Create a User for Select Only on Postgresql. Restrict “ALTER TABLE”

Question

I am using fallowing scripts for Create a user.

CREATE ROLE readonly LOGIN PASSWORD 'thePwd';

-- Existing objects

GRANT CONNECT ON DATABASE the_db TO readonly;

GRANT USAGE ON SCHEMA public TO readonly;

GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;

GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO readonly;

GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO readonly;

After Create User & Role; the "readonly" user have "SELECT" permission. No Drop or Truncate rights. But "readonly" user have right "Alter Table" command.

How can I restrict for a specific user "Alter Table" rights?

Is there a simple example?

Answer 1

The solution is at the following script;

create user dummy_user with nosuperuser encrypted password 'dummy_password';

GRANT CONNECT ON DATABASE the_db TO dummy_user;

GRANT USAGE ON SCHEMA public TO dummy_user;

GRANT SELECT ON ALL TABLES IN SCHEMA public TO dummy_user;

GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO dummy_user;

GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO dummy_user;