Thread: RE: [SQL] User and Groups
For each group in pg_group you need to do the following:
UPDATE pg_group set grolist = '{501,514,502,503,504}' where grosysid = 1;
Where 501 - 504 is a list of pg_user.usesysid that should belong to the
group.
This really needs to be added to the documentation and "create user" needs
to be fixed to automatically do this.
-----Original Message-----From: Greg Frith [SMTP:greg@malthouse.demon.co.uk]Sent: Wednesday, May 05, 1999 8:35
AMTo: pgsql-sql@postgreSQL.orgSubject: [SQL] User and Groups
Hi, I'm having some problems trying to get my head around how users
and groupswork.
I have 2 groups of users: client & consultants. I create these
groups asfollows:-
/* Group : create group consultants */INSERT INTO pg_group VALUES ('consultants', '100');INSERT INTO pg_group VALUES
('clients','200');
I then create some tables and set the permissions on these tables as
follows:-
REVOKE ALL ON clients, clientaddr, consultants, consultantaddr, systemconstants, clients_consultants, tasks,
client_extras, timesheet, schedule, invoice, invoice_items, pg_user, pg_shadowFROM GROUP clients;
GRANT ALL ON clients, clientaddr, consultants, consultantaddr, systemconstants, clients_consultants, tasks,
client_extras, timesheet, schedule, invoice, invoice_itemsTO GROUP consultants;
Now I create a user:-
testdb=> CREATE USER paul IN GROUP consultants;CREATE USER
I login as this user and try a select on a table that should have
permissionsset:-
testdb=> select * from consultants;NOTICE: in_group: group 100 not foundERROR: consultants: Permission denied.
I can't understand this - should I insert the user id of each
consultant userinto grolist of pg_group where groname = consultants?
TOA
--
---------------------------Greg Frith - University Of Leeds : School of Computer Studies
Hi Michael, thanks for your help. Just after I posted the message I used this
manual insert method as a quick fix, its obviously the right way!! So what is
the point of the IN GROUP directive or ADD USER? Does this actually do
anything?
Michael J Davis wrote:
> For each group in pg_group you need to do the following:
>
> UPDATE pg_group set grolist = '{501,514,502,503,504}' where grosysid = 1;
>
> Where 501 - 504 is a list of pg_user.usesysid that should belong to the
> group.
>
> This really needs to be added to the documentation and "create user" needs
> to be fixed to automatically do this.
>
> -----Original Message-----
> From: Greg Frith [SMTP:greg@malthouse.demon.co.uk]
> Sent: Wednesday, May 05, 1999 8:35 AM
> To: pgsql-sql@postgreSQL.org
> Subject: [SQL] User and Groups
>
> Hi, I'm having some problems trying to get my head around how users
> and groups
> work.
>
> I have 2 groups of users: client & consultants. I create these
> groups as
> follows:-
>
> /* Group : create group consultants */
> INSERT INTO pg_group VALUES ('consultants', '100');
> INSERT INTO pg_group VALUES ('clients', '200');
>
> I then create some tables and set the permissions on these tables as
> follows:-
>
> REVOKE ALL ON clients, clientaddr, consultants, consultantaddr,
> systemconstants, clients_consultants, tasks, client_extras,
> timesheet, schedule, invoice, invoice_items,
> pg_user, pg_shadow
> FROM GROUP clients;
>
> GRANT ALL ON clients, clientaddr, consultants, consultantaddr,
> systemconstants, clients_consultants, tasks, client_extras,
> timesheet, schedule, invoice, invoice_items
> TO GROUP consultants;
>
> Now I create a user:-
>
> testdb=> CREATE USER paul IN GROUP consultants;
> CREATE USER
>
> I login as this user and try a select on a table that should have
> permissions
> set:-
>
> testdb=> select * from consultants;
> NOTICE: in_group: group 100 not found
> ERROR: consultants: Permission denied.
>
> I can't understand this - should I insert the user id of each
> consultant user
> into grolist of pg_group where groname = consultants?
>
> TOA
>
> --
>
> ---------------------------
> Greg Frith - University Of Leeds : School of Computer Studies
>