sql: support ALTER ROLE ... RENAME TO ... #50821
Labels
A-sql-privileges
SQL privilege handling and permission checks.
C-enhancement
Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
T-sql-foundations
SQL Foundations Team (formerly SQL Schema + SQL Sessions)
Comments
solongordon
added
C-enhancement
solongordon
added this to Triage
in SQL Features (Deprecated - use SQL Experience board)
via automation
solongordon
moved this from Triage
to Backlog
in SQL Features (Deprecated - use SQL Experience board)
|
@awoods187 pointed out we could also consider implementing this by having a job which walked through the steps a user would do manually: creating the new role, granting the same privileges, assigning other roles to it, etc. That would still take some care to get right but would not require a larger overhaul to how we store privileges. |
blathers-crl
bot
added
the
T-sql-foundations
7 tasks
RichardJCai
moved this from February 2021
to Potentially for 22.2
in SQL Sessions - Deprecated
|
Depends on the work here: |
|
Let's wait for 23.1 to make thing's simpler - once the role_id work is in and has baked for a version such that we're guaranteed to have role ids. |
|
Just ran into this limitation. The workaround isn't so bad, but it'd be nice to see this in CRDB at some point! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CockroachDB currently does not support renaming an existing role directly. In order to do so, you need to create a new role with the same privileges and then drop the old one.
Supporting rename is not trivial as it stands because all privileges are keyed off of the role name. This is made more difficult by the fact that privileges are stored directly on descriptors, not in system tables.
Jira issue: CRDB-4084
Epic CRDB-25679
The text was updated successfully, but these errors were encountered: