PostgreSQL:创建架构,无法授予权限
我正在创建一个新数据库(postgresql v10)。如果我没有误解,我应该创建一个模式来配合它,因为否则所有内容都属于公共模式,因此默认情况下所有用户都可以访问 不幸的是,当我尝试这样做时,我无法插入或选择数据,甚至无法删除我创建的表 (最终,我希望有三个用户:一个可以添加和修改表,一个只能读写数据(插入、选择、更新、删除),一个是只读的(选择) 让我们将其简化为基本内容。我开始时没有数据库,没有模式,也没有用户PostgreSQL:创建架构,无法授予权限,postgresql,Postgresql,我正在创建一个新数据库(postgresql v10)。如果我没有误解,我应该创建一个模式来配合它,因为否则所有内容都属于公共模式,因此默认情况下所有用户都可以访问 不幸的是,当我尝试这样做时,我无法插入或选择数据,甚至无法删除我创建的表 (最终,我希望有三个用户:一个可以添加和修改表,一个只能读写数据(插入、选择、更新、删除),一个是只读的(选择) 让我们将其简化为基本内容。我开始时没有数据库,没有模式,也没有用户 postgres=# \dl Large objects ID
postgres=# \dl
Large objects
ID | Owner | Description
----+-------+-------------
(0 rows)
postgres=# \dn
List of schemas
Name | Owner
--------+----------
public | postgres
(1 row)
postgres=# \du
List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------------------+-----------
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
postgres=#
tn_beta_db=# ALTER DEFAULT PRIVILEGES IN SCHEMA tn_schema FOR ROLE tn_beta_migrator GRANT ALL ON TABLES TO tn_beta_migrator;
ALTER DEFAULT PRIVILEGES
tn_beta_db=# GRANT CONNECT ON DATABASE tn_beta_db TO tn_beta_migrator;
GRANT
tn_beta_db=# GRANT ALL ON ALL TABLES IN SCHEMA tn_schema TO tn_beta_migrator;
GRANT
tn_beta_db=# GRANT CREATE ON SCHEMA tn_schema TO tn_beta_migrator;
GRANT
tn_beta_db=#
tn_beta_migrator[T] jeff@nantes-4:~ $ psql --username tn_beta_migrator --host localhost tn_beta_db
Password for user tn_beta_migrator:
psql (10.10 (Ubuntu 10.10-0ubuntu0.18.04.1))
Type "help" for help.
tn_beta_db=> CREATE TABLE tn_schema.foo(x int);
CREATE TABLE
tn_beta_db=> INSERT INTO tn_schema.foo (x) VALUES (1);
ERROR: permission denied for schema tn_schema
LINE 1: INSERT INTO tn_schema.foo (x) VALUES (1);
^
tn_beta_db=> DROP TABLE tn_schema.foo;
ERROR: permission denied for schema tn_schema
tn_beta_db=>
tn_beta_db=# \l
List of databases
Name | Owner | Encoding | Collate | Ctype | Access privileges
------------+----------+----------+-------------+-------------+-----------------------------
postgres | postgres | UTF8 | en_GB.UTF-8 | en_GB.UTF-8 |
template0 | postgres | UTF8 | en_GB.UTF-8 | en_GB.UTF-8 | =c/postgres +
| | | | | postgres=CTc/postgres
template1 | postgres | UTF8 | en_GB.UTF-8 | en_GB.UTF-8 | =c/postgres +
| | | | | postgres=CTc/postgres
tn_beta_db | postgres | UTF8 | en_GB.UTF-8 | en_GB.UTF-8 | =Tc/postgres +
| | | | | postgres=CTc/postgres +
| | | | | tn_beta_migrator=c/postgres
(4 rows)
tn_beta_db=# \dn
List of schemas
Name | Owner
-----------+----------
public | postgres
tn_schema | postgres
(2 rows)
tn_beta_db=# \du
List of roles
Role name | Attributes | Member of
------------------+------------------------------------------------------------+-----------
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
tn_beta_migrator | No inheritance | {}
tn_beta_db=#
GRANT USAGE ON SCHEMA tn_schema TO tn_beta_migrator;
GRANT USAGE ON SCHEMA tn_schema TO tn_beta_migrator;
CREATE DATABASE tn_beta_db;
\c tn_beta_db
CREATE SCHEMA tn_schema;
CREATE ROLE tn_beta_migrator NOSUPERUSER NOCREATEDB NOCREATEROLE
NOINHERIT LOGIN NOREPLICATION ;
GRANT CREATE ON SCHEMA tn_schema TO tn_beta_migrator;
GRANT USAGE ON SCHEMA tn_schema TO tn_beta_migrator;
\c tn_beta_db tn_beta_migrator;
CREATE TABLE tn_schema.foo(x int);
INSERT INTO tn_schema.foo (x) VALUES (1);
SELECT * FROM tn_schema.foo;
DROP TABLE tn_schema.foo;