Re: Roles and security

On 11/25/2017 12:03 PM, nikhil raj wrote:
>  check the roles of user I want to give user roles only select, 
> insert, update, execute and create database to all users Permission
>

those permissions can be assigned on a table by table basis, except 
create database, thats a special permission.    if you own a database 
(the creator owns it by default) then you can drop it, if you don't, you 
can't.

>
> The users should not have these permission
>  drop database , delete table permission

generally the owners of objects can grant/revoke permissions on said 
objects.


>
>
> **(Example --like in MS SQL we have like DB_roles-- ddladmin,data 
> writer,data reader ,etc like these do we have in postgres).***

you could create roles like these, make users members of these roles,a 
nd grant permissions to the roles.


for more information, see

https://www.postgresql.org/docs/current/static/user-manag.html
https://www.postgresql.org/docs/current/static/sql-grant.html
https://www.postgresql.org/docs/current/static/sql-revoke.html
https://www.postgresql.org/docs/current/static/sql-alterdefaultprivileges.html


-- 
john r pierce, recycling bits in santa cruz