Re: Deny creation of tables for a user
| От | Pascal Cohen |
|---|---|
| Тема | Re: Deny creation of tables for a user |
| Дата | |
| Msg-id | 4815D7A2.8000506@wimba.com обсуждение исходный текст |
| Ответ на | Re: Deny creation of tables for a user ("Albe Laurenz" <laurenz.albe@wien.gv.at>) |
| Список | pgsql-general |
Albe Laurenz wrote: > Pascal Cohen wrote: > >> I am playing with security in Postgres >> And I would like to have a database that can be managed by a given user >> that could do almost anything but I would also have a user that can just >> handle what is created. >> I mean she could insert, update delete rows but not create tables. >> >> I did not find a way to revoke such thing. Is it possible ? >> > > The concept of the privilege system is that each database object > determines what you can do with it (with an access control list). > > The owner of a database object can do everything with it. > > So I'd do it like this: > > Owning user (owns schema "myschema"): > > CREATE TABLE myschema.mytable (...); > GRANT USAGE ON SCHEMA myschema TO bibi; > GRANT INSERT, UPDATE, DELETE ON myschema.mytable TO bibi; > > Now user "bibi" can du exactly what you want. > > Yours, > Laurenz Albe > > Thanks all for your help. Your examples + re-reading the documentation made things clear to my mind. Thanks again!
В списке pgsql-general по дате отправления: