Postgres support (users, roles, groups) #73
Description
Roles
- CREATE ROLE
-
[WITH] option ...:-
SUPERUSER | NOSUPERUSER -
CREATEDB | NOCREATEDB -
CREATEROLE | NOCREATEROLE -
INHERIT | NOINHERIT -
LOGIN | NOLOGIN -
REPLICATION | NOREPLICATION -
BYPASSRLS | NOBYPASSRLS -
CONNECTION LIMIT connlimit -
[ ENCRYPTED ] PASSWORD 'password' | PASSWORD NULL -
VALID UNTIL 'timestamp' -
IN ROLE role_name [, ...] -
ROLE role_name [, ...] -
ADMIN role_name [, ...] -
SYSID uid
-
-
- ALTER ROLE
-
role_name | CURRENT_ROLE | CURRENT_USER | SESSION_USER -
ALL -
[WITH] option ... -
RENAME TO new_name -
[ IN DATABASE database_name ] -
SET configuration_parameter { TO | = } { value | DEFAULT } -
SET configuration_parameter FROM CURRENT -
RESET configuration_parameter -
RESET ALL
-
- DROP ROLE
-
[IF EXISTS] -
name, ...
-
- SET ROLE
-
[ SESSION | LOCAL ] -
SET ROLE role_name -
SET ROLE 'role_name' -
SET ROLE NONE -
RESET ROLE
-
Users
- CREATE USER (alias for CREATE ROLE)
- ALTER USER (alias for ALTER ROLE)
- DROP USER (alias for DROP ROLE)
Groups
- CREATE GROUP (alias for CREATE ROLE)
- ALTER GROUP
-
ADD USER name, ... -
DROP USER name, ...
-
- DROP GROUP) (alias for DROP ROLE)
Adding/removing privileges
- GRANT privilege
-
ALL [ PRIVILEGES ] - tables:
-
{ SELECT | INSERT | UPDATE | DELETE | TRUNCATE | REFERENCES | TRIGGER | MAINTAIN } [, ...] -
ON [ TABLE ] table_name [, ...] -
ON ALL TABLES IN SCHEMA schema_name [, ...]
-
- columns:
-
{ SELECT | INSERT | UPDATE | REFERENCES } [, ...] -
( column_name [, ...] ) -
ON [ TABLE ] table_name [, ...]
-
- sequences:
-
{ USAGE | SELECT | UPDATE } [, ...] -
ON SEQUENCE seq_name [, ...] -
ON ALL SEQUENCES IN SCHEMA schema_name [, ...]
-
- databases:
-
{ CREATE | CONNECT | TEMPORARY | TEMP } [, ...] -
ON DATABASE database_name [, ...]
-
- domains:
-
{ USAGE } -
ON DOMAIN domain_name [, ...]
-
- foreign data wrappers:
-
{ USAGE } -
ON FOREIGN DATA WRAPPER fdw_name [, ...]
-
- foreign servers:
-
{ USAGE } -
ON FOREIGN SERVER server_name [, ...]
-
- functions:
-
{ EXECUTE } -
ON { { FUNCTION | PROCEDURE | ROUTINE } routine_name [, ...] -
[ ( [ [ argmode ] [ arg_name ] arg_type [, ...] ] ) ] -
ON ALL { FUNCTIONS | PROCEDURES | ROUTINES } IN SCHEMA schema_name [, ...]
-
- languages:
-
{ USAGE } -
ON LANGUAGE lang_name [, ...]
-
- large objects:
-
{ SELECT | UPDATE } [, ...] -
ON LARGE OBJECT loid [, ...]
-
- parameters:
-
{ SET | ALTER SYSTEM } [, ... ] -
ON PARAMETER configuration_parameter [, ...]
-
- schemas:
-
{ CREATE | USAGE } [, ...] -
ON SCHEMA schema_name [, ...]
-
- tablespaces:
-
{ CREATE } -
ON TABLESPACE tablespace_name [, ...]
-
- types:
-
{ USAGE } -
ON TYPE type_name [, ...]
-
-
TO role_specification [, ...] -
[ WITH GRANT OPTION ] -
[ GRANTED BY role_specification ] - role_specification:
-
[ GROUP ] role_name -
PUBLIC -
CURRENT_ROLE -
CURRENT_USER -
SESSION_USER
-
-
- GRANT role
-
role_name [, ...] -
TO role_specification [, ...] -
[ WITH { ADMIN | INHERIT | SET } { OPTION | TRUE | FALSE } ] -
[ GRANTED BY role_specification ]
-
- REVOKE privilege
-
[ GRANT OPTION FOR ] -
ALL [ PRIVILEGES ] - tables:
- columns:
- sequences:
- databases:
- domains:
- foreign data wrappers:
- foreign servers:
- functions:
- languages:
- large objects:
- parameters:
- schemas:
- tablespaces:
- types:
-
FROM role_specification [, ...] -
[ GRANTED BY role_specification ] -
[ CASCADE | RESTRICT ]
-
- REVOKE role
-
[ { ADMIN | INHERIT | SET } OPTION FOR ] -
role_name [, ...] -
FROM role_specification [, ...] -
[ GRANTED BY role_specification ] -
[ CASCADE | RESTRICT ]
-
- ALTER DEFAULT PRIVILEGES
-
FOR { ROLE | USER } target_role [, ...] -
IN SCHEMA schema_name [, ...] -
GRANT- tables:
- sequences:
- functions:
- schemas:
- types:
- large objects:
-
REVOKE- tables:
- sequences:
- functions:
- schemas:
- types:
- large objects:
-