Re: [GENERAL] Reset permissions on table

Fri, 15 Feb 2013 05:22:41 -0800 

etienne champetier wrote:
>>> By default there is no permissions on table (\dp return 0 row)
>>> If I make a GRANT, doing a REVOKE will not get me in the 'default'
>>> state
>>>
>>> How to return in the default state, where permission are
>>> 'inherited' from owner.
>>
>> \dp should return a row for each table in
>> your search_path.
> 
> Sorry, i meant \dp <table-name> and it effectively return 1 row per table 
> (mistype ...)
> 
>> I assume that you are referring to the empty
>> "Access privileges" column.
>>
>> After granting and revoking a privilege, the value
>> showd be "owner=arwdDxt/owner" (where "owner" is
>> the user that owns the table).
>>
>> This is the default value: the owner has all
>> privileges and nobody else has any.
>>
>> It does not matter if the ACL is left empty
>> (it contains a NULL value initially) or if
>> it contains the default explicitly.
> 
> If i do a GRANT and a REVOKE, i loose access to the table.
> \dp <table-name> return the same thing but before GRANT it's NULL and after 
> REVOKE it's not.
> 
> It matter when you want to change owner and you forgot this table where there 
> is explicit right.

I don't understand - it seems to work for me:

CREATE TABLE test(id integer PRIMARY KEY);

\dp test
                           Access privileges
 Schema  | Name | Type  | Access privileges | Column access privileges
---------+------+-------+-------------------+--------------------------
 laurenz | test | table |                   |
(1 row)

REVOKE SELECT ON test FROM georg;

\dp test
                              Access privileges
 Schema  | Name | Type  |    Access privileges    | Column access privileges
---------+------+-------+-------------------------+--------------------------
 laurenz | test | table | laurenz=arwdDxt/laurenz |
(1 row)

These are the default privileges.

ALTER TABLE test OWNER TO georg;

\dp test
                            Access privileges
 Schema  | Name | Type  |  Access privileges  | Column access privileges
---------+------+-------+---------------------+--------------------------
 laurenz | test | table | georg=arwdDxt/georg |
(1 row)

The table still has the default privileges,
but now it belongs to "georg".

Maybe you can illustrate your problem with an example.

Yours,
Laurenz Albe

-- 
Sent via pgsql-general mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

Reply via email to