ACL表现行式:
grantee=flags/grantor
其中:
·flags:字符串方式表示的权限
·grantor:授权的用户
| Flag | Description | Statements | Applies to |
|---|---|---|---|
| a | append, insert new data | INSERT | tables, columns |
| r | read, get data | SELECT | tables, columns, and sequences |
| w | write, update data | UPDATE | tables |
| d | delete data | DELETE | tables |
| D | delete all data | TRUNCATE | tables |
| C | create a new object | CREATE | databases, schemas, and table spaces |
| c | connect to a database | database | |
| t | trigger, react to data changes | CREATE TRIGGER | tables |
| T | crate temporary objects | CREATE TEMP | tables |
| x | cross reference between data | FOREIGN KEY | tables |
| X | execute runnable code | CALL, SELECT | functions, routines, and procedures |
| U | use of various objects | sequences, schemas, foreign objects, types, and languages |
例如,查看表abc_project上的ACLs
#dp abc_project
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
--------+-------------+-------+-----------------------------+-------------------+----------
public | abc_project | table | abc_adada=arwdDxt/abc_adada+| |
| | | hahauuu=rw/abc_adada +| |
| | | xixixiao=r/abc_adada +| |
(1 row)
新创建的对象,如果没有做任何授权,acl内容为空,就需要使用默认的ACLs了:
#create table abce(id int);
CREATE TABLE
postgres@[local]:5631=#dp abce;
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
--------+------+-------+-------------------+-------------------+----------
public | abce | table | | |
(1 row)