Oh, sorry for the previous question - I can create a scheme-changes-disallowed role by revoking the "CREATE" permission from all the database schemas. The issue seems to be closed now, thanks.
On 3/18/07, Dmitry Koterov <[EMAIL PROTECTED]> wrote:
> actually - you dont need the read-only role, if this is only for slave > nodes. slony takes care about the issue and doesn't allow any writes > on slaves. Great! But what about a role which can modify the data, but cannot modify the database schema? On 3/17/07, hubert depesz lubaczewski <[EMAIL PROTECTED]> wrote: > > On 3/16/07, Dmitry Koterov <[EMAIL PROTECTED]> wrote: > > Overall, we need 3 roles: > > 1. Administrator: can do anything with a database (by default this > user is > > already exists - "postgres"). > > 2. Read-only: can only read. Runs on all slave nodes. > > actually - you dont need the read-only role, if this is only for slave > nodes. slony takes care about the issue and doesn't allow any writes > on slaves. > > depesz > > ---------------------------(end of broadcast)--------------------------- > TIP 2: Don't 'kill -9' the postmaster >