| From: | "Wetmore, Matthew (CTR)" <Matthew(dot)Wetmore(at)express-scripts(dot)com> |
|---|---|
| To: | richard coleman <rcoleman(dot)ascentgl(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "pgsql-admin(at)lists(dot)postgresql(dot)org" <pgsql-admin(at)lists(dot)postgresql(dot)org> |
| Subject: | how to list privileges on the database object itself via SQL? |
| Date: | 2023-04-26 21:28:19 |
| Message-ID: | 3e9ce35157e44b29bdf0a453236e947b@express-scripts.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
May I suggest PgAdmin GUI
From: richard coleman <rcoleman(dot)ascentgl(at)gmail(dot)com>
Sent: Wednesday, April 26, 2023 12:50 PM
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-admin(at)lists(dot)postgresql(dot)org
Subject: [EXTERNAL] Re: how to list privileges on the database object itself via SQL?
Tom,
Thanks for that. It still seems rather weird that there isn't a more straightforward way to get access to that information.
Also the SQL generated by psql -E doesn't seem to work on earlier versions of PostgreSQL:
SELECT d.datname as "Name",
pg_catalog.pg_get_userbyid(d.datdba) as "Owner",
pg_catalog.pg_encoding_to_char(d.encoding) as "Encoding",
d.datcollate as "Collate",
d.datctype as "Ctype",
-- start this section works in pg15, but not in pg11
d.daticulocale as "ICU Locale",
CASE d.datlocprovider WHEN 'c' THEN 'libc' WHEN 'i' THEN 'icu' END AS "Locale Provider",
-- end this section works in pg15, but not in pg11
pg_catalog.array_to_string(d.datacl, E'\n') AS "Access privileges"
FROM pg_catalog.pg_database d
ORDER BY 1;
Even then, the results are a potentially very long concatenated string, or originally an array, in the "Access privileges" column.
Are you sure there isn't a more straightforward way to access this information? Are you saying that the only place this information is stored is in an array in the datacl column of the pg_catalog.pg_database table?
If that's the case then I am going to be forced to either write code to parse out that array, or write a looping union of multiple "has_database_privilege()" calls.
Either case seems like overkill to get such basic information out of PostgreSQL....
rik.
On Wed, Apr 26, 2023 at 1:22 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us<mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us>> wrote:
richard coleman <rcoleman(dot)ascentgl(at)gmail(dot)com<mailto:rcoleman(dot)ascentgl(at)gmail(dot)com>> writes:
> Thanks, but no. I am looking for the SQL statement.
> I very rarely venture into psql, unless it's to run an SQL code block from
> the terminal.
> Is there an SQL way to do this?
psql is still a useful reference. Run it with the -E option and
look at the SQL it issues when you say "\l". Trim to fit your
requirements.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bethany Davis | 2023-04-26 21:56:15 | Can't use accounts with .local emails |
| Previous Message | Erik Wienhold | 2023-04-26 18:34:17 | Re: Am I being blacklisted? |