Re: forcing table ownership

Hi Richard,

> -----Original Message-----
> From: Richard Huxton [mailto:dev(at)archonet(dot)com]
> Sent: Friday, September 16, 2011 9:54 AM
> To: Darin Perusich
> Cc: Richard Broersma; pgsql-general(at)postgresql(dot)org
> Subject: Re: [GENERAL] forcing table ownership
>
> On 16/09/11 14:13, Darin Perusich wrote:
> >
> > Altering the table owner by setting it to the group role effectively
> > denies permission to all users of the group. Unless they explicitly
> "SET
> > role grp1" that is.
>
> I've already got a user "richardh"
>
> As a superuser:
> CREATE GROUP mygroup INHERIT;
> GRANT mygroup TO richardh;
> CREATE TABLE shared_table (i int);
> As richardh:
> ALTER TABLE shared_table ADD COLUMN t text;
> ERROR: must be owner of relation shared_table
> As superuser:
> ALTER TABLE shared_table OWNER TO mygroup;
> As richardh:
> ALTER TABLE shared_table ADD COLUMN t text;
> ALTER TABLE
>
> I think the key bit you're missing is the "INHERIT" on the group. Also
> note that the CREATE USER/CREATE GROUP commands actually just run
> CREATE
> ROLE under the hood.
>

This works but I found that I also needed to set the database owner to
the group as well. It would be nice to be able to set the default group
but it appears thats only available in PG9.

Thanks.

--
Darin Perusich
Email: Darin(dot)Perusich(at)ctg(dot)com
Office: 716-888-3690
The information transmitted is intended only for the person or entity to which
it is addressed and may contain confidential and/or privileged material. Any
review, retransmission, dissemination or other use of, or taking of any action
in reliance upon, this information by persons or entities other than the
intended recipient is prohibited. If you are not the intended recipient of this
message, please contact the sender and delete this material from this computer.