- 对于未来的表赋权
--如果想对新增的表有权限还需要赋予未来新增表的权限。
--用sa新建的表role_a还是没有权限访问。
--使用sa在schema1创建表test2
postgres=> \c postgres sa
You are now connected to database "postgres" as user "sa".
postgres=# create table schema1.test2(id int);
CREATE TABLE
postgres=# insert into schema1.test2 values(1);
INSERT 0 1
--role_a没有权限访问该表,
postgres=# \c postgres role_a;
You are now connected to database "postgres" as user "role_a".
postgres=> select * from schema1.test2;
错误: permission denied for table test2
--使用superuser赋权alter default privileges
postgres=> \c postgres sa
You are now connected to database "postgres" as user "sa".
postgres=# alter default privileges in schema schema1 grant select on tables to role_a;
ALTER DEFAULT PRIVILEGES
--访问test2还是访问不了,原因是修改了default privileges后,只是对授权之后创建的对象有效
postgres=> select * from schema1.test2;
错误: permission denied for table test2
--再次建test3表
postgres=# create table schema1.test3(id int);
CREATE TABLE
postgres=# insert into schema1.test3 values(1);
INSERT 0 1
--role_a可以访问了
postgres=# \c postgres role_a
You are now connected to database "postgres" as user "role_a".
postgres=> select * from schema1.test3;
id
----
1
(1 row)