Durumdara wrote: [...] > --- login with postgres: [...] > ALTER DEFAULT PRIVILEGES > GRANT INSERT, SELECT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER ON TABLES > TO u_tr_db; > > ---- login with u_tr_main: > > create table t_canyouseeme_1 (k int); > > ---- login with u_tr_db: > > select * from t_canyouseeme_1; > > ERROR: permission denied for relation t_canyouseeme_1 > SQL state: 42501 > > As you see before, u_tr_db got all default privileges on future tables, so I don't understand why he > don't get to "t_canyouseeme_1".
You should have written
ALTER DEFAULT PRIVILEGES FOR ROLE u_tr_main ...
The way you did it, you effectively wrote "FOR ROLE postgres" because you were connected as that user.
Than means that all future tables created *by postgres* will have privileges for user "u_tr_db" added. But you want tables created *by u_tr_main* to get the privileges.