forked from docs/doc-exports
Lu, Huayi
ef0ada5a59
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com> Co-authored-by: Lu, Huayi <luhuayi@huawei.com> Co-committed-by: Lu, Huayi <luhuayi@huawei.com>
110 lines
20 KiB
HTML
110 lines
20 KiB
HTML
<a name="EN-US_TOPIC_0000001460721276"></a><a name="EN-US_TOPIC_0000001460721276"></a>
|
|
|
|
<h1 class="topictitle1">Access Privilege Inquiry Functions</h1>
|
|
<div id="body0000001503283277"><div class="section" id="EN-US_TOPIC_0000001460721276__section91261271591"><h4 class="sectiontitle">has_any_column_privilege(user, table, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p1312672718913">Description: Queries whether a specified user has permission for any column of table.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p812692713917">Return type: <span id="EN-US_TOPIC_0000001460721276__text1126727293">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section143479816911"><h4 class="sectiontitle">has_any_column_privilege(table, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p63461281395">Description: Queries whether the current user has permission for any column of table.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p203461281495">Return type: <span id="EN-US_TOPIC_0000001460721276__text434613810911">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p20346181793"><strong id="EN-US_TOPIC_0000001460721276__b1443710821101744">has_any_column_privilege</strong> checks whether a user can access any column of a table in a particular way. Its parameter possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b333184742101744">has_table_privilege</strong>, except that the desired access permission type must be some combination of SELECT, INSERT, UPDATE, or REFERENCES.</p>
|
|
<div class="note" id="EN-US_TOPIC_0000001460721276__note183461181891"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="EN-US_TOPIC_0000001460721276__p3346148494">Note that having any of these permissions at the table level implicitly grants it for each column of the table, so <strong id="EN-US_TOPIC_0000001460721276__b1879653490101744">has_any_column_privilege</strong> will always return <strong id="EN-US_TOPIC_0000001460721276__b2097287120101744">true</strong> if <strong id="EN-US_TOPIC_0000001460721276__b1269484004101744">has_table_privilege</strong> does for the same parameters. But <strong id="EN-US_TOPIC_0000001460721276__b198423034101744">has_any_column_privilege</strong> also succeeds if there is a column-level grant of the permission for at least one column.</p>
|
|
</div></div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section29211038917"><h4 class="sectiontitle">has_column_privilege(user, table, column, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p69211138910">Description: Queries whether a specified user has permission for column.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p39211231492">Return type: <span id="EN-US_TOPIC_0000001460721276__text592118313918">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section15209208918"><h4 class="sectiontitle">has_column_privilege(table, column, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p4208801295">Description: Queries whether the current user has permission for column.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1920850698">Return type: <span id="EN-US_TOPIC_0000001460721276__text1100101859">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p22093018916"><strong id="EN-US_TOPIC_0000001460721276__b141851041103111">has_column_privilege</strong> checks whether a user can access a column in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b618257534101744">has_table_privilege</strong>, with the addition that the column can be specified either by name or attribute number. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001460721276__b1984793694101744">SELECT</strong>, <strong id="EN-US_TOPIC_0000001460721276__b661129957101744">INSERT</strong>, <strong id="EN-US_TOPIC_0000001460721276__b101622686101744">UPDATE</strong>, or <strong id="EN-US_TOPIC_0000001460721276__b1590530902101744">REFERENCES</strong>.</p>
|
|
<div class="note" id="EN-US_TOPIC_0000001460721276__note920911011913"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="EN-US_TOPIC_0000001460721276__p112098011918">Note that having any of these permissions at the table level implicitly grants it for each column of the table.</p>
|
|
</div></div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section195889561083"><h4 class="sectiontitle">has_database_privilege(user, database, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p658819565816">Description: Queries whether a specified user has permission for database.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1058815569814">Return type: <span id="EN-US_TOPIC_0000001460721276__text1058817564812">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section11266165415812"><h4 class="sectiontitle">has_database_privilege(database, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p1926619541585">Description: Queries whether the current user has permission for database.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p42661254188">Return type: <span id="EN-US_TOPIC_0000001460721276__text112667547816">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p182661854385">Note: <strong id="EN-US_TOPIC_0000001460721276__b1819315293216">has_database_privilege</strong> checks whether a user can access a database in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b76468217101744">has_table_privilege</strong>. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001460721276__b75648615320">CREATE</strong>, <strong id="EN-US_TOPIC_0000001460721276__b12565156163215">CONNECT</strong>, <strong id="EN-US_TOPIC_0000001460721276__b456736103219">TEMPORARY</strong>, or <strong id="EN-US_TOPIC_0000001460721276__b65681662327">TEMP</strong> (which is equivalent to <strong id="EN-US_TOPIC_0000001460721276__b85691469322">TEMPORARY</strong>).</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section197911544484"><h4 class="sectiontitle">has_foreign_data_wrapper_privilege(user, fdw, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p87915447820">Description: Queries whether a specified user has permission for foreign-data wrapper.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p187911444889">The <strong id="EN-US_TOPIC_0000001460721276__b1679663730101744">fdw</strong> parameter indicates the name or ID of the foreign data wrapper.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1679144418814">Return type: <span id="EN-US_TOPIC_0000001460721276__text67911644683">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section1148754216815"><h4 class="sectiontitle">has_foreign_data_wrapper_privilege(fdw, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p54871042786">Description: Queries whether the current user has permission for foreign-data wrapper.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p9487194216812">Return type: <span id="EN-US_TOPIC_0000001460721276__text14871142884">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p144871428817">Note: <strong id="EN-US_TOPIC_0000001460721276__b601202188101744">has_foreign_data_wrapper_privilege</strong> checks whether a user can access a foreign-data wrapper in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b1581270243101744">has_table_privilege</strong>. The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001460721276__b1669129380101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section174361384816"><h4 class="sectiontitle">has_function_privilege(user, function, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p543512384819">Description: Queries whether a specified user has permission for function.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p3436113817814">Return type: <span id="EN-US_TOPIC_0000001460721276__text1343613812816">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section79433348818"><h4 class="sectiontitle">has_function_privilege(function, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p4943163417817">Description: Queries whether the current user has permission for function.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p139431234187">Return type: <span id="EN-US_TOPIC_0000001460721276__text3943113419811">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p894312345811">Note: <strong id="EN-US_TOPIC_0000001460721276__b14258121565318">has_function_privilege</strong> checks whether a user can access a function in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b200058448101744">has_table_privilege</strong>. When a function is specified by a text string rather than by OID, the allowed input is the same as that for the <strong id="EN-US_TOPIC_0000001460721276__b201071044153210">regprocedure</strong> data type (see <a href="dws_06_0022.html">Object Identifier Types</a>). The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001460721276__b165891052163216">EXECUTE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section2068023218811"><h4 class="sectiontitle">has_language_privilege(user, language, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p1868019328813">Description: Queries whether a specified user has permission for language.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1568010321888">Return type: <span id="EN-US_TOPIC_0000001460721276__text146807327817">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section531213291083"><h4 class="sectiontitle">has_language_privilege(language, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p5312132917818">Description: Queries whether the current user has permission for language.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p6312132910815">Return type: <span id="EN-US_TOPIC_0000001460721276__text13312182919812">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1131222912815">Note: <strong id="EN-US_TOPIC_0000001460721276__b39951724185320">has_language_privilege</strong> checks whether a user can access a procedural language in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b1667948642101744">has_table_privilege</strong>. The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001460721276__b565214537101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section2652102618813"><h4 class="sectiontitle">has_schema_privilege(user, schema, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p146524262086">Description: Queries whether a specified user has permission for schema.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1165282619814">Return type: <span id="EN-US_TOPIC_0000001460721276__text8652142611811">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section73112232817"><h4 class="sectiontitle">has_schema_privilege(schema, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p183107232088">Description: Queries whether the current user has permission for schema.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p11310162319820">Return type: <span id="EN-US_TOPIC_0000001460721276__text133101623481">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p331122314819">Note: <strong id="EN-US_TOPIC_0000001460721276__b148238278535">has_schema_privilege</strong> checks whether a user can access a schema in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b1276062353101744">has_table_privilege</strong>. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001460721276__b1247164576101744">CREATE</strong> or <strong id="EN-US_TOPIC_0000001460721276__b1691878057101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section41052021689"><h4 class="sectiontitle">has_server_privilege(user, server, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p1110552113813">Description: Queries whether a specified user has permission for foreign server.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p2010512211387">Return type: <span id="EN-US_TOPIC_0000001460721276__text21051215815">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section39211318588"><h4 class="sectiontitle">has_server_privilege(server, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p692141812816">Description: Queries whether the current user has permission for foreign server.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1092116182088">Return type: <span id="EN-US_TOPIC_0000001460721276__text17921218885">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p59211218485">Note: <strong id="EN-US_TOPIC_0000001460721276__b1221835175317">has_server_privilege</strong> checks whether a user can access a foreign server in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b975542656101744">has_table_privilege</strong>. The desired access permission type must evaluate to <strong id="EN-US_TOPIC_0000001460721276__b1736666247101744">USAGE</strong>.</p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section86251116485"><h4 class="sectiontitle">has_table_privilege(user, table, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p196259161482">Description: Queries whether a specified user has permission for table.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p136257164811">Return type: <span id="EN-US_TOPIC_0000001460721276__text862518161816">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section71176610814"><h4 class="sectiontitle">has_table_privilege(table, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p21161264818">Description: Queries whether the current user has permission for table.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p31161561817">Return type: <span id="EN-US_TOPIC_0000001460721276__text111161262815">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1611626380"><strong id="EN-US_TOPIC_0000001460721276__b663934685101744">has_table_privilege</strong> checks whether a user can access a table in a particular way. The user can be specified by name, by OID (<strong id="EN-US_TOPIC_0000001460721276__b182351438185312">pg_authid.oid</strong>), <strong id="EN-US_TOPIC_0000001460721276__b423533819538">public</strong> to indicate the PUBLIC pseudo-role, or if the argument is omitted <strong id="EN-US_TOPIC_0000001460721276__b9235738175310">current_user</strong> is assumed. The table can be specified by name or by OID. When specifying by name, the name can be schema-qualified if necessary. The desired access permission type is specified by a text string, which must be one of the values <strong id="EN-US_TOPIC_0000001460721276__b8931164111538">SELECT</strong>, <strong id="EN-US_TOPIC_0000001460721276__b993115418537">INSERT</strong>, <strong id="EN-US_TOPIC_0000001460721276__b893194116536">UPDATE</strong>, <strong id="EN-US_TOPIC_0000001460721276__b1593274125310">DELETE</strong>, <strong id="EN-US_TOPIC_0000001460721276__b1093212413534">TRUNCATE</strong>, <strong id="EN-US_TOPIC_0000001460721276__b12932124120533">REFERENCES</strong>, or <strong id="EN-US_TOPIC_0000001460721276__b15932341185310">TRIGGER</strong>. Optionally, <strong id="EN-US_TOPIC_0000001460721276__b715077950101744">WITH GRANT OPTION</strong> can be added to a permission type to test whether the permission is held with grant option. Also, multiple permission types can be listed separated by commas, in which case the result will be <strong id="EN-US_TOPIC_0000001460721276__b170338355101744">true</strong> if any of the listed permissions is held.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p5116186481">Example:</p>
|
|
<div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001460721276__screen131171566814"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal"> 1</span>
|
|
<span class="normal"> 2</span>
|
|
<span class="normal"> 3</span>
|
|
<span class="normal"> 4</span>
|
|
<span class="normal"> 5</span>
|
|
<span class="normal"> 6</span>
|
|
<span class="normal"> 7</span>
|
|
<span class="normal"> 8</span>
|
|
<span class="normal"> 9</span>
|
|
<span class="normal">10</span>
|
|
<span class="normal">11</span></pre></div></td><td class="code"><div><pre><span></span><span class="k">SELECT</span><span class="w"> </span><span class="n">has_table_privilege</span><span class="p">(</span><span class="s1">'tpcds.web_site'</span><span class="p">,</span><span class="w"> </span><span class="s1">'select'</span><span class="p">);</span>
|
|
<span class="w"> </span><span class="n">has_table_privilege</span><span class="w"> </span>
|
|
<span class="c1">--------------------- </span>
|
|
<span class="w"> </span><span class="n">t</span><span class="w"> </span>
|
|
<span class="p">(</span><span class="mi">1</span><span class="w"> </span><span class="k">row</span><span class="p">)</span>
|
|
|
|
<span class="k">SELECT</span><span class="w"> </span><span class="n">has_table_privilege</span><span class="p">(</span><span class="s1">'dbadmin'</span><span class="p">,</span><span class="w"> </span><span class="s1">'tpcds.web_site'</span><span class="p">,</span><span class="w"> </span><span class="s1">'select,INSERT WITH GRANT OPTION '</span><span class="p">);</span>
|
|
<span class="w"> </span><span class="n">has_table_privilege</span><span class="w"> </span>
|
|
<span class="c1">--------------------- </span>
|
|
<span class="w"> </span><span class="n">t</span><span class="w"> </span>
|
|
<span class="p">(</span><span class="mi">1</span><span class="w"> </span><span class="k">row</span><span class="p">)</span><span class="w"> </span>
|
|
</pre></div></td></tr></table></div>
|
|
</div>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section13942057572"><a name="EN-US_TOPIC_0000001460721276__section13942057572"></a><a name="section13942057572"></a><h4 class="sectiontitle">pg_has_role(user, role, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p15941657675">Description: Queries whether a specified user has permission for role.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p169427579710">Return type: <span id="EN-US_TOPIC_0000001460721276__text594295712719">boolean</span></p>
|
|
</div>
|
|
<div class="section" id="EN-US_TOPIC_0000001460721276__section1742285510714"><h4 class="sectiontitle">pg_has_role(role, privilege)</h4><p id="EN-US_TOPIC_0000001460721276__p1142218551379">Description: Specifies whether the current user has permission for role.</p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p742211551870">Return type: <span id="EN-US_TOPIC_0000001460721276__text1842211558716">boolean</span></p>
|
|
<p id="EN-US_TOPIC_0000001460721276__p1742218552074">Note: <strong id="EN-US_TOPIC_0000001460721276__b16814164765313">pg_has_role</strong> checks whether a user can access a role in a particular way. Its argument possibilities are analogous to <strong id="EN-US_TOPIC_0000001460721276__b1361851405101744">has_table_privilege</strong>, except that <strong id="EN-US_TOPIC_0000001460721276__b1167695318101744">public</strong> is not allowed as a user name. The desired access permission type must evaluate to some combination of <strong id="EN-US_TOPIC_0000001460721276__b1309337358101744">MEMBER</strong> or <strong id="EN-US_TOPIC_0000001460721276__b1123975282101744">USAGE</strong>. <strong id="EN-US_TOPIC_0000001460721276__b577719660101744">MEMBER</strong> denotes direct or indirect membership in the role (that is, the right to do <strong id="EN-US_TOPIC_0000001460721276__b1549872936101744">SET ROLE</strong>), while <strong id="EN-US_TOPIC_0000001460721276__b1051852012101744">USAGE</strong> denotes the permissions of the role are available without doing <strong id="EN-US_TOPIC_0000001460721276__b457595871101744">SET ROLE</strong>.</p>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="dws_06_0051.html">System Information Functions</a></div>
|
|
</div>
|
|
</div>
|
|
|