Oh, sorry for the previous question - I can create a scheme-changes-disallowed role by revoking the "CREATE" permission from all the database schemas.
The issue seems to be closed now, thanks.
On 3/18/07, Dmitry Koterov <dmitry@koterov.ru> wrote:> actually - you dont need the read-only role, if this is only for slave
> nodes. slony takes care about the issue and doesn't allow any writes
> on slaves.
Great!
But what about a role which can modify the data, but cannot modify the database schema?
On 3/17/07, hubert depesz lubaczewski < depesz@gmail.com> wrote: On 3/16/07, Dmitry Koterov <dmitry@koterov.ru> wrote:
> Overall, we need 3 roles:
> 1. Administrator: can do anything with a database (by default this user is
> already exists - "postgres").
> 2. Read-only: can only read. Runs on all slave nodes.
actually - you dont need the read-only role, if this is only for slave
nodes. slony takes care about the issue and doesn't allow any writes
on slaves.
depesz
---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster