Lists: | pgsql-jdbc |
---|
From: | "J(dot)" <sweepingoar(at)yahoo(dot)com> |
---|---|
To: | pgsql-jdbc(at)postgresql(dot)org |
Subject: | granted select works in psql but not via jdbc |
Date: | 2006-05-31 16:21:40 |
Message-ID: | 20060531162140.55263.qmail@web54204.mail.yahoo.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-jdbc |
I'm trying to set up a system where users will be limited based on their access. To do this I'm querying db_roles and if an exception is thrown, they're not a db admin. The problem is that I've done this:
grant select on pg_roles to db_mid_level_admin;
then any member of the role db_mid_level_admin can query db_roles using psql, but when I try it in jdbc it throws an exception (permission denied for relation pg_roles).
Same user, different behavior in psql vs jdbc. I can't make this admin level superuser because then they'd have access to some stuff they shouldn't. Thanks.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
From: | Euler Taveira de Oliveira <euler(at)timbira(dot)com> |
---|---|
To: | "J(dot)" <sweepingoar(at)yahoo(dot)com> |
Cc: | pgsql-jdbc(at)postgresql(dot)org |
Subject: | Re: granted select works in psql but not via jdbc |
Date: | 2006-05-31 23:42:20 |
Message-ID: | 20060531234220.GC1436@timbira.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-jdbc |
J. wrote:
> I'm trying to set up a system where users will be limited based on their access. To do this I'm querying db_roles and if an exception is thrown, they're not a db admin. The problem is that I've done this:
>
> grant select on pg_roles to db_mid_level_admin;
^^^^^^^^^
Wouldn't it be db_roles?
--
Euler Taveira de Oliveira
http://www.timbira.com/
From: | "J(dot)" <sweepingoar(at)yahoo(dot)com> |
---|---|
To: | pgsql-jdbc(at)postgresql(dot)org |
Subject: | Re: granted select works in psql but not via jdbc |
Date: | 2006-06-01 07:10:08 |
Message-ID: | 20060601071008.47601.qmail@web54206.mail.yahoo.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-jdbc |
db_roles doesn't seem to exist as a table. A lot of tables seem to start with "pg_" if they deal with roles and privileges.
I was able to solve the problem by creating dummy tables that had very specific privileges and catching exceptions to determine what group the user belonged to so I could display the appropriate options. I got the grade on the assignment, but I still don't get why a user could select from pg_roles from the psql prompt, but not via jdbc statements.
Euler Taveira de Oliveira <euler(at)timbira(dot)com> wrote: J. wrote:
> I'm trying to set up a system where users will be limited based on their access. To do this I'm querying db_roles and if an exception is thrown, they're not a db admin. The problem is that I've done this:
>
> grant select on pg_roles to db_mid_level_admin;
^^^^^^^^^
Wouldn't it be db_roles?
--
Euler Taveira de Oliveira
http://www.timbira.com/
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com