Обсуждение: Catalog permissions

Поиск
Список
Период
Сортировка

Catalog permissions

От
BRUNO CESAR BERNARDES
Дата:
Hi,

I have to allow one user to use my Postgres installation in one schema of several.  We are preparing an phpPGAdmin installation to give an remote access to this schema.
The phpPDAdmin is showing the entire catalog to this user and allowing access only in the schema that I gave permissions to him.
How do I do to this user can see only the schema that he has access, not the entire catalog.
Is it possible?
Thanks, 
Bruno




____________________________________________________________________________
Aviso de confidencialidade.

Esta mensagem da Empresa Brasileira de Pesquisa Agropecuária (Embrapa), empresa pùblica federal regida pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco.

Confidentiality note

This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a government company established under Brazilian law (5.851/72), is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the addressee, please send it back, elucidating the failure.

Re: Catalog permissions

От
"Gilberto Castillo"
Дата:

> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?

Use:

GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;


Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba
---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>

Re: Catalog permissions

От
BRUNO CESAR BERNARDES
Дата:
Thanks Gilberto,

    The problem still the same.
    The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
    The ideia is to be shoed to him only the datbase end schema that he has permission. 
    I applied the command  "Alter user myuser set default_transaction_read_only = on;"  to this user . The others were already set.

Saludos,
Bruno


De: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions



> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?

Use:

GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;


Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba

---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>


--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin



-



________________ ____________________________________________________________
Aviso de confidencialidade.

Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.

Confidentiality note

This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.

Re: Catalog permissions

От
Felipe Santos
Дата:


2015-03-31 16:44 GMT-03:00 BRUNO CESAR BERNARDES <bruno.bernardes@embrapa.br>:
Thanks Gilberto,

    The problem still the same.
    The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
    The ideia is to be shoed to him only the datbase end schema that he has permission. 
    I applied the command  "Alter user myuser set default_transaction_read_only = on;"  to this user . The others were already set.

Saludos,
Bruno


De: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions




> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?

Use:

GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;


Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba

---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>


--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin



-



________________ ____________________________________________________________
Aviso de confidencialidade.

Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.

Confidentiality note

This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.




Olá Bruno,

Is this what you are looking for?


Regards

Re: Catalog permissions

От
Guillaume Lelarge
Дата:


2015-03-31 21:53 GMT+02:00 Felipe Santos <felipepts@gmail.com>:


2015-03-31 16:44 GMT-03:00 BRUNO CESAR BERNARDES <bruno.bernardes@embrapa.br>:

Thanks Gilberto,

    The problem still the same.
    The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
    The ideia is to be shoed to him only the datbase end schema that he has permission. 
    I applied the command  "Alter user myuser set default_transaction_read_only = on;"  to this user . The others were already set.

Saludos,
Bruno


De: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions




> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?

Use:

GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;


Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba

---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>


--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin



-



________________ ____________________________________________________________
Aviso de confidencialidade.

Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.

Confidentiality note

This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.




Olá Bruno,

Is this what you are looking for?



This will only work on pgAdmin. There's no such capacity in phpPgAdmin.


--

Re: Catalog permissions

От
BRUNO CESAR BERNARDES
Дата:
Dear Felipe,

   No. I am not using PgAdmin3, I am using PgPHPAdmin and I could not find a similar option on it.
  To solve my problem the best thing would be restrict the Postgres catalog to the objects that the user has permission.

Best regards,

 


De: "Felipe Santos" <felipepts@gmail.com>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: "gilberto castillo" <gilberto.castillo@etecsa.cu>, pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 16:53:29
Assunto: Re: [ADMIN] Catalog permissions



2015-03-31 16:44 GMT-03:00 BRUNO CESAR BERNARDES <bruno.bernardes@embrapa.br>:
Thanks Gilberto,

    The problem still the same.
    The user is allowed to see the entire installation catalog, all databases, all schemas, etc. Of course, he is allowed to see data only in the schema that I gave this permission.
    The ideia is to be shoed to him only the datbase end schema that he has permission. 
    I applied the command  "Alter user myuser set default_transaction_read_only = on;"  to this user . The others were already set.

Saludos,
Bruno


De: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions




> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?

Use:

GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;


Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba

---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>


--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin



-



________________ ____________________________________________________________
Aviso de confidencialidade.

Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.

Confidentiality note

This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.




Olá Bruno,

Is this what you are looking for?


Regards



--
Bruno César Bernardes, Analista
Coordenadoria de Gestão de Infraestrutura
Departamento de Tecnologia da Informação (DTI)
Empresa Brasileira de Pesquisa Agropecuária (Embrapa)
Brasília/DF

bruno.bernardes@embrapa.br
Telefone: +55 (61) 3448-1637  |  Fax: +55 (61) 3448-4313     
www.embrapa.br | twitter.com/embrapa
Confira também: www.facebook.com/agrosustentavel




________________ ____________________________________________________________
Aviso de confidencialidade.

Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.

Confidentiality note

This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.

Re: Catalog permissions

От
BRUNO CESAR BERNARDES
Дата:
Dear Gilberto,

   No. I am not using PgAdmin3, I am using PgPHPAdmin and I could not find a similar option on it.
  To solve my problem the best thing would be restrict the Postgres catalog to the objects that the user has permission.

Saludos,
Bruno



De: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
Cc: pgsql-admin@postgresql.org
Enviadas: Terça-feira, 31 de março de 2015 12:59:11
Assunto: Re: [ADMIN] Catalog permissions



> Hi,
>
> I have to allow one user to use my Postgres installation in one schema of
> several. We are preparing an phpPGAdmin installation to give an remote
> access to this schema.
> The phpPDAdmin is showing the entire catalog to this user and allowing
> access only in the schema that I gave permissions to him.
> How do I do to this user can see only the schema that he has access, not
> the entire catalog.
> Is it possible?

Use:

GRANT usage on schema zzz to uuu;
Alter user uuu set default_transaction_read_only = on;
GRANT select on all tables in schema zzz to uuu;


Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba

---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>


--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin



--
Bruno César Bernardes, Analista
Coordenadoria de Gestão de Infraestrutura
Departamento de Tecnologia da Informação (DTI)
Empresa Brasileira de Pesquisa Agropecuária (Embrapa)
Brasília/DF

bruno.bernardes@embrapa.br
Telefone: +55 (61) 3448-1637  |  Fax: +55 (61) 3448-4313     
www.embrapa.br | twitter.com/embrapa
Confira também: www.facebook.com/agrosustentavel




________________ ____________________________________________________________
Aviso de confidencialidade.

Esta mensagem da Empresa Brasileira de Pesq uisa Agropecuária (Embrapa), empresa pùblica federal regi da pelo disposto na Lei Federal no. 5.851, de 7 de dezembro de 1972, & eacute; enviada exclusivamente a seu destinatário e pode conter i nformações confidenciais, protegidas por sigilo profissional . Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equ&i acute;voco.

Confidentiality note

This message from Empresa Brasileira de Pesquisa Agropecuária (Embrapa), a govern ment company established under Brazilian law (5.851/72), is directed ex clusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you are not the a ddressee, please send it back, elucidating the failure.

Re: Catalog permissions

От
"Gilberto Castillo"
Дата:

> Dear Gilberto,
>
> No. I am not using PgAdmin3, I am using PgPHPAdmin and I could not find a
> similar option on it.
> To solve my problem the best thing would be restrict the Postgres catalog
> to the objects that the user has permission.


Or give permissions read only. That's what that passed through my lines.


> ----- Mensagem original -----
>
> De: "Gilberto Castillo" <gilberto.castillo@etecsa.cu>
> Para: "BRUNO CESAR BERNARDES" <bruno.bernardes@embrapa.br>
> Cc: pgsql-admin@postgresql.org
> Enviadas: Terça-feira, 31 de março de 2015 12:59:11
> Assunto: Re: [ADMIN] Catalog permissions
>
>
>
>> Hi,
>>
>> I have to allow one user to use my Postgres installation in one schema
>> of
>> several. We are preparing an phpPGAdmin installation to give an remote
>> access to this schema.
>> The phpPDAdmin is showing the entire catalog to this user and allowing
>> access only in the schema that I gave permissions to him.
>> How do I do to this user can see only the schema that he has access, not
>> the entire catalog.
>> Is it possible?
>
> Use:
>
> GRANT usage on schema zzz to uuu;
> Alter user uuu set default_transaction_read_only = on;
> GRANT select on all tables in schema zzz to uuu;
>
>
> Saludos,
> Gilberto Castillo
> ETECSA, La Habana, Cuba
>
> ---
> This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE
> running at host imx3.etecsa.cu
> Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
>
>
> --
> Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-admin
>
>
>
> --
>
> Bruno César Bernardes, Analista
> Coordenadoria de Gestão de Infraestrutura
> Departamento de Tecnologia da Informação (DTI)
> Empresa Brasileira de Pesquisa Agropecuária (Embrapa)
> Brasília/DF
>
> bruno.bernardes@embrapa.br
> Telefone: +55 (61) 3448-1637 | Fax: +55 (61) 3448-4313
> www.embrapa.br | twitter.com/embrapa
> Confira também: www.facebook.com/agrosustentavel
>
>
>
>
> ____________________________________________________________________________
> Aviso de confidencialidade
>
> Esta mensagem da Empresa  Brasileira de Pesquisa  Agropecuaria  (Embrapa),
> empresa publica federal  regida pelo disposto  na Lei Federal no. 5.851,
> de
> 7 de dezembro de 1972,  e  enviada exclusivamente  a seu destinatario e
> pode
> conter informacoes  confidenciais, protegidas  por sigilo profissional.
> Sua
> utilizacao desautorizada  e ilegal e  sujeita o infrator as penas da lei.
> Se
> voce  a recebeu indevidamente, queira, por gentileza, reenvia-la ao
> emitente,
> esclarecendo o equivoco.
>
> Confidentiality note
>
> This message from Empresa  Brasileira de Pesquisa  Agropecuaria
> (Embrapa), a
> government company  established under  Brazilian law  (5.851/72), is
> directed
> exclusively to  its addressee  and may contain  confidential data,
> protected
> under  professional secrecy  rules. Its unauthorized  use is illegal and
> may
> subject the transgressor to the law's penalties. If you are not the
> addressee,
> please send it back, elucidating the failure.
>
>
>
> ---
> This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE
> running at host imx2.etecsa.cu
> Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>
>


Saludos,
Gilberto Castillo
ETECSA, La Habana, Cuba
---
This message was processed by Kaspersky Mail Gateway 5.6.28/RELEASE running at host imx3.etecsa.cu
Visit our web-site: <http://www.kaspersky.com>, <http://www.viruslist.com>