Re: postgres_fdw user mapping and role inheritance
| От | Natalie Wenz |
|---|---|
| Тема | Re: postgres_fdw user mapping and role inheritance |
| Дата | |
| Msg-id | 32B4D87F-0466-467A-9F2B-00F696E9E056@ebureau.com обсуждение исходный текст |
| Ответ на | Re: postgres_fdw user mapping and role inheritance (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: postgres_fdw user mapping and role inheritance
|
| Список | pgsql-admin |
Would it be necessary to disambiguate? Wouldn't individual_user's privileges be a union of all of the privileges of all thegroups of which it is a part? That seems to be how it works in the core postgres functionality: If local_group_1 is a role with privileges on table_a and table_b, and local_group_2 is a role with privileges on table_c,then after grant local_group_1 to individual_user; grant local_group_2 to individual_user; individual_user now has privileges on table_a, table_b, and table_c. But if local_group_2 also has a user mapping on foreign_table_x, individual_user inherits the privileges on table_c, butnot foreign_table_x. Or am I misunderstanding you? Is there something about foreign tables that precludes the role inheritance from working thesame way it does with native tables? Thanks, Natalie > On Jul 16, 2015, at 1:16 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > > Natalie Wenz <nataliewenz@ebureau.com> writes: >> Is there a way to tell postgres_fdw to allow individual_user to inherit >> user mappings from groups of which it is a part? > > No. How would you disambiguate if the current role were a member of > multiple groups? > > regards, tom lane
В списке pgsql-admin по дате отправления: