Command Prompt, Inc.
GRANT
Practical PostgreSQL
PrevNext

GRANT

Name

GRANT -- Grants access privileges to a user, a group, or to all users in the database.

Synopsis

GRANT privilege [, ...] ON object [, ...]
      TO { PUBLIC | GROUP group | username }

Parameters

privilege

The privilege you wish to grant. Valid privileges are:

SELECT

The privilege allowing the specified user or group to access all columns in a specific table or view.

INSERT

The privilege allowing the specified user or group to insert data into all columns of a specified table.

UPDATE

The privilege allowing the specified user or group to update all columns of a specified table.

DELETE

The privilege allowing the specified user or group to delete rows from a specific table.

RULE

The privilege allowing the specified user or group to delete rules from a specified table or rule.

ALL

A shorthand way to grant all of the previous privileges to the specified user or group.

object

The name of the object upon which you are granting privileges. Valid object types are tables, views, and sequences.

PUBLIC

The optional PUBLIC keyword indicates that privilege be granted to all users of the database.

group

The name of a group to receive the privileges that you are granting.

username

The name of a PostgreSQL user to receive the privileges that you are granting. You can use PUBLIC here to represent all users.

Results

CHANGE

The message returned when a target is successfully granted the specified privileges.

ERROR: ChangeAcl: class "object" not found

The error returned if object is not found in the connected database.

ERROR: aclparse: non-existent user "user"

The error returned if user does not exist.

ERROR: non-existent group "group"

The error returned if group does not exist.

Description

Use the GRANT command to set user and group permissions for objects you own. You can set permissions for specific users and groups, or you can set permissions for PUBLIC, which represents all users in the database. By default, no one but the object owner has access permissions to that object. Object permissions must be granted by an object's owner after the object is created.

To grant privileges to a only part of a table, create a view that constraints the result set to the columns or rows you wish to grant access to. To allow users access to those columns and rows, allow them access to the view.

Use psql's backslash-z (\z) command to display permission information for existing objects.

Example

The following example grants all privileges on the publishers table to the user manager:

booktown=# GRANT ALL ON publishers TO manager;
GRANT

The next example shows how to use the \z psql command to view access privileges on the publishers table:

booktown=# \z publishers
Access permissions for database "booktown"
  Relation  |  Access permissions
------------+----------------------
 publishers | {"=","manager=arwR"}
(1 row)
PrevHomeNext
FETCHUpINSERT

Powered by Mammoth PostgreSQL
Copyright © 2000-2007 Command Prompt, Inc. All Rights Reserved. All trademarks property of their respective owners.