From 23d44397321f96d8a94e4791172ecd1f494d3349 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Fri, 20 Sep 2024 15:56:34 -0400
Subject: [PATCH] Doc: explain how to test ADMIN privilege with pg_has_role().

This has always been possible, but the syntax is a bit obscure,
and our user-facing docs were not very helpful.  Spell it out
more clearly.

Per complaint from Dominique Devienne.  Back-patch to
all supported branches.

Discussion: https://postgr.es/m/CAFCRh-8JNEy+dV4SXFOrWca50u+d=--TO4cq=+ac1oBtfJy4AA@mail.gmail.com
---
 doc/src/sgml/func.sgml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/src/sgml/func.sgml b/doc/src/sgml/func.sgml
index 48e5809ce5a..4812dd76405 100644
--- a/doc/src/sgml/func.sgml
+++ b/doc/src/sgml/func.sgml
@@ -23030,6 +23030,10 @@ SELECT has_function_privilege('joeuser', 'myfunc(int, text)', 'execute');
         the role (that is, the right to do <command>SET ROLE</command>), while
         <literal>USAGE</literal> denotes whether the privileges of the role
         are immediately available without doing <command>SET ROLE</command>.
+        <literal>WITH ADMIN OPTION</literal> or <literal>WITH GRANT
+        OPTION</literal> can be added to either of these privilege types to
+        test whether the <literal>ADMIN</literal> privilege is held (all
+        four spellings test the same thing).
         This function does not allow the special case of
         setting <parameter>user</parameter> to <literal>public</literal>,
         because the PUBLIC pseudo-role can never be a member of real roles.