Skip to main content

It's all about permissions - Part 3 ; PLSQL permissions users

Hi guys!

This post is simply on PLSQL permissions.

Specifically, how to script out users.

In Postgres, users can have access to:


This example covers giving users access to a sequence, table and schema only. Permissions to a cluster are obtained differently; these permissions are created in AWS (Amazon Web Services).

Note: In Postgres, make sure that your Postgres connection has read/write permissions by right clicking the cluster and selecting properties to view the user under the 'connections' tab.

Postgres connection





























Locate the database you want to access under the appropriate cluster > right click the database > choose 'Grant Wizard'.

a) Select all the objects.


Postgres grant wizard


b) select the grantee (the user you want to have access to the database) + the level of permissions they need (which is SELECT in this example).

Postgres grant wizard

c) copy the text results in step 3 of 3 and paste it into Notepad++.

Postgres grant wizard





























Note: The permissions the grant wizard provided did not grant access to the schema. You will have to manually grant access to the schema as shown below so the user can have access to the database.

GRANT SELECT ON SEQUENCE database.sequenceName  TO user;

GRANT SELECT ON SEQUENCE database.sequenceName TO user;

GRANT SELECT ON TABLE database.tableName TO user;

GRANT SELECT ON TABLE database.tableName TO user;

GRANT SELECT ON TABLE public.schema_version TO user;

GRANT USAGE ON SCHEMA schemaName TO user;


*Also, there was a system reserved schema which had no effect on permissions called apgcc in Postgres; You can comment out that line of permissions.*
--GRANT USAGE ON SCHEMA apgcc TO user;



That's it!



If you have any questions related to this post, please put them below.


Thank you and Happy reading,

-marshé hutchinson
#learnSQLwithme

Comments

Popular posts from this blog

event id 101 task start failed - task scheduler event id 101 launch failure

Hello again. This post is related to automating SQL server tasks with Task Scheduler. In this example I was tasked with exporting SQL server agent jobs twice a month. To achieve this, I setup a task scheduler task that ran a PowerShell script that: establishes a local connection to the SQL server. cleans the file before writing to the .sql file to avoid adding on (appending) results on subsequent runs of the task scheduler task. when a connection is established, export the SQL agent jobs on the server to a .sql file on a remote server. sends a confirmation email via the SQL server database mail profile that the SQL agent jobs were exported to the specified remote server path. That was a mouthful. Now that you know my task scheduler task is calling a PowerShell script, let's get back to why it is failing.  The good news is this error is not related to the script. The error launch failure means the task could not even run. This is most likely due to a permissi...

Msg 14234, Level 16, State 1, Procedure sp_verify_job, Line 199 The specified '@owner_login_name' is invalid (valid values are returned by sp_helplogins [excluding Windows NT groups]).

Hi guys! Here's another quick and easy post. Scenario I was trying to copy a SQL agent job from one server to another by just copying the script of that SQL job. You can copy any script by right clicking a job > Script job as > create to > new query window. I pasted the job on a different server and tried to execute it and received this error: Msg 14234, Level 16, State 1, Procedure sp_verify_job, Line 199 The specified '@owner_login_name' is invalid (valid values are returned by sp_helplogins [excluding Windows NT groups]). This error message is simply saying for the variable '@owner_login_name', the user account associated with the variable is incorrect because it does not exist. Fix Simply update the variable for '@owner_login_name' to a valid user account for the current SQL instance. Now when you execute the script again to create the SQL agent job your results will be: Command(s) completed successfully. If you have any furt...

Database "" database is not in full recovery mode on each of the server instances. The full recovery model is required for a database to participate in database mirroring or in an availability group. [SQLSTATE 42000] (Error 1465).

Hi there. This post will be a quick and easy fix. If you are not already aware, availability groups are the replacement for mirroring in SSMS (SQL Server Management Studio). We like to utilize availability groups so that there is minimal data loss. Also, in the event of some natural disaster or disk failure on a server that is participating in an availability group, the data will fail-over to a backup server (replica). I was adding a database to an availability group when I received the error: Database "database_name" database is not in full recovery mode on each of the server instances. The full recovery model is required for a database to participate in database mirroring or in an availability group. [SQLSTATE 42000] (Error 1465). The error is exactly as it sounds; The database is not in the full recovery model. To fix this: I. In SSMS, right click the database to see the properties. On the Options page, change the database recovery model to Full. II....