| From: | "Hans C(dot) Poo" <hans(at)welinux(dot)cl> |
|---|---|
| To: | postgres <pgsql-general(at)postgresql(dot)org> |
| Subject: | Database level read only user |
| Date: | 2011-07-18 22:12:21 |
| Message-ID: | 925685c6-7b64-4670-bb5c-94d3fe380324@gondor.welinux.cl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
Today a client ask me for help to create a read only user for a postgresql 8.2 database, i ended up reading, copying and pasting and finally creating a function i'm sharing with the list:
CREATE OR REPLACE FUNCTION db_grant(usuario text, privilegio text)
RETURNS INTEGER AS $$
DECLARE
db RECORD;
BEGIN
FOR db IN
SELECT nspname
FROM pg_namespace
WHERE has_schema_privilege(nspname, 'USAGE') and nspname !~ '^pg_'
LOOP
EXECUTE 'GRANT USAGE ON schema ' || db.nspname || ' to ' || usuario;
END LOOP;
FOR db IN
SELECT *
FROM pg_tables
WHERE tableowner = current_user
LOOP
EXECUTE 'GRANT ' || privilegio || ' ON ' || db.schemaname || '.' || db.tablename || ' TO ' || usuario;
END LOOP;
RETURN 0;
END;
$$ LANGUAGE plpgsql;
COMMENT ON FUNCTION db_grant (text, text)
IS 'Give permissions at database level, Hans Poo, Santiago Julio de 2011';
-- This CREATE must be run by the owner of the database and will be created in the default schema usually public.
-- This is the call:
select db_grant('usuario1','select');
Bye
Hans
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Shianmiin | 2011-07-18 22:18:43 | Another unexpected behaviour |
| Previous Message | Merlin Moncure | 2011-07-18 22:04:46 | Re: How to sum monetary variables |