RE: Permission issues. Please help

From: Ricardo Martin Gomez <rimartingomez(at)hotmail(dot)com>
To: Steven Crandell <steven(dot)crandell(at)gmail(dot)com>, Richard Gbs <richardgbs(at)yahoo(dot)com>
Cc: "pgsql-admin(at)lists(dot)postgresql(dot)org" <pgsql-admin(at)lists(dot)postgresql(dot)org>
Subject: RE: Permission issues. Please help
Date: 2018-03-14 10:32:18
Message-ID: FR1P15201MB229679EBD2138A75796B9C8AA3D10@FR1P15201MB2296.LAMP152.PROD.OUTLOOK.COM
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Hi, Probably you need to grant permission like this

GRANT SELECT ON ALL TABLES IN SCHEMA public TO user1;

GRANT SELECT ON ALL TABLES IN SCHEMA public TO user2;

GRANT SELECT ON ALL TABLES IN SCHEMA public TO user3;

And just each owner can insert or update

______________________
Saludos
Ing. Ricardo Martín Gomez
DBA - SysAdmin
________________________________
De: Steven Crandell <steven(dot)crandell(at)gmail(dot)com>
Enviado: miércoles, 14 de marzo de 2018 01:23 a.m.
Para: Richard Gbs
Cc: pgsql-admin(at)lists(dot)postgresql(dot)org
Asunto: Re: Permission issues. Please help

On Tue, Mar 13, 2018 at 8:52 PM, David G. Johnston <david(dot)g(dot)johnston(at)gmail(dot)com<mailto:david(dot)g(dot)johnston(at)gmail(dot)com>> wrote:
On Tuesday, March 13, 2018, Richard Gbs <richardgbs(at)yahoo(dot)com<mailto:richardgbs(at)yahoo(dot)com>> wrote:
I need to have user1,2 and 3 have all the same privileges against any obeject in the database created by any of them.

Can someone give a high level approach to this please?

Create a group with all three as members. Have them assign ownership of created objects to said group.

Maybe not the most secure but should meet your stated goal.

David J.

default privileges might also prove useful in making a setup like this easier to maintain over the long-term.
e.g.
ALTER DEFAULT PRIVILEGES FOR USER user1 IN SCHEMA public GRANT SELECT ON TABLES TO user2;

YMMV, but something like this would ensure that user2 is automatically granted SELECT on any tables created by user1 in schema public.
Combine with role inheritance to help cut down on the number of total default privs required
\ddp to view default privs

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Heinemann, Manfred (IMS) 2018-03-14 19:18:22 Function search_path
Previous Message Laurenz Albe 2018-03-14 06:00:17 Re: whitelist ip for postgres