add postgres folder and script to create user

postgres/postgres.md

@@ -1,29 +1,29 @@
-setup for single sign on with [SSPI](https://wiki.postgresql.org/wiki/Configuring_for_single_sign-on_using_SSPI_on_Windows)
+setup for single sign on with [SSPI](https://wiki.postgresql.org/wiki/Configuring_for_single_sign-on_using_SSPI_on_Windows)
-
+
-md5 hash is salted with username in front
+md5 hash is salted with username in front
-
+
-
+
-Memory
+Memory
-=========================================================
+=========================================================
-see whats in the buffer cache with pg_buffercache
+see whats in the buffer cache with pg_buffercache
-
+
-`CREATE EXTENSION pg_buffercache` 
+`CREATE EXTENSION pg_buffercache` 
-
+
-```
+```
-SELECT
+SELECT
-	c.relname,
+	c.relname,
-	COUNT(*) AS buffers
+	COUNT(*) AS buffers
-FROM
+FROM
-	pg_class c
+	pg_class c
-INNER JOIN pg_buffercache b ON
+INNER JOIN pg_buffercache b ON
-	b.relfilenode = c.relfilenode
+	b.relfilenode = c.relfilenode
-INNER JOIN pg_database d ON
+INNER JOIN pg_database d ON
-	( b.reldatabase = d.oid
+	( b.reldatabase = d.oid
-	AND d.datname = CURRENT_DATABASE())
+	AND d.datname = CURRENT_DATABASE())
-GROUP BY
+GROUP BY
-	c.relname
+	c.relname
-ORDER BY
+ORDER BY
-	2 DESC
+	2 DESC
-LIMIT 100;
+LIMIT 100;
-```
+```
-
+

postgres/postgres_features.md

@@ -1,36 +1,36 @@
-Version 10 Features
+Version 10 Features
-===================
+===================
-
+
-Auto Logging [blog](http://databasedoings.blogspot.com/2017/07/cool-stuff-in-postgresql-10-auto-logging.html)
+Auto Logging [blog](http://databasedoings.blogspot.com/2017/07/cool-stuff-in-postgresql-10-auto-logging.html)
-
+
-Transition Tables [blog](http://databasedoings.blogspot.com/2017/07/cool-stuff-in-postgresql-10-transition.html)
+Transition Tables [blog](http://databasedoings.blogspot.com/2017/07/cool-stuff-in-postgresql-10-transition.html)
-
+
-Correlated Columns Query Plan [blog](https://blog.2ndquadrant.com/pg-phriday-crazy-correlated-column-crusade/)
+Correlated Columns Query Plan [blog](https://blog.2ndquadrant.com/pg-phriday-crazy-correlated-column-crusade/)
-
+
-Native Partitioning
+Native Partitioning
-
+
-Logical Replication
+Logical Replication
-
+
-Add a version of jsonb's delete operator that takes an array of keys to delete (Magnus Hagander)
+Add a version of jsonb's delete operator that takes an array of keys to delete (Magnus Hagander)
-
+
-Make json_populate_record() and related functions process JSON arrays and objects recursively (Nikita Glukhov)
+Make json_populate_record() and related functions process JSON arrays and objects recursively (Nikita Glukhov)
-
+
-Identity Columns [blog](https://blog.2ndquadrant.com/postgresql-10-identity-columns/)
+Identity Columns [blog](https://blog.2ndquadrant.com/postgresql-10-identity-columns/)
-
+
-Add view pg_hba_file_rules to display the contents of pg_hba.conf (Haribabu Kommi)
+Add view pg_hba_file_rules to display the contents of pg_hba.conf (Haribabu Kommi)
-
+
-Add XMLTABLE function that converts XML-formatted data into a row set (Pavel Stehule, Álvaro Herrera)
+Add XMLTABLE function that converts XML-formatted data into a row set (Pavel Stehule, Álvaro Herrera)
-
+
-
+
-Security
+Security
-===================
+===================
-
+
-LDAP & Active Directory [blog](https://www.openscg.com/2017/07/setting-up-ldap-with-active-directory-in-postgresql/)
+LDAP & Active Directory [blog](https://www.openscg.com/2017/07/setting-up-ldap-with-active-directory-in-postgresql/)
-
+
-Add SCRAM-SHA-256 support for password negotiation and storage (Michael Paquier, Heikki Linnakangas)
+Add SCRAM-SHA-256 support for password negotiation and storage (Michael Paquier, Heikki Linnakangas)
-
+
-
+
-Monitoring
+Monitoring
-====================
+====================
-
+
-file system info - [pg_stat_kcache](https://rjuju.github.io/postgresql/2018/07/17/pg_stat_kcache-2-1-is-out.html)
+file system info - [pg_stat_kcache](https://rjuju.github.io/postgresql/2018/07/17/pg_stat_kcache-2-1-is-out.html)

postgres/psql.md

@@ -0,0 +1 @@
+use -E to show definitions of SQL used for \d commands

user.sql

@@ -0,0 +1,37 @@
+DROP USER IF EXISTS salesreader;
+
+CREATE ROLE salesreader WITH 
+    LOGIN
+	NOSUPERUSER
+	NOCREATEDB
+	NOCREATEROLE
+	INHERIT
+	NOREPLICATION
+	CONNECTION LIMIT -1
+	ENCRYPTED PASSWORD 'md5b66677418e59ca921c20ff40534685a7';
+	
+--------------------grant--------------------------------------------------
+    
+GRANT USAGE ON SCHEMA rlarp TO salesreader;
+
+GRANT SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA rlarp TO salesreader;
+
+GRANT USAGE ON ALL SEQUENCES IN SCHEMA rlarp TO salesreader;
+
+ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp GRANT SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES TO salesreader;
+
+ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp GRANT USAGE ON SEQUENCES TO salesreader;
+
+---------------------------revoke---------------------------------------
+
+REVOKE USAGE ON SCHEMA tps FROM salesreader;
+
+REVOKE USAGE ON SCHEMA rlarp FROM salesreader;
+
+REVOKE SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA rlarp FROM salesreader;
+
+REVOKE USAGE ON ALL SEQUENCES IN SCHEMA rlarp FROM salesreader;
+
+ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp REVOKE SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES FROM salesreader;
+
+ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp REVOKE USAGE ON SEQUENCES FROM salesreader;