GRANT
目录
GRANT
NAMESYNOPSIS
DESCRIPTION æè¿°
NOTES 注æ
EXAMPLES ä¾å
COMPATIBILITY å¼å®¹æ§
SEE ALSO åè§
è¯è
è·
NAME
GRANT - å®ä¹è®¿é®æé
SYNOPSIS
GRANT { { SELECT
| INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER }
[,...] | ALL [ PRIVILEGES ] }
ON [ TABLE ] tablename [, ...]
TO { username | GROUP groupname | PUBLIC } [,
...] [ WITH GRANT OPTION ]
GRANT { { CREATE
| TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] }
ON DATABASE dbname [, ...]
TO { username | GROUP groupname | PUBLIC } [,
...] [ WITH GRANT OPTION ]
GRANT { EXECUTE
| ALL [ PRIVILEGES ] }
ON FUNCTION funcname ([type, ...]) [, ...]
TO { username | GROUP groupname | PUBLIC } [,
...] [ WITH GRANT OPTION ]
GRANT { USAGE |
ALL [ PRIVILEGES ] }
ON LANGUAGE langname [, ...]
TO { username | GROUP groupname | PUBLIC } [,
...] [ WITH GRANT OPTION ]
GRANT { { CREATE
| USAGE } [,...] | ALL [ PRIVILEGES ] }
ON SCHEMA schemaname [, ...]
TO { username | GROUP groupname | PUBLIC } [,
...] [ WITH GRANT OPTION ]
DESCRIPTION æè¿°
GRANT å½ä»¤å°æ对象ï¼è¡¨ï¼è§å¾ï¼åºåï¼å½æ°è¿ç¨è¯è¨ï¼æè模å¼ï¼ ä¸çç¹å®æéç»äºä¸ä¸ªç¨æ·æèå¤ä¸ªç¨æ·æèä¸ç»ç¨æ·ã è¿äºæéå°å¢å å°é£äºå·²ç»èµäºçæéä¸ï¼å¦æåå¨è¿äºæéçè¯ã
é®å PUBLIC 表示该æéè¦èµäºææç¨æ·, åæ¬é£äºä»¥åå¯è½å建çç¨æ·ãPUBLIC å¯ä»¥çåæ¯ä¸ä¸ªéå«å®ä¹å¥½çç»ï¼å®æ»æ¯åæ¬ææç¨æ·ã ä»»ä½ç¹å®çç¨æ·é½å°æ¥æç´æ¥èµäºä»/她çæéï¼å ä¸ä»/她æå¤çä»»ä½ç»ï¼ 以ååå ä¸èµäº PUBLIC çæéçæ»åã
å¦æ声æäº WITH GRANT OPTIONï¼é£ä¹æéçåäºèä¹å¯ä»¥èµäºå«äººã 缺ççæ¶åè¿æ¯ä¸å许çãèµæé项åªè½ç»ç¬ç«çç¨æ·ï¼èä¸è½ç»ç»æè PUBLICã
对对象çææèï¼é常就æ¯å建èï¼èè¨ï¼æ²¡æä»ä¹æééè¦èµäºï¼ å为ææè缺çå°±æææææéãï¼ä¸è¿ï¼ææèåºäºå®å¨èèå¯ä»¥éæ©åºå¼ä¸äºä»èªå·±çæéãï¼ å é¤ä¸ä¸ªå¯¹è±¡çæåï¼æèæ¯ä»»æä¿®æ¹å®çæåé½ä¸æ¯å¯èµäºçæå©æè½æè¿°çï¼ å®æ¯å建èåºæçï¼å¹¶ä¸ä¸è½èµäºææ¤éã
æ ¹æ®å¯¹è±¡çä¸åï¼åå§ç缺çæéå¯è½åæ¬ç» PUBLIC èµäºä¸äºæéã缺ç设置对äºè¡¨å模å¼æ¯æ²¡æå¬å¼è®¿é®æéçï¼ TEMP 表为æ°æ®åºå建æéï¼EXECUTE æéç¨äºå½æ°ï¼ 以å USAGE ç¨äºè¯- è¨ã对象ææèå½ç¶å¯ä»¥æ¤åè¿äºæéã ï¼åºäºæ大å®å¨æ§èèï¼å¨å建该对象çåä¸ä¸ªäºå¡ä¸ååº REVOKEï¼ é£ä¹å°±ä¸ä¼æå¼ç»å«çç¨æ·ä½¿ç¨è¯¥å¯¹è±¡ççªå£ãï¼
å¯è½çæéæï¼
|
SELECT |
å许对声æç表ï¼è¯å¾ï¼æèåºå SELECT [select(7)] ä»»æå- 段ãè¿å许å COPY [copy(7)] TO çæºã 对äºåºåèè¨ï¼è¿ä¸ªæéè¿åè®¸ä½¿ç¨ currval å½æ°ã
|
INSERT |
å许å声æç表 INSERT [insert(7)] ä¸ä¸ªæ°è¡ã åæ¶è¿å许å COPY [copy(7)] FROMã
|
UPDATE |
å许对声æç表ä¸ä»»æå段å UPDATE [update(7)] ã SELECT ... FOR UPDATE ä¹è¦æ±è¿ä¸ªæé ï¼é¤äº SELECT æéä¹å¤ï¼ãæ¯å¦ï¼ è¿ä¸ªæéå许使ç¨nextval å setvalã
|
DELETE |
å许ä»å£°æçè¡¨ä¸ DELETE [delete(7)] è¡ã
|
RULE |
å许å¨è¯¥è¡¨/è§å¾ä¸å建è§åãï¼åé CREATE RULE [create_rule(7)] è¯å¥ãï¼
REFERENCES
è¦å建ä¸ä¸ªå¤é®çº¦æï¼ä½ å¿é¡»å¨åè表å被åè表ä¸é½æ¥æè¿ä¸ªæéã
TRIGGER
å许å¨å£°æ表ä¸å建触åå¨ãï¼åé CREATE TRIGGER [create_trigger(7)] è¯å¥ãï¼
|
CREATE |
对äºæ°æ®åºï¼å许å¨è¯¥æ°æ®åºéå建æ°ç模å¼ã
对äºæ¨¡å¼ï¼å许å¨è¯¥æ¨¡å¼ä¸å建æ°ç对象ã è¦éå½åä¸ä¸ªç°æ对象ï¼ä½ å¿éæ¥æ该对象并ä¸ã 对åå«è¯¥å¯¹è±¡ç模å¼æ¥æè¿ä¸ªæéã
TEMPORARY
|
TEMP |
å许å¨ä½¿ç¨è¯¥æ°æ®åºçæ¶åå建临æ¶è¡¨ã
EXECUTE
å许使ç¨æå®çå½æ°å¹¶ä¸å¯ä»¥ä½¿ç¨ä»»ä½å©ç¨è¿äºå½æ°å®ç°çæä½ç¬¦ã è¿æ¯éç¨äºå½æ°çå¯ä¸çä¸ç§æéç±»åã ï¼è¯¥è¯æ³åæ ·éç¨äºèéå½æ°ãï¼
|
USAGE |
对äºè¿ç¨è¯è¨ï¼ å许使ç¨æå®è¿ç¨è¯è¨å建该è¯è¨çå½æ°ã è¿æ¯éç¨äºè¿ç¨è¯è¨çå¯ä¸çä¸ç§æéç±»åã
对äºæ¨¡å¼ï¼å许访é®åå«å¨æå®æ¨¡å¼ä¸- ç对象ï¼å设该对象çæææè¦æ±åæ ·ä¹è®¾ç½®äºï¼ã æç»è¿äºå°±å许äºæéæ¥åè"æ¥è¯¢"模å¼ä¸ç对象ã
ALL PRIVILEGES
ä¸æ¬¡æ§ç»äºææéç¨äºè¯¥å¯¹è±¡çæéã PRIVILEGES å³é®åå¨ PostgreSQL éæ¯å¯éçï¼ ä½æ¯ä¸¥æ ¼ç SQL è¦æ±æè¿ä¸ªå³é®åã
å¶å®å½ä»¤è¦æ±çæéé½å¨ç¸åºçå½ä»¤çåè页ä¸ååºã
NOTES 注æ
REVOKE [revoke(7)] å½ä»¤ç¨äºå é¤è®¿é®æéã
æ们è¦æ³¨ææ°æ®åºè¶çº§ç¨æ·å¯ä»¥è®¿é®ææå¯¹è±¡ï¼ èä¸ä¼å对象çæé设置影åãè¿ä¸ªç¹ç¹ç±»ä¼¼ Unix ç³»ç»ç root çæéãå root ä¸æ ·ï¼é¤äºå¿è¦çæåµï¼æ»æ¯ä»¥è¶çº§ç¨æ·èº«åè¿è¡æä½æ¯ä¸ææºçåæ³ã
If a superuser chooses to issue a GRANT or REVOKE command, the command is performed as though it were issued by the owner of the affected object. In particular, privileges granted via such a command will appear to have been granted by the object owner.
ç®åï¼è¦å¨ PostgreSQL éåªå¯¹æå åèµäºæéï¼ ä½ å¿é¡»å建ä¸ä¸ªæ¥æé£å è¡çè§å¾ç¶åç»é£ä¸ªè§å¾èµäºæéã
ä½¿ç¨ psql(1) ç \z å½ä»¤è·åå¨ç°æ对象ä¸çä¸æéæå³çä¿¡æ¯ã
=> \z mytable
Access
privileges for database "lusitania"
Schema | Table | Access privileges
--------+---------+---------------------------------------
public | mytable |
{=r/postgres,miriam=arwdRxt/postgres,"group
todos=arw/postgres"}
(1 row)
\z æ¾ç¤ºçæ¡ç®è§£éå¦ä¸ï¼
=xxxx --
èµäº PUBLIC çæé
uname=xxxx --
èµäºä¸ä¸ªç¨æ·çæé
group gname=xxxx --
èµäºä¸ä¸ªç»çæé
r -- SELECT
("读")
w -- UPDATE ("å")
a -- INSERT
("追å ")
d -- DELETE
R -- RULE
x -- REFERENCES
t -- TRIGGER
X -- EXECUTE
U -- USAGE
C -- CREATE
T -- TEMPORARY
arwdRxt -- ALL PRIVILEGES (for tables)
* --
ç»åé¢æéçææé项
/yyyy -- æåºè¿ä¸ªæéçç¨æ·
ç¨æ· miriam å¨å»ºå®è¡¨ä¹åååä¸é¢çè¯å¥ï¼ å°±å¯ä»¥å¾å°ä¸é¢ä¾åçç»æ
GRANT SELECT ON
mytable TO PUBLIC;
GRANT SELECT, UPDATE, INSERT ON mytable TO GROUP todos;
å¦æä¸ä¸ªç»å®ç对象ç "Access privileges" å段æ¯ç©ºçï¼ è¿æå³ç该对象æ缺çæéï¼ä¹å°±æ¯è¯´ï¼å®çæéåæ®µæ¯ NULLï¼ã 缺çæéæ»æ¯åæ¬ææèçæææéï¼ä»¥åæ ¹æ®å¯¹è±¡çä¸åï¼å¯è½åå«ä¸äºç» PUBLIC çæéã 对象ä¸ç¬¬ä¸ä¸ª GRANT æè REVOKE å°å®ä¾åè¿ä¸ªç¼ºçæéï¼æ¯å¦ï¼äº§ç {=,miriam=arwdRxt}ï¼ ç¶åæ ¹æ®æ¯æ¬¡ç¹å®çéæ±ä¿®æ¹å®ã
EXAMPLES ä¾å
æ表 films çæå¥æéèµäºææç¨æ·ï¼
GRANT INSERT ON films TO PUBLIC;
èµäºç¨æ·manuel对è§å¾kindsçæææéï¼
GRANT ALL PRIVILEGES ON kinds TO manuel;
COMPATIBILITY å¼å®¹æ§
æ ¹æ® SQL æ åï¼å¨ ALL PRIVILEGES éç PRIVILEGES å³é®åæ¯å¿é¡»çãSQL ä¸æ¯æå¨ä¸æ¡å½ä»¤é对å¤ä¸ªè¡¨è®¾ç½®æéã
SQL æ åå许å¨ä¸ä¸ªè¡¨é为ç¬ç«çå段设置æéï¼
GRANT
privileges
ON table [ ( column [, ...] ) ] [, ...]
TO { PUBLIC | username [, ...] } [ WITH GRANT OPTION
]
SQL æ å对å¶å®ç±»åç对象æä¾äºä¸ä¸ª USAGE æéï¼å符éï¼æ ¡åï¼è½¬æ¢ï¼åã
RULE æéï¼ä»¥åå¨æ°æ®åºï¼æ¨¡å¼ï¼è¯è¨ååºåä¸çæéæ¯ PostgreSQL æ©å±ã
SEE ALSO åè§
REVOKE [revoke(7)]
è¯è
Postgresql ä¸æç½ç« ä½ä¼å¹³ <laser@pgsqldb.org>
è·
æ¬é¡µé¢ä¸æçç±ä¸æ
man
æå页计åæä¾ã
ä¸æ man
æå页计åï¼https://github.com/man-pages-zh/manpages-zh