Dear Bruno,
The standard talks about 2 distinct concepts: USER and ROLE (4.34). I'm
not sure it is a good idea to drop the user concept to replace it by role.
If you do so, you may miss something about what roles are about.
I think it is a good idea to make users synonymous with roles with
regard to privileges. This will make checking for access simpler
and mistakes less likely. The special part of being a user in addition
to a role is that being a user allows for authentication.
There are two distinct issues : implementation and design/feature.
I'm arguing on the feature, as I wish per-catalog ROLEs, which cannot be
fused with per-cluster USERs.
I agree with you that the current implementation for a per-cluster role is
very reasonnable or even witty. It just does not provide the feature I'm
looking for, namely managing privileges locally to a database, without
interference from one database to another.
--
Fabien.
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
