Actually, I don't want table owners to drop the table using DROP command directly. They have to use stored procedure to drop the table.
Thanks,
Dipti
On Thu, Feb 18, 2010 at 4:01 PM, Richard Huxton
<dev@archonet.com> wrote:
On 18/02/10 10:23, dipti shah wrote:
Thanks Richard. That makes sense. If I want to restrict DROP for any table
then do I need to REVOKE permissions individually on tables.
Revoke DROP ON MyTable from PUBLIC;
I want to avoid doing it so I am wondering if I can define/grant the
permission at database level so that nousers can directly use any commands
like CREATE, UPDATE, ALTER or DROP. They have to use stored procedure. They
can only use SELECT. Nothing else.
You can deny permission to a whole schema, but not set permissions on everything in it in one go. However there are various shell-scripts and plpgsql functions that let you set permissions on groups of tables in one go. They should show up easily enough through googling.
--
Richard Huxton
Archonet Ltd
