Postgres使用者對資料庫的許可權
使用者對資料庫的許可權(登入、超級使用者許可權)
(1)檢視當前資料庫中有使用者highgo和使用者a
highgo=#\du
List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------+-----------
a | | {}
highgo | Superuser, Create role, Create DB, Replication | {}
(2)檢視確認當前連線的使用者為超級使用者highgo,且該使用者後建立角色和資料庫的許可權等
highgo=#select current_user;
current_user
--------------
highgo
(1row)
(3)檢視當前叢集中的資料庫
highgo=#\l
List of databases
Name | Owner | Encoding | Collate | Ctype | Access privileges
-----------+--------+----------+------------+------------+-------------------
highgo | highgo | UTF8 | zh_CN.utf8 |zh_CN.utf8 |
template0 | highgo | UTF8 | zh_CN.utf8 | zh_CN.utf8 | =c/highgo +
| | | | | highgo=CTc/highgo
template1 | highgo | UTF8 | zh_CN.utf8 | zh_CN.utf8 | =c/highgo +
| | | | | highgo=CTc/highgo
(3rows)
(4)使用普通使用者a連線資料庫正常
highgo=#\c highgo a
Youare now connected to database "highgo" as user "a".
highgo=>select current_user;
current_user
--------------
a
(1row)
(5)使用超級使用者highgo連線資料庫正常
highgo=>\c highgo highgo
Youare now connected to database "highgo" as user "highgo".
highgo=#select current_user;
current_user
--------------
highgo
(1row)
(6)在超級使用者連線highgo後,設定不允許普通使用者a連線資料庫
highgo=#alter role a nologin;
ALTER ROLE
highgo=#\c highgo a
致命錯誤: 不允許角色"a" 進行登入
Previousconnection kept
highgo=#
(7)在超級使用者連線highgo後,設定不允許普通使用者a連線資料庫後,賦予使用者a超級使用者許可權後仍然無法連線資料庫
highgo=#alter role a superuser;
ALTERROLE
highgo=#\du
List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------+-----------
a | Superuser, Cannot login | {}
highgo | Superuser, Create role, Create DB, Replication | {}
highgo=#\c highgo a
致命錯誤: 不允許角色"a" 進行登入
Previousconnection kept
(8)將登入資料庫的許可權賦予使用者a後,使用者a可登入資料庫
highgo=#alter role a login;
ALTERROLE
highgo=#\c highgo a
Youare now connected to database "highgo" as user "a".
highgo=#select current_user;
current_user
--------------
a
(1row)