更新时间:2022-05-17 22:19:33
用户需要访问数据库,显然:
GRANT CONNECT ON DATABASE my_db TO my_user;
并且(至少)具有 USAGE
特权在 schema 上:
And (at least) the USAGE
privilege on the schema:
GRANT USAGE ON SCHEMA public TO my_user;
或在 all上授予 USAGE
自定义模式:
Or grant USAGE
on all custom schemas:
DO
$$
BEGIN
-- RAISE NOTICE '%', ( -- use instead of EXECUTE to see generated commands
EXECUTE (
SELECT string_agg(format('GRANT USAGE ON SCHEMA %I TO my_user', nspname), '; ')
FROM pg_namespace
WHERE nspname <> 'information_schema' -- exclude information schema and ...
AND nspname NOT LIKE 'pg\_%' -- ... system schemas
);
END
$$;
然后,所有权限适用于所有表(需要Postgres 9.0 或更高版本)。
并且不要忘记序列(如果有):
Then, all permissions for all tables (requires Postgres 9.0 or later).
And don't forget sequences (if any):
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO my_user;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO my_user;
对于旧版本,您可以使用 Grant Wizar
For older versions you could use the "Grant Wizard" of pgAdmin III (the default GUI).
还有一些其他对象, GRANT
的手册自Postgres 12起具有完整列表:
There are some other objects, the manual for GRANT
has the complete list as of Postgres 12:
数据库对象(表,列,视图,外部表,序列,数据库,外部数据包装器,外部服务器,函数,过程,过程语言,模式)的特权,或表空间)
privileges on a database object (table, column, view, foreign table, sequence, database, foreign-data wrapper, foreign server, function, procedure, procedural language, schema, or tablespace)
但是很少需要其余的内容。更多详细信息:
But the rest is rarely needed. More details:
考虑升级到当前版本。