Added to TODO:
* Add group object ownership, so groups can rename/drop/grant on objects,
so we can implement roles
---
Peter Eisentraut wrote:
> Bruce Momjian writes:
>
> > I think the one missing item mentioned was for
Bruce Momjian writes:
> I think the one missing item mentioned was for group ownership of an
> object. However, if we give group _permission_ to the object, I am not
> sure why ownership is an issue. Are there certain permission we can't
> give to the group?
Privilege to rename or drop the obje
Peter Eisentraut wrote:
> Christopher Kings-Lynne writes:
>
> > We have roles?
>
> Until two days ago I was under the impression that roles were schema
> objects, but apparently this is not the case, and it seems that roles are
> really just an extension of our group concept.
Yep. We have alrea
Christopher Kings-Lynne writes:
> We have roles?
Until two days ago I was under the impression that roles were schema
objects, but apparently this is not the case, and it seems that roles are
really just an extension of our group concept.
--
Peter Eisentraut [EMAIL PROTECTED]
--
We have roles?
> -Original Message-
> From: Peter Eisentraut [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, 15 January 2003 1:16 AM
> To: Christopher Kings-Lynne
> Cc: Hackers
> Subject: Re: [HACKERS] copying perms to another user
>
>
> Christopher Kings-Lynne
From: "Rod Taylor" <[EMAIL PROTECTED]>
>> While I haven't thought about it very hard, it seems to me that a role
>> might be equivalent or nearly so to a group. If so, we might be able
>> to support roles with little more than some syntactic-sugar work ...
>A few other changes, like allowing own
> While I haven't thought about it very hard, it seems to me that a role
> might be equivalent or nearly so to a group. If so, we might be able
> to support roles with little more than some syntactic-sugar work ...
A few other changes, like allowing ownership of an object to be a group
(role) ra
"Ross J. Reedstrom" <[EMAIL PROTECTED]> writes:
> On Tue, Jan 14, 2003 at 12:23:59PM +0800, Christopher Kings-Lynne wrote:
> "Christopher Kings-Lynne" <[EMAIL PROTECTED]> writes:
> No, I mean that we don't drop the user. You go:
> ALTER USER chriskl COPY PERMISSIONS FROM blah;
> In this scenario,
On Tue, Jan 14, 2003 at 12:23:59PM +0800, Christopher Kings-Lynne wrote:
> > "Christopher Kings-Lynne" <[EMAIL PROTECTED]> writes:
> > > No, I mean that we don't drop the user. You go:
> > > ALTER USER chriskl COPY PERMISSIONS FROM blah;
> >
> > That seems cleaner to me than the DROP thingy.
> >
>
Christopher Kings-Lynne writes:
> Often I need to remove a user and cede their permissions to someone else.
If this happens to you a lot, the solution is to implement roles, grant
privileges to a role, grant the role to a user, and when you remove the
user you grant the role to someone else.
--
> "Christopher Kings-Lynne" <[EMAIL PROTECTED]> writes:
> > No, I mean that we don't drop the user. You go:
> > ALTER USER chriskl COPY PERMISSIONS FROM blah;
>
> That seems cleaner to me than the DROP thingy.
>
> You could only easily implement this in the current database --- but
> since it's no
"Christopher Kings-Lynne" <[EMAIL PROTECTED]> writes:
> No, I mean that we don't drop the user. You go:
> ALTER USER chriskl COPY PERMISSIONS FROM blah;
That seems cleaner to me than the DROP thingy.
You could only easily implement this in the current database --- but
since it's not a DROP, one
> > Yeah good point...it wouldn't bother me if it were just current
> database,
> > except that then it wouldn't be useful to use the DROP USER
> command. ALTER
> > USER or GRANT would be better.
>
> How do you ALTER USER ... after they've been dropped?
No, I mean that we don't drop the user.
> Yeah good point...it wouldn't bother me if it were just current database,
> except that then it wouldn't be useful to use the DROP USER command. ALTER
> USER or GRANT would be better.
How do you ALTER USER ... after they've been dropped?
> BTW Rod, I now get all your emails just fine (not as a
> On Mon, 2003-01-13 at 21:40, Christopher Kings-Lynne wrote:
> > Often I need to remove a user and cede their permissions to
> someone else.
> > How about something like this:
> >
> > DROP USER blah PERMISSIONS TO chriskl;
>
> If you check that it's a superuser doing the drop, this would be good.
On Mon, 2003-01-13 at 21:40, Christopher Kings-Lynne wrote:
> Often I need to remove a user and cede their permissions to someone else.
> How about something like this:
>
> DROP USER blah PERMISSIONS TO chriskl;
If you check that it's a superuser doing the drop, this would be good.
However, what
Often I need to remove a user and cede their permissions to someone else.
How about something like this:
DROP USER blah PERMISSIONS TO chriskl;
or maybe
GRANT ALL USER blah TO chriskl;
???
Chris
---(end of broadcast)---
TIP 4: Don't 'kill -9' t
17 matches
Mail list logo
