Granting user access to a table
A user needs to have access to a table in order to perform any actions on it.
Getting ready
Make sure that you have the appropriate roles defined, and that privileges are revoked from the PUBLIC
role:
CREATE GROUP webreaders;
CREATE USER tim;
CREATE USER bob;
REVOKE ALL ON SCHEMA someschema FROM PUBLIC;
How to do it…
We had to grant access to the schema in order to allow access to the table. This suggests that access to a given schema can be used as a fast and extreme way of preventing any access to any object in that schema. Otherwise, if you want to allow some access, you must use specific GRANT
and REVOKE
statements as needed:
GRANT USAGE ON SCHEMA someschema TO webreaders;
It is often desirable to give a group of users similar permissions to a group of database objects. To do this, you first assign all the permissions to a proxy role (also known as a permission group), and then assign the group to selected users, as follows:
GRANT SELECT ON someschema.pages TO...