On 03/20/2013 03:26 PM, Michael Orlitzky wrote:
> On 03/20/2013 05:18 PM, Rob Sargent wrote:
>
> At the moment, everyone's just experimenting. Even with the proper
> tooling, my blog app shouldn't have to handle the database permissions
> table-by-table. I should be able to set up sensible defaults.
>
CREATE ROLE adrian LOGIN;
CREATE ROLE ranger LOGIN;
CREATE ROLE dev_user ROLE;
GRANT dev_user TO adrian;
GRANT dev_user TO ranger;
ALTER ROLE adrian IN DATABASE test set role=dev_user;
aklaver@panda:~> psql -d test -U adrian
Password for user adrian:
psql (9.0.12)
Type "help" for help.
test=> SELECT current_user;
current_user
--------------
dev_user
(1 row)
test=> SELECT session_user;
session_user
--------------
adrian
(1 row)
test=> CREATE TABLE adrian_tbl(id int);
CREATE TABLE
test=> \c - ranger
Password for user ranger:
You are now connected to database "test" as user "ranger".
test=> INSERT INTO adrian_tbl VALUES (1);
INSERT 0 1
>
>
--
Adrian Klaver
adrian.klaver@gmail.com