From f9fd1764615ed5d85fab703b0ffb0c323fe7dfd5 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Tue, 26 Jul 2005 00:04:19 +0000
Subject: Add pg_has_role() family of privilege inquiry functions modeled after
 the existing ones for object privileges.  Update the information_schema for
 roles --- pg_has_role() makes this a whole lot easier, removing the need for
 most of the explicit joins with pg_user.  The views should be a tad faster
 now, too.  Stephen Frost and Tom Lane.

---
 doc/src/sgml/func.sgml | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

(limited to 'doc/src')

diff --git a/doc/src/sgml/func.sgml b/doc/src/sgml/func.sgml
index 37087355150..b5ce30105bc 100644
--- a/doc/src/sgml/func.sgml
+++ b/doc/src/sgml/func.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.270 2005/07/25 22:12:30 tgl Exp $
+$PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.271 2005/07/26 00:04:17 tgl Exp $
 PostgreSQL documentation
 -->
 
@@ -8427,6 +8427,21 @@ SET search_path TO <replaceable>schema</> <optional>, <replaceable>schema</>, ..
        <entry><type>boolean</type></entry>
        <entry>does current user have privilege for language</entry>
       </row>
+      <row>
+       <entry><literal><function>pg_has_role</function>(<parameter>user</parameter>,
+                                  <parameter>role</parameter>,
+                                  <parameter>privilege</parameter>)</literal>
+       </entry>
+       <entry><type>boolean</type></entry>
+       <entry>does user have privilege for role</entry>
+      </row>
+      <row>
+       <entry><literal><function>pg_has_role</function>(<parameter>role</parameter>,
+                                  <parameter>privilege</parameter>)</literal>
+       </entry>
+       <entry><type>boolean</type></entry>
+       <entry>does current user have privilege for role</entry>
+      </row>
       <row>
        <entry><literal><function>has_schema_privilege</function>(<parameter>user</parameter>,
                                   <parameter>schema</parameter>,
@@ -8473,6 +8488,9 @@ SET search_path TO <replaceable>schema</> <optional>, <replaceable>schema</>, ..
    <indexterm zone="functions-info">
     <primary>has_language_privilege</primary>
    </indexterm>
+   <indexterm zone="functions-info">
+    <primary>pg_has_role</primary>
+   </indexterm>
    <indexterm zone="functions-info">
     <primary>has_schema_privilege</primary>
    </indexterm>
@@ -8536,6 +8554,14 @@ SELECT has_function_privilege('joeuser', 'myfunc(int, text)', 'execute');
     <literal>USAGE</literal>.
    </para>
 
+   <para>
+    <function>pg_has_role</function> checks whether a user
+    can access a role in a particular way.  The possibilities for its
+    arguments are analogous to <function>has_table_privilege</function>.
+    The desired access privilege type must evaluate to
+    <literal>MEMBER</literal>.
+   </para>
+
    <para>
     <function>has_schema_privilege</function> checks whether a user
     can access a schema in a particular way.  The possibilities for its
-- 
cgit v1.2.3