Re: "SHOW GRANTS FOR username" or why \z is not enough for me
| От | Tom Lane |
|---|---|
| Тема | Re: "SHOW GRANTS FOR username" or why \z is not enough for me |
| Дата | |
| Msg-id | 27975.1341172988@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | "SHOW GRANTS FOR username" or why \z is not enough for me (Christian Hammers <ch@lathspell.de>) |
| Ответы |
Re: "SHOW GRANTS FOR username" or why \z is not enough for
me
|
| Список | pgsql-novice |
Christian Hammers <ch@lathspell.de> writes:
> As a newbie Postgres admin I like to double check that my users have
> all necessary rights and more important only those and no more.
> All Postgres commands like \dp, \dt, \dn etc. cannot be filtered
> with WHERE though and are more useful to show the owner of an object
> not to show all objects owned by a user.
> My best approach so far is the following but I took me a while to
> build and I somehow think that there must be a more elegant solution
> like "SHOW GRANTS FOR foo" in MySQL. Any ideas?
has_table_privilege() and sibling functions might help you with that.
The approach you propose is full of holes --- most importantly, that it
will not report privileges held by virtue of being a member of a group,
such as PUBLIC.
regards, tom lane
В списке pgsql-novice по дате отправления: