如何使用 postgres_fdw 设置对外国 table 的权限?
How to set up permissions on foreign table using postgres_fdw?
源数据在数据库public模式中的keystable中keys(参考 pg 文档:https://www.postgresql.org/docs/current/postgres-fdw.html):
create table keys (
id varchar not null,
keyname varchar not null,
created timestamp default current_timestamp not null,
modified timestamp default current_timestamp not null
);
引用user/schema/database是vids/public/vids.
- 设置服务器连接
CREATE SERVER keys
FOREIGN DATA WRAPPER postgres_fdw
OPTIONS (host '1.2.3.4', port '5432', dbname 'keys');
- 创建用户映射
CREATE USER MAPPING FOR vids
SERVER keys
OPTIONS (user 'keys', password 'keys');
- 创建 table 映射
create foreign table keys (
id varchar not null,
keyname varchar not null,
created timestamp default current_timestamp not null,
modified timestamp default current_timestamp not null
) server keys options (schema_name 'public', table_name 'keys');
- 在 vids db:
中连接为 vids 时尝试访问外国 table
vids=> select * from keys;
ERROR: permission denied for foreign table keys
我不明白,因为用户 keys 是外部数据库中 keys table 的所有者。这里应该做什么?
来自@jjanes 的评论:
the error message suggest the problem is on the local side". The local repfresentation of the foreign table is nowned by vids and vids does not have permissions to it. So it never gets far enough to figure out if keys has access to keys on the foreign side
所以对我的步骤的更正是:
grant all on table keys to clips;
源数据在数据库public模式中的keystable中keys(参考 pg 文档:https://www.postgresql.org/docs/current/postgres-fdw.html):
create table keys (
id varchar not null,
keyname varchar not null,
created timestamp default current_timestamp not null,
modified timestamp default current_timestamp not null
);
引用user/schema/database是vids/public/vids.
- 设置服务器连接
CREATE SERVER keys
FOREIGN DATA WRAPPER postgres_fdw
OPTIONS (host '1.2.3.4', port '5432', dbname 'keys');
- 创建用户映射
CREATE USER MAPPING FOR vids
SERVER keys
OPTIONS (user 'keys', password 'keys');
- 创建 table 映射
create foreign table keys (
id varchar not null,
keyname varchar not null,
created timestamp default current_timestamp not null,
modified timestamp default current_timestamp not null
) server keys options (schema_name 'public', table_name 'keys');
- 在 vids db: 中连接为 vids 时尝试访问外国 table
vids=> select * from keys;
ERROR: permission denied for foreign table keys
我不明白,因为用户 keys 是外部数据库中 keys table 的所有者。这里应该做什么?
来自@jjanes 的评论:
the error message suggest the problem is on the local side". The local repfresentation of the foreign table is nowned by
vidsandvidsdoes not have permissions to it. So it never gets far enough to figure out ifkeyshas access tokeyson the foreign side
所以对我的步骤的更正是:
grant all on table keys to clips;