On 17.02.2024 00:37, David G. Johnston wrote:
regress_du_role1 | no | Inherit | no | 2024-12-31 00:00:00+03(invalid) | 50 | Group role without password but with valid until regress_du_role2 | yes | Inherit | yes | | Not allowed | No connections allowed regress_du_role3 | yes | | yes | | 10 | User without attributes regress_du_su | yes | Superuser +| yes | | 3(ignored) | Superuser but with connection limit
Per the recent bug report, we should probably add something like (ignored) after the 50 connections for role1 since they are not allowed to login so the value is indeed ignored.
Hm, but the same logic applies to "Password?" and "Valid until" for role1 without login attribute.
The challenge is how to display it for unprivileged users. But they can't see password information.
So, displaying 'Valid until' as '(irrelevant)' for privileged users and real value for others looks badly.
What can be done in this situation.
0. Show different values as described above.
1. Don't show 'Valid until' for unprivileged users at all. The same logic as for 'Password?'.
With possible exception: user can see 'Valid until' for himself.
May be too complicated?
2. Tom's advise:
Not sure it's worth worrying about
Show real values for 'Valid until' and 'Connection limit' without any hints.
3. The best solution, which I can't see now.
--
Pavel Luzanov
Postgres Professional: https://postgrespro.com