Last active
March 20, 2019 10:31
-
-
Save nepsilon/6c7c79aebcd7bcab8a9f85cd7897cd4c to your computer and use it in GitHub Desktop.
Revisions
-
nepsilon renamed this gist
May 2, 2017 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
May 2, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,21 @@ # How to create a read-only user for your database? If your app is about searching (business directories, dictionaries, etc) or a catalog of browsable items, it’s always a good idea to let your API use a read-only database user. Another use case would be for doing backups, no write permissions needed either. Here is how to do that for PostgreSQL v9.0+ (syntax quasi-similar for MySQL): ```sql -- Say we just created the user "pouet" -- Allow the user to CONNECT GRANT CONNECT ON DATABASE mydb TO pouet; -- Allow the user to SELECT GRANT USAGE ON SCHEMA public TO pouet; GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO pouet; GRANT SELECT ON ALL TABLES IN SCHEMA public TO pouet; ``` You can then check the user’s permission with: ``` mydb=# \du+ pouet ```