Greetings, On Wed, Sep 7, 2022 at 18:11 Nathan Bossart <nathandboss...@gmail.com> wrote:
> On Wed, Sep 07, 2022 at 05:13:44PM -0400, Stephen Frost wrote: > > I disagree that we should put the onus for addressing this on the next > > person who wants to add bits and just willfully use up the last of them > > right now for what strikes me, at least, as a relatively marginal use > > case. If we had plenty of bits then, sure, let's use a couple of for > > this, but that isn't currently the case. If you want this feature then > > the onus is on you to do the legwork to make it such that we have plenty > > of bits. > > FWIW what I really want is the new predefined roles. I received feedback > upthread that it might also make sense to give people more fine-grained > control, so I implemented that. And now you're telling me that I need to > redesign the ACL system. :) Calling this a redesign is over-stating things, imv … and I’d much rather have the per-relation granularity than predefined roles for this, so there is that to consider too, perhaps. I'm happy to give that project a try given there is agreement on the > direction and general interest in the patches. From the previous > discussion, it sounds like we want to first use a distinct set of bits for > each catalog table. Is that what I should proceed with? Yes, that seems to be the consensus among those involved in this thread thus far. Basically, I imagine this involves passing around the object type along with the acl info and then using that to check the bits and such. I doubt it’s worth inventing a new structure to combine the two … but that’s just gut feeling and you may find it does make sense to once you get into it. Thanks! Stephen >