Re: Additional role attributes && superuser review

Robert,

Thanks for the feedback.

I'm slightly mystified as to how including the word "online" helps
> here. It's unlikely that there will be an offline_backup permission,
> because if the system is off-line, SQL-level permissions are
> irrelevant.

I'm certainly open to recommendations on this one. Initially, BACKUP was
proposed, but based on the discussion, it is unacceptable. As mentioned,
the documentation for the affected functions refer to starting/stopping an
'on-line backup', hence the current proposal. I feel like it is obviously
more in line with the documentation and removes the ambiguity in what
'type' of backup it allows, as that seemed to be one of the major concerns
of just using BACKUP. However, I could certainly understand if there was a
confusion on the terminology of 'online' vs 'offline' if those are not
regularly used terms or concepts. At any rate, I'll certainly continue to
give this one thought, but I wouldn't mind any recommendations/suggestions
anyone was willing to throw my way.

> * LOG - allows role to rotate log files - remains broad enough to consider
> > future log related operations
>
> Maybe LOGFILE? Only because some confusion with the LOG message level
> seems possible; or confusion about whether this is a permission that
> lets you log things.

That's a good point. I'll change this one up.

Thanks,
Adam

--
Adam Brightwell - adam(dot)brightwell(at)crunchydatasolutions(dot)com
Database Engineer - www.crunchydatasolutions.com