move user file

This commit is contained in:
Trowbridge 2018-11-09 12:37:19 -05:00
parent 0bd574cb5c
commit 77c5da96d1
2 changed files with 39 additions and 37 deletions

39
postgres/user.sql Normal file
View File

@ -0,0 +1,39 @@
DROP USER IF EXISTS report;
SET password_encryption = 'scram-sha-256';
CREATE ROLE report WITH
LOGIN
NOSUPERUSER
NOCREATEDB
NOCREATEROLE
INHERIT
NOREPLICATION
CONNECTION LIMIT -1
PASSWORD 'report';
--------------------grant--------------------------------------------------
GRANT USAGE ON SCHEMA lgdat TO report;
GRANT SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA lgdat TO report;
GRANT USAGE ON ALL SEQUENCES IN SCHEMA lgdat TO report;
ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES TO report;
ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT USAGE ON SEQUENCES TO report;
---------------------------revoke---------------------------------------
REVOKE USAGE ON SCHEMA lgdat FROM report;
REVOKE USAGE ON SCHEMA lgdat FROM report;
REVOKE SELECT , UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA lgdat FROM report;
REVOKE USAGE ON ALL SEQUENCES IN SCHEMA lgdat FROM report;
ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE SELECT, UPDATE, INSERT, DELETE ON TABLES FROM report;
ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE USAGE ON SEQUENCES FROM report;

View File

@ -1,37 +0,0 @@
DROP USER IF EXISTS salesreader;
CREATE ROLE salesreader WITH
LOGIN
NOSUPERUSER
NOCREATEDB
NOCREATEROLE
INHERIT
NOREPLICATION
CONNECTION LIMIT -1
ENCRYPTED PASSWORD 'md5b66677418e59ca921c20ff40534685a7';
--------------------grant--------------------------------------------------
GRANT USAGE ON SCHEMA rlarp TO salesreader;
GRANT SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA rlarp TO salesreader;
GRANT USAGE ON ALL SEQUENCES IN SCHEMA rlarp TO salesreader;
ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp GRANT SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES TO salesreader;
ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp GRANT USAGE ON SEQUENCES TO salesreader;
---------------------------revoke---------------------------------------
REVOKE USAGE ON SCHEMA tps FROM salesreader;
REVOKE USAGE ON SCHEMA rlarp FROM salesreader;
REVOKE SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA rlarp FROM salesreader;
REVOKE USAGE ON ALL SEQUENCES IN SCHEMA rlarp FROM salesreader;
ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp REVOKE SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES FROM salesreader;
ALTER DEFAULT PRIVILEGES IN SCHEMA rlarp REVOKE USAGE ON SEQUENCES FROM salesreader;