Re: database permissions:how to create read only user for db

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: lexx(at)gorodok(dot)net
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: database permissions:how to create read only user for db
Date: 2004-12-25 16:20:07
Message-ID: 20041225162007.GA28018@wolff.to
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Sat, Dec 25, 2004 at 15:54:56 +0600,
lexx(at)gorodok(dot)net wrote:
> Hello all.
>
> Please help,
> are there any way to set some (ex. deny creating tables) privileges on database (not for databases objects)?
>
> I want crant full access to one user (let say "adminuser" for database "testdb") and make some others (read only) users,
> who can read only (do SELECT from "testdb" tables), but not CREATE tables or some database objects.
>
> As I know CRANT command allows only set privileges for database objects but not for databases.

You can write scripts that will set access for all existing objects in
a database. Objects created in the future will not automatically get the
same access rights. It mnay be possible to simplify granting rights by
using 'public' to give select access, if all users get at least select access.

> So, can I realize this using Postgres 7.1,
> or it's not possible at all?

You really don't want to be using 7.1. You should probably upgrade to 7.4.6,
unless this project is in the development phase, in which case using an 8.0
prelease with an eye toward using 8.0 after it is released (probably in
about two weeks) may make more sense.

7.1 isn't getting any more fixes now and there are some important bugs in
that version. You may also see significantly better performance in later
versions.

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message lexx 2004-12-26 07:41:22 Re: database permissions:how to create read only user for db
Previous Message lexx 2004-12-25 09:54:56 database permissions:how to create read only user for db