PostgreSQL的Access control lists

ACL表现行式：

grantee=flags/grantor

其中：

·grantee：被授予权限的角色

·flags：字符串方式表示的权限

·grantor：授权的用户

 

 

Flag	Description	Statements	Applies to
a	append, insert new data	INSERT	tables, columns
r	read, get data	SELECT	tables, columns, and sequences
w	write, update data	UPDATE	tables
d	delete data	DELETE	tables
D	delete all data	TruncATE	tables
C	create a new object	CREATE	databases, schemas, and table spaces
c	connect to a database		database
t	trigger, react to data changes	CREATE TRIGGER	tables
T	crate temporary objects	CREATE TEMP	tables
x	cross reference between data	FOREIGN KEY	tables
X	execute runnable code	CALL, SELECT	functions, routines, and procedures
U	use of varIoUs objects		sequences, schemas, foreign objects, types, and languages

 例如，查看表abc_project上的ACLs

#\dp abc_project
                                     Access privileges
 Schema |    Name     | Type  |      Access privileges      | Column privileges | Policies 
--------+-------------+-------+-----------------------------+-------------------+----------
 public | abc_project | table | abc_adada=arwdDxt/abc_adada+|                   | 
        |             |       | hahauuu=rw/abc_adada       +|                   | 
        |             |       | xixixiao=r/abc_adada       +|                   |  
(1 row)

　　

默认的ACLs

新创建的对象，如果没有做任何授权，acl内容为空，就需要使用默认的ACLs了：

#create table abce(id int);
CREATE TABLE
postgres@[local]:5631=#\dp abce;
                            Access privileges
 Schema | Name | Type  | Access privileges | Column privileges | Policies 
--------+------+-------+-------------------+-------------------+----------
 public | abce | table |                   |                   | 
(1 row)

　　

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 dio@foxmail.com 举报，一经查实，本站将立刻删除。