In pgModeler, permissions generate the GRANT
and REVOKE
commands for the associated objects. Unlike all the other editing forms designed to handle one instance of an object, the permission editing form handles all permissions for a particular database object.
In PostgreSQL, permissions are composed of one or more roles and a set of privileges applied to the associated object. Only a few kinds of database objects can have permissions assigned to them, being: database, tables, columns, views, sequences, functions, aggregates, languages, domains, types, schemas, tablespaces, foreign data wrappers, foreign servers, foreign tables, and procedures. The attributes of the permissions form are detailed below.
Attribute | Description |
---|---|
ID |
The unique identifier for the current permission being edited. This attribute can't be changed by the user. |
Roles |
A set of roles associated with the current permission. The privileges checked on the Privileges group will be applied only to the roles listed in this field. If you want to apply the privileges to all roles on the database you can leave this field empty. |
Privileges |
The set of privileges over the database object that the roles can have. The list of privileges varies depending on the type of object. The GRANT OPTION indicates that the associated privilege can be granted to other roles by the ones listed on the Roles field. |
Grant |
Creates a GRANT permission. |
Revoke |
Creates a REVOKE permission. |
Cascade |
This option is used only for revokes and causes the cascade privilege revoking. In other words, when the role that granted a specific privilege to other roles (with GRANT OPTION ) has a privilege revoked then all other roles will have the same privilege revoked as well. |
Permissions |
This grid lists all the permissions configured for the database object. Users can use this field to edit or even delete one or all the created permissions. |