无法在Postgresql中删除默认特权用户

huangapple go评论61阅读模式
英文:

Unable to drop default privileged user in Postgresql

问题

当我们尝试在PostgreSQL数据库中删除一个特定的用户时,我们遇到以下错误。

postgres=# DROP user xyz;

ERROR: 角色 "xyz" 不能被删除,因为某些对象依赖于它
DETAIL: 对属于角色 xyz 的新函数的默认特权的所有者

然后我们尝试使用以下命令检查默认特权。

postgres=# \ddp xyz

    默认访问特权
  所有者  | 模式  |  类型  | 访问特权
---------+--------+----------+-------------------
     xyz |          | function |

我们还尝试了下面的命令,但没有成功。

postgres=# ALTER DEFAULT PRIVILEGES FOR ROLE xyz REVOKE ALL ON FUNCTIONS FROM xyz ;
ALTER DEFAULT PRIVILEGES
postgres=# ALTER DEFAULT PRIVILEGES FOR ROLE xyz REVOKE ALL ON FUNCTIONS FROM xyz ;
ALTER DEFAULT PRIVILEGES
postgres=# \ddp xyz

    默认访问特权
  所有者  | 模式  |  类型  | 访问特权
---------+--------+----------+-------------------
     xyz |          | function |
英文:

When we are trying to drop 1 particular user in PostgreSQL Datbase we are getting below error. 

postgres=# DROP user xyz;

> ERROR:  role "xyz" cannot be dropped because some objects depend on it<br>
> DETAIL:  owner of default privileges on new functions belonging to role xyz

 Then we tried to check the default privileges by below command. 

postgres=# \ddp xyz

&#160;&#160;&#160; Default access privileges
  Owner&#160; | Schema |&#160;&#160; Type&#160;&#160; | Access privileges
---------+--------+----------+-------------------
     xyz |&#160;&#160;&#160;&#160;&#160;&#160;&#160;| function |&#160;                         

Also we tried below command but no luck for us.

postgres=# ALTER DEFAULT PRIVILEGES FOR ROLE xyz REVOKE ALL ON FUNCTIONS FROM xyz ;
ALTER DEFAULT PRIVILEGES
postgres=# ALTER DEFAULT PRIVILEGES FOR ROLE xyz REVOKE ALL ON FUNCTIONS FROM xyz ;
ALTER DEFAULT PRIVILEGES
postgres=# \ddp xyz

&#160; &#160;&#160; Default access privileges
  Owner&#160; | Schema |&#160;&#160; Type&#160;&#160; | Access privileges
---------+--------+----------+-------------------
     xyz |&#160;&#160;&#160;&#160;&#160;  | function |&#160;                         

答案1

得分: 1

自从函数的“默认”默认权限为“对所有人和所有者的执行”,您将需要恢复该默认设置:

ALTER DEFAULT PRIVILEGES FOR ROLE xyz GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE xyz GRANT EXECUTE ON FUNCTIONS TO xyz;

然后您应该能够删除该角色。

英文:

Since the &ldquo;default&rdquo; default privilege for functions is &ldquo;EXECUTE for everyone and the owner&rdquo;. you'll have to restore that default:

ALTER DEFAULT PRIVILEGES FOR ROLE xyz GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE xyz GRANT EXECUTE ON FUNCTIONS TO xyz;

Then you should be able to drop the role;

huangapple
  • 本文由 发表于 2023年2月14日 19:51:47
  • 转载请务必保留本文链接:https://go.coder-hub.com/75447438.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定