2010/10/27 Tony Cebzanov <tonyceb@xxxxxxxxxxxxxx>
On 10/23/10 11:01 AM, Craig Ringer wrote:I knew about role inheritance, I just didn't know about the
> Yep. As for not explicitly mentioning "lower" roles when granting a
> higher role (ie "admin" isn't also a "user") - role inheritance.
pg_has_role() function for determining if a user has a role. ÂThat's
helpful, but I really don't want to be hitting the database with a
pg_has_role() call for every time I want to check if a user should have
access to a certain page or function in my application.
Why not? Performance? It's just one function call.
Normally, when the user logs in, I'd cache their user info, and any
roles they have, either directly or indirectly. ÂBut how can I do this
if I'm not directly making administrators members of the other groups
they inherit the rights of? ÂIn other words, is there a convenience
function or view I can use to get a list of all roles the user has
access to, both directly or indirectly?
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
--
// Dmitriy.
