授予对 postgresql 中视图的访问权限
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/41335423/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Grant access to views in postgresql
提问by Thomas
I have a view called testview in postgresql.
我在 postgresql 中有一个名为 testview 的视图。
I created a new user called testuser.
我创建了一个名为 testuser 的新用户。
I would like testuser to have all privileges on all tables and views in the database.
我希望 testuser 拥有数据库中所有表和视图的所有权限。
To do this I ran the following commands:
为此,我运行了以下命令:
GRANT ALL PRIVILEGES ON DATABASE testdb TO testuser;
GRANT USAGE ON SCHEMA public TO testuser;
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO testuser;
testuser now has access to all tables in the database, but if I try to run SELECT * FROM testview I get the following error: permission denied for relation testview.
testuser 现在可以访问数据库中的所有表,但是如果我尝试运行 SELECT * FROM testview,我会收到以下错误:关系 testview 的权限被拒绝。
What is wrong? How do testuser get access to testview?
怎么了?testuser 如何访问 testview?
回答by Paul A Jungwirth
I agree it should work. With permissions GRANT ... ON ALL TABLESshould include views too.
我同意它应该工作。具有权限也GRANT ... ON ALL TABLES应该包括视图。
Did you create the view aftergranting the privileges to testuser? If so then it doesn't have the same privileges as the other tables. That's because GRANT ... ON ALL TABLESmeans "on all tables that currently exist". To include tables/views you create in the future, you can say:
您是否在授予权限后创建了视图testuser?如果是这样,那么它与其他表没有相同的权限。那是因为GRANT ... ON ALL TABLES意思是“在当前存在的所有表上”。要包含您将来创建的表/视图,您可以说:
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO testuser;
Or if you want to give more than SELECT, you can say ALL PRIVILEGESinstead.
或者,如果您想提供超过SELECT,您可以ALL PRIVILEGES改为说。
I think this behavior of ON ALL TABLESis one of the most misunderstood bits about Postgres permissions, and it isn't really called out in the standard documentation, so I tried to emphasize it in my own Postgres permissions overview.
我认为这种行为ON ALL TABLES是关于 Postgres 权限最容易被误解的部分之一,并且在标准文档中并没有真正提到它,所以我试图在我自己的Postgres 权限概述中强调它。
