Hello,
I'm a bit new to Postgre, and I'm experimenting with the roles stuff.
I want to know why If I create a role called "administrator" (a group
basically, no login) :
CREATE ROLE administrator NOSUPERUSER INHERIT NOCREATEDB CREATEROLE;
And then create a user
CREATE ROLE admin LOGIN PASSWOR
the
privileges granted to a role to each of its members.
GRANT administrator TO admin;
I thought it would transfer that CREATEROLE privilege too.
Thanks
David
On 2/15/07, Alvaro Herrera <[EMAIL PROTECTED]> wrote:
David Legault escribió:
> Hello,
>
> I'm a bit new
y default) that could tell Postgres to
INHERIT those 4 conditions like the command:
GRANT *role* [, ...] TO *username* [, ...] [ WITH [ADMIN OPTION] [FULL
INHERIT] ]
Or something similar.
Thanks
David
On 2/15/07, Kenneth Downs <[EMAIL PROTECTED]> wrote:
Tom Lane wrote:
"David
Hello,
I can't find a list of addons on the website. I'd like to view the list of
addons like pgcrypto and download/install some of them into my installation
so I can use some of the functions.
And is there any advanced docs on the PL/PGSQL language like how to
manipulate strings (string replace
I can't seem to be able to change/add builtin contrib items using the
installer after it's been installed already. Is there another way to access
those modules and install them manually ?
Thanks
On 2/17/07, Joshua D. Drake <[EMAIL PROTECTED]> wrote:
David Legault wrote:
>
Hello,
Is there a way to attach roles to only certain databases so that the login
[from PHP pg_connect(username, password, database)] is tied to that
particular database and any creation of roles (users/groups) can be
constrained into that particular database.
I plan to use the roles system to b
Hello,
Is there a way to revoke all privileges of a role without actually
specifying the whole list of items.
Like if a role has privileges on FUNCTIONs, is there a REVOKE all FUNCTIONS.
Is there a way to check if it has a GRANT in a particular type (CONNECT,
FUNCTION, TRIGGER) before calling th
REVOKE.
I'll then block everyone on connection, and allocate to new users using the
grant options on database.
Thanks
David
On 2/21/07, Richard Huxton wrote:
David Legault wrote:
> Hello,
>
> Is there a way to revoke all privileges of a role without actually
> specifying the wh
itly grant him access to the DB
for connexion via GRANT ON DATABASE G TO A.
As for the REVOKE and checking of privileges, haven't found anything for
that on pgfoundry, will look on google.
Thanks
David
On 2/21/07, Richard Huxton wrote:
David Legault wrote:
> In which table pg_* are stored t
.
Thanks
David
On 2/21/07, Richard Huxton wrote:
David Legault wrote:
> Concerning the pg_hba.conf file, I don't want to prevent external
> connections to the DB as I need all my web apps to connect to them. I
was
> referring the fact that ROLE A "belongs" to DB G so
t happens and if it works
properly and report back on it.
Is there a place where I can see what features were suggested and where I
could suggest my own?
Thanks
David
On 2/21/07, Richard Huxton wrote:
David Legault wrote:
> From the docs
>
> db_user_namespace (boolean)
> It doesn
hem.
Thanks
David
On 2/21/07, Richard Huxton wrote:
David Legault wrote:
> I'll test all that [EMAIL PROTECTED] stuff and see what happens and if it
works
> properly and report back on it.
Excellent - never used it myself.
> Is there a place where I can see what features were su
On 3/1/07, George Nychis <[EMAIL PROTECTED]> wrote:
A. Kretschmer wrote:
> You can use the current_user - variable. Select current_user;
I'm trying to create a function in which users can only kill their own
processes, it works
perfectly if i hardcode a username in such as this:
CREATE FUNCTI
On 3/1/07, George Nychis <[EMAIL PROTECTED]> wrote:
David Legault wrote:
>
>
> See the EXECUTE function in the pl/pgSQL language in the docs for
dynamic
> queries.
>
So it turns out that in a SECURITY DEFINER the current_user is the owner
of the function.
I had to us
On 3/8/07, Rikard Pavelic <[EMAIL PROTECTED]> wrote:
Bill Moran wrote:
>> Hmm, so the answer to my question
>> "How can I assign execute permission to a role for a single function
>> inside schema."
>> is I can't?
>>
>
> How did you interpret "do it like this" to mean "you can't do it"?
>
> REVO
That's basically what I've done with my past questions on the ROLE system in
place. Since roles are global, I wanted it fine grained to the DB level so I
had to append DB_ in front of each role name and by using current_database()
inside my functions, I could hide that from the exterior.
Now I ha
Hello,
How can I return the contents of the row object without knowing the names of
the parameters in it ? I'd like to do something like row[1] or something
similar. Or is there a way to actually get the values knowing the return
type but not the name?
FOR row IN SELECT * FROM getgroups(usr) LOO
On 3/10/07, Kenneth Downs <[EMAIL PROTECTED]> wrote:
Alvaro Herrera wrote:
David Legault escribió:
That's basically what I've done with my past questions on the ROLE system in
place. Since roles are global, I wanted it fine grained to the DB level so I
had to append DB_
On 3/13/07, Alain Roger <[EMAIL PROTECTED]> wrote:
Hi,
I have a stored procedure which returns a SETOF RECORD.
so basically a partial rowtype from a table.
to execute the query in PHP, i must write :
select * from myschema.sp_a_002('username') as result(Column1 varchar);
to get the result.
H
Unfortunately,
Everything that is a permission (CREATEROLE, etc) when creating a role
cannot be inherited. Only the GRANT stuff is inherited and I think only when
the WITH .. is given on the GRANT.
I may be wrong on the last part though.
David
On 3/15/07, Alexi Gen <[EMAIL PROTECTED]> wrote:
20 matches
Mail list logo
