GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;
readonly用户可以连接,查看表,但是当它尝试进行简单的选择时,它会获得:
ERROR: permission denied for relation mytable
SQL state: 42501
这发生在PostgreSQL 9.1上
我做错了什么?
sor*_*rin 152
这是最近更新的PostgreSQL 9+的完整解决方案.
CREATE USER readonly WITH ENCRYPTED PASSWORD 'readonly';
GRANT USAGE ON SCHEMA public to readonly;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readonly;
-- repeat code below for each database:
GRANT CONNECT ON DATABASE foo to readonly;
\c foo
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readonly; --- this grants privileges on new tables generated in new database "foo"
GRANT USAGE ON SCHEMA public to readonly;
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;
感谢https://jamie.curle.io/creating-a-read-only-user-in-postgres/的几个重要方面
如果有人找到更短的代码,并且最好是能够为所有现有数据库执行此操作的代码,则需要额外的荣誉.
suf*_*leR 12
尝试添加
GRANT USAGE ON SCHEMA public to readonly;
您可能不知道需要拥有模式的必需权限才能使用模式中的对象.
| 归档时间: |
|
| 查看次数: |
150642 次 |
| 最近记录: |