Re: [HACKERS] Schedule for 8.1 feature freeze

Tue, 21 Jun 2005 05:00:53 -0700 

* Bruce Momjian (pgman@candle.pha.pa.us) wrote:
> We have addressed all the open issues for 8.1 except for auto-vacuum,
> which Alvaro is working on, so I think we are ready for a feature freeze
> on July 1.

Bruce,

  I'd really like to see role support added into 8.1.  I've sent Alvaro
  and Tom versions of the patch in the past and I was planning on
  submitting it to -patches soon.  There's a few remaining issue but I
  don't think they'll take very long to clean up; I've just been
  unfortunately pretty busy lately.  I'm hopeful that I'll be able to
  spend some time on it this week and next week to hopefully address at
  least the remaining issues on my list.

  Lookups need to do multi-level role resolution (for owner and other
    ACL areas)
    (Not very hard, and mostly isolated to the acl code)
  Need to implement per-backend role-member cacheing
    (Not very hard, basically same kind of way pg_namespace does
     schema_path)
  Support 'grant <role> to <role>'
    (Shouldn't be too difficult, mainly just parser work)
  Support 'with admin option'
    (Somewhat difficult, but not necessary for the same functionality we
     have today)
  Support 'granted by'
    (Not very hard, just parser work really)
  Fix other parsers (ecpg, etc) based on updates to backend/parser.
    (Worked on this some already, should be done real soon now)
  Distinguish 'create role' permissions from 'superuser'?
    (Not sure if this makes sense)

  Modify \du, \dg to use new tables
    (They work already using the backwards-compat views, just would be
     nice to update them to the new schema).
  ? Add \dr, \dm
    (Should be easy and would be nice I think, though perhaps not
     required)

  Add documentation for CREATE ROLE/etc
  Document new system catalogs (pg_authid, pg_auth_members)
    (Documentation updates)

  There are views for pg_shadow/pg_group and things seem to be happy
  with them.  CREATE USER/CREATE GROUP work more-or-less as expected.
  An interesting side-effect is that if you do 'create group' and then
  look in the 'group' table you don't see the group till you actually
  put users in it.  Not entirely sure if anything actually depends on
  that (You can, after all, still grant rights to the role which was
  created by CREATE GROUP, and do ALTER GROUP on it, etc).

        Thanks,

                Stephen

Attachment: signature.asc
Description: Digital signature

Reply via email to