ala*_*ter 5 sql database postgresql database-administration psql
我正试图drop role从postgres实例高效,并遇到一些问题.我正在寻找一些SQL,drop role以便我可以停止阅读错误消息,而不必手动执行此操作.
在我正在使用的设置中,每个角色都有自己的同名数据库:
CREATE ROLE alpha_user;
CREATE DATABASE alpha_user;
ALTER DATABASE alpha_user OWNER TO alpha_user;
用户通常将对其数据库中的模式的访问权限授予其他用户:
-- alpha_user logs in to the alpha_user database
GRANT USAGE ON SCHEMA myschema TO beta_user;
当我试图放弃时beta_user,会发生这种情况:
-- log in as superuser
DROP ROLE beta_user;
-- ERROR: role "beta_user" cannot be dropped because some objects depend on it
-- DETAIL: N objects in database alpha_user
我可以连接到alpha_user数据库,然后删除OWNED BY,但效率很低:
-- log in as superuser
\c alpha_user;
DROP OWNED BY beta_user CASCADE;
DROP beta_user;
-- success
用户可以授予对任意数量的数据库的访问权限,并且有许多用户.是否存在超级用户可以DROP OWNED BY在用户被授予访问权限的所有数据库中为用户执行的语句(或一系列语句)?
也许这会对您有所帮助:
with
user_id as (select oid, rolname as my_user from pg_authid where rolname in('abc', 'xyz'))
select 'REVOKE ' || rolname || ' FROM ' || my_user || ' CASCADE;' as sql
from pg_auth_members
join pg_authid on pg_auth_members.roleid = pg_authid.oid
JOIN user_id ON pg_auth_members.member = user_id.oid
union
SELECT 'REVOKE ALL ON ' || datname || ' FROM ' || my_user || ' CASCADE;'
FROM pg_database
JOIN user_id ON pg_database.datdba = user_id.oid