{"id":2022,"date":"2021-05-26T17:07:41","date_gmt":"2021-05-26T21:07:41","guid":{"rendered":"https:\/\/shirishranjit.com\/blog1\/?page_id=2022"},"modified":"2021-05-28T09:07:17","modified_gmt":"2021-05-28T13:07:17","slug":"managing-postgresql-users-roles-and-permissions","status":"publish","type":"page","link":"https:\/\/shirishranjit.com\/blog1\/technical-posts\/postgres-database-cheatsheet\/managing-postgresql-users-roles-and-permissions","title":{"rendered":"Managing Postgresql Users, Roles, and permissions"},"content":{"rendered":"\n<p>Let&#8217;s make sure you have postgresql db. Please follow your Postgres documentation for the installation. <\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>You have a database and you want to create a user for the database only and you want to make it owner. First of all the user must be &#8220;Superuser&#8221; on the database. Then follow the steps:<\/li><li>Login as the user &#8211; abcd<\/li><li>Lets take step by step to make the user owner and revoke all the privileges from public.<\/li><\/ol>\n\n\n\n<pre class=\"wp-block-preformatted\">1) Create an admin user and grant superpuser (without superuser, you can do the alter ... owner\n\n2) alter to have the admin user owner\nalter schema <strong>public<\/strong> owner to administer;\n\n3)revoke the default create permissions\nrevoke create on schema <strong>public<\/strong> <strong>from<\/strong> <strong>public<\/strong>;\n\n4) revoke the public role's ability to connect to the database\nrevoke all on database demodb from public;\n\n5) create a write role and grant permissions\ncreate role db_write no login no inherit;\n\n<em>-- grant usage on the db\n<\/em><strong>grant usage on schema public to <\/strong>db_write;\n<em>-- allow all operations on all tables\n<\/em><strong>grant select<\/strong>, <strong>insert<\/strong>, <strong>update<\/strong>, <strong>delete on all tables in schema public to<\/strong> db_write;\n<em>-- allow usage of sequences, need for serial keys etc\n<\/em><strong>grant usage<\/strong>, <strong>select on all sequences in schema public to <\/strong>db_write;\n<em>-- grant default operations on all tables created in the future\n<\/em><strong>alter default privileges in schema public\n   grant select<\/strong>, <strong>insert<\/strong>, <strong>update, delete on tables to <\/strong>db_write;\n<em>-- grant default operations on all sequences created in the future\n<\/em><strong>alter default privileges in schema public\n   grant usage<\/strong>, <strong>select on sequences to <\/strong>db_write;  \n\n5) create a user with the db_write role\ncreate role \"db_user\" with login <strong>in<\/strong> role db_write;\n\n6) grant user permission to connect to our database.\ngrant connect <strong>on<\/strong> database demodb to db_user;\n\n<\/pre>\n\n\n\n<p>Once you have a database setup, following steps to remove default public access<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">If you do not have the db owner or if you need a new db owner, then create an admin user and grant superpuser (without superuser, you can do the alter ... owner\n\n1) alter to have the admin user owner\nalter schema <strong>public<\/strong> owner to administer;\n\n2)revoke the default create permissions\nrevoke create on schema <strong>public<\/strong> <strong>from<\/strong> <strong>public<\/strong>;\n\n3) revoke the public role's ability to connect to the database\nrevoke all on database demodb from public;<\/pre>\n<div class=\"twttr_buttons\"><div class=\"twttr_twitter\">\n\t\t\t\t\t<a href=\"http:\/\/twitter.com\/share?text=Managing+Postgresql+Users%2C+Roles%2C+and+permissions\" class=\"twitter-share-button\" data-via=\"\" data-hashtags=\"\"  data-size=\"default\" data-url=\"https:\/\/shirishranjit.com\/blog1\/technical-posts\/postgres-database-cheatsheet\/managing-postgresql-users-roles-and-permissions\"  data-related=\"\" target=\"_blank\">Tweet<\/a>\n\t\t\t\t<\/div><div class=\"twttr_followme\">\n\t\t\t\t\t\t<a href=\"https:\/\/twitter.com\/shiranjit\" class=\"twitter-follow-button\" data-size=\"default\"  data-show-screen-name=\"false\"  target=\"_blank\">Follow me<\/a>\n\t\t\t\t\t<\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Let&#8217;s make sure you have postgresql db. Please follow your Postgres documentation for the installation. You have a database and you want to create a user for the database only and you want to make it owner. First of all &hellip; <a href=\"https:\/\/shirishranjit.com\/blog1\/technical-posts\/postgres-database-cheatsheet\/managing-postgresql-users-roles-and-permissions\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"parent":489,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2022","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/pages\/2022"}],"collection":[{"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/comments?post=2022"}],"version-history":[{"count":10,"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/pages\/2022\/revisions"}],"predecessor-version":[{"id":2044,"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/pages\/2022\/revisions\/2044"}],"up":[{"embeddable":true,"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/pages\/489"}],"wp:attachment":[{"href":"https:\/\/shirishranjit.com\/blog1\/wp-json\/wp\/v2\/media?parent=2022"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}