Tena Sakai schrieb:
Thank you, Scott, for your reply. > Two problems. 1: you don't grant select on schemas, you grant it on > tables. 2: case folding. If you're gonna use a name "schema_Z" then > you have to quote it, because it's mixed case, not all lower. > You need to grant it for each table. In actual command issued, there is no case mixing. I wanted to emphasize the argument was a schema name, not a table name. But this means as new tables get created in the schema, a set of new commands must be issued? > Note that instead of granting it to a user, you should grant it > to a role, then give membership to that role to the user. That sounds like a good idea. Would you mind showing an exmple?
Hi Tena, -- your user role roletest=# CREATE ROLE tena LOGIN; CREATE ROLE -- a group role roletest=# CREATE ROLE musicians; CREATE ROLE -- put tena 'in' the group role roletest=# GRANT musicians to tena; GRANT ROLE -- connect to roletest a user tena roletest=# \c roletest tena You are now connected to database "roletest" as user "tena". roletest=> select * from test; ERROR: permission denied for relation test STATEMENT: select * from test; ERROR: permission denied for relation test -- grant SELECT right as superuser in roletest roletest=> \c roletest postgres You are now connected to database "roletest" as user "postgres". roletest=# GRANT SELECT on test to musicians; GRANT roletest=# \c roletest tena You are now connected to database "roletest" as user "tena". roletest=> SELECT * FROM test; id | value ----+------- (0 rows) Cheers Andy -- St.Pauli - Hamburg - Germany Andreas Wenk
Regards, Tena Sakai tsakai@xxxxxxxxxxxxxx -----Original Message----- From: Scott Marlowe [mailto:scott.marlowe@xxxxxxxxx] Sent: Sat 2/28/2009 12:04 PM To: Tena Sakai Cc: pgsql-admin@xxxxxxxxxxxxxx Subject: Re: grant question On Sat, Feb 28, 2009 at 12:56 PM, Tena Sakai <tsakai@xxxxxxxxxxxxxx> wrote: > Hi Everybody, > > I want to issue a command: > > grant select on schema_Z to user_a; > > so that the user_a can look at all tables in schema_Z. > Sadly, what I get is: > ERROR: relation "schema_Z" does not exist Two problems. 1: you don't grant select on schemas, you grant it on tables. 2: case folding. If you're gonna use a name "schema_Z" then you have to quote it, because it's mixed case, not all lower. > I tried: > > grant select on schema_Z.* to user_a; Sorry no wildcarding on grant (At least not yet). You need to grant it for each table. Note that instead of granting it to a user, you should grant it to a role, then give membership to that role to the user.
-- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
