Re: grant question

Thank you, Scott, for your reply.

> Two problems. 1: you don't grant select on schemas, you grant it on
> tables. 2: case folding. If you're gonna use a name "schema_Z" then
> you have to quote it, because it's mixed case, not all lower.

> You need to grant it for each table.

In actual command issued, there is no case mixing. I wanted
to emphasize the argument was a schema name, not a table name.
But this means as new tables get created in the schema, a set
of new commands must be issued?

> Note that instead of granting it to a user, you should grant it
> to a role, then give membership to that role to the user.

That sounds like a good idea. Would you mind showing an exmple?

Regards,

Tena Sakai
tsakai(at)gallo(dot)ucsf(dot)edu

-----Original Message-----
From: Scott Marlowe [mailto:scott(dot)marlowe(at)gmail(dot)com]
Sent: Sat 2/28/2009 12:04 PM
To: Tena Sakai
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: [ADMIN] grant question

On Sat, Feb 28, 2009 at 12:56 PM, Tena Sakai <tsakai(at)gallo(dot)ucsf(dot)edu> wrote:
> Hi Everybody,
>
> I want to issue a command:
>
>   grant select on schema_Z to user_a;
>
> so that the user_a can look at all tables in schema_Z.
> Sadly, what I get is:
>   ERROR:  relation "schema_Z" does not exist

Two problems. 1: you don't grant select on schemas, you grant it on
tables. 2: case folding. If you're gonna use a name "schema_Z" then
you have to quote it, because it's mixed case, not all lower.

> I tried:
>
>   grant select on schema_Z.* to user_a;

Sorry no wildcarding on grant (At least not yet). You need to grant
it for each table. Note that instead of granting it to a user, you
should grant it to a role, then give membership to that role to the
user.