Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1srjBL-0042k7-2x
	for pgsql-general@arkaria.postgresql.org; Fri, 20 Sep 2024 19:20:43 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1srjBI-00Bxj3-VU
	for pgsql-general@arkaria.postgresql.org; Fri, 20 Sep 2024 19:20:42 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1srjBI-00Bxip-EP
	for pgsql-general@lists.postgresql.org; Fri, 20 Sep 2024 19:20:41 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1srjBG-000Dv2-6S
	for pgsql-general@postgresql.org; Fri, 20 Sep 2024 19:20:40 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 48KJKZPt2529742;
	Fri, 20 Sep 2024 15:20:35 -0400
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Robert Haas <robertmhaas@gmail.com>
cc: Laurenz Albe <laurenz.albe@cybertec.at>,
        Dominique Devienne <ddevienne@gmail.com>, pgsql-general@postgresql.org
Subject: Re: Why no pg_has_role(..., 'ADMIN')?
In-reply-to: <CA+TgmoZ44MXgcgLwyPJJ8kypRezOJ=BOUsAPs9Q=rJGKQQLCwA@mail.gmail.com>
References: <CAFCRh-8JNEy+dV4SXFOrWca50u+d=--TO4cq=+ac1oBtfJy4AA@mail.gmail.com> <42cf78d42a376bf05ca9f5776ad29edc30e784d5.camel@cybertec.at> <CA+TgmobvCGAHPZxX1rNgUb1cGcmD5e8ESGVSL=OyVqDYCAV3EQ@mail.gmail.com> <2468702.1726856198@sss.pgh.pa.us> <2470834.1726857267@sss.pgh.pa.us> <CA+TgmoZ44MXgcgLwyPJJ8kypRezOJ=BOUsAPs9Q=rJGKQQLCwA@mail.gmail.com>
Comments: In-reply-to Robert Haas <robertmhaas@gmail.com>
	message dated "Fri, 20 Sep 2024 14:49:13 -0400"
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-ID: <2529740.1726860035.1@sss.pgh.pa.us>
Content-Transfer-Encoding: 8bit
Date: Fri, 20 Sep 2024 15:20:35 -0400
Message-ID: <2529741.1726860035@sss.pgh.pa.us>
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/2529741.1726860035%40sss.pgh.pa.us>
Precedence: bulk

Robert Haas <robertmhaas@gmail.com> writes:
> On Fri, Sep 20, 2024 at 2:34 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> I'm now inclined to add wording within the pg_has_role entry, along
>> the lines of
>> 
>> WITH ADMIN OPTION or WITH GRANT OPTION can be added to any of
>> these privilege types to test whether ADMIN privilege is held
>> (all six spellings test the same thing).

> I don't have an opinion about the details, but +1 for documenting it
> somehow. I also think it's weird that we have six spellings that test
> the same thing, none of which are $SUBJECT. pg_has_role seems a little
> half-baked to me...

Yeah.  I think the original idea was to make it as parallel to
has_table_privilege and friends as we could (but why did we then
stick a pg_ prefix on it?).  So that led to MEMBER WITH GRANT OPTION,
and then the other spellings seem to have come along later.

			regards, tom lane