|From:||Sam Barnett-Cormack <s(dot)barnett-cormack(at)lancaster(dot)ac(dot)uk>|
|To:||Jean-Luc Lachance <jllachan(at)sympatico(dot)ca>|
|Cc:||Randall Perry <rgp(at)systame(dot)com>, olly(at)lfix(dot)co(dot)uk,pgsql-admin(at)postgresql(dot)org|
|Subject:||Re: How do I grant access to entire database at|
|Views:||Raw Message | Whole Thread | Download mbox|
On Mon, 26 Jul 2004, Jean-Luc Lachance wrote:
> I have been thinking about this problem for quite a while.
> Proper administration require creation of groups.
> Adding a new user to a database is as simple as adding the user to the
> group that has the required privileges to the database.
> But, I think one new command would be very usefull.
> CREATE GROUP <group> FROM USER <user>
> where the privileges would be derived from the user's.
I ain't no guru, but I would say:
1) I'd've thought that'd be simple enough to implement, and it is nice
and would be very handy
2) It's not as good or as flexible as what I suggested - it'd be nice to
have both, but group from user is much more likely to be forthcoming, I
3) You're right about groups, and I don't think enough people use them
enough or appropriately.
> Randall Perry wrote:
> > Thanks, I'll use it.
> > But, if the developer's are listening -- this is really obtuse. MySQL
> > administration is much easier. Please consider simplifying the GRANT process
> > for future revs.
> > BTW, I prefer postgresql for all my own development.
> > on 7/18/04 4:41 PM, Oliver Elphick at olly(at)lfix(dot)co(dot)uk wrote:
> >>On Sun, 2004-07-18 at 20:52, Randall Perry wrote:
> >>>This is a pain. Couldn't we gave something simple like
> >>>GRANT ALL ON database.* TO JOE;
> >>>Which would grant full access to all objects in the database to JOE for all
> >>You can do it like this in psql:
> >>\o /tmp/grant.sql
> >>SELECT 'GRANT ALL ON ' || n.nspname || '.' || c.relname ||
> >> ' TO joe;'
> >>FROM pg_catalog.pg_class AS c
> >> LEFT JOIN pg_catalog.pg_namespace AS n
> >> ON n.oid = c.relnamespace
> >>WHERE c.relkind IN ('r','v','S') AND
> >> n.nspname NOT IN ('pg_catalog', 'pg_toast') AND
> >> pg_catalog.pg_table_is_visible(c.oid)
> >>ORDER BY n.nspname, c.relname;
> >>\i /tmp/grant.sql
> >>The above could be put in a script and run from a Unix command prompt.
> >>(The SQL used above is adaated from that used by psql's \d command.)
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
Software Developer | Student of Physics & Maths
UK Mirror Service (http://www.mirror.ac.uk) | Lancaster University
|Next Message||alvaro||2004-07-26 20:39:34||Re: SOS ---- Could you help me with postgresql.....????|
|Previous Message||Jean-Luc Lachance||2004-07-26 19:29:01||Re: How do I grant access to entire database at|