Role members
Hello! I have the following question.
For example I have a role ID1 with members ID2 and ID3.
Role ID2 has also members ID4 and ID5. It means that roles ID4 and ID5 are
members of ID1.
The question: Is there any function in PostgreSQL, that finds all the
members of role ID1 - even such members, as ID4 and ID5.
Thanks.
Akmal Akmalhojaev wrote:
Hello! I have the following question.
For example I have a role ID1 with members ID2 and ID3.
Role ID2 has also members ID4 and ID5. It means that roles ID4 and ID5 are
members of ID1.
The question: Is there any function in PostgreSQL, that finds all the
members of role ID1 - even such members, as ID4 and ID5.
Akmal, this isn't really a question for the hackers list. Please try on
"general" or "admin".
However, I know of no function that will recursively expand member
lists. You could easily write your own of course, but you'll want to
decide how to handle the "inherits" flag.
--
Richard Huxton
Archonet Ltd
Akmal Akmalhojaev wrote:
It doesn't mean if there is "inherit" flag. I'm looking for a C function
like SearchSysCache() or smth.
Ah - I think the file you neeed to look in is backend/utils/adt/acl.c -
I think it's looking at things the other way around. That is - is the
current role a member of role X rather than list all the roles that are
members of X.
--
Richard Huxton
Archonet Ltd
Import Notes
Reply to msg id not found: ae5aee560705210342r29f05286s66549eb5d9ac0cde@mail.gmail.com
On Mon, May 21, 2007 at 02:21:52PM +0400, Akmal Akmalhojaev wrote:
Hello! I have the following question.
Moving to -general.
For example I have a role ID1 with members ID2 and ID3.
Role ID2 has also members ID4 and ID5. It means that roles ID4 and ID5 are
members of ID1.
The question: Is there any function in PostgreSQL, that finds all the
members of role ID1 - even such members, as ID4 and ID5.
Here's a function I've written in SQL:
CREATE OR REPLACE FUNCTION get_roles_under(OID)
RETURNS SETOF OID
LANGUAGE sql
AS $$
SELECT
$1
UNION
SELECT
member
FROM
pg_catalog.pg_auth_members
WHERE
roleid = $1
UNION
SELECT
get_roles_over(roleid) AS "roleid"
FROM
pg_catalog.pg_auth_members
WHERE
roleid IN (
SELECT
member
FROM
pg_catalog.pg_auth_members
WHERE
roleid = $1
)
$$;
Cheers,
D
--
David Fetter <david@fetter.org> http://fetter.org/
phone: +1 415 235 3778 AIM: dfetter666
Skype: davidfetter
Remember to vote!
Consider donating to PostgreSQL: http://www.postgresql.org/about/donate
On May 21, 2007, at 8:25 AM, David Fetter wrote:
On Mon, May 21, 2007 at 02:21:52PM +0400, Akmal Akmalhojaev wrote:
For example I have a role ID1 with members ID2 and ID3.
Role ID2 has also members ID4 and ID5. It means that roles ID4 and
ID5 are
members of ID1.
The question: Is there any function in PostgreSQL, that finds all the
members of role ID1 - even such members, as ID4 and ID5.Here's a function I've written in SQL:
CREATE OR REPLACE FUNCTION get_roles_under(OID)
RETURNS SETOF OID
LANGUAGE sql
AS $$
SELECT
$1
UNION
SELECT
member
FROM
pg_catalog.pg_auth_members
WHERE
roleid = $1
UNION
SELECT
get_roles_over(roleid) AS "roleid"
FROM
pg_catalog.pg_auth_members
WHERE
roleid IN (
SELECT
member
FROM
pg_catalog.pg_auth_members
WHERE
roleid = $1
)
$$;
Should that call to get_roles_over be a call to get_roles_under?
--
Jim Nasby jim@nasby.net
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)