PostgreSQL:查看数据库连接权限
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5717611/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PostgreSQL: View database connect permissions
提问by vol7ron
How do you view users that have been issued GRANT CONNECT ON DATABASE <database> TO <user>?
如何查看已发布的用户GRANT CONNECT ON DATABASE <database> TO <user>?
- \dp - lists table/view permissions
- \dn+ - lists schema permissions
- \l+ does not list all users that can access the database
- \dp - 列出表/视图权限
- \dn+ - 列出架构权限
- \l+ 没有列出所有可以访问数据库的用户
回答by John P
A bit odd if the \l+ command just displays some of the users that have permission/privilege to connect to the database. I could not repeat that myself on a PostgreSQL 8.4 installation (Ubuntu 10.04 LTS). What version are you using?
如果 \l+ 命令仅显示一些具有连接到数据库的权限/特权的用户,则有点奇怪。我无法在 PostgreSQL 8.4 安装(Ubuntu 10.04 LTS)上重复这一点。你用的是什么版本?
Anyway, perhaps you could check the table holding the ACL's for that particular database and from that deduce whether the user has the correct privileges or not:
无论如何,也许您可以检查包含该特定数据库的 ACL 的表,并从中推断用户是否具有正确的权限:
SELECT datname as "Relation", datacl as "Access permissions" FROM pg_database WHERE datname = 'databasename';
If you just want to check one user you could do something like this:
如果您只想检查一个用户,您可以执行以下操作:
SELECT * FROM has_database_privilege('username', 'database', 'connect');
How are the permissions/privileges to interpreted? The privileges are to be read like this:
如何解释权限/特权?权限的读法如下:
user = privileges / granted by
Omitting user means that PUBLIC is granted the privilege, ie all roles. For example if the privilege is =Tc/postgresthen all roles may connect and create temporary tables in that particular database and it is the postgresuser who granted the privilege.
省略用户意味着授予 PUBLIC 特权,即所有角色。例如,如果特权是,=Tc/postgres那么所有角色都可以连接并在该特定数据库中创建临时表,并且postgres授予特权的是用户。
There is a synopsis at the PostgreSQL site explaining the different privileges http://www.postgresql.org/docs/9.2/static/sql-grant.html.
PostgreSQL 站点上有一个概要,解释了不同的权限http://www.postgresql.org/docs/9.2/static/sql-grant.html。
rolename=xxxx -- privileges granted to a role
=xxxx -- privileges granted to PUBLIC
r -- SELECT ("read")
w -- UPDATE ("write")
a -- INSERT ("append")
d -- DELETE
D -- TRUNCATE
x -- REFERENCES
t -- TRIGGER
X -- EXECUTE
U -- USAGE
C -- CREATE
c -- CONNECT
T -- TEMPORARY
arwdDxt -- ALL PRIVILEGES (for tables, varies for other objects)
* -- grant option for preceding privilege
/yyyy -- role that granted this privilege
回答by Szymon Lipiński
I'm using psql from postgres 8.4 and postgres 9.0, and the command \lor \l+gives me column Access Privilegeswhere I have entry:
我正在使用 postgres 8.4 和 postgres 9.0 中的 psql,并且命令\lor\l+给了我输入的列Access Privileges:
<user_name>=c/<database_name>
and earlier I gave the user the connect privilege as you wanted.
早些时候,我根据需要为用户提供了连接权限。
As it states on the page http://www.postgresql.org/docs/9.0/static/sql-grant.html, the cletter here means Connect.
正如页面http://www.postgresql.org/docs/9.0/static/sql-grant.html上所述,c这里的字母表示Connect.
