Re: allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX
От | Nathan Bossart |
---|---|
Тема | Re: allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX |
Дата | |
Msg-id | 20221212200427.GA448418@nathanxps13 обсуждение исходный текст |
Ответ на | Re: allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX (Nathan Bossart <nathandbossart@gmail.com>) |
Ответы |
Re: allow granting CLUSTER, REFRESH MATERIALIZED VIEW, and REINDEX
|
Список | pgsql-hackers |
On Sat, Dec 10, 2022 at 12:41:09PM -0800, Nathan Bossart wrote: > On Sat, Dec 10, 2022 at 12:07:12PM -0800, Jeff Davis wrote: >> It seems like the discussion on VACUUM/CLUSTER/REINDEX privileges is >> happening in the other thread. What would you like to accomplish in >> this thread? > > Given the feedback in the other thread [0], I was planning to rewrite this > patch to create a MAINTAIN privilege and a pg_maintain_all_tables > predefined role that allowed VACUUM, ANALYZE, CLUSTER, REFRESH MATERIALIZED > VIEW, and REINDEX. Patch attached. I ended up reverting some parts of the VACUUM/ANALYZE patch that were no longer needed (i.e., if the user doesn't have permission to VACUUM, we don't need to separately check whether the user has permission to ANALYZE). Otherwise, I don't think there's anything tremendously different between v1 and v2 besides the fact that all the privileges are grouped together. Since there are only 15 privilege bits used after this patch is applied, presumably we could revert widening AclMode to 64 bits. However, I imagine that will still be necessary at some point in the near future, so I don't see a strong reason to revert it. -- Nathan Bossart Amazon Web Services: https://aws.amazon.com
Вложения
В списке pgsql-hackers по дате отправления: