Thread: Grants

Grants

From
"Ezequias Rodrigues da Rocha"
Date:
Hi list,

I am having problem with grants and users on PostgreSQL.

I am using pgAdmin to connect like other user to test my permissions.

As the owner of the database I have criated two roles:

administrators (cannot connect)
ezequias (can connect)

I give permissions to a table I have:
GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators;


My user:
CREATE ROLE ezequias LOGIN
  NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
GRANT administradores TO ezequias;

My group
CREATE ROLE administradores
  NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;

When I try to access the table base.table1 with ezequias login the
pgAdmin reports:
(see attached image)

Could someone tell me what I did wrong ?
Ezequias

Attachment

Re: [SQL] Grants

From
imad
Date:
You did not grant access privileges to schema.
Also GRANT administrators on the base schema as you did for the table.

--Imad
www.EnterpriseDB.com


On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote:
> Hi list,
>
> I am having problem with grants and users on PostgreSQL.
>
> I am using pgAdmin to connect like other user to test my permissions.
>
> As the owner of the database I have criated two roles:
>
> administrators (cannot connect)
> ezequias (can connect)
>
> I give permissions to a table I have:
> GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators;
>
>
> My user:
> CREATE ROLE ezequias LOGIN
>   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
> GRANT administradores TO ezequias;
>
> My group
> CREATE ROLE administradores
>   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
>
> When I try to access the table base.table1 with ezequias login the
> pgAdmin reports:
> (see attached image)
>
> Could someone tell me what I did wrong ?
> Ezequias
>
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: don't forget to increase your free space map settings
>
>
>
>


Re: [SQL] Grants

From
"Ezequias Rodrigues da Rocha"
Date:
####Schema grants####

CREATE SCHEMA base AUTHORIZATION root;
GRANT ALL ON SCHEMA base TO root;
GRANT USAGE ON SCHEMA base TO administrators;

####Table grants####
GRANT ALL ON TABLE base."local" TO root;
GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators;

Still the same problem. :(

2006/11/30, imad <immaad@gmail.com>:
> You did not grant access privileges to schema.
> Also GRANT administrators on the base schema as you did for the table.
>
> --Imad
> www.EnterpriseDB.com
>
>
> On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote:
> > Hi list,
> >
> > I am having problem with grants and users on PostgreSQL.
> >
> > I am using pgAdmin to connect like other user to test my permissions.
> >
> > As the owner of the database I have criated two roles:
> >
> > administrators (cannot connect)
> > ezequias (can connect)
> >
> > I give permissions to a table I have:
> > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators;
> >
> >
> > My user:
> > CREATE ROLE ezequias LOGIN
> >   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
> > GRANT administradores TO ezequias;
> >
> > My group
> > CREATE ROLE administradores
> >   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
> >
> > When I try to access the table base.table1 with ezequias login the
> > pgAdmin reports:
> > (see attached image)
> >
> > Could someone tell me what I did wrong ?
> > Ezequias
> >
> >
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 5: don't forget to increase your free space map settings
> >
> >
> >
> >
>


-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=                                 Atenciosamente
(Sincerely)                      Ezequias Rodrigues da
Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/


Re: [SQL] Grants

From
Adrian Klaver
Date:
On Friday 01 December 2006 06:03 am, Ezequias Rodrigues da Rocha wrote:
>
> 2006/11/30, imad <immaad@gmail.com>:
> > You did not grant access privileges to schema.
> > Also GRANT administrators on the base schema as you did for the table.
> >
> > --Imad
> > www.EnterpriseDB.com
> >
> > On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote:
> > > Hi list,
> > >
> > > I am having problem with grants and users on PostgreSQL.
> > >
> > > I am using pgAdmin to connect like other user to test my permissions.
> > >
> > > As the owner of the database I have criated two roles:
> > >
> > > administrators (cannot connect)
> > > ezequias (can connect)
> > >
> > > I give permissions to a table I have:
> > > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators;
> > >
> > >
> > > My user:
> > > CREATE ROLE ezequias LOGIN
> > >   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
> > > GRANT administradores TO ezequias;
> > >
> > > My group
> > > CREATE ROLE administradores
> > >   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
> > >
> > > When I try to access the table base.table1 with ezequias login the
> > > pgAdmin reports:
> > > (see attached image)
> > >
> > > Could someone tell me what I did wrong ?
> > > Ezequias
> > >
> > >
> > >
> > > ---------------------------(end of
> > > broadcast)--------------------------- TIP 5: don't forget to increase
> > > your free space map settings
> ####Schema grants####
>
> CREATE SCHEMA base
>   AUTHORIZATION root;
> GRANT ALL ON SCHEMA base TO root;
> GRANT USAGE ON SCHEMA base TO administrators;
>
> ####Table grants####
> GRANT ALL ON TABLE base."local" TO root;
> GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators;
>
> Still the same problem. :(

Two things I see. 
The first may only be a translation artifact. You have CREATE ROLE 
administradores and then GRANT to administrators on the table.
Second in the CREATE ROLE  ezequias you have NOINHERIT. This means  ezequias  
does not automatically assume the privileges of the ROLES it belongs to. To 
acquire the privileges you have to do a SET ROLE administrators at the 
connection.
-- 
Adrian Klaver    
aklaver@comcast.net


Re: [SQL] Grants

From
"Melvin Davidson"
Date:
Look at your script.

Your syntax is backward.
> GRANT administradores TO ezequias;


Also, you must create the administradores role _BEPORE_ you grant to it/
It should be:
CREATE ROLE administradores NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;

GRANT ezequias TO administradores ;

That should fix the problem.


-----Original Message-----
From: pgadmin-support-owner@postgresql.org [mailto:pgadmin-support-owner@postgresql.org] On Behalf Of Ezequias
Rodriguesda Rocha 
Sent: Friday, December 01, 2006 7:04 AM
To: imad
Cc: Pgadmin-Support; pgsql-sql@postgresql.org
Subject: Re: [pgadmin-support] [SQL] Grants

####Schema grants####

CREATE SCHEMA base AUTHORIZATION root;
GRANT ALL ON SCHEMA base TO root;
GRANT USAGE ON SCHEMA base TO administrators;

####Table grants####
GRANT ALL ON TABLE base."local" TO root; GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators;

Still the same problem. :(

2006/11/30, imad <immaad@gmail.com>:
> You did not grant access privileges to schema.
> Also GRANT administrators on the base schema as you did for the table.
>
> --Imad
> www.EnterpriseDB.com
>
>
> On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote:
> > Hi list,
> >
> > I am having problem with grants and users on PostgreSQL.
> >
> > I am using pgAdmin to connect like other user to test my permissions.
> >
> > As the owner of the database I have criated two roles:
> >
> > administrators (cannot connect)
> > ezequias (can connect)
> >
> > I give permissions to a table I have:
> > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators;
> >
> >
> > My user:
> > CREATE ROLE ezequias LOGIN
> >   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; GRANT
> > administradores TO ezequias;
> >
> > My group
> >
> > When I try to access the table base.table1 with ezequias login the
> > pgAdmin reports:
> > (see attached image)
> >
> > Could someone tell me what I did wrong ?
> > Ezequias
> >
> >
> >
> > ---------------------------(end of
> > broadcast)---------------------------
> > TIP 5: don't forget to increase your free space map settings
> >
> >
> >
> >
>


--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=                                 Atenciosamente
(Sincerely)                      Ezequias Rodrigues da
Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras The worst of democracies is still better than the
betterof dictatorships http://ezequiasrocha.blogspot.com/ 

---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
              http://www.postgresql.org/docs/faq


Re: [SQL] Grants

From
"Ezequias Rodrigues da Rocha"
Date:
Thank you so much. Now everything is ok.

My real best regards
Ezequias Rodrigues da Rocha

2006/12/2, Melvin Davidson <mdavidson@cctus.com>:
>  Look at your script.
>
> Your syntax is backward.
> > GRANT administradores TO ezequias;
>
>
> Also, you must create the administradores role _BEPORE_ you grant to it/
> It should be:
> CREATE ROLE administradores
>   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE;
>
> GRANT ezequias TO administradores ;
>
> That should fix the problem.
>
>
> -----Original Message-----
> From: pgadmin-support-owner@postgresql.org [mailto:pgadmin-support-owner@postgresql.org] On Behalf Of Ezequias
Rodriguesda Rocha 
> Sent: Friday, December 01, 2006 7:04 AM
> To: imad
> Cc: Pgadmin-Support; pgsql-sql@postgresql.org
> Subject: Re: [pgadmin-support] [SQL] Grants
>
> ####Schema grants####
>
> CREATE SCHEMA base
>   AUTHORIZATION root;
> GRANT ALL ON SCHEMA base TO root;
> GRANT USAGE ON SCHEMA base TO administrators;
>
> ####Table grants####
> GRANT ALL ON TABLE base."local" TO root; GRANT SELECT, UPDATE, INSERT ON TABLE base."local" TO administrators;
>
> Still the same problem. :(
>
> 2006/11/30, imad <immaad@gmail.com>:
> > You did not grant access privileges to schema.
> > Also GRANT administrators on the base schema as you did for the table.
> >
> > --Imad
> > www.EnterpriseDB.com
> >
> >
> > On 12/1/06, Ezequias Rodrigues da Rocha <ezequias.rocha@gmail.com> wrote:
> > > Hi list,
> > >
> > > I am having problem with grants and users on PostgreSQL.
> > >
> > > I am using pgAdmin to connect like other user to test my permissions.
> > >
> > > As the owner of the database I have criated two roles:
> > >
> > > administrators (cannot connect)
> > > ezequias (can connect)
> > >
> > > I give permissions to a table I have:
> > > GRANT SELECT, UPDATE, INSERT ON TABLE base.table1 TO administrators;
> > >
> > >
> > > My user:
> > > CREATE ROLE ezequias LOGIN
> > >   NOSUPERUSER NOINHERIT NOCREATEDB NOCREATEROLE; GRANT
> > > administradores TO ezequias;
> > >
> > > My group
> > >
> > > When I try to access the table base.table1 with ezequias login the
> > > pgAdmin reports:
> > > (see attached image)
> > >
> > > Could someone tell me what I did wrong ?
> > > Ezequias
> > >
> > >
> > >
> > > ---------------------------(end of
> > > broadcast)---------------------------
> > > TIP 5: don't forget to increase your free space map settings
> > >
> > >
> > >
> > >
> >
>
>
> --
>  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>                                   Atenciosamente (Sincerely)
>                         Ezequias Rodrigues da Rocha
>  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> A pior das democracias ainda é melhor do que a melhor das ditaduras The worst of democracies is still better than the
betterof dictatorships http://ezequiasrocha.blogspot.com/ 
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: Have you checked our extensive FAQ?
>
>                http://www.postgresql.org/docs/faq
>


-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=                                 Atenciosamente
(Sincerely)                      Ezequias Rodrigues da
Rocha=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
A pior das democracias ainda é melhor do que a melhor das ditaduras
The worst of democracies is still better than the better of dictatorships
http://ezequiasrocha.blogspot.com/