Marti Raudsepp wrote
> On Fri, Oct 24, 2014 at 11:29 AM, Kyotaro HORIGUCHI
> <
> horiguchi.kyotaro@.co
> > wrote:
>
> But should ALTER USER ALL and ALTER ROLE ALL really do the same thing?
> A user is a role with the LOGIN option. Every user is a role, but not
> every role is a user. I suspect that ambiguity was why ALTER USER ALL
> wasn't originally implemented.
There is no system level distinction here - only semantic and only during
the issuance of a CREATE without specifying an explicit value for
LOGIN/NOLGIN.
The documentation states user and group are aliases for ROLE, not subsets
that require or disallow login privileges.
I am OK with not making them true aliases in order to minimize user
confusion w.r.t. the semantics implied by user and group but then I'd submit
we simply note those two forms as deprecated in favor of role and that all
new role-based functionality will only be attached to role-based commands.
Since all of user, current_user and session_user have special syntactic
consideration in SQL [1] I'd be generally in favor of trying to keep that
dynamic intact while implementing this feature. And for the same reason I
would not allow current_role as a keyword. We didn't add a current_role
function but instead chose to rely on the standard keywords even when we
introduced ROLE.
I'm not clear on the keyword confusion since while "current_user" is a valid
literal it requires quotation while the token current_user does not.
1. http://www.postgresql.org/docs/9.4/static/functions-info.html
David J.
--
View this message in context:
http://postgresql.1045698.n5.nabble.com/alter-user-role-CURRENT-USER-tp5822520p5824528.html
Sent from the PostgreSQL - hackers mailing list archive at Nabble.com.