2012/2/28 Guillaume Lelarge <guilla...@lelarge.info> > On Tue, 2012-02-28 at 09:22 +0100, Bartosz Dmytrak wrote: > > Hi, > > I would like to see who is member of selected role, somewhere in group > role > > form. Hope this will help to administrate multiuser environments. > > > > This feature is covered by query: > > SELECT p.rolname, m.rolname as member, g.rolname as grantor > > FROM pg_authid p > > INNER JOIN pg_auth_members am ON (p.oid = am.roleid) > > INNER JOIN pg_authid m ON (am.member = m.oid) > > INNER JOIN pg_authid g ON (am.grantor = g.oid) > > WHERE p.rolname = 'MyRole' > > > > This query shows of course only direct members, feature could be extended > > to indirect members too (and mark them as indirect). > > Right now I use workaround with macro. > > > > IOW, you want the opposite of the "Role membership" tab. Not sure if it > really makes sense in pgAdmin. > > > -- > Guillaume > http://blog.guillaume.lelarge.info > http://www.dalibo.com > > Yes indeed - that is my intention. In my opinion it makes sense, because right now You are not able to answer question who is member of role X quickly. My strategy is to group users into roles and then grant/revoke privileges to groups, and also pg_hba.conf file is organized based on groups not users because I have to manage 1000+ users from different organization units. Right now pgAdmin is rather bottom-up organized not top-down. By implementing this feature You will give users new point of view on privileges.
Regards, Bartek