Thread: No create table
I need to use a user that can not have permission to create table in one BD.
I use revoke, I tray with "revoke all on database XXX to|from USERNAME;", but I don't have success.
Could someone help me?
With revoke I only limit access in tables.
Did your cammand fail, or did it work, but the user can still create tables?
On 7/27/07, Anderson Alves de Albuquerque <andersonaa@gmail.com> wrote:
I need to use a user that can not have permission to create table in one BD.
I use revoke, I tray with "revoke all on database XXX to|from USERNAME;", but I don't have success.
Could someone help me?With revoke I only limit access in tables.
Anderson Alves de Albuquerque wrote: > I need to use a user that can not have permission to create table in one > BD. > > I use revoke, I tray with "revoke all on database XXX to|from USERNAME;", > but I don't have success. > > Could someone help me? You have to revoke permissions from the _schema_, not from databases. Say, revoke all on schema PUBLIC FROM PUBLIC; revoke all on schema PUBLIC FROM username; You have to remove from PUBLIC because otherwise the user will still have permissions to create via that privilege, even if you take his own permission away (if he had one at all actually). -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support
I try with "revoke all on schema PUBLIC FROM PUBLIC;", but after give GRANT SELECT user can't use SELECT. When I use "revoke CREATE on schema PUBLIC FROM PUBLIC;" and give GRANT SELECT user can use SELECT.
On 7/27/07, Alvaro Herrera <alvherre@commandprompt.com> wrote:
Anderson Alves de Albuquerque wrote:
> I need to use a user that can not have permission to create table in one
> BD.
>
> I use revoke, I tray with "revoke all on database XXX to|from USERNAME;",
> but I don't have success.
>
> Could someone help me?
You have to revoke permissions from the _schema_, not from databases.
Say,
revoke all on schema PUBLIC FROM PUBLIC;
revoke all on schema PUBLIC FROM username;
You have to remove from PUBLIC because otherwise the user will still
have permissions to create via that privilege, even if you take his own
permission away (if he had one at all actually).
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
--
[],
When I use revoke that you send, I revoke permission in all database. Is there possible I use this revoke in one BD only?
On 7/27/07, Alvaro Herrera <alvherre@commandprompt.com> wrote:
Anderson Alves de Albuquerque wrote:
> I need to use a user that can not have permission to create table in one
> BD.
>
> I use revoke, I tray with "revoke all on database XXX to|from USERNAME;",
> but I don't have success.
>
> Could someone help me?
You have to revoke permissions from the _schema_, not from databases.
Say,
revoke all on schema PUBLIC FROM PUBLIC;
revoke all on schema PUBLIC FROM username;
You have to remove from PUBLIC because otherwise the user will still
have permissions to create via that privilege, even if you take his own
permission away (if he had one at all actually).
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
--
.