Why did PostgreSQL merge users and groups into roles?

Question 1

Why did PostgreSQL merge users and groups into roles?

postgresql roles database-permissions

KajMagnus · Dec 13, 2011 · Viewed 9k times · Source

Answer

Answer

The merge has many advantages and no disadvantages. For instance, you can now seamlessly convert a "user" to a "group" and vice versa by adding / removing the LOGIN privilege.

ALTER ROLE myrole LOGIN;
ALTER ROLE myrole NOLOGIN;

Or you can GRANT membership in any other login ("user") or non-login role ("group") to a role:

GRANT joe TO sue;

You can still:

CREATE USER james;

That's just a role with login privilege now. Or:

CREATE GROUP workers;

That's effectively the same as CREATE ROLE now.

The manual has it all.

Question 2

From the PostgreSQL docs:

The concept of roles subsumes the concepts of "users" and "groups". In PostgreSQL versions before 8.1, users and groups were distinct kinds of entities, but now there are only roles. Any role can act as a user, a group, or both.

Why did they make this change in 8.1?

Perhaps it's easier from the C coders point of view, with a single Role class (struct)?

More details:

CREATE USER is equivalent to CREATE ROLE except that CREATE USER gives the LOGIN permission to the user/role.

(I'm about to design a permission system for my webapp, hence I'm interested in this.)

Why did PostgreSQL merge users and groups into roles?

Answer

Related questions