Type __postgres_role does not modify role permissions, if changed #212
Labels
No Label
bugfix
cleanup
discussion
documentation
doing
done
feature
improvement
packaging
Stale
testing
TODO
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: ungleich-public/cdist#212
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Created by: telmich
I add:
__postgres_role app
I modify it to:
__postgres_role app --createdb
-> no permissions are changed, as the user already exists.
I think we should enhance this type to support adding and removing permissions
closed
Created by: markasoftware
Although it isn't too hard to check that attributes are right, there is no easy way to check if the password is correct. Perhaps it should unconditionally
ALTER ROLE
when state_is == state_should == presentCreated by: telmich
Maybe introduce two new parameters to set / unset attributes?
--no-attribute <...>
--attribute <...>
and deprecate the current options?
@asteven, what do you think about this?
Created by: telmich
22:58 < telmich> thus I was wondering, if there is a variant of \du
available, that is easily machine parsable
22:58 < johto> telmich; select * from pg_user;?
postgres=# select * from pg_user where usename = 'app';
usename | usesysid | usecreatedb | usesuper | usecatupd | userepl | passwd | valuntil | useconfig
---------+----------+-------------+----------+-----------+---------+----------+----------+-----------
app | 16384 | t | f | f | f | ******** | |
(1 row)
Created by: telmich
postgres-# \du
List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------+-----------
app | Create DB | {}
postgres | Superuser, Create role, Create DB, Replication | {}
postgres-#
http://www.postgresql.org/docs/8.1/static/role-attributes.html