On Tue, 2012-02-28 at 09:22 +0100, Bartosz Dmytrak wrote: > Hi, > I would like to see who is member of selected role, somewhere in group role > form. Hope this will help to administrate multiuser environments. > > This feature is covered by query: > SELECT p.rolname, m.rolname as member, g.rolname as grantor > FROM pg_authid p > INNER JOIN pg_auth_members am ON (p.oid = am.roleid) > INNER JOIN pg_authid m ON (am.member = m.oid) > INNER JOIN pg_authid g ON (am.grantor = g.oid) > WHERE p.rolname = 'MyRole' > > This query shows of course only direct members, feature could be extended > to indirect members too (and mark them as indirect). > Right now I use workaround with macro. >
IOW, you want the opposite of the "Role membership" tab. Not sure if it really makes sense in pgAdmin.
Yes indeed - that is my intention. In my opinion it makes sense, because right now You are not able to answer question who is member of role X quickly. My strategy is to group users into roles and then grant/revoke privileges to groups, and also pg_hba.conf file is organized based on groups not users because I have to manage 1000+ users from different organization units. Right now pgAdmin is rather bottom-up organized not top-down. By implementing this feature You will give users new point of view on privileges.