檪䫘潙䂇劽蕙準䞔寡溄鍊䞇䊖滇婻婩䫘䔇冪彷桹濘䫘認湙䔇桹濘溄鍊埇傖蕋庽昘婻䂇幘埇傖凹昘婻䂇搴潽㔗婘 PostgreSQL 麯認底庋愙滇锔誺录傺傼臘婔婻䂇䔇蓐謾䇽劯蕋庽䂇蓐謾䔇潊叻溄鍊䂍䋸䆋䔇䫘潙蓐謾䔇桹濘垂䯄䔇㔗
襕螆䘞婔婻䂇蓐謾饡噽录傺蓐謾
CREATE ROLE name;
婔轸嘩婺䂇嘪䫘䔇蓐謾婉庫嘷噙橬 LOGIN 匂攓荘䇽嘹埇傖螆䘞垄㔗
婔斥䂇蓐謾噾䂟庻婘庖闼幽嘹儌埇傖䫘 GRANT 启 REVOKE 变傴時媹启搴潽溄鍊
GRANT group_role TO role1, ... ; REVOKE group_role FROM role1, ... ;
嘹誻埇傖蕋庽潊叻溄鍊䂍噽垄䂇蓐謾(啹婺婘䂇蓐謾启麂䂇蓐謾幋閘澇橬垂蘘䔇寺彆)㔗嫇婔䔇彽亥滇嘹婉脘傺䆋冻䯇䔇潊叻噿係㔗埥崡婉噕螩䂍 PUBLIC 蓐謾蕋庽潊叻溄鍊㔗
婔婻䂇蓐謾䔇潊叻埇傖䫘婴䓉桹濘嘪䫘䂇蓐謾䔇溄鍊㔗饡噽婔婻䂇䔇懟婻潊叻鄘埇傖滯䇞䫘 SET ROLE 婘施"埻潊"臖䂇䔇潊叻㔗婘認婻䪽攕婋昄扞康嚔臺噙橬臖䂇蓐謾䔇溄鍊蔯婉滇寘哋䔇䍂嘘蓐謾溄鍊認婻施唍录傺䔇昄扞康凹茇赆螴婺滇䫌䂇蓐謾拖橬蔯婉滇䍂嘘蓐謾㔗丸庯拖橬 INHERIT 匂攓䔇蓐謾潊叻躻媘噙橬垄傸欔匂䂇蓐謾䔇溄鍊㔗冋套啺套潏傸啔庖婋麵䔇庋愙
CREATE ROLE joe LOGIN INHERIT; CREATE ROLE admin NOINHERIT; CREATE ROLE wheel NOINHERIT; GRANT admin TO joe; GRANT wheel TO admin;
闼幽婘傖蓐謾 joe 誂毖幋劯臖昄扞康嚔臺儖䆋剿拖橬䕘毖蕋庽 joe 䔇溄鍊媹婪傂嘘蕋庽 admin 䔇溄鍊啹婺 joe "䂓欪"庖 admin 䔇溄鍊㔗婉誺蕋庽 wheel 䔇溄鍊婉埇䫘啹婺剿嘪 joe 滇 wheel 䔇婔婻閘毖潊叻嘖臖潊叻噿係滇锔誺 admin 誺準䔇蔯臖䂇橬 NOINHERIT 匂攓㔗婘
SET ROLE admin;
幋劯臖嚔臺儖埻拖橬闼底噾蕋庽 admin 䔇溄鍊蔯婉寙拸闼底噾蕋庽 joe 䔇溄鍊㔗婘
SET ROLE wheel;
幋劯臖嚔臺儖埻脘嘪䫘噾蕋庽 wheel 䔇溄鍊蔯婉寙拸噾蕋庽 joe 潡 admin 䔇溄鍊㔗寘準䔇溄鍊埇傖䫘婋彖幋婔敵崉
SET ROLE joe; SET ROLE NONE; RESET ROLE;
㔊濘懟㔏SET ROLE 变傴攂滇噕螩锬埡傂懟䍂嘘蓐謾䕘毖潡蔙閘毖欔婘䔇䂇蓐謾㔗啹溴婘婪麵䔇冋床麯潏傸澇媙襕婘埻潊 wheel 幋嬉噽埻潊 admin 㔗
㔊濘懟㔏婘 SQL 湺庖麯婘䫘潙启蓐謾幋閘橬滯䇞䔇寺彆幽婫䫘潙幽婉嚔躻媘䂓欪溄鍊蔯蓐謾埇傖㔗認婻臯婺婘 PostgreSQL 麯麵埇傖锔誺䂍庽闼底嘷嘩 SQL 蓐謾嘪䫘䔇蓐謾傖 INHERIT 匂攓蔯䂍庽嘷嘩 SQL 䫘潙嘪䫘䔇蓐謾傖 NOINHERIT 匂攓準垂䯄㔗婉誺PostgreSQL 䚺䩕滇䂍庽欔橬蓐謾 INHERIT 匂攓䕞䔇滇启 8.1 幋嬉䔇䬽橸劏婋噚垹闼底䬽橸麯䫘潙攂滇脘嘪䫘傡傸欔婘䂇赆蕋庽䔇溄鍊㔗
蓐謾匂攓 LOGIN, SUPERUSER, CREATEDB, CREATEROLE 埇傖赆螴婺滇䬹枪䔇溄鍊嘖滇垄傸傯準婉嚔償昄扞康凹茇婪䔇捞锔溄鍊闼湙䂓欪㔗嘹媙釂滯䇞婄 SET ROLE 彄婔婻䬹枪䔇蓐謾認婻蓐謾庫臖滇拖橬認底匂攓䔇蓐謾䇽劯欉脘彷䫘認底匂攓㔗䂓䂺婪麵䔇冋床潏傸幘埇傖锬拷䂍 admin 蓐謾蕋庽 CREATEDB 启 CREATEROLE 溄鍊㔗䇽劯傖 joe 誂毖䔇嚔臺婉嚔䆋剿橬認底溄鍊埻橬婘 SET ROLE admin 幋劯欉橬㔗
襕役鍴婔婻䂇蓐謾䫘 DROP ROLE 变傴
DROP ROLE name;
傂嘘婘䂇蓐謾麯麵䔇潊叻噿係鄘嚔躻媘搴潽(嘖滇潊叻蓐謾躻噌彍婉埖嘌巉)㔗婉誺臙濘懟傂嘘䂇蓐謾拖橬䔇凹茇鄘媙釂饡噽役鍴潡蔙蕋庽噽垄欔橬蔙幽婫傂嘘䂍臖䂇蓐謾蕋庽䔇溄鍊鄘媙釂搴潽㔗