| From: | Josh Kupershmidt <schmiddy(at)gmail(dot)com> |
|---|---|
| To: | Ross Boylan <ross(at)biostat(dot)ucsf(dot)edu> |
| Cc: | pgsql-novice(at)postgresql(dot)org |
| Subject: | Re: permissions |
| Date: | 2012-05-31 19:09:04 |
| Message-ID: | CAK3UJRFPu7w-jtZRuRL27px20N25t7pJb=dJGyiyDEgA9ee=8A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
On Wed, May 30, 2012 at 11:26 PM, Ross Boylan <ross(at)biostat(dot)ucsf(dot)edu> wrote:
> Is there an easy way to give role x blanket access to the objects in a
> database?
As of 9.0, you can use:
GRANT SELECT ON ALL TABLES IN SCHEMA ... TO ... ;
If you have many schemas, it should be easy to create a PL/pgSQL
function to iterate over them and run the above GRANT for each. If
you're stuck on 8.4, you might have to resort to a PL/pgSQL function
to iterate over the tables in your database and run the necessary
GRANTs.
Another strategy worth mentioning is to figure out which tables should
be readable by all users in the database, and use
GRANT SELECT ON ... TO PUBLIC;
on those tables.
> My theory is that I would need to grant privileges individually for each
> table, index, ....
>
> Is that theory right? Is there a command to do it all at once? I
> though grant ... database... was that command, but it didn't work.
Granting, say, ALL PRIVILEGES on a database essentially allows the
specified user to create *new* objects in that database, but does not
affect the privileges on objects in the database created by other
users.
Josh
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ross Boylan | 2012-05-31 20:36:52 | Re: permissions/building commands from variables |
| Previous Message | Jonatan Reiners | 2012-05-31 14:03:59 | Re: ERROR: invalid input syntax for integer |