Обсуждение: pgsql: Enforce superuser permissions checks during ALTER ROLE/DATABASE

Log Message:
-----------
Enforce superuser permissions checks during ALTER ROLE/DATABASE SET, rather
than during define_custom_variable().  This entails rejecting an ALTER
command if the target variable doesn't have a known (non-placeholder)
definition, unless the calling user is superuser.  When the variable *is*
known, we can correctly apply the rule that only superusers can issue ALTER
for SUSET parameters.  This allows define_custom_variable to apply ALTER's
values for SUSET parameters at module load time, secure in the knowledge
that only a superuser could have set the ALTER value.  This change fixes a
longstanding gotcha in the usage of SUSET-level custom parameters; which
is a good thing to fix now that plpgsql defines such a parameter.

Modified Files:
--------------
    pgsql/doc/src/sgml/ref:
        alter_role.sgml (r1.16 -> r1.17)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/ref/alter_role.sgml?r1=1.16&r2=1.17)
    pgsql/src/backend/utils/misc:
        guc.c (r1.549 -> r1.550)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/misc/guc.c?r1=1.549&r2=1.550)