1.CREATE ROLE创建的用户默认不带LOGIN属性,而CREATE USER创建的用户默认带有LOGIN属性,如下:
postgres=# CREATE ROLE pg_test_user_1; /*默认不带LOGIN属性*/
CREATE ROLE
postgres=# CREATE USER pg_test_user_2; /*默认具有LOGIN属性*/
CREATE ROLE
postgres=# \du
List of roles
Role name | Attributes | Member of
----------------+--------------+-----------
pg_test_user_1 | Cannot login | {}
pg_test_user_2 | | {}
postgres | Superuser | {}
: Create role
: Create DB
postgres=#
2.在创建用户时赋予角色属性
postgres=# CREATE ROLE pg_test_user_3 CREATEDB; /*具有创建数据库的属性*/
CREATE ROLE
postgres=# \du
List of roles
Role name | Attributes | Member of
----------------+--------------+-----------
pg_test_user_1 | Cannot login | {}
pg_test_user_2 | | {}
pg_test_user_3 | Create DB | {}
: Cannot login
postgres | Superuser | {}
: Create role
: Create DB
postgres=# CREATE ROLE pg_test_user_4 CREATEDB PASSWORD '123456'; /*具有创建数据库及带有密码登陆的属性 */
CREATE ROLE
postgres=# \du
List of roles
Role name | Attributes | Member of
----------------+--------------+-----------
pg_test_user_1 | Cannot login | {}
pg_test_user_2 | | {}
pg_test_user_3 | Create DB | {}
: Cannot login
pg_test_user_4 | Create DB | {}
: Cannot login
postgres | Superuser | {}
: Create role
: Create DB
postgres=#
3.给已存在用户赋予各种权限
使用ALTER ROLE即可。
postgres=# \du
List of roles
Role name | Attributes | Member of
----------------+--------------+-----------
pg_test_user_3 | Create DB | {}
: Cannot login
pg_test_user_4 | Create DB | {}
: Cannot login
postgres | Superuser | {}
: Create role
: Create DB
postgres=# ALTER ROLE pg_test_user_3 WITH LOGIN; /*赋予登录权限*/
ALTER ROLE
postgres=# \du
List of roles
Role name | Attributes | Member of
----------------+--------------+-----------
pg_test_user_3 | Create DB | {}
pg_test_user_4 | Create DB | {}
: Cannot login
postgres | Superuser | {}
: Create role
: Create DB
postgres=# ALTER ROLE pg_test_user_4 WITH CREATEROLE;/*赋予创建角色的权限*/
ALTER ROLE
postgres=# \du
List of roles
Role name | Attributes | Member of
----------------+--------------+-----------
pg_test_user_3 | Create DB | {}
pg_test_user_4 | Create role | {}
: Create DB
: Cannot login
postgres | Superuser | {}
: Create role
: Create DB
postgres=# ALTER ROLE pg_test_user_4 WITH PASSWORD '654321';/*修改密码*/
ALTER ROLE
postgres=# ALTER ROLE pg_test_user_4 VALID UNTIL 'JUL 7 14:00:00 2012 +8'; /*设置角色的有效期*
ALTER ROLE
4.查看角色表中的信息:
postgres=# SELECT * FROM pg_roles;
rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcatupdate | rolcanlogin | rolconnlimit | rolpassword | rolvaliduntil | rol
config | oid
----------------+----------+------------+---------------+-------------+--------------+-------------+--------------+-------------+------------------------+----
-------+-------
postgres | t | t | t | t | t | t | -1 | ******** | |
| 10
pg_test_user_3 | f | t | f | t | f | t | -1 | ******** | |
| 16390
pg_test_user_4 | f | t | t | t | f | f | -1 | ******** | 2012-07-07 14:00:00+08 |
| 16391
(3 rows)
postgres=#
5.ALTER ROLE语句简介:
ALTER ROLE
名称
ALTER ROLE -- 修改一个数据库角色
语法
ALTER ROLE name [ [ WITH ] option [ ... ] ]
这里的 option 可以是:
SUPERUSER | NOSUPERUSER
| CREATEDB | NOCREATEDB
| CREATEROLE | NOCREATEROLE
| CREATEUSER | NOCREATEUSER
| INHERIT | NOINHERIT
| LOGIN | NOLOGIN
| CONNECTION LIMIT connlimit
| [ ENCRYPTED | UNENCRYPTED ] PASSWORD 'password'
| VALID UNTIL 'timestamp'
ALTER ROLE name RENAME TO newname
ALTER ROLE name SET configuration_parameter { TO | = } { value | DEFAULT }
ALTER ROLE name RESET configuration_parameter描述
ALTER ROLE 修改一个数据库角色的属性。
扫一扫
82
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
