我有一个app_owner拥有的架构。我已将以下授权授予其他用户:
GRANT USAGE ON SCHEMA app_schema TO app_writer;
ALTER DEFAULT PRIVILEGES IN SCHEMA app_schema
GRANT ALL ON TABLES to app_writer;
我如何(也许在一个月后)检查app_writer是否具有所有这些特权?
答案 0 :(得分:1)
您可以简单地查询元数据来检查是否对模式中的所有表都授予了所有特权:
SELECT t.table_name,
bool_and(
has_table_privilege(
'app_writer',
format('%I.%I', t.table_schema, t.table_name),
p.priv
)
) AS has_all_privs
FROM information_schema.tables AS t
CROSS JOIN (
VALUES ('SELECT'), ('INSERT'), ('UPDATE'), ('DELETE'),
('TRUNCATE'), ('REFERENCES'), ('TRIGGER')
) AS p(priv)
WHERE t.table_schema = 'app_schema'
GROUP BY t.table_name;