorization" as >> configuration parameters, too. >> >> > You will want to add this to the commitfest if you haven't already. > > I would suggest adding a section titled "Identification" and placing these > under that. > > Reading it over it looks good. One point though: SET and SET ROLE are > indeed "at run-time" (not 'run time'). ALTER ROLE and ALTER DATABASE > should be considered "at connection-time" just like the command-line > options. > > Also, as a nearby email just reminded me, the determination of which role name is used to figure out default settings is the presented user name, not the one that would result from a connection-time role change as described here - though this should be tested, and then documented. David J.