2012/2/28 Guillaume Lelarge <guilla...@lelarge.info>

> On Tue, 2012-02-28 at 09:22 +0100, Bartosz Dmytrak wrote:
> > Hi,
> > I would like to see who is member of selected role, somewhere in group
> role
> > form. Hope this will help to administrate multiuser environments.
> >
> > This feature is covered by query:
> > SELECT p.rolname, m.rolname as member, g.rolname as grantor
> > FROM pg_authid p
> >  INNER JOIN pg_auth_members am ON (p.oid = am.roleid)
> > INNER JOIN pg_authid m ON (am.member = m.oid)
> >  INNER JOIN pg_authid g ON (am.grantor = g.oid)
> > WHERE p.rolname = 'MyRole'
> >
> > This query shows of course only direct members, feature could be extended
> > to indirect members too (and mark them as indirect).
> > Right now I use workaround with macro.
> >
>
> IOW, you want the opposite of the "Role membership" tab. Not sure if it
> really makes sense in pgAdmin.
>
>
> --
> Guillaume
> http://blog.guillaume.lelarge.info
> http://www.dalibo.com
>
>
Yes indeed - that is my intention. In my opinion it makes
sense, because right now You are not able to answer question  who is member
of role X quickly. My strategy is to group users into roles and then
grant/revoke privileges to groups, and also pg_hba.conf file is organized
based on groups not users because I have to manage 1000+ users from
different organization units. Right now pgAdmin is rather bottom-up
organized not top-down. By implementing this feature You will give users
new point of view on privileges.

Regards,
Bartek

Reply via email to