Re: RFC: roles

Hi Andreas

> -----Original Message-----
> From: pgadmin-hackers-owner@postgresql.org
> [mailto:pgadmin-hackers-owner@postgresql.org] On Behalf Of
> Andreas Pflug
> Sent: 31 July 2005 13:40
> To: pgadmin-hackers
> Subject: [pgadmin-hackers] RFC: roles
>
> I had a look at roles, and was wondering about the best way
> to support them.
>
> Purely, it's not a problem at all: just expose pg_authid and
> pg_auth_members in dialogs/lists.
>
> OTOH, it might be quite confusing for 1st time users that
> there are only
> roles with some attributes, no users and groups. Should we have two
> modes for it: The reduced view with users and groups (where a
> group may
> be a group member too) and an enhanced view that allows all
> role features?
> Additionally, this has also some impact on the security properties,
> since a role that may login currently wouldn't be exposed as
> grantee by
> default.
>
> Thoughts?

I think I would be inclined just to have the full view of everything.
Roles effectively deprecate users and groups, so I don't think we should
try to fool the user into thinking they are still there. For convenience
though, perhaps we should notate which roles have login somehow -
perhaps a trailing asterisk?

Regards, Dave.