Re: Postgres limitation in user management

2023-11-04 Thread Tom Lane
Ron writes: > On 11/4/23 16:53, Peter J. Holzer wrote: >> This doesn't answer the question why ALTER TABLE privilege would be >> required. > I bet the Good Idea Fairy whispered something into the CISO's ear. Yeah. This is blatantly obviously the brainchild of some person with no actual experien

Re: Postgres limitation in user management

2023-11-04 Thread Ron
On 11/4/23 16:53, Peter J. Holzer wrote: On 2023-11-04 21:42:34 +, Brent Wood wrote: We have 2 sets of database user groups – 1. App – who owns the application schemas (and tables) 2. Support – who provides db support We want Support users to have no SELECT or DML privilege but only AL

Re: Postgres limitation in user management

2023-11-04 Thread Christophe Pettus
> On Nov 2, 2023, at 23:26, Kar, Swapnil (TR Technology) > wrote: > We want Support users to have no SELECT or DML privilege but only ALTER TABLE > to perform any troubleshooting in the database. If a user has no ability to do SELECT or DML, they won't be able to "troubleshoot" the database

Re: Postgres limitation in user management

2023-11-04 Thread Peter J. Holzer
On 2023-11-04 21:42:34 +, Brent Wood wrote: > >> We have 2 sets of database user groups – > >> > >> 1. App – who owns the application schemas (and tables) > >> 2. Support – who provides db support > >> > >> We want Support users to have no SELECT or DML privilege but only ALTER > TABLE > >> t

Re: Postgres limitation in user management

2023-11-04 Thread Brent Wood
9 From: Peter J. Holzer Sent: Sunday, November 05, 2023 10:33 To: pgsql-general@lists.postgresql.org Subject: Re: Postgres limitation in user management On 2023-11-03 06:26:21 +, Kar, Swapnil (TR Technology) wrote: > We have 2 sets of database user groups

Re: Postgres limitation in user management

2023-11-04 Thread Peter J. Holzer
On 2023-11-03 06:26:21 +, Kar, Swapnil (TR Technology) wrote: > We have 2 sets of database user groups – > > 1. App – who owns the application schemas (and tables) > 2. Support – who provides db support > > We want Support users to have no SELECT or DML privilege but only ALTER TABLE > to p

Re: Postgres limitation in user management

2023-11-04 Thread Ron
How can you /practically/ support a database without being able to look at a table? On 11/3/23 01:26, Kar, Swapnil (TR Technology) wrote: Hello Team, I am facing a limitation with Postgres user management and require your assistance or input around it. Let me brief you the scenario here –

Postgres limitation in user management

2023-11-04 Thread Kar, Swapnil (TR Technology)
Hello Team, I am facing a limitation with Postgres user management and require your assistance or input around it. Let me brief you the scenario here - We have 2 sets of database user groups - 1. App - who owns the application schemas (and tables) 2. Support - who provides db support We