Quick Links

Re: How to remove user specific grant and revoke

From:	Andrus <kobruleht2(at)hot(dot)ee>
To:	Erik Wienhold <ewie(at)ewie(dot)name>, pgsql-general <pgsql-general(at)postgresql(dot)org>
Subject:	Re: How to remove user specific grant and revoke
Date:	2023-06-03 22:08:46
Message-ID:	3d59b000-0964-4a32-faab-ea8a3adf10b8@hot.ee
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

Hi!
>
> Should I ran separate revoke commands for every user to remove those
> revokes ?
>
> How to remove user-spefic grants ?

After running revoke commands in psql, GRANT commands disappeared
magically. It looks like pgAdmin does not allow execute REVOKO commands.

After running script which adds user group tabel modification rights for
admin users:

CREATE POLICY kaspriv_sel_policy ON kaspriv FOR SELECT USING (true);
CREATE POLICY kaspriv_mod_policy ON kaspriv USING (
lower(kasutaja)= current_user OR kasutaja in
    ( select kasutaja from kasutaja where ','||firmad||','
    LIKE '%,'|| (select firmad from kasutaja where lower(kasutaja)=
current_user) || ',%'
    )
);
ALTER TABLE kaspriv ENABLE ROW LEVEL SECURITY;
revoke all on kaspriv from public;
grant select on kaspriv to public;
grant insert, update, delete on kaspriv to admin1, admin2;

pgAdmin shows revoke commands for those users:

REVOKE ALL ON TABLE public.kaspriv FROM admin1;
REVOKE ALL ON TABLE public.kaspriv FROM admin2;

How to prevent pgAdmin to show those revokes?

Andrus.

In response to

Re: How to remove user specific grant and revoke at 2023-06-03 21:34:32 from Andrus

Responses

Re: How to remove user specific grant and revoke at 2023-06-04 00:36:32 from Erik Wienhold

Browse pgsql-general by date

	From	Date	Subject
Next Message	Erik Wienhold	2023-06-04 00:36:07	Re: How to remove user specific grant and revoke
Previous Message	Andrus	2023-06-03 21:34:32	Re: How to remove user specific grant and revoke