Monday, November 25, 2019

Security Login, Posgresql

/*
Permision consist of SQL commands--
SELECT, INSERT, UPDATE, EXCECUTE, DELETE, DROP. CREATE, ALTER
Anything that is not granted is denied
A user should be given all the permissions necessary
to do what they need to do in the database
But no more.
*/
Create role tenantrole;
Grant SELECT on "Apartment" to tenantrole;
Grant SELECT on "Lease" to tenantrole;
Grant UPDATE on "Tenant" to Tenantrole;
Grant SELECT on "Tenant" to tenantrole;

Create role johnsmith with password 'password';
Grant tenantrole to johnsmith;
Alter role johnsmith with login;

The test after logging in as johnsmith

Select * from "Apartment";
Update "Apartment"
SET "Bedrooms"=3
WHERE "ApartmentNumber"=102;

No comments:

Post a Comment