The following documentation comment has been logged on the website: Page: https://www.postgresql.org/docs/10/sql-alterdefaultprivileges.html Description:
In the docs (https://www.postgresql.org/docs/10/sql-alterdefaultprivileges.html) it states: > You can change default privileges only for objects that will be created by yourself or by roles that you are a member of. Yet, altering the default privileges `for role`'s that I am a member of (i.e. `target_role` in docs), does not affect privileges granted on objects created by other members of said role. Seeing as separating Users (roles with log-in privilege) from Roles (containing concrete grants, unable to log in) seems a common, and recommendable pattern, I believe the statement is quite misleading. For an example of expected behaviour, see this Stack Overflow question: https://stackoverflow.com/questions/56237907/why-doesnt-alter-default-privileges-work-as-expected The only scenario I can think of where the statement makes sense seems quite foreign to me: Scenario: I, say `role_a`, have log-in, and am also a member of another Role, say `role_b`, which also has login. Only objects created directly by `role_b` (i.e. not any of its members) are affected. I suggest adding something like the following to the documentation: " Note that only object created directly by _*target_role*_ , i.e. not any of its members, will have privileges granted. "
