Thread: 101 Grants and Access Right Table/View
I have a simple question for “access rights” view or table within Postgres.
Here is my grant query:
GRANT USAGE ON SCHEMA abc TO abc_user;
GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA abc TO abc_user;
GRANT ALL ON ALL SEQUENCES IN SCHEMA abc TO abc_user;
GRANT EXECUTE ON ALL ROUTINES IN SCHEMA abc TO abc_user;
But I can’t find a view/table that is associated with the above grants? The view/table below doesn’t shown the above granted rights.
select * from information_schema.role_table_grants;
select * from information_schema.usage_privileges
Thank you
Kam Fook Wong
This e-mail is for the sole use of the intended recipient and contains information that may be privileged and/or confidential. If you are not an intended recipient, please notify the sender by return e-mail and delete this e-mail and any attachments. Certain required legal entity disclosures can be accessed on our website: https://www.thomsonreuters.com/en/resources/disclosures.htmlI have a simple question for “access rights” view or table within Postgres.
Here is my grant query:
GRANT USAGE ON SCHEMA abc TO abc_user;
GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA abc TO abc_user;
GRANT ALL ON ALL SEQUENCES IN SCHEMA abc TO abc_user;
GRANT EXECUTE ON ALL ROUTINES IN SCHEMA abc TO abc_user;
But I can’t find a view/table that is associated with the above grants? The view/table below doesn’t shown the above granted rights.
select * from information_schema.role_table_grants;
select * from information_schema.usage_privileges
Thank youKam Fook Wong
"Wong, Kam Fook (TR Technology)" <kamfook.wong@thomsonreuters.com> writes:
> I have a simple question for "access rights" view or table within Postgres.
> Here is my grant query:
> GRANT USAGE ON SCHEMA abc TO abc_user;
> GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA abc TO abc_user;
> GRANT ALL ON ALL SEQUENCES IN SCHEMA abc TO abc_user;
> GRANT EXECUTE ON ALL ROUTINES IN SCHEMA abc TO abc_user;
> But I can't find a view/table that is associated with the above
> grants?
Those commands would simply apply the grants to any existing objects
in the given schema, so you'd have to look at such objects to see
the effects. If there are none, nothing happens.
You might be looking for ALTER DEFAULT PRIVILEGES?
regards, tom lane
Usename = postgres is the grantor. The object owner is flyway. I tried the grants on both postgres user and flyway user and the result is the same.
From: rams nalabolu <ramsveeru441@gmail.com>
Sent: Thursday, October 17, 2024 1:41 PM
To: Wong, Kam Fook (TR Technology) <kamfook.wong@thomsonreuters.com>
Cc: Pgsql-admin <pgsql-admin@lists.postgresql.org>
Subject: [EXT] Re: 101 Grants and Access Right Table/View
External Email: Use caution with links and attachments. |
Who is the grantor? And the objects owner?
Only the objects owner can grant the privileges
On Thu, Oct 17, 2024 at 1:38 PM Wong, Kam Fook (TR Technology) <kamfook.wong@thomsonreuters.com> wrote:
I have a simple question for “access rights” view or table within Postgres.
Here is my grant query:
GRANT USAGE ON SCHEMA abc TO abc_user;
GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA abc TO abc_user;
GRANT ALL ON ALL SEQUENCES IN SCHEMA abc TO abc_user;
GRANT EXECUTE ON ALL ROUTINES IN SCHEMA abc TO abc_user;
But I can’t find a view/table that is associated with the above grants? The view/table below doesn’t shown the above granted rights.
select * from information_schema.role_table_grants;
select * from information_schema.usage_privileges
Thank youKam Fook Wong
This e-mail is for the sole use of the intended recipient and contains information that may be privileged and/or confidential. If you are not an intended recipient, please notify the sender by return e-mail and delete this e-mail and any attachments. Certain required legal entity disclosures can be accessed on our website: https://www.thomsonreuters.com/en/resources/disclosures.html
Tom,
These are existing objects/tables. So I assume after the grants were run, the information_schema.role_table_grants
andinformation_schema.usage_privileges shouldn't be blank right/now rows return?
Thank you
Kam
-----Original Message-----
From: Tom Lane <tgl@sss.pgh.pa.us>
Sent: Thursday, October 17, 2024 2:49 PM
To: Wong, Kam Fook (TR Technology) <kamfook.wong@thomsonreuters.com>
Cc: Pgsql-admin <pgsql-admin@lists.postgresql.org>
Subject: [EXT] Re: 101 Grants and Access Right Table/View
External Email: Use caution with links and attachments.
"Wong, Kam Fook (TR Technology)" <kamfook.wong@thomsonreuters.com> writes:
> I have a simple question for "access rights" view or table within Postgres.
> Here is my grant query:
> GRANT USAGE ON SCHEMA abc TO abc_user; GRANT SELECT, INSERT, UPDATE,
> DELETE ON ALL TABLES IN SCHEMA abc TO abc_user; GRANT ALL ON ALL
> SEQUENCES IN SCHEMA abc TO abc_user; GRANT EXECUTE ON ALL ROUTINES IN
> SCHEMA abc TO abc_user;
> But I can't find a view/table that is associated with the above
> grants?
Those commands would simply apply the grants to any existing objects in the given schema, so you'd have to look at such
objectsto see the effects. If there are none, nothing happens.
You might be looking for ALTER DEFAULT PRIVILEGES?
regards, tom lane
"Wong, Kam Fook (TR Technology)" <kamfook.wong@thomsonreuters.com> writes:
> These are existing objects/tables. So I assume after the grants were run, the information_schema.role_table_grants
andinformation_schema.usage_privileges shouldn't be blank right/now rows return?
Maybe. I believe both of those views will only show information about
grants where you (the user reading the view) are grantor or grantee.
You've not provided any details about your test setup ...
regards, tom lane