> On Nov 16, 2021, at 2:12 PM, Tom Lane <t...@sss.pgh.pa.us> wrote:
>
> The question is why you need pg_config_param at all, then.
> AFAICS it just adds maintenance complexity we could do without.
> I think we'd be better off with a catalog modeled on the design of
> pg_db_role_setting, which would have entries for roles and lists
> of GUC names that those roles could set.
Originally, I was trying to have dependency linkage between two proper types of
objects, so that DROP ROLE and DROP CONFIGURATION PARAMETER would behave as
expected, complaining about privileges remaining rather than dropping an object
and leaving a dangling reference.
I've deleted the whole CREATE CONFIGURATION PARAMETER and DROP CONFIGURATION
PARAMETER syntax and implementation, but it still seems odd to me that:
CREATE ROLE somebody;
GRANT SELECT ON TABLE sometable TO ROLE somebody;
GRANT ALTER SYSTEM ON someguc TO ROLE somebody;
DROP ROLE somebody;
ERROR: role "somebody" cannot be dropped because some objects depend on it
DETAIL: privileges for table sometable
would not mention privileges for "someguc" as well. That's why I want
configuration parameters to be proper objects with OIDs and with entries in
pg_depend and/or pg_shdepend. Maybe there is some better way to do it, but
that's why I've been doing this.
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
