Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
Postgres FD Implementation
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Abuhujair Javed
Postgres FD Implementation
Commits
fccda9eb
Commit
fccda9eb
authored
Apr 22, 2002
by
Tom Lane
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update GRANT example and discussion to match current sources.
parent
75c33220
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
37 additions
and
20 deletions
+37
-20
doc/src/sgml/ref/grant.sgml
doc/src/sgml/ref/grant.sgml
+37
-20
No files found.
doc/src/sgml/ref/grant.sgml
View file @
fccda9eb
<!--
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.2
2 2002/04/21 00:26:42
tgl Exp $
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.2
3 2002/04/22 19:17:40
tgl Exp $
PostgreSQL documentation
-->
...
...
@@ -157,11 +157,10 @@ GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
<term>CREATE</term>
<listitem>
<para>
For databases, allows new schemas to be created in the database.
For databases, allows new schemas to be created
with
in the database.
</para>
<para>
For schemas, allows new objects to be created within the specified
schema.
For schemas, allows new objects to be created within the schema.
</para>
</listitem>
</varlistentry>
...
...
@@ -196,9 +195,9 @@ GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
of privilege that is applicable to procedural languages.
</para>
<para>
For schemas, allows
the use of
objects contained in the specified
For schemas, allows
access to
objects contained in the specified
schema (assuming that the objects' own privilege requirements are
met). Essentially this allows the grantee to <quote>look up</>
also
met). Essentially this allows the grantee to <quote>look up</>
objects within the schema.
</para>
</listitem>
...
...
@@ -226,6 +225,11 @@ GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
<refsect1 id="SQL-GRANT-notes">
<title>Notes</title>
<para>
The <xref linkend="sql-revoke" endterm="sql-revoke-title"> command is used
to revoke access privileges.
</para>
<para>
It should be noted that database <firstterm>superusers</> can access
all objects regardless of object privilege settings. This
...
...
@@ -243,19 +247,19 @@ GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
<para>
Use <xref linkend="app-psql">'s <command>\z</command> command
to obtain information about privileges
on existing objects:
to obtain information about existing privileges, for example:
<programlisting>
lusitania=> \z mytable
Access privileges for database "lusitania"
Table | Access privileges
---------+---------------------------------------
mytable | {=r,miriam=arwdRxt,"group todos=arw"}
</programlisting>
The entries shown by <command>\z</command> are interpreted thus:
<programlisting>
Database = lusitania
+------------------+---------------------------------------------+
| Relation | Grant/Revoke Permissions |
+------------------+---------------------------------------------+
| mytable | {"=rw","miriam=arwdRxt","group todos=rw"} |
+------------------+---------------------------------------------+
Legend:
uname=arwR -- privileges granted to a user
group gname=arwR -- privileges granted to a group
=arwR -- privileges granted to PUBLIC
=xxxx -- privileges granted to PUBLIC
uname=xxxx -- privileges granted to a user
group gname=xxxx -- privileges granted to a group
r -- SELECT ("read")
w -- UPDATE ("write")
...
...
@@ -269,12 +273,25 @@ GRANT { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
C -- CREATE
T -- TEMPORARY
arwdRxt -- ALL PRIVILEGES (for tables)
</programlisting>
The above example display would be seen by user <literal>miriam</> after
creating table <literal>mytable</> and doing
<programlisting>
GRANT SELECT ON mytable TO PUBLIC;
GRANT SELECT,UPDATE,INSERT ON mytable TO GROUP todos;
</programlisting>
</para>
<para>
The <xref linkend="sql-revoke" endterm="sql-revoke-title"> command is used to revoke access
privileges.
If the <quote>Access privileges</> column is empty for a given object,
it means the object has default privileges (that is, its privileges field
is NULL). Currently, default privileges are interpreted the same way
for all object types: all privileges for the owner and no privileges for
anyone else. The first <command>GRANT</> on an object will instantiate
this default (producing, for example, <literal>{=,miriam=arwdRxt}</>)
and then modify it per the specified request.
</para>
</refsect1>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
