postgresql - view schema privileges
Is there a query I can run to show currently assigned privileges on a particular schema?
i.e. privileges that were assigned like so:
GRANT USAGE ON S
-
List all schemas with their priveleges for current user:
WITH "names"("name") AS ( SELECT n.nspname AS "name" FROM pg_catalog.pg_namespace n WHERE n.nspname !~ '^pg_' AND n.nspname <> 'information_schema' ) SELECT "name", pg_catalog.has_schema_privilege(current_user, "name", 'CREATE') AS "create", pg_catalog.has_schema_privilege(current_user, "name", 'USAGE') AS "usage" FROM "names";The response will be for example:
name | create | usage ---------+--------+------- public | t | t test | t | t awesome | f | f (3 rows)In this example current user is not owner of the
awesomeschema.As you could guess, similar request for particular schema:
SELECT pg_catalog.has_schema_privilege( current_user, 'awesome', 'CREATE') AS "create", pg_catalog.has_schema_privilege( current_user, 'awesome', 'USAGE') AS "usage";and response:
create | usage --------+------- f | fAs you know, it's possible to use
pg_catalog.current_schema()for current schema.Of all the possible privileges
-- SELECT -- INSERT -- UPDATE -- DELETE -- TRUNCATE -- REFERENCES -- TRIGGER -- CREATE -- CONNECT -- TEMP -- EXECUTE -- USAGEthe only
CREATEandUSAGEallowed for schemas.Like the
current_schema()thecurrent_usercan be replaced with particular role.
BONUS with
currentcolumnWITH "names"("name") AS ( SELECT n.nspname AS "name" FROM pg_catalog.pg_namespace n WHERE n.nspname !~ '^pg_' AND n.nspname <> 'information_schema' ) SELECT "name", pg_catalog.has_schema_privilege(current_user, "name", 'CREATE') AS "create", pg_catalog.has_schema_privilege(current_user, "name", 'USAGE') AS "usage", "name" = pg_catalog.current_schema() AS "current" FROM "names"; -- name | create | usage | current -- ---------+--------+-------+--------- -- public | t | t | t -- test | t | t | f -- awesome | f | f | f -- (3 rows)
WITH | System Information Functions | GRANT (privileges)
加载中...
- 热议问题