| From: | rob stone <floriparob(at)gmail(dot)com> |
|---|---|
| To: | Patrick B <patrickbakerbr(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: permissions PostgreSQL 9.5 |
| Date: | 2016-08-10 02:08:58 |
| Message-ID: | 1470794938.6029.5.camel@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, 2016-08-10 at 13:33 +1200, Patrick B wrote:
> hi guys,
>
>
> just setting up a new DB using PostgreSQL 9.5.
>
>
> I've created a new username for the code, called codeuser.
>
> To give the username access to all the tables, views, etc I ran:
>
> > GRANT INSERT, SELECT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public
> > TO codeuser;
>
> Is that ok? Is that enough?
>
> Thanks
Patrick,
You also need to REVOKE INSERT/SELECT/UPDATE/DELETE ON SCHEMA public
FROM PUBLIC;
See section 5.8.4 in the docs.
You are much better off doing:-
CREATE ROLE codeuser . .. etc.
CREATE SCHEMA mynewapp AUTHORIZATION codeuser;
Then only codeuser can create tables etc. in that schema.
Set the search path in postgresql.conf to include the new schema.
You need to connect as codeuser.
HTH,
Rob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Venkata Balaji N | 2016-08-10 02:17:54 | Re: Logical Decoding Failover |
| Previous Message | Patrick B | 2016-08-10 01:33:11 | permissions PostgreSQL 9.5 |