Granted. But we are where we are, so I'm assuming this is going to be hand to hand combat.
On Fri, Apr 3, 2020, 12:57 AM raf <r...@raf.org> wrote: > It's probably more sensible to grant permissions to roles that > represent groups, and have roles for individual users that > inherit the permissions of the group roles. Then you don't > need to revoke the permissions just because an individiual > has left. > > cheers, > raf > > AC Gomez wrote: > > > Thanks for the quick response. The problem is, in most cases the owner is > > not the grantee. So if a role, let's say a temp employee, gets grants, > then > > leaves, I can't do a drop owned because that temp never owned those > > objects, he just was granted access. Is there a "drop granted" kind of > > thing? > > > > On Thu, Apr 2, 2020, 11:37 PM Guyren Howe <guy...@gmail.com> wrote: > > > > > https://www.postgresql.org/docs/12/sql-drop-owned.html > > > > > > On Apr 2, 2020, at 20:34 , AC Gomez <ant...@gmail.com> wrote: > > > > > > Do I understand correctly that if a role was assigned countless object > > > privileges and you want to delete that role you have to sift through a > > > myriad of privilege grants in what amounts to a time consuming trial > and > > > error exercise until you've got them all? > > > > > > Or is there a single command that with just delete the role and do a > > > blanket grant removal at the same time? > > >
