| From: | DM <dm(dot)aeqa(at)gmail(dot)com> |
|---|---|
| To: | Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com> |
| Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: how to revoke multiple users permission from multiple tables at the same time? |
| Date: | 2009-04-23 00:40:10 |
| Message-ID: | eae6a62a0904221740h6b82af80wcecf55293f5a9c3@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin pgsql-general |
Thanks Scott.
Good answer, I was consolidating the schemas here, there were too many users
were granted permission to tables.I wanted to consolidate/optimize to bring
it to one role and granting this role to the user (same way as you
mentioned).
Thanks for the solution.
Thanks
Deepak
On Wed, Apr 22, 2009 at 4:02 PM, Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com>wrote:
> On Wed, Apr 22, 2009 at 5:01 PM, Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com>
> wrote:
> > On Wed, Apr 22, 2009 at 4:19 PM, DM <dm(dot)aeqa(at)gmail(dot)com> wrote:
> >> how to revoke multiple users permission from multiple tables at the same
> >> time?
> >> Or in simple is there a way to revoke multiple users grant access from
> >> multiple tables under a schema.?
> >
> > Best way is to NOT grant multiple users permissions, but to grant a
> > role the permissions and grant that role to users. That way you only
> > have to revoke persmissions from the role to revoke it from all the
> > users.
> >
> >> I use Revoke below command to execute on each table one by one.
> >> revoke SELECT/ALL on testtable from user1;
> >
> > Note that you can build a set of revoke commands by using selects and
> > concatenations if you need them. Something like this (use psql -E to
> > see the queries \ commands invoke in psql)
> >
> > SELECT 'revoke all from somename on '||n.nspname||'.'|| c.relname ||';'
> > FROM pg_catalog.pg_class c
> > JOIN pg_catalog.pg_roles r ON r.oid = c.relowner
> > LEFT JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace
> > WHERE c.relkind IN ('r','v','S','')
> > AND n.nspname <> 'pg_catalog'
> > AND n.nspname !~ '^pg_toast'
> > AND pg_catalog.pg_table_is_visible(c.oid)
> > ORDER BY 1;
> >
> > ?column?
> > ----------------------------------------------
> > revoke all from somename on public.colony;
> > revoke all from somename on public.delegate;
> > revoke all from somename on public.jt1;
> > revoke all from somename on public.jt2;
> > revoke all from somename on public.mytable;
> > revoke all from somename on public.test1;
> > revoke all from somename on public.test2;
> > revoke all from somename on public.tmp;
> > (8 rows)
>
> In my hurry I got the order wrong, you want the revoke to look like this:
>
> revoke all on tablename from somename;
>
> I leave it to you to rebuild the query to get what ya need.
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rafael Domiciano | 2009-04-23 16:34:34 | Updating a very large table |
| Previous Message | Scott Marlowe | 2009-04-22 23:02:17 | Re: how to revoke multiple users permission from multiple tables at the same time? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2009-04-23 01:38:10 | Re: Problem with pgpool-II tool |
| Previous Message | Scott Marlowe | 2009-04-23 00:21:41 | Re: Help request to improve function performance |