| From: | Ivan Sergio Borgonovo <mail(at)webthatworks(dot)it> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: grant everything on everything and then revoke |
| Date: | 2009-03-03 17:54:05 |
| Message-ID: | 20090303185405.7372c6d9@dawn.webthatworks.it |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, 03 Mar 2009 09:29:17 -0800
John R Pierce <pierce(at)hogranch(dot)com> wrote:
> Ivan Sergio Borgonovo wrote:
> > I'd like to have different users mainly to have a different
> > search schema path.
> > Things may evolve so this is not going to be the only reason to
> > have more than one user.
> > But I'm faced with the problem of granting the same access of the
> > owner of the db to the other users.
> ...
> have the database owned by a 'ROLE and make your users members of
> that ROLE.
This looks really neat for the beginning and it doesn't even look as
an hack ;)
What if I had to differentiate privileges of each user?
Will revoking privileges on each users work?
I didn't understand how
CREATE SCHEMA schemaname AUTHORIZATION username;
AUTHORIZATION really works and maybe it could be another way to
approach the problem.
Thanks to everybody.
Even the pointer to the functions was interesting.
The acl_admin.grant_on_all seems what my initial quest was looking
for, but the ROLE trick seems much more straight forward currently.
--
Ivan Sergio Borgonovo
http://www.webthatworks.it
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joshua Tolley | 2009-03-03 20:39:22 | Re: postgreSQL & amazon ec2 cloud |
| Previous Message | Chris Browne | 2009-03-03 17:45:15 | Re: How to delete all locks? Re: Strange behavior: row won't delete |