postgres/timescaledb
1
0
Fork 0
mirror of https://github.com/timescale/timescaledb.git synced 2025-05-21 13:14:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
timescaledb/sql/common/permissions.sql
Matvey Arye fbdcab186f Allow non-superusers to work with the db (but also mess up the catalog) 
Previous to this commit non-superusers could not do anything inside
a database with the timescale extension loaded. Now, non-superuser
can create their own hypertables and work inside the db. There are
two big caveats:
      1) All users have read/write permissions to the timescaledb
      catalog.
      2) Permission changes applied to the main tables are not
      propagated to the associated tables.
2017-03-13 10:11:37 -04:00

38 lines
1.5 KiB
SQL
Raw Blame History

--schema permisions
GRANT USAGE ON SCHEMA _timescaledb_catalog, _timescaledb_meta, _timescaledb_meta_api, _timescaledb_data_api, _timescaledb_cache
TO PUBLIC;
GRANT USAGE, CREATE ON SCHEMA _timescaledb_internal TO PUBLIC;
--needed for working with hypertables
GRANT SELECT ON ALL TABLES IN SCHEMA _timescaledb_catalog TO PUBLIC;
GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA _timescaledb_catalog TO PUBLIC;
--Needed but dangerous. Anybody can mess up the _timescaledb_catalog.
--MUST DOCUMENT TODO: remove these permissions. Have c-based workaround.
--Everything below this line is suspect.
GRANT INSERT ON TABLE _timescaledb_catalog.hypertable,
_timescaledb_catalog.default_replica_node, _timescaledb_catalog.hypertable_replica, _timescaledb_catalog.partition_epoch,
_timescaledb_catalog.partition, _timescaledb_catalog.partition_replica,
_timescaledb_catalog.hypertable_column,
_timescaledb_catalog.chunk, _timescaledb_catalog.chunk_replica_node
TO PUBLIC;
--needed for inserts to hypertable
GRANT UPDATE ON TABLE _timescaledb_catalog.hypertable, _timescaledb_catalog.chunk,
_timescaledb_catalog.partition, _timescaledb_catalog.partition_epoch --needed for lock
TO PUBLIC;
--needed for ddl
GRANT INSERT, DELETE ON TABLE _timescaledb_catalog.hypertable_index, _timescaledb_catalog.chunk_replica_node_index
TO PUBLIC;
GRANT DELETE, UPDATE ON TABLE _timescaledb_catalog.hypertable_column
TO PUBLIC;
GRANT INSERT ON TABLE _timescaledb_catalog.deleted_hypertable_index, _timescaledb_catalog.deleted_hypertable_column
TO PUBLIC;
Reference in New Issue View Git Blame Copy Permalink