English 中文(简体)
PostgreSQL Tutorial

Advanced PostgreSQL

PostgreSQL Interfaces

PostgreSQL Useful Resources

Selected Reading

PostgreSQL - Privileges
  • 时间:2024-12-27

PostgreSQL - PRIVILEGES

Previous Page Next Page  

Whenever an object is created in a database, an owner is assigned to it. The owner is usually the one who executed the creation statement. For most kinds of objects, the initial state is that only the owner (or a superuser) can modify or delete the object. To allow other roles or users to use it, privileges or permission must be granted.

Different kinds of privileges in PostgreSQL are −

    SELECT,

    INSERT,

    UPDATE,

    DELETE,

    TRUNCATE,

    REFERENCES,

    TRIGGER,

    CREATE,

    CONNECT,

    TEMPORARY,

    EXECUTE, and

    USAGE

Depending on the type of the object (table, function, etc.,), privileges are appped to the object. To assign privileges to the users, the GRANT command is used.

Syntax for GRANT

Basic syntax for GRANT command is as follows −

GRANT privilege [, ...]
ON object [, ...]
TO { PUBLIC | GROUP group | username }

    privilege − values could be: SELECT, INSERT, UPDATE, DELETE, RULE, ALL.

    object − The name of an object to which to grant access. The possible objects are: table, view, sequence

    PUBLIC − A short form representing all users.

    GROUP group − A group to whom to grant privileges.

    username − The name of a user to whom to grant privileges. PUBLIC is a short form representing all users.

The privileges can be revoked using the REVOKE command.

Syntax for REVOKE

Basic syntax for REVOKE command is as follows −

REVOKE privilege [, ...]
ON object [, ...]
FROM { PUBLIC | GROUP groupname | username }

    privilege − values could be: SELECT, INSERT, UPDATE, DELETE, RULE, ALL.

    object − The name of an object to which to grant access. The possible objects are: table, view, sequence

    PUBLIC − A short form representing all users.

    GROUP group − A group to whom to grant privileges.

    username − The name of a user to whom to grant privileges. PUBLIC is a short form representing all users.

Example

To understand the privileges, let us first create a USER as follows −

testdb=# CREATE USER manisha WITH PASSWORD  password ;
CREATE ROLE

The message CREATE ROLE indicates that the USER "manisha" is created.

Consider the table COMPANY having records as follows −

testdb# select * from COMPANY;
 id | name  | age | address   | salary
----+-------+-----+-----------+--------
  1 | Paul  |  32 | Capfornia|  20000
  2 | Allen |  25 | Texas     |  15000
  3 | Teddy |  23 | Norway    |  20000
  4 | Mark  |  25 | Rich-Mond |  65000
  5 | David |  27 | Texas     |  85000
  6 | Kim   |  22 | South-Hall|  45000
  7 | James |  24 | Houston   |  10000
(7 rows)

Next, let us grant all privileges on a table COMPANY to the user "manisha" as follows −

testdb=# GRANT ALL ON COMPANY TO manisha;
GRANT

The message GRANT indicates that all privileges are assigned to the USER.

Next, let us revoke the privileges from the USER "manisha" as follows −

testdb=# REVOKE ALL ON COMPANY FROM manisha;
REVOKE

The message REVOKE indicates that all privileges are revoked from the USER.

You can even delete the user as follows −

testdb=# DROP USER manisha;
DROP ROLE

The message DROP ROLE indicates USER ‘Manisha’ is deleted from the database.

Advertisements

友情链接

Allggapp Allqahome-程序员问答家园 mvfinale.com-影视剧情大结局大全