Hi,

I have just started looking at roles on a database.

I have a few schemas and would like to revoke access for a user on
some functions and tables in the schema and grant access to other
functions and tables in the schema.

I have tried to grant the access to the functions but then when that
user tries to call the funciton it says that he does not have access
to the schema. So I've tried to GRANT USAGE on the schema but then the
user have access to all the functions in the schema. So lastly I have
treid to revoke usage from a function but the user can still call the
function.

How should I approach this?

It seems to work fine for tables. To GRANT USAGE on the schema and
then GRANT or REVOKE SELECT on some of the tables.

--
Carel Combrink
s25291930@tuks.co.za

This message and attachments are subject to a disclaimer. Please refer
to www.it.up.ac.za/documentation/governance/disclaimer/ for full
details. / Hierdie boodskap en aanhangsels is aan 'n vrywaringsklousule
onderhewig. Volledige besonderhede is by
www.it.up.ac.za/documentation/governance/disclaimer/ beskikbaar.

Search Discussions

  • Tom Lane at Sep 23, 2010 at 4:36 pm

    "Carel Combrink" <s25291930@tuks.co.za> writes:
    I have a few schemas and would like to revoke access for a user on
    some functions and tables in the schema and grant access to other
    functions and tables in the schema.
    I have tried to grant the access to the functions but then when that
    user tries to call the funciton it says that he does not have access
    to the schema. So I've tried to GRANT USAGE on the schema but then the
    user have access to all the functions in the schema. So lastly I have
    treid to revoke usage from a function but the user can still call the
    function.
    The default privileges on functions include public execute access.
    To restrict usage of a function that's in an open schema, you'd need to
    REVOKE EXECUTE ... FROM PUBLIC, then grant execute privilege to just the
    people who should have it.

    regards, tom lane

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppgsql-novice @
categoriespostgresql
postedSep 23, '10 at 8:01a
activeSep 23, '10 at 4:36p
posts2
users2
websitepostgresql.org
irc#postgresql

2 users in discussion

Carel Combrink: 1 post Tom Lane: 1 post

People

Translate

site design / logo © 2022 Grokbase