Re: [PATCHES] Users/Groups -> Roles
| От | Tom Lane |
|---|---|
| Тема | Re: [PATCHES] Users/Groups -> Roles |
| Дата | |
| Msg-id | 19492.1120146487@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: [PATCHES] Users/Groups -> Roles (Stephen Frost <sfrost@snowman.net>) |
| Ответы |
Re: [PATCHES] Users/Groups -> Roles
|
| Список | pgsql-hackers |
Stephen Frost <sfrost@snowman.net> writes:
> That's controlled by pg_hba.conf though, isn't it? The idea being that
> you'd like to give some people the ability to create users/roles, but to
> limit the databases those created users/roles could connect to by, say,
> requiring they have 'usage' or 'connect' permissions to that database,
> which could be set by the database owner; without the database owner
> having write permissions to the pg_hba.conf.
You can do that today by putting a group name in pg_hba.conf. Roles
will make it more flexible; I don't see that we need anything more.
For instance, if pg_hba.conf says "samegroup" then you could manage
everything by associating a group with each database.
regards, tom lane
В списке pgsql-hackers по дате отправления: