Home Explore Blog CI



postgresql
26th chunk of `doc/src/sgml/ddl.sgml`
537c888620b4403fd0b83e6d18867fc9257f639cc4d705520000000100000fa5
 foreign key constraint referencing a
       table, or specific column(s) of a table.
      </para>
     </listitem>
    </varlistentry>

    <varlistentry id="ddl-priv-trigger">
     <term><literal>TRIGGER</literal></term>
     <listitem>
      <para>
       Allows creation of a trigger on a table, view, etc.
      </para>
     </listitem>
    </varlistentry>

    <varlistentry id="ddl-priv-create">
     <term><literal>CREATE</literal></term>
     <listitem>
      <para>
       For databases, allows new schemas and publications to be created within
       the database, and allows trusted extensions to be installed within
       the database.
      </para>
      <para>
       For schemas, allows new objects to be created within the schema.
       To rename an existing object, you must own the
       object <emphasis>and</emphasis> have this privilege for the containing
       schema.
      </para>
      <para>
       For tablespaces, allows tables, indexes, and temporary files to be
       created within the tablespace, and allows databases to be created that
       have the tablespace as their default tablespace.
      </para>
      <para>
       Note that revoking this privilege will not alter the existence or
       location of existing objects.
      </para>
     </listitem>
    </varlistentry>

    <varlistentry id="ddl-priv-connect">
     <term><literal>CONNECT</literal></term>
     <listitem>
      <para>
       Allows the grantee to connect to the database.  This
       privilege is checked at connection startup (in addition to checking
       any restrictions imposed by <filename>pg_hba.conf</filename>).
      </para>
     </listitem>
    </varlistentry>

    <varlistentry id="ddl-priv-temporary">
     <term><literal>TEMPORARY</literal></term>
     <listitem>
      <para>
       Allows temporary tables to be created while using the database.
      </para>
     </listitem>
    </varlistentry>

    <varlistentry id="ddl-priv-execute">
     <term><literal>EXECUTE</literal></term>
     <listitem>
      <para>
       Allows calling a function or procedure, including use of
       any operators that are implemented on top of the function.  This is the
       only type of privilege that is applicable to functions and procedures.
      </para>
     </listitem>
    </varlistentry>

    <varlistentry id="ddl-priv-usage">
     <term><literal>USAGE</literal></term>
     <listitem>
      <para>
       For procedural languages, allows use of the language for
       the creation of functions in that language.  This is the only type
       of privilege that is applicable to procedural languages.
      </para>
      <para>
       For schemas, allows access to objects contained in the
       schema (assuming that the objects' own privilege requirements are
       also met).  Essentially this allows the grantee to <quote>look up</quote>
       objects within the schema.  Without this permission, it is still
       possible to see the object names, e.g., by querying system catalogs.
       Also, after revoking this permission, existing sessions might have
       statements that have previously performed this lookup, so this is not
       a completely secure way to prevent object access.
      </para>
      <para>
       For sequences, allows use of the
       <function>currval</function> and <function>nextval</function> functions.
      </para>
      <para>
       For types and domains, allows use of the type or domain in the
       creation of tables, functions, and other schema objects.  (Note that
       this privilege does not control all <quote>usage</quote> of the
       type, such as values of the type appearing in queries.  It only
       prevents objects from being created that depend on the type.  The
       main purpose of this privilege is controlling which users can create
       dependencies on a type, which could prevent the owner from changing
       the type later.)
      </para>
      <para>
       For foreign-data wrappers,
Title: PostgreSQL Privileges: TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE
Summary
This section explains more PostgreSQL privileges. TRIGGER allows creating triggers on tables/views. CREATE allows creating schemas, publications, and installing trusted extensions within a database; creating objects within a schema; and creating tables, indexes, and temporary files within a tablespace. CONNECT allows connecting to a database. TEMPORARY allows creating temporary tables. EXECUTE allows calling functions or procedures. USAGE allows using a procedural language for function creation; accessing objects within a schema; using currval and nextval functions for sequences; and using types and domains in creating schema objects; also using foreign-data wrappers, server, or dictionaries.