| From: | Wells Oliver <wells(dot)oliver(at)gmail(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | pgsql-admin <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: User has role, role has UPDATE, user can't update, cannot figure this out. |
| Date: | 2021-03-05 22:34:51 |
| Message-ID: | CAOC+FBVR7gBrEpBrgJb8CdWnYfzFX3UAUiTzkGvh9YqjkcMtYg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
That's it exactly. That's incredible, so basic, and I never knew you needed
SELECT to make qualified UPDATES.
Thanks Stpehen.
On Fri, Mar 5, 2021 at 2:08 PM Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> Greetings,
>
> * Wells Oliver (wells(dot)oliver(at)gmail(dot)com) wrote:
> > It seems very straight forward, but I have a user belongs to the role
> > analyst, and the role analyst has the permission to UPDATE, e.g..
> >
> > GRANT REFERENCES, UPDATE ON TABLE myschema.mytable TO analyst;
> >
> > But the user gets a permission denied error on the table for a simple
> > UPDATE query. I can't figure it out: no trigger functions. A few FKs, but
> > nothing complex. Is there a way to figure out why this user is being
> denied
> > permission?
>
> Is there a WHERE clause for the UPDATE? If so, then the role also needs
> SELECT rights.
>
> Thanks,
>
> Stephen
>
--
Wells Oliver
wells(dot)oliver(at)gmail(dot)com <wellsoliver(at)gmail(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | RAJAMOHAN | 2021-03-07 07:01:40 | Re: could not load library "$libdir/plpython2" while upgrading from postgresql-10 to 12 |
| Previous Message | Stephen Frost | 2021-03-05 22:08:42 | Re: User has role, role has UPDATE, user can't update, cannot figure this out. |