create read-only and revoke create function?

Поиск
Список
Период
Сортировка
От Ron Watkins
Тема create read-only and revoke create function?
Дата
Msg-id CAPdrarqjFv3WSUzeppkRxYKicvm7TZ2xuHUEbhzbNg2yRtie2w@mail.gmail.com
обсуждение исходный текст
Ответы Re: create read-only and revoke create function?  ("David G. Johnston" <david.g.johnston@gmail.com>)
Список pgsql-novice
Дерево обсуждения
Management has requested to setup a group of users as READ-ONLY, and to revoke their ability to create tables, views, procedures, functions, etc...
I looked around, and did the following, but it's not working as expected.

CREATE ROLE "RO_Role" WITH
  NOLOGIN
  NOSUPERUSER
  INHERIT
  NOCREATEDB
  NOCREATEROLE
  NOREPLICATION;

COMMENT ON ROLE "RO_Role" IS 'Read-Only role.';

GRANT "RO_Role" to <users>;
GRANT SELECT ON TABLE <tablename> TO "RO_Role";
GRANT EXECUTE ON FUNCTION <functions> TO "RO_ROLE";

On one server, this seems to have limited the users ability to write to tables, but on the other server it didn't work, they can still write to tables.

As for the functions, they can still create. Not sure how to prevent this from happening.
Suggestions?

--
Ron Watkins, K7DOG
602.743.5272

В списке pgsql-novice по дате отправления:

Предыдущее
От: Mahesh Govind
Дата:
Сообщение: Handling large number transactions
Следующее
От: "David G. Johnston"
Дата:
Сообщение: Re: create read-only and revoke create function?