Lists: | pgsql-generalpgsql-hackers |
---|
From: | "Akmal Akmalhojaev" <akmal(dot)ilh(at)gmail(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Role members |
Date: | 2007-05-21 10:21:52 |
Message-ID: | ae5aee560705210321g17465f2dl9ecc433250e5eacf@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general pgsql-hackers |
Hello! I have the following question.
For example I have a role ID1 with members ID2 and ID3.
Role ID2 has also members ID4 and ID5. It means that roles ID4 and ID5 are
members of ID1.
The question: Is there any function in PostgreSQL, that finds all the
members of role ID1 - even such members, as ID4 and ID5.
Thanks.
From: | Richard Huxton <dev(at)archonet(dot)com> |
---|---|
To: | Akmal Akmalhojaev <akmal(dot)ilh(at)gmail(dot)com> |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Role members |
Date: | 2007-05-21 10:34:32 |
Message-ID: | 465175B8.6090104@archonet.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general pgsql-hackers |
Akmal Akmalhojaev wrote:
> Hello! I have the following question.
>
> For example I have a role ID1 with members ID2 and ID3.
> Role ID2 has also members ID4 and ID5. It means that roles ID4 and ID5 are
> members of ID1.
> The question: Is there any function in PostgreSQL, that finds all the
> members of role ID1 - even such members, as ID4 and ID5.
Akmal, this isn't really a question for the hackers list. Please try on
"general" or "admin".
However, I know of no function that will recursively expand member
lists. You could easily write your own of course, but you'll want to
decide how to handle the "inherits" flag.
--
Richard Huxton
Archonet Ltd
From: | Richard Huxton <dev(at)archonet(dot)com> |
---|---|
To: | Akmal Akmalhojaev <akmal(dot)ilh(at)gmail(dot)com> |
Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Role members |
Date: | 2007-05-21 13:26:27 |
Message-ID: | 46519E03.6020600@archonet.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general pgsql-hackers |
Akmal Akmalhojaev wrote:
> It doesn't mean if there is "inherit" flag. I'm looking for a C function
> like SearchSysCache() or smth.
Ah - I think the file you neeed to look in is backend/utils/adt/acl.c -
I think it's looking at things the other way around. That is - is the
current role a member of role X rather than list all the roles that are
members of X.
--
Richard Huxton
Archonet Ltd
From: | David Fetter <david(at)fetter(dot)org> |
---|---|
To: | Akmal Akmalhojaev <akmal(dot)ilh(at)gmail(dot)com> |
Cc: | PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: [HACKERS] Role members |
Date: | 2007-05-21 15:25:48 |
Message-ID: | 20070521152548.GB11913@fetter.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general pgsql-hackers |
On Mon, May 21, 2007 at 02:21:52PM +0400, Akmal Akmalhojaev wrote:
> Hello! I have the following question.
Moving to -general.
> For example I have a role ID1 with members ID2 and ID3.
> Role ID2 has also members ID4 and ID5. It means that roles ID4 and ID5 are
> members of ID1.
> The question: Is there any function in PostgreSQL, that finds all the
> members of role ID1 - even such members, as ID4 and ID5.
Here's a function I've written in SQL:
CREATE OR REPLACE FUNCTION get_roles_under(OID)
RETURNS SETOF OID
LANGUAGE sql
AS $$
SELECT
$1
UNION
SELECT
member
FROM
pg_catalog.pg_auth_members
WHERE
roleid = $1
UNION
SELECT
get_roles_over(roleid) AS "roleid"
FROM
pg_catalog.pg_auth_members
WHERE
roleid IN (
SELECT
member
FROM
pg_catalog.pg_auth_members
WHERE
roleid = $1
)
$$;
Cheers,
D
--
David Fetter <david(at)fetter(dot)org> http://fetter.org/
phone: +1 415 235 3778 AIM: dfetter666
Skype: davidfetter
Remember to vote!
Consider donating to PostgreSQL: http://www.postgresql.org/about/donate
From: | Jim Nasby <decibel(at)decibel(dot)org> |
---|---|
To: | David Fetter <david(at)fetter(dot)org> |
Cc: | Akmal Akmalhojaev <akmal(dot)ilh(at)gmail(dot)com>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: [HACKERS] Role members |
Date: | 2007-05-29 03:32:29 |
Message-ID: | 9AC2CA53-2BE2-4DB3-8902-C9543097424E@decibel.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-general pgsql-hackers |
On May 21, 2007, at 8:25 AM, David Fetter wrote:
> On Mon, May 21, 2007 at 02:21:52PM +0400, Akmal Akmalhojaev wrote:
>> For example I have a role ID1 with members ID2 and ID3.
>> Role ID2 has also members ID4 and ID5. It means that roles ID4 and
>> ID5 are
>> members of ID1.
>> The question: Is there any function in PostgreSQL, that finds all the
>> members of role ID1 - even such members, as ID4 and ID5.
>
> Here's a function I've written in SQL:
>
> CREATE OR REPLACE FUNCTION get_roles_under(OID)
> RETURNS SETOF OID
> LANGUAGE sql
> AS $$
> SELECT
> $1
> UNION
> SELECT
> member
> FROM
> pg_catalog.pg_auth_members
> WHERE
> roleid = $1
> UNION
> SELECT
> get_roles_over(roleid) AS "roleid"
> FROM
> pg_catalog.pg_auth_members
> WHERE
> roleid IN (
> SELECT
> member
> FROM
> pg_catalog.pg_auth_members
> WHERE
> roleid = $1
> )
> $$;
Should that call to get_roles_over be a call to get_roles_under?
--
Jim Nasby jim(at)nasby(dot)net
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)