Christian Hammers <ch(at)lathspell(dot)de> writes:
> As a newbie Postgres admin I like to double check that my users have
> all necessary rights and more important only those and no more.
> All Postgres commands like \dp, \dt, \dn etc. cannot be filtered
> with WHERE though and are more useful to show the owner of an object
> not to show all objects owned by a user.
> My best approach so far is the following but I took me a while to
> build and I somehow think that there must be a more elegant solution
> like "SHOW GRANTS FOR foo" in MySQL. Any ideas?
has_table_privilege() and sibling functions might help you with that.
The approach you propose is full of holes --- most importantly, that it
will not report privileges held by virtue of being a member of a group,
such as PUBLIC.
regards, tom lane
In response to
pgsql-novice by date
|Next:||From: Pierre-Henry Frohring||Date: 2012-07-02 10:31:58|
|Subject: pgsql and lion : not taking good header at compilation.|
|Previous:||From: Lew||Date: 2012-07-01 17:39:43|
|Subject: Re: "SHOW GRANTS FOR username" or why \z is not enough for