From: | richard coleman <rcoleman(dot)ascentgl(at)gmail(dot)com> |
---|---|
To: | Erik Wienhold <ewie(at)ewie(dot)name> |
Cc: | pgsql-admin(at)lists(dot)postgresql(dot)org |
Subject: | Re: how to list privileges on the database object itself via SQL? |
Date: | 2023-04-26 17:53:27 |
Message-ID: | CAGA3vBtQKHuX2XLOq31-k+iywhsHwWTUTjBiAyZJmtXZutQB+Q@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Erik,
Thanks for that. I'll have to look into the aclexplode() function some
more.
When I try running your SQL on a pg11 database I get:
ERROR: role "role" does not exist
LINE 3: WHERE grantee = 'role'::regrole AND privilege_type I...
^
SQL state: 42704
Character: 151
rik.
On Wed, Apr 26, 2023 at 1:17 PM Erik Wienhold <ewie(at)ewie(dot)name> wrote:
> > On 26/04/2023 18:34 CEST richard coleman <rcoleman(dot)ascentgl(at)gmail(dot)com>
> wrote:
> >
> > This might sound like a silly question, but how would I list the
> privileges
> > the various roles have on the database objects themselves?
> >
> > There appear to be a million ways to list the privileges on various
> database
> > objects; tables, views, foreign tables, etc. but for the life of me there
> > doesn't appear to an analogous way to get permissions on the database
> objects
> > themselves.
> >
> > At the moment all that I've found is:
> >
> > select has_database_privilege('role','db_name', 'CREATE') as can_create;
> > select has_database_privilege('role','db_name', 'CONNECT') as
> can_connect;
> > select has_database_privilege('role','db_name', 'TEMP') as can_temp;
> >
> > Am I missing something?
>
> If you're interested in specific roles or privileges, then aclexplode is
> your
> friend.
>
> SELECT
> datname,
> grantor::regrole,
> grantee::regrole,
> privilege_type,
> is_grantable
> FROM
> pg_database,
> aclexplode(datacl)
> WHERE
> grantee = 'role'::regrole
> AND privilege_type IN ('CREATE', 'CONNECT', 'TEMPORARY');
>
> --
> Erik
>
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | richard coleman | 2023-04-26 17:54:29 | Re: Am I being blacklisted? |
Previous Message | MichaelDBA | 2023-04-26 17:53:06 | Am I being blacklisted? |