Re: Both side privileges - Mailing list pgsql-general

From Toomas Kristin
Subject Re: Both side privileges
Date
Msg-id 84AD5C5D-0DBF-429B-BEAC-D8DC01F33395@gmail.com
Whole thread Raw
In response to Re: Both side privileges  (Jean-Philippe Chenel <jp.chenel@live.ca>)
List pgsql-general

And please be sure that default permissions are defined properly. Otherwise it may happen that userA creates a new table but userB has access for that. Alternative option is that user has to grant proper access for the role group after every time when a new db object is created.

Toomas

On 14. Jul 2020, at 16:36, Jean-Philippe Chenel <jp.chenel@live.ca> wrote:

Thank for your answer David.
This is what I'll do.

De : David G. Johnston <david.g.johnston@gmail.com>
Envoyé : 13 juillet 2020 19:46
À : Jean-Philippe Chenel <jp.chenel@live.ca>
Cc : pgsql-general@lists.postgresql.org <pgsql-general@lists.postgresql.org>
Objet : Re: Both side privileges
 
On Mon, Jul 13, 2020 at 4:42 PM Jean-Philippe Chenel <jp.chenel@live.ca> wrote:
Hi,

I try to give userA privileges on userB objects and same thing to the userB, giving privileges on userA objects. 

Grant userB to userA; —ok
Grant userA to userB; —error: role userB is already member of role userA

Create a "group role" that retains ownership and then add both users to that group.

David J.

pgsql-general by date:

Previous
From: Jean-Philippe Chenel
Date:
Subject: Re: Both side privileges
Next
From: Marc Millas
Date:
Subject: some random() clarification needed