On Thu, Jan 23, 2025 at 3:51 PM Andres Freund <and...@anarazel.de> wrote: > I wonder if it's a mistake that a role membership that has WITH ADMIN on > another role is silently removed if the member role is removed. We e.g. do > *not* do that for pg_auth_members.grantor: > > ERROR: 2BP01: role "r1" cannot be dropped because some objects depend on it > DETAIL: privileges for membership of role r2 in role r3
Yeah, I'm not sure about this either, but this is the kind of thing I was thinking about when I replied before, saying that maybe dropping role B shouldn't just succeed. Maybe dropping a role that doesn't have privileges to administer any other role should be different than dropping one that does. -- Robert Haas EDB: http://www.enterprisedb.com
