grant everything on everything and then revoke

From: Ivan Sergio Borgonovo <mail(at)webthatworks(dot)it>
To: <pgsql-general(at)postgresql(dot)org>
Subject: grant everything on everything and then revoke
Date: 2009-03-03 09:35:31
Message-ID: 20090303103531.5af91cee@dawn.webthatworks.it
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

I'd like to have different users mainly to have a different search
schema path.
Things may evolve so this is not going to be the only reason to have
more than one user.

But I'm faced with the problem of granting the same access of the
owner of the db to the other users.

But I read:

http://www.postgresql.org/docs/8.3/static/sql-grant.html
The SQL standard does not support setting the privileges on more
than one object per command.

This is going to make maintenance and development a PITA every time I
add a new table, sequence, schema...

Defining a role/group with all grant access and then assigning that
group to all users is going to make this a bit less painful, but
still every time I'm going to add something to the DB I'll have to
remember to modify the group privileges.

Even when things will evolve, all users should be able to do
everything to most object with a few exception so it is easier to
revoke than to grant.

Any advice even with completely different approach?

thanks

--
Ivan Sergio Borgonovo
http://www.webthatworks.it

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Tim Uckun 2009-03-03 10:57:47 Re: PostgreSQL clustering with DRBD
Previous Message Harald Armin Massa[legacy] 2009-03-03 08:49:52 Re: postgreSQL & amazon ec2 cloud