| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | "Igal (at) Lucee(dot)org" <igal(at)lucee(dot)org> |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Permissions for Web App |
| Date: | 2017-10-10 13:14:56 |
| Message-ID: | 20171010131456.GW4628@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Greetings,
* Igal @ Lucee.org (igal(at)lucee(dot)org) wrote:
> It worked, thanks!
Be sure to check that you're really getting what you want here.
> For future reference and for the benefit of others, the command that
> I ran is:
>
> ALTER DEFAULT PRIVILEGES IN SCHEMA public
> GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO webapp;
Note that DEFAULT PRIVILEGES apply to a specific role (in the above
case, whatever CURRENT_USER is) and therefore will only be helpful if
you only have one user creating tables, in this case.
There's been a lot of questions and discussions about having an actual
'read only' role that can be granted out. Now that we've actually got
default roles in PG, this is something that becomes at least somewhat
more practical and might be able to happen for PG11 if there's interest
and effort put into it.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vladimir Nicolici | 2017-10-10 13:56:28 | Re: Strange checkpoint behavior - checkpoints take a long time |
| Previous Message | Stephen Frost | 2017-10-10 13:12:17 | Re: pg_start/stop_backup naming conventions |