Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unable to GRANT SELECT on all columns (have to be explicit about which columns)

See original GitHub issue

Thanks for this library! Searched but didn’t see anything about this. It seems like to GRANT SELECT using PGGrantTable, we need to explicitly specify which columns to GRANT SELECT. This excludes statements like the following from being easily encoded with this class:

GRANT SELECT ON <table> to <user>;

Was just curious if this was something that had been encountered yet.

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
pgorsiracommented, Aug 27, 2021

Hey, just wanted to let you know that this did seem to work! Once I wired it up and autogenerated a migration it was able to recognize a GRANT that already existed in the DB and not generate a line for that GRANT in the upgrade/downgrade functions.

However after some thinking I think I’m going to go with Ansible for keeping GRANTS in sync as I think it’ll be simpler / offer more clarity as to the current state of the DB. Really appreciate your help though.

0reactions
oliricecommented, Aug 12, 2021

whoops, i misunderstood

if you’re feeling adventurous you could dynamically populate the columns from the database in env.py before passing them to register_entities

# env.py
my_grants: List[PGGrantTable] = ...
sess: sqlalchemy.orm.Session = ...

for grant in my_grants:
    columns, = sess.execute(text("""
      select
	      array_agg(column_name order by ordinal_position)
      from
	      information_schema.columns
      where
	      table_schema = :schema
	      and table_name = :table
      order by
	      ordinal_position
   """, {"schema": grant.schema, "table": grant.table})
    ).one()

    grant.columns = columns

register_entities(*my_grants)

if you do decide to do something like that, please let me know how it goes

Read more comments on GitHub >

github_iconTop Results From Across the Web

Grant UPDATE and SELECT on specific columns in a table
This post briefs how we can Grant UPDATE and SELECT permissions to specific columns of a table in SQL Server without using a...
Read more >
Why does COUNT(*) require SELECT permission on all table ...
The best solution is probably to create a view that explicitly excludes columns Intern should not see, and grant SELECT permission on that....
Read more >
Explicitly granting permissions to update the sequence for a ...
Safely rename tables using serial primary key columns ... GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO username;.
Read more >
Grant select to user only to certain columns. Is it possible?.
Best Answer. You can't grant privilage to specific column. You can do it only for update, insert and references.
Read more >
Documentation: 9.1: GRANT - PostgreSQL
The GRANT command has two basic variants: one that grants privileges on a database ... The possible privileges are: SELECT. Allows SELECT from...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

register_entities | InvalidRequestError: A transaction is already begun for this connection

Next page

Views referencing each other can't be created simultaneously