| From: | DECHERF Étienne <etienne(dot)decherf-ext(at)aphp(dot)fr> |
|---|---|
| To: | "pgsql-fr-generale(at)lists(dot)postgresql(dot)org" <pgsql-fr-generale(at)lists(dot)postgresql(dot)org> |
| Subject: | PG V9.6 / REVOKE SELECT columns ON TABLE T1 FROM John |
| Date: | 2018-10-19 16:20:35 |
| Message-ID: | 35B45AE5854FD442A1775EB1337F9701C8C50C@BBS-EXCMBX-P005.wprod.ds.aphp.fr |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-fr-generale |
Hello,
I 've created a PostgreSQL user "John" with REVOKE SELECT columns from him.
but "REVOKE SELECT (ipp , nom_nais , nom , prenom) ON TABLE table1 FROM "John";" command doesn't work in my script above :
Here is how I created the user "John":
CREATE ROLE "john";
REVOKE ALL PRIVILEGES ON DATABASE pgdb FROM "john";
ALTER ROLE "john" WITH LOGIN;
ALTER ROLE "john" WITH PASSWORD 'password' VALID UNTIL '2018-12-31';
GRANT CONNECT ON DATABASE dbpg TO "john";
GRANT USAGE ON SCHEMA schema1 TO "john";
----- forbid access to 4 columns of Table1
REVOKE SELECT (ipp , nom_nais , nom , prenom) ON TABLE Table1 FROM "John";
Result :
The 4 columns are still displayed.
The "REVOKE SELECT column" doen't work. I manage always to select values in the 4 columns.
Can you see why John can still watch the 4 columns ?
Is a comand missing in this script ?
Database version is 9.6.
Thanks a lot for your help !
Etienne DECHERF
DBA
etienne(dot)decherf-ext(at)aphp(dot)fr
+33 6 67462246
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Anthony Nowocien | 2018-10-19 17:27:48 | Re: PG V9.6 / REVOKE SELECT columns ON TABLE T1 FROM John |
| Previous Message | talk to ben | 2018-10-17 13:52:57 | Re: ALTER DEFAULT PRIVILEGES FOR USER in error |