Thread: sql user management

sql user management

From
Vladislav Breus
Date:
With SQL requests I can create, change privileges of the user...

Can I access to user information only with sql-requests ?
- Is the user a member of group <group> ?
- Has he rights to table <table>  ?


Re: sql user management

From
george young
Date:
On Mon, 28 May 2001 17:03:32 +0300
Vladislav Breus <vlad@dtr.donetsk.ua> wrote:

> With SQL requests I can create, change privileges of the user...
> 
> Can I access to user information only with sql-requests ?
> - Is the user a member of group <group> ?

Use the contrib module 'array':
[cd $SOURCE/contrib/arraymakemake install]

Then, to find what groups 'young' is in, one can do:  select g.groname from pg_group g, pg_shadow s where
s.usename='young'and g.grolist *= s.usesysid;
 
or
  select g.grolist *= s.usesysid from pg_group g, pg_shadow s where s.usename='young' and g.groname='originator';

just to see wether or not 'young' is in group 'originator'.

> - Has he rights to table <table>  ?
That's more complicated, but still accessible.  You have to get pg_class.relacl from pg_class where
relname='yourtable';
and then parse the acl (access control list) and join with pg_group info...
Hmm, I haven't tried it -- looks messy...

Good luck,George
-- 
Your mouse has moved.
Windows NT must be restarted for the change to take effect.
Reboot now?  [OK]