From 17018a148525c067c118ebc425f1281b86599852 Mon Sep 17 00:00:00 2001 From: "Karl O. Pinc kop@karlpinc.com" Date: Tue, 21 Jan 2025 21:12:44 +0000 Subject: [PATCH] Fix macro prefix --- doc/src/architecture/permissions.m4 | 34 ++++++++++++++--------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/doc/src/architecture/permissions.m4 b/doc/src/architecture/permissions.m4 index 33ce799..64aeea8 100644 --- a/doc/src/architecture/permissions.m4 +++ b/doc/src/architecture/permissions.m4 @@ -16,8 +16,8 @@ .. M4 setup include(constants.m4)dnl include(macros.m4)dnl -pdb_rst_quotes(`on')dnl -pdb_generated_rst()dnl +sdb_rst_quotes(`on')dnl +sdb_generated_rst()dnl .. _database_permission_levels: @@ -32,11 +32,11 @@ granted. This is done per user login. There are 2 ordinary levels of permission. Their names are: -``pdb_reader`` +``sdb_reader`` Permission to query database content. -``pdb_writer`` - All the permissions of ``pdb_reader`` plus permission to alter +``sdb_writer`` + All the permissions of ``sdb_reader`` plus permission to alter the content of the database. Ordinary permissions are database :dfn:`roles`. @@ -51,7 +51,7 @@ is created using SOKWEDB administration tools. There are various ways permissions can be granted or changed. One way is with SQL\ [#f2]_, e.g.:: - GRANT pdb_reader TO someuser; + GRANT sdb_reader TO someuser; .. _the_administrator_permission_level: @@ -59,18 +59,18 @@ One way is with SQL\ [#f2]_, e.g.:: The Administrator Permission Levels ``````````````````````````````````` -Administrators are in two groups, ``pdb_role_owner`` and -``pdb_admin_group``. -The ``pdb_admin_group`` permission level has near-maximal permissions. +Administrators are in two groups, ``sdb_role_owner`` and +``sdb_admin_group``. +The ``sdb_admin_group`` permission level has near-maximal permissions. It owns all database objects. -The ``pdb_role_owner`` group manages all roles and has permission to +The ``sdb_role_owner`` group manages all roles and has permission to create new users.\ [#f3]_ -It is the ``pdb_admin_group`` role that owns all the SOKWEDB database +It is the ``sdb_admin_group`` role that owns all the SOKWEDB database objects, the tables, views, etc. As PostgreSQL_ introduces new `pre-defined roles`_ the -``pdb_admin_group`` should be added as a member of those roles. +``sdb_admin_group`` should be added as a member of those roles. This will give all administrators the requisite additional access. .. _pre-defined roles: @@ -88,14 +88,14 @@ This will give all administrators the requisite additional access. .. [#f2] SQL is ordinarily only used to change a login's permission level. -.. [#f3] The ``pdb_role_owner`` group exists only because roles do not +.. [#f3] The ``sdb_role_owner`` group exists only because roles do not have ``WITH ADMIN TRUE`` on themselves. - So the ``pdb_admin_group`` role cannot grant the ability to + So the ``sdb_admin_group`` role cannot grant the ability to become itself to administrators, who need to be able to - become ``pdb_admin_group`` when creating database objects. - A second role is needed to grant the ``pdb_admin_group`` + become ``sdb_admin_group`` when creating database objects. + A second role is needed to grant the ``sdb_admin_group`` group ``WITH ADMIN TRUE`` to administrators. This second role must have ``WITH ADMIN`` on the - ``pdb_admin_group``, which is what a role creator has so this + ``sdb_admin_group``, which is what a role creator has so this second role may as well create all roles as well as manage role membership. -- 2.34.1