Thread: user/group creation privileges
I have a special question. I'm about to make a system that is going to have several users are going to load data with a web interface. This users are gonna be on a special group that will have privileges on the database. Now, I want to have on (or more) users to be able to create new users, put them in this group and give them privileges to modify the database structure (SELECT, INSERT, UPDATE, DELETE). How can I do this last part? I didn't find much on the GRANT manual. Saludos... :-) System Administration: It's a dirty job, but someone told I had to do it. ----------------------------------------------------------------- Martín Marqués email: martin@math.unl.edu.ar Santa Fe - Argentina http://math.unl.edu.ar/~martin/ Administrador de sistemas en math.unl.edu.ar -----------------------------------------------------------------
From: "Martin A. Marques" <martin@math.unl.edu.ar> > I have a special question. > I'm about to make a system that is going to have several users are going to load > data with a web interface. This users are gonna be on a special group that will > have privileges on the database. > Now, I want to have on (or more) users to be able to create new users, put them > in this group and give them privileges to modify the database structure (SELECT, > INSERT, UPDATE, DELETE). > How can I do this last part? I didn't find much on the GRANT manual. > > Saludos... :-) When you run the "createuser" command-line program you can select many of these permissions. I would be tempted to have one administration user defined in PG that can do all of this, then define a separate admin section of the website that is only accessible to the users you want. This gives you more precise control over which users can do what. - Richard Huxton
Mensaje citado por: Richard Huxton <dev@archonet.com>: > > When you run the "createuser" command-line program you can select many > of > these permissions. I would be tempted to have one administration user > defined in PG that can do all of this, then define a separate admin > section > of the website that is only accessible to the users you want. > > This gives you more precise control over which users can do what. Yes, but what I want is a user that can only create users with previliges on a determinated group. But as my app. is gonna work with the web, I guess they can't do anything the the client I'm building will let them do. Thanks anyway.... :-) System Administration: It's a dirty job, but someone told I had to do it. ----------------------------------------------------------------- Martín Marqués email: martin@math.unl.edu.ar Santa Fe - Argentina http://math.unl.edu.ar/~martin/ Administrador de sistemas en math.unl.edu.ar -----------------------------------------------------------------