示例用法:实施继承的权限
以下步骤显示了用户 Joe 如何针对给定架构启用权限继承,以便其他用户可以访问该架构中的表。
-
Joe创建架构schema1,并在其中创建表table1:=>\c - Joe You are now connected as user Joe => CREATE SCHEMA schema1; CRDEATE SCHEMA => CREATE TABLE schema1.table1 (id int); CREATE TABLE -
Joe将对schema1的 USAGE 和 CREATE 权限授予Myra:=> GRANT USAGE, CREATE ON SCHEMA schema1 to Myra; GRANT PRIVILEGE -
Myra查询schema1.table1,但查询失败:=>\c - Myra You are now connected as user Myra => SELECT * FROM schema1.table1; ERROR 4367: Permission denied for relation table1 -
Joe授予Myra对schema1的SELECT ON SCHEMA权限:=>\c - Joe You are now connected as user Joe => GRANT SELECT ON SCHEMA schema1 to Myra; GRANT PRIVILEGE -
Joe使用ALTER TABLE包含table1的 SCHEMA 权限:=> ALTER TABLE schema1.table1 INCLUDE SCHEMA PRIVILEGES; ALTER TABLE -
Myra的查询现在成功:=>\c - Myra You are now connected as user Myra => SELECT * FROM schema1.table1; id --- (0 rows) -
Joe修改schema1以包含权限,以便在schema1中创建的所有表都继承架构权限:=>\c - Joe You are now connected as user Joe => ALTER SCHEMA schema1 DEFAULT INCLUDE PRIVILEGES; ALTER SCHEMA => CREATE TABLE schema1.table2 (id int); CREATE TABLE -
启用继承的权限后,
Myra可以查询table2,而Joe不必显式授予对表的权限:=>\c - Myra You are now connected as user Myra => SELECT * FROM schema1.table2; id --- (0 rows)