Re: Best practice to create a read-only user?

Поиск
Список
Период
Сортировка
От Sergey Konoplev
Тема Re: Best practice to create a read-only user?
Дата
Msg-id CAL_0b1s6uRoUURi+3t-Xi+K+NDcaB_shiD9+s=H8XVsQZcF+cQ@mail.gmail.com
обсуждение исходный текст
Ответ на Best practice to create a read-only user?  (matthias ritzkowski <matthias@marlinmobile.com>)
Список pgsql-admin
Дерево обсуждения 
On Fri, May 3, 2013 at 7:03 AM, matthias ritzkowski
<matthias@marlinmobile.com> wrote:
> What do people use day to day?

I usually set default privileges for user postgres like below and
create end users in particular roles, either role_ro for read only or
role_rw for read-write access. All the database objects one need the
default privileges to be applied to must be created with user
postgres.

ALTER DEFAULT PRIVILEGES FOR ROLE postgres
    GRANT SELECT ON SEQUENCES  TO role_ro;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
    GRANT SELECT ON TABLES  TO role_ro;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
    GRANT EXECUTE ON FUNCTIONS TO role_ro;

ALTER DEFAULT PRIVILEGES FOR ROLE postgres
    GRANT SELECT,USAGE ON SEQUENCES  TO role_rw;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
    GRANT SELECT,INSERT,DELETE,UPDATE ON TABLES  TO role_rw;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
    GRANT EXECUTE ON FUNCTIONS TO role_rw;

--
Kind regards,
Sergey Konoplev
PostgreSQL Consultant and DBA

Profile: http://www.linkedin.com/in/grayhemp
Phone: USA +1 (415) 867-9984, Russia +7 (901) 903-0499, +7 (988) 888-1979
Skype: gray-hemp
Jabber: gray.ru@gmail.com

В списке pgsql-admin по дате отправления:

Предыдущее
От: Bhanu Murthy
Дата:
Сообщение: Re: [SQL] Encrypting PGBouncer to Postgres DB connections
Следующее
От: Haifeng Liu
Дата:
Сообщение: How to prevent vacuum again and again on the unchanged tables?