Home Explore Blog CI



postgresql
3rd chunk of `doc/src/sgml/ref/alter_default_privileges.sgml`
0b873db1fc0593dc7afd02af243db3ad2a00837ab66622c400000001000008f8
 are for the particular object type.
   This means you cannot revoke privileges per-schema if they are granted
   globally (either by default, or according to a previous <command>ALTER
   DEFAULT PRIVILEGES</command> command that did not specify a schema).
   Per-schema <literal>REVOKE</literal> is only useful to reverse the
   effects of a previous per-schema <literal>GRANT</literal>.
  </para>

 <refsect2>
  <title>Parameters</title>

  <variablelist>
   <varlistentry>
    <term><replaceable>target_role</replaceable></term>
    <listitem>
     <para>
      Change default privileges for objects created by the
      <replaceable>target_role</replaceable>, or the current
      role if unspecified.
     </para>
    </listitem>
   </varlistentry>

   <varlistentry>
    <term><replaceable>schema_name</replaceable></term>
    <listitem>
     <para>
      The name of an existing schema.  If specified, the default privileges
      are altered for objects later created in that schema.
      If <literal>IN SCHEMA</literal> is omitted, the global default privileges
      are altered.
      <literal>IN SCHEMA</literal> is not allowed when setting privileges
      for schemas and large objects, since schemas can't be nested and
      large objects don't belong to a schema.
     </para>
    </listitem>
   </varlistentry>

   <varlistentry>
    <term><replaceable>role_name</replaceable></term>
    <listitem>
     <para>
      The name of an existing role to grant or revoke privileges for.
      This parameter, and all the other parameters in
      <replaceable class="parameter">abbreviated_grant_or_revoke</replaceable>,
      act as described under
      <xref linkend="sql-grant"/> or
      <xref linkend="sql-revoke"/>,
      except that one is setting permissions for a whole class of objects
      rather than specific named objects.
     </para>
    </listitem>
   </varlistentry>
  </variablelist>
 </refsect2>
 </refsect1>

 <refsect1 id="sql-alterdefaultprivileges-notes">
  <title>Notes</title>

  <para>
   Use <xref linkend="app-psql"/>'s <command>\ddp</command> command
   to obtain information about existing assignments of default privileges.
   The meaning of the privilege display is the same as explained for
   <command>\dp</command> in <xref linkend="ddl-priv"/>.
Title: ALTER DEFAULT PRIVILEGES - Parameters and Notes
Summary
This section details the parameters for the `ALTER DEFAULT PRIVILEGES` command. `target_role` specifies the role whose default privileges are being changed. `schema_name` designates the schema for which default privileges are altered; omitting it modifies global defaults. `role_name` is the role to grant or revoke privileges for, affecting a class of objects rather than specific ones. The section also notes that the `\ddp` command in psql can be used to view existing default privilege assignments.