|
OK, I
must be doing something wrong. I’m trying to create a user with
only limited access to certain tables. The db is large, complicated, and
has tons of users with some complex interactions of permission using groups,
etc. I don’t dare revoke any exist permissions, for fear of messing
up a production db. Version
is 8.3.9. I’m
currently testing this on the test version of the db, though, which is a clone
of the production db. I’ve edited the actual usernames, table
names, db names, etc. I
created a role usera. I
revoked everything I could think of (e.g. REVOKE ALL PRIVILEGES ON SCHEMA
public FROM usera cascade;, revoke all privileges on database maindb from usera
cascade; I also did individual tables: urldb=#
revoke select, update, delete on table1 from usera;
( I tried this with and without CASCADE – no difference) REVOKE urldb=#
\q sb-dev-testdb:~#
psql -U usera maindb Welcome
to psql 8.3.9, the PostgreSQL interactive terminal. Type:
\copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit urldb=>
select * from table1; All
rows display anyway. \dp
table1 shows:
Access privileges for database "maindb" Schema
| Name | Type
|
Access privileges --------+-----------+-------+----------------------------------------------------------------------------------------------- public
| languages | table | {postgres=arwdxt/postgres,=arwdxt/postgres,group1=r/postgres,group2=arwdxt/postgres} (1
row) I’m
sure it’s something simple that I’m doing wrong. Advice? Thanks, Susan |
