Tal Walter <talw@sqreamtech.com> writes:
> - Why in the roles system, user are actually roles with login attribute
> and not a separate entity.
Groups and users used to be separate concepts, actually, a long time ago.
We got rid of that because it was a PITA; in particular, grants to groups
had to be represented separately from grants to individual users. Looking
at the git history, that happened in mid-2005, so you might trawl the
pgsql-hackers archives from around that time for discussion.
> - Why to read from a table, both a usage permission on the schema and a
> read access permission on the table is needed?
Because the SQL standard says so. You might want to get a copy. While
the "official" releases cost lots o' money, draft versions are freely
available on the net, and are generally close enough.
regards, tom lane