Doc: explain how to test ADMIN privilege with pg_has_role().

tglsfdc · tglsfdc · commit a2ebf3274a43 · 2024-09-20T15:56:34.000-04:00
This has always been possible, but the syntax is a bit obscure, and our user-facing docs were not very helpful. Spell it out more clearly. Per complaint from Dominique Devienne. Back-patch to all supported branches. Discussion: https://postgr.es/m/CAFCRh-8JNEy+dV4SXFOrWca50u+d=--TO4cq=+ac1oBtfJy4AA@mail.gmail.com
diff --git a/doc/src/sgml/func.sgml b/doc/src/sgml/func.sgml
@@ -25289,6 +25289,10 @@ SELECT has_function_privilege('joeuser', 'myfunc(int, text)', 'execute');
         are immediately available without doing <command>SET ROLE</command>,
         while <literal>SET</literal> denotes whether it is possible to change
         to the role using the <literal>SET ROLE</literal> command.
+        <literal>WITH ADMIN OPTION</literal> or <literal>WITH GRANT
+        OPTION</literal> can be added to any of these privilege types to
+        test whether the <literal>ADMIN</literal> privilege is held (all
+        six spellings test the same thing).
         This function does not allow the special case of
         setting <parameter>user</parameter> to <literal>public</literal>,
         because the PUBLIC pseudo-role can never be a member of real roles.
