forked from docs/doc-exports
luhuayi
177cd61a57
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com> Co-authored-by: luhuayi <luhuayi@huawei.com> Co-committed-by: luhuayi <luhuayi@huawei.com>
110 lines
20 KiB
HTML
110 lines
20 KiB
HTML
<a name="EN-US_TOPIC_0000001811515573"></a><a name="EN-US_TOPIC_0000001811515573"></a>
|
|
|
|
<h1 class="topictitle1">Access Privilege Inquiry Functions</h1>
|
|
<div id="body0000001503283277"><div class="section" id="EN-US_TOPIC_0000001811515573__section91261271591"><h4 class="sectiontitle">has_any_column_privilege(user, table, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p1312672718913">Description: Queries whether a specified user has permission for any column of table.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p812692713917">Return type: <span id="EN-US_TOPIC_0000001811515573__text1126727293">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section143479816911"><h4 class="sectiontitle">has_any_column_privilege(table, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p63461281395">Description: Queries whether the current user has permission for any column of table.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p203461281495">Return type: <span id="EN-US_TOPIC_0000001811515573__text434613810911">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p20346181793"><strong id="EN-US_TOPIC_0000001811515573__b1443710821101744">has_any_column_privilege</strong> checks whether a user can access any column of a table in a particular way. Its parameter possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b333184742101744">has_table_privilege</strong>, except that the desired access permission type must be some combination of SELECT, INSERT, UPDATE, or REFERENCES.</p>
|
|
<div class="note" id="EN-US_TOPIC_0000001811515573__note183461181891"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="EN-US_TOPIC_0000001811515573__p3346148494">Note that having any of these permissions at the table level implicitly grants it for each column of the table, so <strong id="EN-US_TOPIC_0000001811515573__b1879653490101744">has_any_column_privilege</strong> will always return <strong id="EN-US_TOPIC_0000001811515573__b2097287120101744">true</strong> if <strong id="EN-US_TOPIC_0000001811515573__b1269484004101744">has_table_privilege</strong> does for the same parameters. But <strong id="EN-US_TOPIC_0000001811515573__b198423034101744">has_any_column_privilege</strong> also succeeds if there is a column-level grant of the permission for at least one column.</p>
|
|
</div></div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section29211038917"><h4 class="sectiontitle">has_column_privilege(user, table, column, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p69211138910">Description: Queries whether a specified user has permission for column.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p39211231492">Return type: <span id="EN-US_TOPIC_0000001811515573__text592118313918">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section15209208918"><h4 class="sectiontitle">has_column_privilege(table, column, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p4208801295">Description: Queries whether the current user has permission for column.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1920850698">Return type: <span id="EN-US_TOPIC_0000001811515573__text206927780">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p22093018916"><strong id="EN-US_TOPIC_0000001811515573__b141851041103111">has_column_privilege</strong> checks whether a user can access a column in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b618257534101744">has_table_privilege</strong>, with the addition that the column can be specified either by name or attribute number. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001811515573__b1984793694101744">SELECT</strong>, <strong id="EN-US_TOPIC_0000001811515573__b661129957101744">INSERT</strong>, <strong id="EN-US_TOPIC_0000001811515573__b101622686101744">UPDATE</strong>, or <strong id="EN-US_TOPIC_0000001811515573__b1590530902101744">REFERENCES</strong>.</p>
|
|
<div class="note" id="EN-US_TOPIC_0000001811515573__note920911011913"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="EN-US_TOPIC_0000001811515573__p112098011918">Note that having any of these permissions at the table level implicitly grants it for each column of the table.</p>
|
|
</div></div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section195889561083"><h4 class="sectiontitle">has_database_privilege(user, database, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p658819565816">Description: Queries whether a specified user has permission for database.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1058815569814">Return type: <span id="EN-US_TOPIC_0000001811515573__text1058817564812">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section11266165415812"><h4 class="sectiontitle">has_database_privilege(database, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p1926619541585">Description: Queries whether the current user has permission for database.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p42661254188">Return type: <span id="EN-US_TOPIC_0000001811515573__text112667547816">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p182661854385">Note: <strong id="EN-US_TOPIC_0000001811515573__b1819315293216">has_database_privilege</strong> checks whether a user can access a database in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b76468217101744">has_table_privilege</strong>. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001811515573__b75648615320">CREATE</strong>, <strong id="EN-US_TOPIC_0000001811515573__b12565156163215">CONNECT</strong>, <strong id="EN-US_TOPIC_0000001811515573__b456736103219">TEMPORARY</strong>, or <strong id="EN-US_TOPIC_0000001811515573__b65681662327">TEMP</strong> (which is equivalent to <strong id="EN-US_TOPIC_0000001811515573__b85691469322">TEMPORARY</strong>).</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section197911544484"><h4 class="sectiontitle">has_foreign_data_wrapper_privilege(user, fdw, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p87915447820">Description: Queries whether a specified user has permission for foreign-data wrapper.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p187911444889">The <strong id="EN-US_TOPIC_0000001811515573__b1679663730101744">fdw</strong> parameter indicates the name or ID of the foreign data wrapper.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1679144418814">Return type: <span id="EN-US_TOPIC_0000001811515573__text67911644683">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section1148754216815"><h4 class="sectiontitle">has_foreign_data_wrapper_privilege(fdw, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p54871042786">Description: Queries whether the current user has permission for foreign-data wrapper.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p9487194216812">Return type: <span id="EN-US_TOPIC_0000001811515573__text14871142884">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p144871428817">Note: <strong id="EN-US_TOPIC_0000001811515573__b601202188101744">has_foreign_data_wrapper_privilege</strong> checks whether a user can access a foreign-data wrapper in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b1581270243101744">has_table_privilege</strong>. The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001811515573__b1669129380101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section174361384816"><h4 class="sectiontitle">has_function_privilege(user, function, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p543512384819">Description: Queries whether a specified user has permission for function.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p3436113817814">Return type: <span id="EN-US_TOPIC_0000001811515573__text1343613812816">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section79433348818"><h4 class="sectiontitle">has_function_privilege(function, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p4943163417817">Description: Queries whether the current user has permission for function.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p139431234187">Return type: <span id="EN-US_TOPIC_0000001811515573__text3943113419811">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p894312345811">Note: <strong id="EN-US_TOPIC_0000001811515573__b1231749094101744">has_function_privilege</strong> checks whether a user can access a function in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b200058448101744">has_table_privilege</strong>. When a function is specified by a text string rather than by OID, the allowed input is the same as that for the <strong id="EN-US_TOPIC_0000001811515573__b201071044153210">regprocedure</strong> data type (see <a href="dws_06_0022.html">Object Identifier Types</a>). The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001811515573__b165891052163216">EXECUTE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section2068023218811"><h4 class="sectiontitle">has_language_privilege(user, language, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p1868019328813">Description: Queries whether a specified user has permission for language.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1568010321888">Return type: <span id="EN-US_TOPIC_0000001811515573__text146807327817">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section531213291083"><h4 class="sectiontitle">has_language_privilege(language, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p5312132917818">Description: Queries whether the current user has permission for language.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p6312132910815">Return type: <span id="EN-US_TOPIC_0000001811515573__text13312182919812">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1131222912815">Note: <strong id="EN-US_TOPIC_0000001811515573__b1523251529101744">has_language_privilege</strong> checks whether a user can access a procedural language in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b1667948642101744">has_table_privilege</strong>. The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001811515573__b565214537101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section2652102618813"><h4 class="sectiontitle">has_schema_privilege(user, schema, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p146524262086">Description: Queries whether a specified user has permission for schema.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1165282619814">Return type: <span id="EN-US_TOPIC_0000001811515573__text8652142611811">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section73112232817"><h4 class="sectiontitle">has_schema_privilege(schema, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p183107232088">Description: Queries whether the current user has permission for schema.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p11310162319820">Return type: <span id="EN-US_TOPIC_0000001811515573__text133101623481">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p331122314819">Note: <strong id="EN-US_TOPIC_0000001811515573__b878390797101744">has_schema_privilege</strong> checks whether a user can access a schema in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b1276062353101744">has_table_privilege</strong>. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001811515573__b1247164576101744">CREATE</strong> or <strong id="EN-US_TOPIC_0000001811515573__b1691878057101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section41052021689"><h4 class="sectiontitle">has_server_privilege(user, server, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p1110552113813">Description: Queries whether a specified user has permission for foreign server.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p2010512211387">Return type: <span id="EN-US_TOPIC_0000001811515573__text21051215815">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section39211318588"><h4 class="sectiontitle">has_server_privilege(server, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p692141812816">Description: Queries whether the current user has permission for foreign server.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1092116182088">Return type: <span id="EN-US_TOPIC_0000001811515573__text17921218885">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p59211218485">Note: <strong id="EN-US_TOPIC_0000001811515573__b517893834101744">has_server_privilege</strong> checks whether a user can access a foreign server in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b975542656101744">has_table_privilege</strong>. The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001811515573__b1736666247101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section86251116485"><h4 class="sectiontitle">has_table_privilege(user, table, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p196259161482">Description: Queries whether a specified user has permission for table.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p136257164811">Return type: <span id="EN-US_TOPIC_0000001811515573__text862518161816">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section71176610814"><h4 class="sectiontitle">has_table_privilege(table, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p21161264818">Description: Queries whether the current user has permission for table.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p31161561817">Return type: <span id="EN-US_TOPIC_0000001811515573__text111161262815">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1611626380"><strong id="EN-US_TOPIC_0000001811515573__b663934685101744">has_table_privilege</strong> checks whether a user can access a table in a particular way. The user can be specified by name, by OID (<strong id="EN-US_TOPIC_0000001811515573__b27870192414">pg_authid.oid</strong>), <strong id="EN-US_TOPIC_0000001811515573__b97877191645">public</strong> to indicate the PUBLIC pseudo-role, or if the argument is omitted <strong id="EN-US_TOPIC_0000001811515573__b17888191346">current_user</strong> is assumed. The table can be specified by name or by OID. When specifying by name, the name can be schema-qualified if necessary. The desired access permission type is specified by a text string, which must be one of the values <strong id="EN-US_TOPIC_0000001811515573__b850617220413">SELECT</strong>, <strong id="EN-US_TOPIC_0000001811515573__b1050652219420">INSERT</strong>, <strong id="EN-US_TOPIC_0000001811515573__b45061622847">UPDATE</strong>, <strong id="EN-US_TOPIC_0000001811515573__b1050614221542">DELETE</strong>, <strong id="EN-US_TOPIC_0000001811515573__b175066229410">TRUNCATE</strong>, <strong id="EN-US_TOPIC_0000001811515573__b5507152212419">REFERENCES</strong>, or <strong id="EN-US_TOPIC_0000001811515573__b0507142217411">TRIGGER</strong>. Optionally, <strong id="EN-US_TOPIC_0000001811515573__b715077950101744">WITH GRANT OPTION</strong> can be added to a permission type to test whether the permission is held with grant option. Also, multiple permission types can be listed separated by commas, in which case the result will be <strong id="EN-US_TOPIC_0000001811515573__b170338355101744">true</strong> if any of the listed permissions is held.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p5116186481">Example:</p>
|
|
<div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001811515573__screen131171566814"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
|
|
<span class="normal"> 2</span>
|
|
<span class="normal"> 3</span>
|
|
<span class="normal"> 4</span>
|
|
<span class="normal"> 5</span>
|
|
<span class="normal"> 6</span>
|
|
<span class="normal"> 7</span>
|
|
<span class="normal"> 8</span>
|
|
<span class="normal"> 9</span>
|
|
<span class="normal">10</span>
|
|
<span class="normal">11</span></pre></div></td><td class="code"><div><pre><span></span><span class="k">SELECT</span><span class="w"> </span><span class="n">has_table_privilege</span><span class="p">(</span><span class="s1">'tpcds.web_site'</span><span class="p">,</span><span class="w"> </span><span class="s1">'select'</span><span class="p">);</span>
|
|
<span class="w"> </span><span class="n">has_table_privilege</span><span class="w"> </span>
|
|
<span class="c1">--------------------- </span>
|
|
<span class="w"> </span><span class="n">t</span><span class="w"> </span>
|
|
<span class="p">(</span><span class="mi">1</span><span class="w"> </span><span class="k">row</span><span class="p">)</span>
|
|
|
|
<span class="k">SELECT</span><span class="w"> </span><span class="n">has_table_privilege</span><span class="p">(</span><span class="s1">'dbadmin'</span><span class="p">,</span><span class="w"> </span><span class="s1">'tpcds.web_site'</span><span class="p">,</span><span class="w"> </span><span class="s1">'select,INSERT WITH GRANT OPTION '</span><span class="p">);</span>
|
|
<span class="w"> </span><span class="n">has_table_privilege</span><span class="w"> </span>
|
|
<span class="c1">--------------------- </span>
|
|
<span class="w"> </span><span class="n">t</span><span class="w"> </span>
|
|
<span class="p">(</span><span class="mi">1</span><span class="w"> </span><span class="k">row</span><span class="p">)</span><span class="w"> </span>
|
|
</pre></div></td></tr></table></div>
|
|
</div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section13942057572"><a name="EN-US_TOPIC_0000001811515573__section13942057572"></a><a name="section13942057572"></a><h4 class="sectiontitle">pg_has_role(user, role, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p15941657675">Description: Queries whether a specified user has permission for role.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p169427579710">Return type: <span id="EN-US_TOPIC_0000001811515573__text594295712719">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001811515573__section1742285510714"><h4 class="sectiontitle">pg_has_role(role, privilege)</h4><p id="EN-US_TOPIC_0000001811515573__p1142218551379">Description: Specifies whether the current user has permission for role.</p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p742211551870">Return type: <span id="EN-US_TOPIC_0000001811515573__text1842211558716">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001811515573__p1742218552074">Note: <strong id="EN-US_TOPIC_0000001811515573__b1245855715101744">pg_has_role</strong> checks whether a user can access a role in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001811515573__b1361851405101744">has_table_privilege</strong>, except that <strong id="EN-US_TOPIC_0000001811515573__b1167695318101744">public</strong> is not allowed as a user name. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001811515573__b1309337358101744">MEMBER</strong> or <strong id="EN-US_TOPIC_0000001811515573__b1123975282101744">USAGE</strong>. <strong id="EN-US_TOPIC_0000001811515573__b577719660101744">MEMBER</strong> denotes direct or indirect membership in the role (that is, the right to do <strong id="EN-US_TOPIC_0000001811515573__b1549872936101744">SET ROLE</strong>), while <strong id="EN-US_TOPIC_0000001811515573__b1051852012101744">USAGE</strong> denotes the permissions of the role are available without doing <strong id="EN-US_TOPIC_0000001811515573__b457595871101744">SET ROLE</strong>.</p>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="dws_06_0051.html">System Information Functions</a></div>
|
|
</div>
|
|
</div>
|
|
|