On Tue, Jan 11, 2022 at 12:47 PM Wolfgang Walther <walther@xxxxxxxxxxxxxxx> wrote:
Dominique Devienne:
> I wish for DB-specific ROLEs BTW...
Same here. That would be so useful.
In fact, in my case, I also want something even narrower than that,
which are SCHEMA specific ROLEs. ROLEs tied to a given schema,
implicitly DROP'ed when their "owner" SCHEMA is DROP'ed , and which
can only take GRANTs/privileges on objects from it owner schema.
I'm not saying CLUSTER-wide ROLEs are not useful. They are, mostly for LOGIN USERs IMHO.
But for NOLOGIN ROLEs used to group permissions, often in a single DB, or even a single SCHEMA like in my case,
the fact ROLEs are CLUSTER-wide is problematic for the naming. FWIW. --DD
PS: I've read the note that DB-specific ROLEs kinda exists, but since the doc explicitly mentions to avoid them,
I don't use them. And in case, as I wrote above, SCHEMA-correlated ROLEs is what I really would like to use.
