通过将一个角色授予另一个角色来继承角色是行不通的
DROP OWNED BY user_a;
DROP ROLE IF EXISTS user_a;
CREATE ROLE user_a WITH
NOSUPERUSER
INHERIT
NOCREATEDB
NOCREATEROLE
NOREPLICATION
PASSWORD '***'
;
GRANT USAGE ON SCHEMA myschema TO user_a;
GRANT SELECT ON ALL TABLES IN SCHEMA myschema TO user_a;
DROP ROLE IF EXISTS user_b;
CREATE ROLE user_b WITH
LOGIN
NOSUPERUSER
INHERIT
NOCREATEDB
NOCREATEROLE
NOREPLICATION
PASSWORD '***';
GRANT user_a TO user_b WITH ADMIN OPTION;
执行此代码,我希望 user_b 对 myschema 中的所有表具有选择权,但他没有。我忘记了什么?
DROP OWNED BY user_a;
DROP ROLE IF EXISTS user_a;
CREATE ROLE user_a WITH
NOSUPERUSER
INHERIT
NOCREATEDB
NOCREATEROLE
NOREPLICATION
PASSWORD '***'
;
GRANT USAGE ON SCHEMA myschema TO user_a;
GRANT SELECT ON ALL TABLES IN SCHEMA myschema TO user_a;
DROP ROLE IF EXISTS user_b;
CREATE ROLE user_b WITH
LOGIN
NOSUPERUSER
INHERIT
NOCREATEDB
NOCREATEROLE
NOREPLICATION
PASSWORD '***';
GRANT user_a TO user_b WITH ADMIN OPTION;
Executing this code, I expect user_b to have select right on all tables in myschema, but he doesn't have them. What did I forget?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
经过大量研究后我发现:user_b 拥有 user_a 的权限,但我的数据库客户端 DBeaver 不会显示该权限。这只是DBeaver的一个显示错误。
What I found out after to much research: user_b has the rights of user_a, but my database client, DBeaver, won't display that. It's simply a display bug of DBeaver.