当前位置:网站首页>PG basics -- Logical Structure Management (user and permission management)
PG basics -- Logical Structure Management (user and permission management)
2022-07-05 19:14:00 【51CTO】
Users and roles
stay postgreSQL in , There is no difference between roles and users , A user is also a role , You can give one user permission to another user . Users and roles are global in the entire database instance , In different databases in the same instance , The users you see are the same .
There is a predefined super user when initializing the database system , The name of this user is the same as the user name of the operating system that initialized the database .
stay pg in , There is no difference between users and roles , except create user Users created by default are login jurisdiction ,create role No user created login Out of authority ,create rule And create user There is no other difference .
How to create users
CREATE USER name
[
[ WITH
] option
[ ...
]
]
where option can be
:
SUPERUSER
| NOSUPERUSER # Is it a super user
| CREATEDB
| NOCREATEDB # Whether they have create database jurisdiction
| CREATEROLE
| NOCREATEROLE # Whether you have permission to create other roles
| INHERIT
| NOINHERIT # If the created user has a role , Whether to automatically have role permissions
| LOGIN
| NOLOGIN # Is there a LOGIN jurisdiction
| REPLICATION
| NOREPLICATION # Copy permission
| BYPASSRLS
| NOBYPASSRLS
| CONNECTION
LIMIT connlimit
|
[ ENCRYPTED
] PASSWORD
'password'
| PASSWORD
NULL
| VALID UNTIL
'timestamp' # Password expiration time
|
IN ROLE role_name
[
, ...
]
|
IN
GROUP role_name
[
, ...
]
| ROLE role_name
[
, ...
]
| ADMIN role_name
[
, ...
] #with admin option jurisdiction
| USER role_name
[
, ...
]
| SYSID uid
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
Rights management
stay pg in , Each logical structure object of a database has an owner , Any database object belongs to a user , There is no need to give the permission of the object to the owner , Because the owner has all permissions by default . The owner also implicitly has the right to give other users the permission to operate the object
Authority classification
The permissions specified when creating users
Superuser rights
Create database permissions
Is there a login jurisdiction
It can also be done through alter role To modify the
need grant or revoke Authority
Create... In the database schema jurisdiction
Permission to create temporary tables in the specified database
Permission to connect to a database
Permission to create database objects in the schema
select、DML Operating authority
Sequence query , Function USES , Trigger permissions
Designated table , Permissions to index to tablespaces
role_name Refers to users or roles
some_privileges Means authority
database_object_type Index database object , Such as table、schema、sequence
grant select on table mytab to public;
pg No, DDL jurisdiction , Whether to create a table , Yes, look at schema Is there a create Authority .
Authority summary
Permissions are managed hierarchically
1) First, manage the permissions assigned to users' special attributes , Such as the authority of super user , Permission to create database , Create permissions for users ,LOGIN Authority, etc .
2) Then there is the permission to create the schema in the database .
3) Next, the permissions of the objects that create the database in the schema , Create table , Index, etc. .
4) Then there is the query table , Insert data into table , Update table , Delete data permissions in the table .
5) Finally, the permissions of some fields in the operation table
边栏推荐
- Mysql database indexing tutorial (super detailed)
- Summary of six points of MySQL optimization
- 尚硅谷尚优选项目教程发布
- 块编辑器如何选择?印象笔记 Verse、Notion、FlowUs
- R language uses lubridate package to process date and time data
- C# 语言的高级应用
- R语言使用lubridate包处理日期和时间数据实战
- Is the performance evaluation of suppliers in the fastener industry cumbersome? Choose the right tool to easily counter attack!
- Oracle date format conversion to_ date,to_ char,to_ Timestamp mutual conversion
- 中国银河证券开户安全吗 证券开户
猜你喜欢
Summary of six points of MySQL optimization
Shang Silicon Valley Shang preferred project tutorial release
【AI 框架基础技术】自动求导机制 (Autograd)
Fuzor 2020软件安装包下载及安装教程
word如何转换成pdf?word转pdf简单的方法分享!
618“低调”谢幕,百秋尚美如何携手品牌跨越“不确定时代”?
PHP利用ueditor实现上传图片添加水印
Postman核心功能解析 —— 参数化和测试报告
Low code practice of xtransfer, a cross-border payment platform: how to integrate with other medium-sized platforms is the core
跨境支付平台 XTransfer 的低代码实践:如何与其他中台融合是核心
随机推荐
鱼和熊掌可以兼得!天翼云弹性裸金属一招鲜!
决策树与随机森林
The era of Web3.0 is coming. See how Tianyi cloud storage resources revitalize the system to enable new infrastructure (Part 2)
uniapp获取微信头像和昵称
5年经验Android程序员面试27天,2022程序员进阶宝典
Hiengine: comparable to the local cloud native memory database engine
在线协作产品哪家强?微软 Loop 、Notion、FlowUs
泰山OFFICE技术讲座:由行的布局高度,谈绘制高度的高度溢出、高度缩水(全网首发)
Tutoriel de téléchargement et d'installation du progiciel fuzor 2020
MySQL数据库索引教程(超详细)
CDB 实例的启动与关闭
After the company went bankrupt, the blackstones came
Video fusion cloud platform easycvr adds multi-level grouping, which can flexibly manage access devices
C# 语言的基本语法结构
企业级数据安全,天翼云是这样理解的
JAD的安装、配置及集成IDEA
2022 the latest big company Android interview real problem analysis, Android development will be able to technology
尚硅谷尚优选项目教程发布
出海十年:新旧接力,黑马崛起
Go deep into the underlying C source code and explain the core design principles of redis