weird problem with grants
This is a discussion on weird problem with grants within the Pgsql General forums, part of the PostgreSQL category; --> Hi list, I have a weird problem with grants. Probably I am forgetting something, but I simply don't understand ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-09-2008, 06:20 AM
| ||||
| ||||
 weird problem with grants Hi list, I have a weird problem with grants. Probably I am forgetting something, but I simply don't understand it. We have a user 'x' that is member of group 'a' there is a sequence where Grant all on table schema.sequence to group 'a' But still I get a permission denied when I try to access the sequence as user 'x'. Thanks in advance. D.Kniep ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@postgresql.org so that your message can get through to the mailing list cleanly      |
|
04-09-2008, 06:20 AM
| |||
| |||
| Re: weird problem with grants On Mon, 2005-10-10 at 16:37, Dick Kniep wrote: > Hi list, > > I have a weird problem with grants. Probably I am forgetting something, but I > simply don't understand it. > > We have a user 'x' that is member of group 'a' > there is a sequence where > Grant all on table schema.sequence to group 'a' > > But still I get a permission denied when I try to access the sequence as user > 'x'. Did you grant permission on the sequence as well? ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster |
|
04-09-2008, 06:20 AM
| ||||
| ||||
| Re: weird problem with grants Dick Kniep <dick@kniep.nl> writes: > We have a user 'x' that is member of group 'a' > there is a sequence where > Grant all on table schema.sequence to group 'a' > But still I get a permission denied when I try to access the sequence as user > 'x'. Works fine for me, so you've omitted some critical bit of information. regression=# create user x; CREATE ROLE regression=# create group g with user x; CREATE ROLE regression=# create sequence seq; CREATE SEQUENCE regression=# grant all on seq to group g; GRANT regression=# \c - x You are now connected as new user "x". regression=> select nextval('seq'); nextval --------- 1 (1 row) Given that you've mentioned schemas, a couple of possibilities are that user x doesn't have USAGE permission on the schema containing the sequence, or that he has a different search path which is leading him to find a different sequence altogether. If that doesn't help, let's see the exact case (including exact error message) instead of a uselessly-abstract summary. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend |
Linear Mode
