On 2014-03-12 10:03:42 -0300, Alvaro Herrera wrote: > Tom Lane wrote: > > Andrew Dunstan <and...@dunslane.net> writes: > > > On 03/11/2014 09:37 PM, Tom Lane wrote: > > >> In particular, I'd like to see an exclusion that prevents local users > > >> from having the same name as any global user, so that we don't have > > >> ambiguity in GRANT and similar commands. This doesn't seem simple to > > >> enforce (if we supported partial indexes on system catalogs, it would > > >> be ...) but surely this representation is more amenable to enforcing it > > >> than the existing one. > > > > > Should be workable if you're creating a local name - just check against > > > the list of global roles. > > > > Concurrent creations won't be safe without some sort of locking scheme. > > A unique index would be a lot better way of plugging that hole than a > > system-wide lock on user creation. But not sure how to define a unique > > index that allows (joe, db1) to coexist with (joe, db2) but not with > > (joe, 0). > > Isn't this just a case of creating a suitable operator and an exclusion > constraint? Defining the constraint in BKI might require extra > infrastructure, but it should be possible.
Except that we don't have the infrastructure to perform such checks (neither partial, nor expression indexes, no exclusion constraints) on system tables atm. So it's not a entirely trivial thing to do. Greetings, Andres Freund -- Andres Freund http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
