blob: e4034417552107c53aa0d68468fafb036ab5b2e6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
.pgaw:Help.f.t insert end "GRANT" {bold} " GRANT allows the creator of an object to give specific permissions to all users (PUBLIC) or to a certain user or group. Users other than the creator don't have any access permission unless \
the creator GRANTs permissions, after the object is created.
Once a user has a privilege on an object, he is enabled to exercise that privilege. There is no need to GRANT privileges to the creator of an object, the creator automatically holds ALL \
privileges, and can also drop the object.
" {} "Synopsis" {bold} "
" {} "
GRANT privilege \[, ...\]
ON object \[, ...\]
TO \{ PUBLIC | GROUP group | username \}
" {code} "Usage" {bold} "
" {} "
-- grant insert privilege to all users on table films:
--
GRANT INSERT ON films TO PUBLIC;
-- grant all privileges to user manuel on view kinds:
--
GRANT ALL ON kinds TO manuel;
" {code} "Notes" {bold} "
Use the psql \\z command for further information about permissions on existing objects:
" {} "
Database = lusitania
+------------------+------------------------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+------------------------------------------------+
| mytable | \{\"=rw\",\"miriam=arwR\",\"group todos=rw\"\} |
+------------------+------------------------------------------------+
Legend:
uname=arwR -- privileges granted to a user
group gname=arwR -- privileges granted to a GROUP
=arwR -- privileges granted to PUBLIC
r -- SELECT
w -- UPDATE/DELETE
a -- INSERT
R -- RULE
arwR -- ALL
" {code} "Tip" {bold} "
Tip: Currently, to create a GROUP you have to insert data manually into table pg_group as:
INSERT INTO pg_group VALUES ('todos');
CREATE USER miriam IN GROUP todos;
Refer to REVOKE statements to revoke access privileges. "
|
