最後有成功,所以先把過程記錄下來,再來研究該怎麼下指令。
建立一個 role 叫 dbreader
1
2
3
4
|
postgres=# CREATE ROLE dbreader;
CREATE ROLE
|
讓dbreader這個 role 可以讀取 public 這個 schema 的{usage | select}
1
2
3
4
5
6
7
8
|
postgres=# GRANT USAGE ON SCHEMA public TO dbreader;
GRANT
postgres=# GRANT SELECT ON ALL TABLES IN SCHEMA public TO dbreader;
GRANT
|
設定public schema 的default 權限 給 dbreader 這個 role
1
2
3
4
|
postgres=# ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO dbreader;
ALTER DEFAULT PRIVILEGES
|
建立資料庫使用者 readuser
1
2
3
4
|
postgres=# CREATE USER readuser WITH PASSWORD 'readuserpassword';
CREATE ROLE
|
將dbreader這個role 指定給 readuser
1
2
3
4
|
postgres=# GRANT dbreader TO readuser;
GRANT ROLE
|
切到 neo DB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
postgres=# \q
postgres@hqs022:~$ psql --u postgres neo
psql (9.6.8)
Type "help" for help.
neo=# GRANT SELECT ON ALL TABLES IN SCHEMA public to readuser;
GRANT
neo=# GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO readuser;
GRANT
neo=# GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO readuser;
GRANT
|
