1. Postgresql www.elarion.com [email_address] Never stop improving quality

2. Presentation Template Role

Database Roles

Role Attributes

Role Membership

Function and Triggers

3. Database Roles

L mt khi nim hon ton c lp vi ti khon ngi dng ca h u hnh

C php to v xa Database Roles:

• CREATE ROLE name

• DROP ROLE name

Presentation Template 4. Role Attributes (1/5)

Database Role c mt s thuc tnh nh sau :

• Login

• C php :

• • CREATE ROLE name LOGIN

• • CREATE USER name

• Hai c php trn tng ng nhau nhng CREATE USER mc nh l c thuc tnh LOGIN cho nn khng cn khai bo na , cn CREATE ROLE th khng v vy phi cn khai bo thm thuc tnh LOGIN

5. Role Attributes (2/5)

Superuser

• C php :

• • CREATE ROLE name SUPERUSER

• y l thuc tnh cho php s dng tt c cc chc nng trong Postgresql , thuc tnh ny rt nguy him v vy nn s dng mt cch cn thn khi phn quyn

• bo mt hn th nn thm thuc tnh NOREPLICATIONv nu khng c thuc tnh ny th t ng s c mt ch sao chp quyn ca mt Superuser c sn

6. Role Attributes (3/5)

Create database objects

• C php :

• • CREATE ROLE name CREATEDB

• Thuc tnh ny cho php role ny c th to , xa , sa database

• Nu l Superuser th khng phi khai bo thc tnh ny v Superuser bao gm bn trong

7. Role Attributes (4/5)

Create roles

• C php :

• • CREATE ROLE name CREATEROLE

• Thuc tnh ny cho php to , xa , sa role cng nh cp quyn hoc thu hi nhng thnh vin ca role

• Thuc tnh ny khng thc hin cc chc nng trn i vi Superuser

8. Role Attributes (5/5)

Initiating streaming replication and backups

• C php :

• • CREATE ROLE name REPLICATION LOGIN

• Thuc tnh ny cho php khi to mt lung sao chp v backup. Role ny lun lun c thuc tnh LOGIN

Password

• C php :

• • CREATE ROLE name PASSWORD String

• Cho php to role c password v c m ha md5

9. Role Membership (1/6)

Role Membership gip qun l cc Role mt cch d dng , bng cch ny quyn s c cp hoc ly li t mt nhm , v cc thnh vin ca nhm cng b nh hng

C php :

• CREATE ROLE name

C php tng t to role nhng khng c thuc tnh LOGIN , Postgresql s hiu l mt nhm

10. Role Membership (2/6)

C php cp quyn cho role

• GRANT group_role TOrole1,role2

C php thu hi quyn t role

• REVOKE group_role FROMrole1,role2 ...

11. Role Membership (3/6)

Inherits rights from parnet roles

• y l thuc tnh cho php cc role thuc mt nhm k tha thuc tnh ca nhm

• V d :

• • CREATE ROLE joe LOGIN INHERIT

• • CREATE ROLE admin NOINHERIT

• • CREATE ROLE wheel NOINHERIT

• • GRANT admin TO joe

• • GRANT wheel TO admin

12. Role Membership (4/6)

Ngay lp tc sau khi joe ng nhp , quyn s c cp cho joe v thm vo l joe cng c cp thm quyn t admin , v joe tha k t admin , Tuy nhin , quyn cp cho wheel s khng c hiu lc , thm ch joe l thnh vin dn tip ca wheel , v admin c thuc tnh NOINHERIT , n khng cho php tha k quyn t wheel, sau :

• SET ROLE admin

Lnh ny s cp quyn cho admin m khng cp cho joe , sau :

13. Role Membership (5/6)

• SET ROLE wheel

H thng s cp quyn cho wheel v khng cp quyn cho mt trong hai joe hoc admin

Nhng cng c th phc hi bng cch :

• SET ROLE joe

• SET ROLE NONE

• RESET ROLE

SET ROLE lun chp nhn chn bt c mt role no m c bn v c th ng nhp

14. Role Membership (6/6)

Xa Role

• C php :

• • DROP ROLE name

15. Presentation Template Questions & Answers ? 16. Presentation Template Thanks for your attention!