Case: 一个read-only 角色对某个schema下的新建的表,无需单独授
Case: 一个read-only 角色对某个schema下的新建的表,无需单独授权,直接拥有只读权限 首先,你要知道PostgreSQL默认schema下新建的表,对于一个普通用户不会有select的权限的,所以我需要修改PostgreSQl默认的权限,把select提前赋予普通用户,需要使用到alter default privileges这个命令 Session1 (user:postgres): #psql create role role1 password '123456' login; create schema schema1; grant usage on schema schema1 to role1; testdb=# dn+ schema1; List of schemas Name|Owner|Access privileges| Description ---------+----------+----------------------+------------- schema1 | postgres | postgres=UC/postgres+| || role1=U/postgres| alter default privileges in schema schema1 grant select on tables to role1; testdb=# ddp+ Default access privileges Owner| Schema| Type| Access privileges ----------+---------+-------+------------------- postgres | schema1 | table | role1=r/postgres create table schema1.t1(c1 int,c2 varchar(10)); insert into schema1.t1 values(1,'aaa'); testdb=# dp+ Access privileges Schema| Name | Type|Access privileges| Column privileges | Policies ---------+------+-------+---------------------------+-------------------+---------- schema1 | t1| table | postgres=arwdDxt/postgres+|| ||| role1=r/postgres|| Session2 read_only: #psql -h 172.16.101.54 -p 5432 testdb role1 testdb=> select * from schema1.t1; c1 | c2 ----+----- 1 | aaa (1 row) (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |