This repository has been archived by the owner on Aug 9, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Roles
Sandro Santilli edited this page Dec 7, 2017
·
2 revisions
See https://github.com/linz/linz-bde-schema/issues/62
There are currently 3 roles being defined:
cannot create databases nor roles,
gets bde schema in search_path
- has USAGE ON SCHEMA bde
- has SELECT ON all tables in bde SCHEMA and their revisions (
table_version) - has EXECUTE on all functions in bde SCHEMA (could find 21 GRANT vs. 23 functions so there may be a discrepancy here)
cannot create databases nor roles,
gets bde schema in search_path (same as bde_user)
has same grants as bde_user plus:
- has UPDATE, INSERT, DELETE ON all tables in bde SCHEMA and their revisions
can create both databases and roles,
gets bde and bde_control schemas in search_path
Used to be SUPERUSER as of linz-bde-schema version < 1.1.0
- has ALL ON SCHEMA bde (not sure what this implies)
- get OWNERSHIP of all
bdeschemas, tables and functions
It looks like it never gets explicit permission on table revisions
(which bde_admin and bde_user get via
sql/versioning/01-version_tables.sql)