* Josh Berkus (josh@agliodbs.com) wrote: > Yeah, the problem is that with the upcoming "group ownership" I see > user-based quotas as being rather difficult to implement unambiguously.
I'm not sure it'd be terribly different with roles than with user/groups. A role gets a quota, anything which that role is the owner of counts towards that quota. The only possibly annoying part about this is that there isn't a direct way (yet) to create an object owned by someone other than yourself. An example: Role john isn't really supposted to use up much disk space. Role admin can use up lots of disk space. Role john is a member of role admin. In order to use up much disk space, john needs to, say, create a table and then change ownership to admin before populating that table. An interesting idea would be to allow for a session variable which the user could set to a particular role (which that user is a member of) and have that role then own any objects created. In that instance it's possible john's quota could be 0. I'm not entirely sure if that's something CURRENT_USER/SESSION_USER/etc could be correctly used for. > Even more so when we get "local users" in the future. So I'd only want > to do it if there was a real-world use case that tablespace quotas > wouldn't satisfy. Local users actually makes me think the per-user quota would make *more* sense, following along your example below... > For the basic ISP space, tablespace quotas seem a lot more apt for that > case. You give each user a database, and put it in its own tablespace and > don't give them permissions to change it. That way you could have user > e-mail, web, and database in the same directory tree for easy > backup/transfer. It also means that you can use filesystem controls to > double-check the tablespace maximums. In the basic ISP scenario, you give each customer a database, in its own tablespace, with quotas on that tablespace. With local roles that customer may then have multiple users and want to establish different quotas for them. Just some thoughts. Thanks, Stephen
signature.asc
Description: Digital signature