| From: | Nicolas Paris <nicolas(dot)paris(at)riseup(dot)net> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Default Privilege Table ANY ROLE |
| Date: | 2018-11-14 20:23:00 |
| Message-ID: | 20181114202055.a23bgy354qnmo7jn@riseup.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Nov 14, 2018 at 09:04:44PM +0100, Laurenz Albe wrote:
> Nicolas Paris wrote:
> > I d'like my user be able to select on any new table from other users.
> >
> > > ALTER DEFAULT PRIVILEGES FOR ROLE "theowner1" IN SCHEMA "myschema" GRANT select ON TABLES TO "myuser"
> > > ALTER DEFAULT PRIVILEGES FOR ROLE "theowner2" IN SCHEMA "myschema" GRANT select ON TABLES TO "myuser"
> > > ...
> >
> >
> > Do I really have to repeat the command for all users ?
> >
> > The problem is I have many user able to create tables and all of them
> > have to read each other.
>
> Now whenever "alice" has to create a table, she runs
> SET ROLE tableowner;
> Then all these tables belong to "tableowner", and each user in group "tablereader"
> can SELECT from them:
Yes, this step is overhead to me:
> SET ROLE tableowner;
In my mind, both bob/alice inherit from the same group, so they should
share the table they build according to this:
> ALTER DEFAULT PRIVILEGES FOR ROLE tableowner IN SCHEMA myschema GRANT SELECT ON TABLES TO tablereader;
--
nicolas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-11-14 20:50:11 | Re: pg_dump out of memory for large table with LOB |
| Previous Message | Laurenz Albe | 2018-11-14 20:04:44 | Re: Default Privilege Table ANY ROLE |