Quick Links

Re: Permissions with multiple groups...

From:	Eric D Nielsen <nielsene(at)MIT(dot)EDU>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Eric D Nielsen <nielsene(at)MIT(dot)EDU>, pgsql-general(at)postgresql(dot)org, nielsene(at)MIT(dot)EDU
Subject:	Re: Permissions with multiple groups...
Date:	2002-09-19 03:00:39
Message-ID:	200209190300.XAA08610@scrubbing-bubbles.mit.edu
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

Version 7.1.3 (release tarball) on development machine -- Error
7.2.1 on production machine (7.2.1-2 Debian) -- Works

I can't easily upgrade the development machine in the near future, but this
at least gives more ammunition. If you know of any good workaround besides
just GRANT ALL on <each_table> TO test_cib_admin, (which works) I'ld appreciate
hearing about it.

Script:
CREATE USER test_cib_unauth;
CREATE USER test_cib_auth;
CREATE USER test_cib_admin;
CREATE GROUP test_cib_all;
CREATE GROUP test_cib_trusted;
ALTER GROUP test_cib_all ADD USER test_cib_unauth, test_cib_auth, test_cib_admin;
ALTER GROUP test_cib_trusted ADD USER test_cib_auth, test_cib_admin;

CREATE TABLE users (
userid SERIAL PRIMARY KEY,
statusid INT,
siteadmin BOOLEAN,
username TEXT,
hashed TEXT,
email TEXT);
REVOKE ALL PRIVILEGES ON users FROM PUBLIC;
GRANT SELECT, INSERT ON users TO GROUP test_cib_all;
GRANT UPDATE ON users_userid_seq TO GROUP test_cib_all;
GRANT UPDATE ON users TO GROUP test_cib_trusted;
GRANT DELETE ON users TO test_cib_admin;
\c - test_cib_admin
SELECT * FROM users;

--- END SCRIPT ---
Output on 7.1.3.
CREATE USER
CREATE USER
CREATE USER
CREATE GROUP
CREATE GROUP
ALTER GROUP
ALTER GROUP
NOTICE: CREATE TABLE will create implicit sequence ;user_userid_seq' for SERIAL column 'users.userid'
NOTICE: CREATE TABLE/PRIMARY KEY will create implicit index 'users_pkey' for table 'users'
CREATE
CHANGE
CHANGE
CHANGE
CHANGE
CHANGE
You are now connected as new user test_cib_admin.
ERROR: users: Permission Denied.

Eric

Responses

Re: Permissions with multiple groups... at 2002-09-19 03:34:40 from Tom Lane
Re: Permissions with multiple groups... at 2002-09-21 01:34:22 from ljb

Browse pgsql-general by date

	From	Date	Subject
Next Message	Bill Gribble	2002-09-19 03:07:35	Re: IN vs EXIIST
Previous Message	Darren Ferguson	2002-09-19 02:59:46	Re: IN vs EXIIST