在PostgreSQL中,是否可能创建一个只能访问单个模式的用户?
以下是我尝试过的方法:
REVOKE ALL ON DATABASE testdb FROM public;
GRANT CONNECT ON DATABASE testdb TO testuser;
当我作为testuser连接时,实际上我无法访问实际数据:
> SELECT * FROM some_table;
ERROR: permission denied for relation some_table
然而,我仍然可以列出所有其他模式中的表等:
SELECT * FROM pg_tables;
schemaname | tablename | tableowner | tablespace | hasindexes | hasrules | hastriggers | rowsecurity
--------------------+-------------------------------------------+------------+------------+------------+----------+-------------+-------------
test2 | foo | postgres | | t | f | f | f
test2 | bar | postgres | | t | f | f | f
...