我想查询用户对表的select、insert、update、delete、truncate权限。 但是,table_privileges 视图不显示截断权限。
当我尝试在 makeaclitem() 函数中包含截断类型时,会发生错误。
还有其他选择吗?
SELECT u_grantor.usename::information_schema.sql_identifier AS grantor,
grantee.name::information_schema.sql_identifier AS grantee,
current_database()::information_schema.sql_identifier AS table_catalog,
nc.nspname::information_schema.sql_identifier AS table_schema,
c.relname::information_schema.sql_identifier AS table_name,
pr."type"::information_schema.character_data AS privilege_type
FROM pg_class c, pg_namespace nc, pg_user u_grantor,
(SELECT pg_user.usesysid, 0, pg_user.usename FROM pg_user ) grantee(usesysid, grosysid, name),
(((((( SELECT 'SELECT'::character varying
UNION ALL
SELECT 'DELETE'::character varying)
UNION ALL
SELECT 'INSERT'::character varying)
UNION ALL
SELECT 'UPDATE'::character varying)
UNION ALL
SELECT 'REFERENCES'::character varying)
UNION ALL
SELECT 'TRUNCATE'::character varying)
UNION ALL
SELECT 'TRIGGER'::character varying) pr("type")
WHERE c.relnamespace = nc.oid
AND c.relkind = 'r'::"char"
AND aclcontains(c.relacl, makeaclitem(grantee.usesysid, grantee.grosysid, u_grantor.usesysid, pr."type"::text, false))
SQL Error [22023]: ERROR: unrecognized privilege type: "TRUNCATE"
我将此查询与 union all 一起使用。
/* UNION ALL */
select '' as grantor,
tableowner as owner,
usename as grantee,
schemaname as schemaName,
tablename as tableName,
'TRUNCATE'::information_schema.character_data as privilege
from (
SELECT usename,
schemaname,
tablename,
tableowner,
has_table_privilege(usename, schemaname || '.' || tablename, 'truncate') as truncate
FROM pg_tables, pg_user
WHERE schemaname <> 'pg_internal'
) A
WHERE A.truncate