PostgreSQL and privileges
Question
How does privileges for new relations in PostgreSQL work?
Steps:
- Create DB (from user postgres) and connect to it
CREATE DATABASE test; \\c test
- Create user site with some privileges
CREATE USER site NOCREATEDB NOINHERIT; GRANT SELECT, UPDATE, INSERT, DELETE, TRUNCATE, REFERENCES ON ALL TABLES IN SCHEMA public TO site; GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO site;
- Change default privileges for user site
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, UPDATE, INSERT, DELETE, TRUNCATE, REFERENCES ON TABLES TO site;
- Create user migration with all privileges
CREATE USER migration NOCREATEDB NOINHERIT; GRANT ALL PRIVILEGES ON DATABASE test TO migration;
- Connect to DB from user migration and create table
CREATE TABLE test (id serial);
- Connect to DB from user site and select data from created table
SELECT * FROM test; ERROR: permission denied for relation test
But if I create table from user postgres , all work fine!
Why default privileges didn't work in this case? How can I grant permissions for new tables for user site ?
1 answers
solution1
1 ACCPTED 2015-02-24 17:06:22
ALTER DEFAULT PRIVILEGES only affects objects created by the user specified in the FOR ROLE clause. If you omit this clause, it only applies to the user running the command (in your case, postgres ).
You want ALTER DEFAULT PRIVILEGES FOR USER migration ... instead.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.