Hi. And happy new year (for those using the Gregorian calendar).
pg_has_role() from
https://www.postgresql.org/docs/current/functions-info.htmladded the 'SET' privilege in v16, and on top of the existing 'MEMBER' and 'USAGE' ones:
> MEMBER denotes direct or indirect membership in the role [...]
> USAGE denotes whether the privileges of the role are immediately available without doing SET ROLE
> SET denotes whether it is possible to change to the role using the SET ROLE command
I'd like to know if possible why SET was added; the rationale for it.
Does it not imply that MEMBER and USAGE weren't enough somehow before?
If `pg_has_role(..., 'MEMBER')` is true, isn't `pg_has_role(..., 'SET')` implied?
If not, why? (and is that related to NOT INHERIT roles in the graph between the two roles?)
Asked differently I guess, when does being a MEMBER of a role (directly or not),
NOT allow SET ROLE to that role?
We use ROLEs extensively in our PostgreSQL-based apps,
and I've read a lot about them, but at times I feel I'm missing something.