create group G1;
create group G2;
create user U1 password 'u1';
alter group G1 add user U1;
alter group G2 add user U1;
create table T1( a int );
create table T2( a int );
grant select on T1 to G1;
grant select on T2 to G2;
\c - u1
select * from t1;
select * from t2;
set role g1;
/* Should throw error, since we have explicitly taken on the garb of G1, hence giving up permissions of group G2 */
select * from t2;
No comments:
Post a Comment