Quick Links

Re: Question about granting permissions

From:	Matvey Teplov <matvey(dot)teplov(at)gmail(dot)com>
To:	Guillaume Lelarge <guillaume(at)lelarge(dot)info>
Cc:	pgsql-general(at)postgresql(dot)org
Subject:	Re: Question about granting permissions
Date:	2012-08-26 14:37:28
Message-ID:	CAOP-dE4KkkkRfPNGaD3_TAVNHqU+YXZxpsjc2L+0ghi8xhsw-g@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

Thank guys! Got it.

On Sun, Aug 26, 2012 at 1:37 PM, Guillaume Lelarge
<guillaume(at)lelarge(dot)info> wrote:
> On Sun, 2012-08-26 at 13:10 +0200, Matvey Teplov wrote:
>> Hi,
>>
>> Sorry to bother with the stupid question guys - I'm new to the Postgres.
>> I'm having issue allowing user to access the database - the user is
>> not allowed to access the data. I do the following:
>> 1) grant all on database testdb table mytable to trinity;
>>
>> postgres=# \l
>> List of databases
>> Name | Owner | Encoding | Collation | Ctype |
>> Access privileges
>> -----------+----------+----------+-------------+-------------+-----------------------
>> postgres | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
>> template0 | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =c/postgres
>> :
>> postgres=CTc/postgres
>> template1 | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =c/postgres
>> :
>> postgres=CTc/postgres
>> testdb | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =Tc/postgres
>> :
>> postgres=CTc/postgres
>> :
>> trinity=CTc/postgres
>> (4 rows)
>>
>> But when I login (psql -d testdb -U trinity) as trinity and check it,
>> it doesn't work.
>>
>> testdb=> select * from mytable;
>> ERROR: permission denied for relation mytable
>> testdb=> \dp
>> Access privileges
>> Schema | Name | Type | Access privileges | Column access privileges
>> --------+---------+-------+-------------------+--------------------------
>> public | mytable | table | |
>> (1 row)
>>
>> There is also entry in the log:
>> 2012-08-26 13:06:01 CEST testdb trinity ERROR: permission denied for
>> relation mytable
>> 2012-08-26 13:06:01 CEST testdb trinity STATEMENT: select * from mytable;
>>
>>
>> Can someone explain what do I do wrong? Thank you in advance!
>>
>
> Giving all permissions to your user on a database doesn't mean he has
> all permissions on every object inside this database. It simply means he
> has permission to connect, and create object in this database.
>
> So, if your user isn't the owner of this table, he cannot read it.
>
>
> --
> Guillaume
> http://blog.guillaume.lelarge.info
> http://www.dalibo.com
>

In response to

Re: Question about granting permissions at 2012-08-26 11:37:55 from Guillaume Lelarge

Browse pgsql-general by date

	From	Date	Subject
Next Message	Thomas Kellerer	2012-08-26 15:02:43	Re: 9.2 and index only scans
Previous Message	Tom Lane	2012-08-26 14:31:50	Re: 9.2 and index only scans