I want to give an access to my postgres DB for a user so he can have a read only data for 2 tables in my DB.
So, I have created a role for this:
CREATE ROLE stagiaire WITH
LOGIN
NOSUPERUSER
INHERIT
NOCREATEDB
NOCREATEROLE
NOREPLICATION
ENCRYPTED PASSWORD 'xxx';
Then, I also create a user in the up right menu "Users", user type is "User", and gave him a password.
user: email#gmail.com
pass: mypass
Now, user can login, but he sees nothing, and have access to nothing.
How can I link the user email#gmail.com with role "stagiaire"
I found the solution.
User must login. He sees nothing.
He must add himself the Server, so he must know URL to connect.
in my case, my internal URL: postgres.metadata.svc.cluster.local:5432
Then, he will use his login / password to connect.
Now, he will be able to see all resource, but will only be able to open the one with access granted.
Hope this helps
Related
I'm working on an application using different databases and struggling to implement the correct user management.
Suppose that we have a user "BasicUser" (created in the admin database), that only has dbAdmin rights to a specific database, called "TestDb" in this example. Furthermore, we have created a user "TestUser" without any access rights to start from.
Is there a possibility for the BasicUser to grant read/write access to the TestDb for the TestUser?
I tried the following options when I login with the BasicUser
use TestDb; db.grantRolesToUser("TestUser", ["read"]) --> This returns an error that the user cannot be found
use TestDb; db.updateUser("TestUser", {roles: ["read"]}) --> This returns an error that we are not autorized to execute the command
To be clear, I do not want to provide the BasicUser any admin rights on the admin database, as I don't want the BasicUser to see any of the other databases. This user should only be able to see the TestDb and perform its admin tasks on this db.
Create the user in the admin database (actually I don't know any reason why a user might be created anywhere else).
Then grant
db.getSiblingDB("admin").grantRolesToUser( "TestUser", [ { role: "dbOwner", db: "TestDb" } ] )
It's not clear what you mean by "give access"? Maybe instead of dbOwner, you just want to grant readWrite, see Built-In Roles
after installing oracle 19 C it was asking for username and password. what to type in that and how to create a new user with all permissions and authentication rights.(note i tried create user command by login as SYSDBA but it showing error as invalid common user or role name.
enter image description here
[enter image description here][2]
create user c##yourusername identified by tiger;
To create a user in a particular container do follows:
alter session set container
Crate user
Example:
alter session set "_ORACLE_SCRIPT"=true;
CREATE USER your_user_name IDENTIFIED BY your_password
After finished user creation please add grant permission to your user. Otherwise you may not be able to login in with this user.
GRANT Dba to your_user_name
alter session set "_ORACLE_SCRIPT"=true;
After execute the above script user has been created.
I'm new to postgresql database. I followed instruction online and get my postgreSQL database installed and everything works fine. with psql, I created new user user1 as below:
CREATE USER user1 WITH PASSWORD '123';
Now I have a user called 'user1', in addition to default user 'postgres'.
I'm very confused with what those user can do. I'm not sure what is the use of creating the new user.
My questions are:
Can I log into the database as user1? How?
Can the user see all the database in the system, no matter what the database owner is? In my case, all the database I created is owned by 'postgres'.
Am I able to make the user see only some of the databases?
i have a user created under login roles in pgAdmin. user's name is 'myApp'.
here is the pgsql syntax to create it.
CREATE ROLE myApp LOGIN
ENCRYPTED PASSWORD 'md58e0b379fc6e92422518682611bcf2d42'
NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION;
all these days i had my application developed by yii framework to connect to database with super user in my end. which is.. user 'postgres'
but after doing a release recently i started getting an error as below
i found its because of i have set permission to the myApp user role for newly created table but have missed to do the same for sequence so i wrote the below script to resolve..
GRANT ALL ON TABLE css_ataps_client_outgoing_call_dates_id_seq TO myAppAdmin;
GRANT SELECT, UPDATE ON TABLE css_ataps_client_outgoing_call_dates_id_seq TO myApp;
now i need to enable my application to connect to database using the same login as my production application which is myApp but not postgres.
but unfortunately it doesn't work unless i use postgres user. The error i got when trying to connect with myApp user is nothing. not even recorded in logs. so i can confirm that login details are same and its working and the issue could be the user myApp doesnt have read / write access to any single table. so i want to check for which table in database it doesnt have permission or vice versa.
please tell me a way to find this out. thanks.
This will do. Try and let me know.
GRANT ALL ON DATABASE <ur database name> TO myApp; <- not this
TRY THIS QUERY..!
GRANT SELECT,UPDATE,INSERT,DELETE ON ALL TABLES IN SCHEMA public TO myApp;
I have created a ROLE with name Admin and I have given it all accesses (including CREATEDB). I have created a User ekekakos who is member of Admin role and inherints from it. When I am trying to create a new DB with ekekakos I am getting the following message:
ERROR. PERMISSION DENIED TO CREATE DATABASE.
When I enable the option CAN CREATE DB to the user ekekakos, the database is created.
Why the user do not take the privilages of the role Admin?
Thanks
Excerpt from the docs:
The role attributes LOGIN, SUPERUSER, CREATEDB, and CREATEROLE can be thought of as special privileges, but they are never inherited as ordinary privileges on database objects are. You must actually SET ROLE to a specific role having one of these attributes in order to make use of the attribute.