问题
I'm trying to create two users in PostgreSQL
Who(user1) can access the tables in db1 and should be able to run (DML) SELECT, INSERT, UPDATE...
Who(user2) can only create the tables in a particular database(EX: db1)
Commands I tried are like below, but when I create a new table using user2, user1 not able to select/insert on tables.
User1:
grant CONNECT ON DATABASE db1 to user1;
GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO user1;
ALTER DEFAULT PRIVILEGES IN SCHEMA public grant SELECT, INSERT, UPDATE, DELETE ON TABLES to user1;
User2:
GRANT CREATE ON SCHEMA public TO user2;
grant CONNECT ON DATABASE db1 to user2;
revoke SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public from user2;
Can someone help me what I'm missing here
Thanks
回答1:
You need to change the default privileges for objects created by user1. This is done by the option for role as part of the alter default privileges statement.
alter default privileges
for role user2 ---<< this
IN SCHEMA public
grant SELECT, INSERT, UPDATE, DELETE ON TABLES to user1;
If you don't specify that option, the defaults are applied to objects created by the user running the (ALTER) statement.
来源:https://stackoverflow.com/questions/63192262/how-to-create-a-user-in-postgresql-with-select-insert-update-dml-access