Online Documentation for SQL Manager for PostgreSQL

Managing database-specific privileges


This window allows you to define privileges on database objects and grant privileges to a user or group.

 

To edit the privileges of a user/group on an object of a database, select the database using the Database pane of the Navigation bar, then select a user or group from the Privileges for list available within the Navigation bar or toolbar. Then select the type of objects to be displayed in the main working window using the drop-down list at the top.

 

The Object Name column contains the list of objects of the selected type; each subsequent column corresponds to the permission which can be granted on the selected object:

OWN, SEL, INS, UPD, DEL, RULE, REF, TRIG (for tables, views);

SEL, UPD, USG (for sequences);

OWN, EXEC (for functions);

OWN, CRT, USG (for schemas);

USG (for languages);

OWN, CRT (for tablespaces);

OWN, CONN, CRT, TMP, TRUN (starting from server version 8.4) (for databases).

 

Grant Manager - Managing database-specific privileges

 

The list of objects can be configured in several ways: you can specify that only granted objects are displayed in the grid, or define an object name to filter the objects by that name.

 

Right-click a cell to grant a specific permission on a certain object. To grant a permission on an object, you should find the object in the Object Name list and the column with the corresponding permission. Note that the cells that are highlighted gray do not admit to setting grants for an obvious reason (e.g. you cannot execute a table). The context menu of a cell contains possible permissions that can be granted:

iconGrantManager_Grant Grant

iconGrantManager_GrantWithGrantOption Grant with Grant Option

iconGrantManager_Revoke Revoke (removes a previously granted permission)

iconGrantManager_GrantAll Grant All

iconGrantManager_GrantAllWithGrantOption Grant All with Grant Option

iconGrantManager_RevokeAll Revoke All

iconGrantManager_GrantOnAll Grant on All

iconGrantManager_GrantWithGrantOptionOnAll Grant on All with Grant Option

iconGrantManager_RevokeOnAll Revoke on All

 

Note: When the Grant on all / Grant on All with Grant Option / Revoke on All items are used, the OWN privilege can be granted/revoked on all objects except databases. OWN privileges on databases should be assigned separately.

 

Hint: You can also assign privileges by double-clicking the respective cell - in this case the grant status is changed in the following order: Grant -> Grant with Grant Option -> Revoke.

 

The Column permissions of role <role_name> on table/view <table_name> area displays the grid with table/view columns and the privileges that can be granted to the selected role.

 

Use items of the context menu to grant/deny/revoke permissions on columns.

 

Grant Manager - Managing column permissions

 

If permissions on a column have been defined (for a table or view), the corresponding permission cell of the table/view contains a specific icon iconHasGrantedColumn.