How to delete default privileges
I have a DB where we changed ownership of all objects.
We had:
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT ON tables
TO dbgroup_ro_group;
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT ON sequences
TO dbgroup_ro_group;
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT, UPDATE,
DELETE, INSERT ON tables TO dbgroup_rw_group;
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT,
USAGE ON sequences TO dbgroup_rw_group;
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT
EXECUTE ON functions TO dbgroup_rw_group;
But now there is a new DB owner and I have run the above, but with
new_dbowner. How can I delete the old default grants? Can't find
examples and don't see it on the documentation either.
Any help would be greatly appreciated.
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On Tue, Aug 15, 2017 at 3:02 PM, Francisco Reyes <lists@natserv.net> wrote:
I have a DB where we changed ownership of all objects.
We had:
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT ON tables TO
dbgroup_ro_group;
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT ON sequences TO
dbgroup_ro_group;ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT, UPDATE,
DELETE, INSERT ON tables TO dbgroup_rw_group;
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT SELECT, USAGE
ON sequences TO dbgroup_rw_group;
ALTER DEFAULT PRIVILEGES FOR ROLE old_dbowner GRANT EXECUTE
ON functions TO dbgroup_rw_group;But now there is a new DB owner and I have run the above, but with
new_dbowner. How can I delete the old default grants? Can't find examples
and don't see it on the documentation either.Any help would be greatly appreciated.
You just reverse them, changing GRANT...TO into REVOKE...FROM. When the
altered-default is the same thing as the default-default, then the
altered-default disappears.
Cheers,
Jeff