Thread: Grant problems
Hello I like to create a user who can do the followings on a table: select, insert, update But he can't delete! I tried this: grant INSERT, SELECT, UPDATE on table_name to testuser; After this the test user can delete from the table_name table without any problems. The testuser is not a superuser. Plz help, Thanks, Bye
> Hello > > I like to create a user who can do the followings on a table: select, > insert, update > But he can't delete! > I tried this: grant INSERT, SELECT, UPDATE on table_name to testuser; > After this the test user can delete from the table_name table without any > problems. The testuser is not a superuser. > > Plz help, Thanks, Bye Do the following first: REVOKE ALL ON "table_name" FROM PUBLIC; this takes all permissions away from the Public, eg. all users, including the testuser.... hope this helps, with kind regards, Joost Roeleveld
Hallo, > I like to create a user who can do the followings on a table: select, > insert, update > But he can't delete! > I tried this: grant INSERT, SELECT, UPDATE on table_name to testuser; > After this the test user can delete from the table_name table without any > problems. The testuser is not a superuser. GRANT UPDATE and GRANT DELETE are commands with the same result in the system tables: They modify both the "w" component in the relacl attribute of pg_class! As result of this undocumented design bug you can't deny UPDATE's but allow DELETE's and vice versa. Gerald Fiedler