Re: Things I don't like about \du's "Attributes" column

Thu, 11 Jul 2024 05:07:55 -0700 

On Thu, 6 Jun 2024 at 23:10, Pavel Luzanov <p.luza...@postgrespro.ru> wrote:
>
> On 06.06.2024 17:29, Robert Haas wrote:
>
> I think the first of these special interpretations is unnecessary and
> should be removed. It seems pretty clear what 0 means.
>
> Agree.
> There is an additional technical argument for removing this replacement.
> I don't like explicit cast to text of the "Connection limit" column.
> Without 'Not allowed' it is no longer required.
> Value -1 can be replaced by NULL with an implicit cast to integer.
>
> Next version with this change attached.
>
> Example output:
>
> \du+ regress_du*
>                                                 List of roles
>     Role name     | Login | Attributes  |         Valid until          | 
> Connection limit |   Description
> ------------------+-------+-------------+------------------------------+------------------+------------------
>  regress_du_admin | yes   | Superuser  +|                              |      
>             | some description
>                   |       | Create DB  +|                              |      
>             |
>                   |       | Create role+|                              |      
>             |
>                   |       | Inherit    +|                              |      
>             |
>                   |       | Replication+|                              |      
>             |
>                   |       | Bypass RLS  |                              |      
>             |
>  regress_du_role0 | yes   | Inherit     | Tue Jun 04 00:00:00 2024 PDT |      
>           0 |
>  regress_du_role1 | no    | Create role+| infinity                     |      
>             |
>                   |       | Inherit     |                              |      
>             |
>  regress_du_role2 | yes   | Inherit    +|                              |      
>          42 |
>                   |       | Replication+|                              |      
>             |
>                   |       | Bypass RLS  |                              |      
>             |
> (4 rows)
>
> Current version for comparison:
This looks much better than the current version. Only thing is, I find
the column name Valid until confusing. With that name I am in danger
of taking it as the role's validity and not the passwords'.
How about naming it to something like Password validity...?
>
>                                           List of roles
>     Role name     |                         Attributes                        
>  |   Description
> ------------------+------------------------------------------------------------+------------------
>  regress_du_admin | Superuser, Create role, Create DB, Replication, Bypass 
> RLS | some description
>  regress_du_role0 | No connections                                            
> +|
>                   | Password valid until 2024-06-04 00:00:00+03               
>  |
>  regress_du_role1 | Create role, Cannot login                                 
> +|
>                   | Password valid until infinity                             
>  |
>  regress_du_role2 | Replication, Bypass RLS                                   
> +|
>                   | 42 connections                                            
>  |
>
>
> Data:
> CREATE ROLE regress_du_role0 LOGIN PASSWORD '123' VALID UNTIL '2024-06-04' 
> CONNECTION LIMIT 0;
> CREATE ROLE regress_du_role1 CREATEROLE CONNECTION LIMIT -1 VALID UNTIL 
> 'infinity';
> CREATE ROLE regress_du_role2 LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 42;
> CREATE ROLE regress_du_admin LOGIN SUPERUSER CREATEROLE CREATEDB BYPASSRLS 
> REPLICATION INHERIT;
> COMMENT ON ROLE regress_du_admin IS 'some description';
>
> --
> Pavel Luzanov
> Postgres Professional: https://postgrespro.com

-- 
Regards,
Rafia Sabih

Reply via email to