Check for USAGE (instead of MEMBER) privilege in all pg_has_role occurrences #1012
Conversation
|
The code itself looks good. I would like to see a better description in the commit message, something closer to what you put in the description of the PR. Usually, if the commit message is written in a way that has a line subject and description in subsequent paragraphs, GitHub creates the PR with the user not needing to intervene in any way. |
|
Oh, and you will likely need to rebase (don't think you'll find any conflicts as we have been only changing the GitHub actions) |
|
@martinmarques Thanks for the advice, I will do it at next PRs. I also rebased the branch as requested. |
|
@RealGreenDragon you can amend the commit messages using git rebase --interactive |
RealGreenDragon
force-pushed
the
pg_has_role_usage
branch
from
f722267
to
90543f1
Compare
|
@martinmarques: commits squashed, but I see a linter fail (python so I thinks is not for my changes...) |
|
That linker error seems like something on our side. |
|
Seems we are testing python black and that'¡s failing. But it has to do with code that is not yours. |
To work correctly Barman database user should be included in some roles ad this is checked by
pg_has_rolefunction.In all
pg_has_rolefunctionsMEMBERprivilege is checked but in Barman code noSET ROLEis present so it better to check inpg_has_rolefunctionsUSAGEprivilege instead (that includesINHERITcheck).pg_has_rolefunction documentation: https://www.postgresql.org/docs/16/functions-info.html#id-1.5.8.32.4.4.2.2.14.1.1.1PR already discussed with @martinmarques here: EnterpriseDB/repmgr#807 (comment)