Answers:
怎么样
DROP USER <username>这实际上是的别名DROP ROLE。
您必须明确删除与该用户关联的所有特权,还必须将其所有权移至其他角色(或删除对象)。
这最好通过以下方式实现
REASSIGN OWNED BY <olduser> TO <newuser>和
DROP OWNED BY <olduser>后者将删除授予用户的任何特权。
有关DROP ROLE的信息,请参见postgres文档以及对此的更详细描述。
加成:
显然,尝试使用此处提到的命令删除用户仅在连接到原始GRANTS所基于的数据库的同时执行它们时才起作用,如下所述:
尝试使用REASSIGN OWNED BY或DROP OWNED BY时,可接受的答案对我造成了错误。以下为我工作:
REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA public FROM username;
REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public FROM username;
REVOKE ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public FROM username;
DROP USER username;用户可能在其他模式中具有特权,在这种情况下,您将必须运行适当的REVOKE行,并用正确的模式替换“ public”。为了显示用户的所有模式和特权类型,我编辑了\ dp命令以进行此查询:
SELECT
n.nspname as "Schema",
CASE c.relkind
WHEN 'r' THEN 'table'
WHEN 'v' THEN 'view'
WHEN 'm' THEN 'materialized view'
WHEN 'S' THEN 'sequence'
WHEN 'f' THEN 'foreign table'
END as "Type"
FROM pg_catalog.pg_class c
LEFT JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace
WHERE pg_catalog.array_to_string(c.relacl, E'\n') LIKE '%username%';我不确定哪种特权类型对应于对TABLES,SEQUENCES或FUNCTIONS的撤消,但是我认为所有特权类型都属于这三种特权之一。
REVOKE ALL PRIVILEGES ON DATABASE db_name FROM username;
revoke USAGE on SCHEMA some_schema from username;
我必须再添加一行以撤消...
运行后:
REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA public FROM username;
REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public FROM username;
REVOKE ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public FROM username;我仍然收到错误: 无法删除用户名,因为某些对象依赖该用户名。DETAIL:模式公共的特权
我错过了这个:
REVOKE USAGE ON SCHEMA public FROM username;然后,我可以放弃这个角色。
DROP USER username;这是最终为我工作的东西:
REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA myschem FROM user_mike;
REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA myschem FROM user_mike;
REVOKE ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA myschem FROM user_mike;
REVOKE ALL PRIVILEGES ON SCHEMA myschem FROM user_mike;
ALTER DEFAULT PRIVILEGES IN SCHEMA myschem REVOKE ALL ON SEQUENCES FROM user_mike;
ALTER DEFAULT PRIVILEGES IN SCHEMA myschem REVOKE ALL ON TABLES FROM user_mike;
ALTER DEFAULT PRIVILEGES IN SCHEMA myschem REVOKE ALL ON FUNCTIONS FROM user_mike;
REVOKE USAGE ON SCHEMA myschem FROM user_mike;
REASSIGN OWNED BY user_mike TO masteruser;
DROP USER user_mike ;没有REVOKE ALL PRIVILEGES ON ALL VIEWS,所以我以:
do $$
DECLARE r record;
begin
for r in select * from pg_views where schemaname = 'myschem'
loop
execute 'revoke all on ' || quote_ident(r.schemaname) ||'.'|| quote_ident(r.viewname) || ' from "XUSER"';
end loop;
end $$;和通常:
REVOKE ALL PRIVILEGES ON DATABASE mydb FROM "XUSER";
REVOKE ALL PRIVILEGES ON SCHEMA myschem FROM "XUSER";
REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA myschem FROM "XUSER";
REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA myschem FROM "XUSER";
REVOKE ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA myschem FROM "XUSER";为了使以下成功:
drop role "XUSER";我遇到了同样的问题,现在找到了解决问题的方法。首先,您必须删除要删除的用户的数据库。然后,可以轻松删除用户。
我创建了一个名为“ msf”的用户,并努力删除该用户并重新创建它。我按照以下步骤操作,成功了。
1)删除数据库
dropdb msf2)删除用户
dropuser msf现在,我成功将用户删除。
CREATE TABLE foo(bar SERIAL); ALTER TABLE foo OWNER TO postgres; CREATE USER testuser; GRANT ALL ON foo TO testuser; DROP USER testuser给出了错误消息:ERROR: role "testuser" cannot be dropped because some objects depend on it DETAIL: access to table foo。但是,DROP OWNED BY testuser确实做到了这一点,Postgres显然认为赠款是可丢弃的对象。