On Wed, Jul 20, 2022 at 3:11 PM Robert Haas <robertmh...@gmail.com> wrote: > The previous version of the patch makes both DROP OWNED and REASSIGN > OWNED cascade to grantors, but I now think that, for consistency, I'd > better look into changing it so that only DROP OWNED cascades. I think > perhaps I should be using SHARED_DEPENDENCY_ACL instead of > SHARED_DEPENDENCY_OWNER.
All right, here's a new patch set, now with a second patch added to the series. 0001, as before, is a minimal fix for $SUBJECT, but it now uses SHARED_DEPENDENCY_ACL instead of SHARED_DEPENDENCY_OWNER, because that gives behavior which is more like what we do for other object types. However, it confines itself to making sure that pg_auth_members.grantor is a valid user, and that's it. 0002 then revises the behavior substantially further to make role grants work like other grants. The grantor of record is required to be a user with ADMIN OPTION on the grant, or the bootstrap superuser, just as for other object types the grantor of record must have GRANT OPTION or be the object owner (but roles don't have owners). Dependent grants are tracked and must be revoked before the grants upon which they depend, but REVOKE .. CASCADE now works. Dependent grants must be acyclic: you can't have alice getting ADMIN OPTION from bob and bob getting it from alice; somebody's got to get it from the bootstrap superuser. This is all just by analogy with what we do for grants on object types, and making role grants do something similar instead of the completely random treatment we have at present. I believe that these patches are mostly complete, but I think that dumpRoleMembership() probably needs some more work. I don't know what exactly, but there's nothing to cause it to dump the role grants in an order that will create dependent grants after the things that they depend on, which seems essential. -- Robert Haas EDB: http://www.enterprisedb.com
v2-0001-Ensure-that-pg_auth_members.grantor-is-always-val.patch
Description: Binary data
v2-0002-Make-role-grant-system-more-consistent-with-other.patch
Description: Binary data
