Re: Roles versus users
| От | Adrian Klaver |
|---|---|
| Тема | Re: Roles versus users |
| Дата | |
| Msg-id | 5d943df6-4a18-43ee-62f0-7d432140ba58@aklaver.com обсуждение исходный текст |
| Ответ на | Roles versus users (stan <stanb@panix.com>) |
| Список | pgsql-general |
On 8/17/19 4:56 PM, stan wrote: > I am creating an application that will need to have access control. There > will basically be the groups (roles ?): > > * normal user (can do insert on a limited sate of tables, and select on a > slightly larger set > > * project manager will have some increased insert and select capabilities > > * sysadmin will be able to do select and insert on all tables in the schema > > There will be more than one person in each of these groups. My original > intent was to create roles, and assign users to appropriate roles, using > inheritance to add increasingly greater capabilities. That is the inheritance > would look like this > > normal user <- project manager <- sysadmin > > But, I have run up ion a note in the documentation that says that create user > is actually a synonym for create role. You need to read the rest of the paragraph: "The only difference is that when the command is spelled CREATE USER, LOGIN is assumed by default, whereas NOLOGIN is assumed when the command is spelled CREATE ROLE." https://www.postgresql.org/docs/11/sql-createrole.html "CREATE ROLE adds a new role to a PostgreSQL database cluster. A role is an entity that can own database objects and have database privileges; a role can be considered a “user”, a “group”, or both depending on how it is used. ..." > > So, should I just create roles for each user? > > -- Adrian Klaver adrian.klaver@aklaver.com
В списке pgsql-general по дате отправления: