| From: | george young <gry(at)ll(dot)mit(dot)edu> |
|---|---|
| To: | Vladislav Breus <vlad(at)dtr(dot)donetsk(dot)ua> |
| Cc: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: sql user management |
| Date: | 2001-05-29 14:27:51 |
| Message-ID: | 20010529102751.05572a14.gry@ll.mit.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
On Mon, 28 May 2001 17:03:32 +0300
Vladislav Breus <vlad(at)dtr(dot)donetsk(dot)ua> wrote:
> With SQL requests I can create, change privileges of the user...
>
> Can I access to user information only with sql-requests ?
> - Is the user a member of group <group> ?
Use the contrib module 'array':
[cd $SOURCE/contrib/array
make
make install]
Then, to find what groups 'young' is in, one can do:
select g.groname from pg_group g, pg_shadow s where s.usename='young' and g.grolist *= s.usesysid;
or
select g.grolist *= s.usesysid from pg_group g, pg_shadow s where s.usename='young' and g.groname='originator';
just to see wether or not 'young' is in group 'originator'.
> - Has he rights to table <table> ?
That's more complicated, but still accessible. You have to get pg_class.relacl from pg_class where relname='yourtable';
and then parse the acl (access control list) and join with pg_group info...
Hmm, I haven't tried it -- looks messy...
Good luck,
George
--
Your mouse has moved.
Windows NT must be restarted for the change to take effect.
Reboot now? [OK]
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-05-29 14:50:46 | Re: Re: [SQL] Difficult SQL Statement |
| Previous Message | Tom Lane | 2001-05-29 13:46:03 | Re: Re: [SQL] Difficult SQL Statement |