Обсуждение: schema access privs

Поиск
Список
Период
Сортировка

schema access privs

От
Ray Stell
Дата:
What does the results in col 'List of schemas Access privileges'
indicate?  Are those three results split by the '/' char?  What
are the three sections?  What is 'postgres+'

Can't find this explained in the docs.

template1-# \dn+ pg_catalog
                           List of schemas
    Name    |  Owner   |  Access privileges   |      Description
------------+----------+----------------------+-----------------------
 pg_catalog | postgres | postgres=UC/postgres+| system catalog schema
            |          | =U/postgres          |
(1 row)

http://www.postgresql.org/docs/current/static/app-psql.html

\dn[+] [ pattern ]

    Lists schemas (namespaces). If pattern is specified, only schemas
    whose names match the pattern are listed. Non-local temporary schemas
    are suppressed. If + is appended to the command name, each object
    is listed with its associated permissions and description, if any.

Re: schema access privs

От
Vibhor Kumar
Дата:
On Apr 5, 2011, at 2:31 AM, Ray Stell wrote:

> What does the results in col 'List of schemas Access privileges'
> indicate?  Are those three results split by the '/' char?  What
> are the three sections?  What is 'postgres+'
>
> Can't find this explained in the docs.
>
> template1-# \dn+ pg_catalog
>                           List of schemas
>    Name    |  Owner   |  Access privileges   |      Description
> ------------+----------+----------------------+-----------------------
> pg_catalog | postgres | postgres=UC/postgres+| system catalog schema
>            |          | =U/postgres          |
> (1 row)

Following link contains detail about Access privileges:
http://www.postgresql.org/docs/8.4/static/sql-grant.html
       r -- SELECT ("read")
                  w -- UPDATE ("write")
                  a -- INSERT ("append")
                  d -- DELETE
                  D -- TRUNCATE
                  x -- REFERENCES
                  t -- TRIGGER
                  X -- EXECUTE
                  U -- USAGE
                  C -- CREATE
                  c -- CONNECT
                  T -- TEMPORARY
            arwdDxt -- ALL PRIVILEGES (for tables, varies for other objects)
                  * -- grant option for preceding privilege

              /yyyy -- role that granted this privilege

Thanks & Regards,
Vibhor Kumar
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
vibhor.kumar@enterprisedb.com
Blog:http://vibhork.blogspot.com

Re: schema access privs

От
Vibhor Kumar
Дата:
[ Please don't overpost the list. Adding PG General List]

On Apr 5, 2011, at 3:30 AM, Ray Stell wrote:

> On Tue, Apr 05, 2011 at 02:42:30AM +0530, Vibhor Kumar wrote:
>>
>> On Apr 5, 2011, at 2:31 AM, Ray Stell wrote:
>>
>>> What does the results in col 'List of schemas Access privileges'
>>> indicate?  Are those three results split by the '/' char?  What
>>> are the three sections?  What is 'postgres+'
>>
>> Following link contains detail about Access privileges:
>> http://www.postgresql.org/docs/8.4/static/sql-grant.html
>
> yeah, I saw that, but that's not what I asked about.  there seems
> to be 3 sections of the result.  What are the sections?  and what is
> postgres+ ?

Following are details:
 postgres=UC/postgres+
 [user]   [privs] /[ ROLE who granted privs.

Postgres is a user which has granted USAGE and CREATE Privileges to user postgres

+ seems a wrapper in next line.

Thanks & Regards,
Vibhor Kumar
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
vibhor.kumar@enterprisedb.com
Blog:http://vibhork.blogspot.com

Re: schema access privs

От
Ray Stell
Дата:
On Tue, Apr 05, 2011 at 03:58:46PM +0530, Vibhor Kumar wrote:
>
> Following are details:
>  postgres=UC/postgres+
>  [user]   [privs] /[ ROLE who granted privs.

What's the logic for reporting the U priv twice?

Re: schema access privs

От
Vibhor Kumar
Дата:
On Apr 5, 2011, at 6:07 PM, Ray Stell wrote:

> On Tue, Apr 05, 2011 at 03:58:46PM +0530, Vibhor Kumar wrote:
>>
>> Following are details:
>> postgres=UC/postgres+
>> [user]   [privs] /[ ROLE who granted privs.
>
> What's the logic for reporting the U priv twice?


If you are talking about following:
 =U/postgres
[public]=[access][ ROLE who granted privs]

for public there will no username, its always =(equals to) followed by access/[Role who granted privs].


Thanks & Regards,
Vibhor Kumar
EnterpriseDB Corporation
The Enterprise PostgreSQL Company
vibhor.kumar@enterprisedb.com
Blog:http://vibhork.blogspot.com

Re: schema access privs

От
Ray Stell
Дата:
On Tue, Apr 05, 2011 at 06:33:46PM +0530, Vibhor Kumar wrote:
>
> On Apr 5, 2011, at 6:07 PM, Ray Stell wrote:
>
> > On Tue, Apr 05, 2011 at 03:58:46PM +0530, Vibhor Kumar wrote:
> >>
> >> Following are details:
> >> postgres=UC/postgres+
> >> [user]   [privs] /[ ROLE who granted privs.
> >
> > What's the logic for reporting the U priv twice?
>
> [public]=[access][ ROLE who granted privs]
>
> for public there will no username, its always =(equals to) followed by access/[Role who granted privs].


template1=# \pset expanded
Expanded display is on.
template1=# \dn+ information_schema
List of schemas
-[ RECORD 1 ]-----+---------------------
Name              | information_schema
Owner             | postgres
Access privileges | postgres=UC/postgres
                  | =U/postgres
Description       |


From this:

template1=# \pset expanded
Expanded display is off.
template1=# \dn+ information_schema
                          List of schemas
        Name        |  Owner   |  Access privileges   | Description
--------------------+----------+----------------------+-------------
 information_schema | postgres | postgres=UC/postgres+|
                    |          | =U/postgres          |
(1 row)

I was reading 3 fields:

1. postgres=UC
2. postgres=U
3. postgres

which made no sense at all.