我以postgres用户身份连接到我正在使用的数据库。例如。 app_production。然后我按照Create a read-only user in PostgreSQL中的描述运行了这些命令:
app_production=> GRANT USAGE ON SCHEMA public TO "data-studio";
GRANT
app_production=> GRANT SELECT ON users TO "data-studio";
ERROR: permission denied for relation users
看来postgres用户没有足够的权限。 如何为我的“数据工作室”用户授予对“用户”表的读取权限?
在我新创建的martins_testing表上工作
$ psql -h $HOST -U postgres app_production
app_production=> create table martins_testing (id int);
CREATE TABLE
app_production=> GRANT SELECT ON martins_testing TO "data-studio";
GRANT
但不在由宝贵运行rake db:create创建的旧用户表上。
$ psql -h $HOST -U postgres app_production
app_production=> GRANT SELECT ON users TO "data-studio";
ERROR: permission denied for relation users
是否创建了错误的权限用户表?
app_production=> \d users
Table "public.users"
Column | Type | Modifiers
----------------+-----------------------------+------------------------------------
id | uuid | not null default gen_random_uuid()
first_name | character varying |
last_name | character varying |
phone | character varying |
email | character varying |
created_at | timestamp without time zone | not null
updated_at | timestamp without time zone | not null
birthday | date |
gender | integer | default 0
fcm_token | character varying |
device | integer | default 0
aws_avatar_url | text |
Indexes:
"users_pkey" PRIMARY KEY, btree (id)
"index_users_on_id" btree (id)
_production=> \l
List of databases
Name | Owner | Encoding | Collate | Ctype | Access privileges
-------------------+-------------------+----------+------------+------------+-----------------------------------------
cloudsqladmin | cloudsqladmin | UTF8 | en_US.UTF8 | en_US.UTF8 |
app_production | cloudsqlsuperuser | UTF8 | en_US.UTF8 | en_US.UTF8 | =Tc/cloudsqlsuperuser +
| | | | | cloudsqlsuperuser=CTc/cloudsqlsuperuser+
| | | | | "data-studio"=c/cloudsqlsuperuser +
| | | | | datastudio=c/cloudsqlsuperuser
postgres | cloudsqlsuperuser | UTF8 | en_US.UTF8 | en_US.UTF8 |
template0 | cloudsqladmin | UTF8 | en_US.UTF8 | en_US.UTF8 | =c/cloudsqladmin +
| | | | | cloudsqladmin=CTc/cloudsqladmin
template1 | cloudsqlsuperuser | UTF8 | en_US.UTF8 | en_US.UTF8 | =c/cloudsqlsuperuser +
| | | | | cloudsqlsuperuser=CTc/cloudsqlsuperuser
(5 rows)
答案 0 :(得分:4)
我查看了您提到的页面,并执行以下步骤:
连接到Cloud SQL实例:
psql -h $HOST -U postgres -W -d app_development
Password for user postgres:
psql (9.6.10, server 9.6.6)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES128-GCM-SHA256, bits: 128, compression: off)
Type "help" for help.
创建表users:
app_development=> create table users (id int);
CREATE TABLE
创建用户/角色“ data-studio”并授予与该架构的连接:
app_development=> CREATE USER "data-studio";
CREATE ROLE
app_development=> \password "data-studio"
Enter new password:
Enter it again:
app_development=> GRANT CONNECT ON DATABASE app_development TO "data-studio";
GRANT
最后为表授予SELECT特权:
app_development=> GRANT SELECT ON users TO "data-studio";
GRANT
要测试其是否有效,请与“ data-studio”用户连接:
psql -h 104.154.148.111 -U "data-studio" -W -d app_development
Password for user data-studio:
psql (9.6.10, server 9.6.6)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES128-GCM-SHA256, bits: 128, compression: off)
Type "help" for help.
app_development=> select * from users;
id
----
(0 rows)
app_development=> insert into users (id) values (1);
ERROR: permission denied
该链接上有一条注释,显示第一个命令错误。我希望这会有所帮助。