Thread: Grants
Hi list, I am having problem with grants and users on PostgreSQL. I am using pgAdmin to connect like other user to test my permissions. As the owner of the database I have criated two roles: administrators (cannot connect) ezequias (can connect) I give permissions to a table I have: GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators; My user: CREATE ROLE ezequias LOGIN NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; GRANT administradores TO ezequias; My group CREATE ROLE administradores NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; When I try to access the table base.table1 with ezequias login the pgAdmin reports: (see attached image) Could someone tell me what I did wrong ? Ezequias
Attachment
You did not grant access privileges to schema. Also GRANT administrators on the base schema as you did for the table. --Imad www.EnterpriseDB.com On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote: > Hi list, > > I am having problem with grants and users on PostgreSQL. > > I am using pgAdmin to connect like other user to test my permissions. > > As the owner of the database I have criated two roles: > > administrators (cannot connect) > ezequias (can connect) > > I give permissions to a table I have: > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators; > > > My user: > CREATE ROLE ezequias LOGIN > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; > GRANT administradores TO ezequias; > > My group > CREATE ROLE administradores > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; > > When I try to access the table base.table1 with ezequias login the > pgAdmin reports: > (see attached image) > > Could someone tell me what I did wrong ? > Ezequias > > > > ---------------------------(end of broadcast)--------------------------- > TIP 5: don't forget to increase your free space map settings > > > >
####Schema grants#### CREATE SCHEMA base AUTHORIZATION root; GRANT ALL ON SCHEMA base TO root; GRANT USAGE ON SCHEMA base TO administrators; ####Table grants#### GRANT ALL ON TABLE base."local" TO root; GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators; Still the same problem. :( 2006/11/30, imad <immaad@gmail.com>: > You did not grant access privileges to schema. > Also GRANT administrators on the base schema as you did for the table. > > --Imad > www.EnterpriseDB.com > > > On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote: > > Hi list, > > > > I am having problem with grants and users on PostgreSQL. > > > > I am using pgAdmin to connect like other user to test my permissions. > > > > As the owner of the database I have criated two roles: > > > > administrators (cannot connect) > > ezequias (can connect) > > > > I give permissions to a table I have: > > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators; > > > > > > My user: > > CREATE ROLE ezequias LOGIN > > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; > > GRANT administradores TO ezequias; > > > > My group > > CREATE ROLE administradores > > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; > > > > When I try to access the table base.table1 with ezequias login the > > pgAdmin reports: > > (see attached image) > > > > Could someone tell me what I did wrong ? > > Ezequias > > > > > > > > ---------------------------(end of broadcast)--------------------------- > > TIP 5: don't forget to increase your free space map settings > > > > > > > > > -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Atenciosamente (Sincerely) Ezequias Rodrigues da Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- A pior das democracias ainda é melhor do que a melhor das ditaduras The worst of democracies is still better than the better of dictatorships http://ezequiasrocha.blogspot.com/
On Friday 01 December 2006 06:03 am, Ezequias Rodrigues da Rocha wrote: > > 2006/11/30, imad <immaad@gmail.com>: > > You did not grant access privileges to schema. > > Also GRANT administrators on the base schema as you did for the table. > > > > --Imad > > www.EnterpriseDB.com > > > > On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote: > > > Hi list, > > > > > > I am having problem with grants and users on PostgreSQL. > > > > > > I am using pgAdmin to connect like other user to test my permissions. > > > > > > As the owner of the database I have criated two roles: > > > > > > administrators (cannot connect) > > > ezequias (can connect) > > > > > > I give permissions to a table I have: > > > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators; > > > > > > > > > My user: > > > CREATE ROLE ezequias LOGIN > > > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; > > > GRANT administradores TO ezequias; > > > > > > My group > > > CREATE ROLE administradores > > > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; > > > > > > When I try to access the table base.table1 with ezequias login the > > > pgAdmin reports: > > > (see attached image) > > > > > > Could someone tell me what I did wrong ? > > > Ezequias > > > > > > > > > > > > ---------------------------(end of > > > broadcast)--------------------------- TIP 5: don't forget to increase > > > your free space map settings > ####Schema grants#### > > CREATE SCHEMA base > AUTHORIZATION root; > GRANT ALL ON SCHEMA base TO root; > GRANT USAGE ON SCHEMA base TO administrators; > > ####Table grants#### > GRANT ALL ON TABLE base."local" TO root; > GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators; > > Still the same problem. :( Two things I see. The first may only be a translation artifact. You have CREATE ROLE administradores and then GRANT to administrators on the table. Second in the CREATE ROLE ezequias you have NOINHERIT. This means ezequias does not automatically assume the privileges of the ROLES it belongs to. To acquire the privileges you have to do a SET ROLE administrators at the connection. -- Adrian Klaver aklaver@comcast.net
Look at your script. Your syntax is backward. > GRANT administradores TO ezequias; Also, you must create the administradores role _BEPORE_ you grant to it/ It should be: CREATE ROLE administradores NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; GRANT ezequias TO administradores ; That should fix the problem. -----Original Message----- From: pgadmin-support-owner@postgresql.org [mailto:pgadmin-support-owner@postgresql.org] On Behalf Of Ezequias Rodriguesda Rocha Sent: Friday, December 01, 2006 7:04 AM To: imad Cc: Pgadmin-Support; pgsql-sql@postgresql.org Subject: Re: [pgadmin-support] [SQL] Grants ####Schema grants#### CREATE SCHEMA base AUTHORIZATION root; GRANT ALL ON SCHEMA base TO root; GRANT USAGE ON SCHEMA base TO administrators; ####Table grants#### GRANT ALL ON TABLE base."local" TO root; GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators; Still the same problem. :( 2006/11/30, imad <immaad@gmail.com>: > You did not grant access privileges to schema. > Also GRANT administrators on the base schema as you did for the table. > > --Imad > www.EnterpriseDB.com > > > On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote: > > Hi list, > > > > I am having problem with grants and users on PostgreSQL. > > > > I am using pgAdmin to connect like other user to test my permissions. > > > > As the owner of the database I have criated two roles: > > > > administrators (cannot connect) > > ezequias (can connect) > > > > I give permissions to a table I have: > > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators; > > > > > > My user: > > CREATE ROLE ezequias LOGIN > > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; GRANT > > administradores TO ezequias; > > > > My group > > > > When I try to access the table base.table1 with ezequias login the > > pgAdmin reports: > > (see attached image) > > > > Could someone tell me what I did wrong ? > > Ezequias > > > > > > > > ---------------------------(end of > > broadcast)--------------------------- > > TIP 5: don't forget to increase your free space map settings > > > > > > > > > --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Atenciosamente (Sincerely) Ezequias Rodrigues da Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- A pior das democracias ainda é melhor do que a melhor das ditaduras The worst of democracies is still better than the betterof dictatorships http://ezequiasrocha.blogspot.com/ ---------------------------(end of broadcast)--------------------------- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq
Thank you so much. Now everything is ok. My real best regards Ezequias Rodrigues da Rocha 2006/12/2, Melvin Davidson <mdavidson@cctus.com>: > Look at your script. > > Your syntax is backward. > > GRANT administradores TO ezequias; > > > Also, you must create the administradores role _BEPORE_ you grant to it/ > It should be: > CREATE ROLE administradores > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; > > GRANT ezequias TO administradores ; > > That should fix the problem. > > > -----Original Message----- > From: pgadmin-support-owner@postgresql.org [mailto:pgadmin-support-owner@postgresql.org] On Behalf Of Ezequias Rodriguesda Rocha > Sent: Friday, December 01, 2006 7:04 AM > To: imad > Cc: Pgadmin-Support; pgsql-sql@postgresql.org > Subject: Re: [pgadmin-support] [SQL] Grants > > ####Schema grants#### > > CREATE SCHEMA base > AUTHORIZATION root; > GRANT ALL ON SCHEMA base TO root; > GRANT USAGE ON SCHEMA base TO administrators; > > ####Table grants#### > GRANT ALL ON TABLE base."local" TO root; GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators; > > Still the same problem. :( > > 2006/11/30, imad <immaad@gmail.com>: > > You did not grant access privileges to schema. > > Also GRANT administrators on the base schema as you did for the table. > > > > --Imad > > www.EnterpriseDB.com > > > > > > On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote: > > > Hi list, > > > > > > I am having problem with grants and users on PostgreSQL. > > > > > > I am using pgAdmin to connect like other user to test my permissions. > > > > > > As the owner of the database I have criated two roles: > > > > > > administrators (cannot connect) > > > ezequias (can connect) > > > > > > I give permissions to a table I have: > > > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators; > > > > > > > > > My user: > > > CREATE ROLE ezequias LOGIN > > > NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; GRANT > > > administradores TO ezequias; > > > > > > My group > > > > > > When I try to access the table base.table1 with ezequias login the > > > pgAdmin reports: > > > (see attached image) > > > > > > Could someone tell me what I did wrong ? > > > Ezequias > > > > > > > > > > > > ---------------------------(end of > > > broadcast)--------------------------- > > > TIP 5: don't forget to increase your free space map settings > > > > > > > > > > > > > > > > > -- > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > Atenciosamente (Sincerely) > Ezequias Rodrigues da Rocha > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > A pior das democracias ainda é melhor do que a melhor das ditaduras The worst of democracies is still better than the betterof dictatorships http://ezequiasrocha.blogspot.com/ > > ---------------------------(end of broadcast)--------------------------- > TIP 3: Have you checked our extensive FAQ? > > http://www.postgresql.org/docs/faq > -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Atenciosamente (Sincerely) Ezequias Rodrigues da Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- A pior das democracias ainda é melhor do que a melhor das ditaduras The worst of democracies is still better than the better of dictatorships http://ezequiasrocha.blogspot.com/