Hi!
> I tried
>So to be clear admin is doing the below, correct?
Yes. I copied provided user definition which invokes delete command from
pgadmin
code window for this user .
> permission denied to reassign objects .
>Is the above a blanket error or does it mention specific objects?
postgres log file contains two lines:
ERROR: permission denied to reassign objects
STATEMENT: reassign owned by vantaa to postgres
No objects are mentioned.
I can change log level if this helps.
>What you are trying to do is reverse what you did to get the present setup.
>Do you have a record/script that shows what you did to create the role and
>assign it to the objects?
It was something like:
create script:
CREATE ROLE vantaa;
grant idd_owner to vantaa;
reset roles script:
revoke all on all tables in schema public,firma1 from vantaa cascade;
revoke all on all sequences in schema public,firma1 from vantaa cascade;
revoke all on database idd from public,firma1 cascade;
revoke all on all functions in schema public,firma1 from vantaa cascade;
revoke all on schema public,firma1 from vantaa cascade;
revoke idd_owner from vantaa cascade;
ALTER ROLE vantaa inherit NOCREATEROLE NOCREATEDB NOLOGIN;
grant all on all tables in schema public,firma1 to vantaa;
grant all on all sequences in schema public,firma1 to vantaa;
grant all on database idd to vantaa;
grant all on schema public,firma1 to vantaa;
ALTER DEFAULT PRIVILEGES IN SCHEMA public,firma1 GRANT all ON TABLES TO
vantaa;
-- Restrict some tables:
revoke all on kasutaja,kaspriv,logifail from vantaa cascade;
grant select on kaspriv,kasutaja to vantaa;
grant update (eesnimi, nimi,email,amet,islocked,telefon,language,vabakuup)
on kasutaja to vantaa;
grant insert on logifail to vantaa;
Andrus.
