> On 24/08/2023 10:11 CEST Dominique Devienne <ddevienne@xxxxxxxxx> wrote: > > On Wed, Aug 23, 2023 at 7:46 PM Tom Lane <tgl@xxxxxxxxxxxxx> wrote: > > > > The readwrite user (not the admin) would need to issue ALTER DEFAULT > > PRIVILEGES granting that. > > Hi. I'm confused Tom. Why should it matter who created the new tables? > > I'm also using DEFAULT PRIVILEGES, for the very reason they dynamically > extend to newly created objects in the schema. > And I don't remember reading anything like what you imply. Could you please > pinpoint in the doc where this would be explained? > > DEFAULT PRIVILEGES only apply to DDLs made by the role who did the GRANT'ing? > > In my case, the schema owner does both the granting and DDLs, so I guess I'll > be OK. > I just want to make sure I understand the situation better. Thanks, --DD This is implied by: "You can change default privileges only for objects that will be created by yourself or by roles that you are a member of." https://www.postgresql.org/docs/current/sql-alterdefaultprivileges.html#SQL-ALTERDEFAULTPRIVILEGES-DESCRIPTION -- Erik
