白眉大叔 create user
create role
drop user
alter user
\h create user
role 和 user 区别 , user 带有 login 权限,role 不带有 login
demo:
postgres=# CREATE ROLE baimei WITH SUPERUSER LOGIN PASSWORD '123';
postgres=# CREATE ROLE app WITH LOGIN PASSWORD '123';
postgres=# CREATE ROLE repl WITH REPLICATION LOGIN PASSWORD '123';
postgres=# drop role repl;
postgres=# drop role app;
postgres=# alter role baimei with NOSUPERUSER LOGIN PASSWORD '123';
postgres=# \du4.3.1 权限级别
cluster权限:实例权限通过pg_hba.conf配置。
database权限:数据库权限通过grant和revoke操作schema配置。
TBS权限:表空间权限通过grant和revoke操作表、物化视图、索引、临时表配置。
schema权限:模式权限通过grant和revoke操作模式下的对象配置。
object权限:对象权限通过grant和revoke配置。4.3.2 权限定义
database 权限设置
GRANT create ON DATABASE oldguo TO baimei;
schema 权限 (比较少用)
ALTER SCHEMA baimei_schema OWNER to baimei;
GRANT select,insert,update,delete ON ALL TABLES IN SCHEMA baimei_schema to
baimei ;
object 权限
grant select,insert,update,delete on a.b to u;
案例: 业务用户
postgres=# create database taobao;
CREATE DATABASE
postgres=# \c tabao
taobao=# create schema miaosha;
taobao=# create user miaosha with password '123';
taobao=# ALTER SCHEMA miaosha OWNER to miaosha ;
taobao=# GRANT select,insert,update,delete ON ALL TABLES IN SCHEMA miaosha
to miaosha;
查询权限相关信息
select * from pg_roles;
\c baimei
select * from information_schema.table_privileges where grantee='baimei';
欢迎来撩 : 汇总all
