您的位置：首页 > 数据库

数据库用户权限管理（二）

2018-01-31 17:38 246 查看

上次说到数据库用户的权限分为两大类，后来做测试的时候发现一个问题，就是这两大类权限是有很强的“界限”的。

举例如下：

highgo=# \du
List of roles
Role name |                         Attributes                         | Member of
-----------+------------------------------------------------------------+-----------
highgo    | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
test      |                                                            | {}
trole     | Create role                                                | {}

highgo=# \c highgo test;

PSQL: Release 4.1.1
Connected to:
HighGo Database V4.1 Enterprise Edition Release 4.1.1 - 64-bit Production

You are now connected to database "highgo" as user "test".
highgo=> create role eee;
错误:  42501: 创建角色的权限不够
highgo=> \c highgo trole

PSQL: Release 4.1.1
Connected to:
HighGo Database V4.1 Enterprise Edition Release 4.1.1 - 64-bit Production

You are now connected to database "highgo" as user "trole".
highgo=> select user;
current_user
--------------
trole
(1 row)

highgo=> create role qqq;
CREATE ROLE
连接超级用户更改权限：
highgo=# grant trole to test;
GRANT ROLE
highgo=> \du
List of roles
Role name |                         Attributes                         | Member of
-----------+------------------------------------------------------------+-----------
highgo    | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
test      |                                                            | {trole}
trole     | Create role                                                | {}
highgo=# \c highgo test;

PSQL: Release 4.1.1
Connected to:
HighGo Database V4.1 Enterprise Edition Release 4.1.1 - 64-bit Production

You are now connected to database "highgo" as user "test".
highgo=> create role eee;
错误:  42501: 创建角色的权限不够

仍旧不能创建角色，说明两种权限不能混谈。

BY 海无涯

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航