Sun, 08 Apr 2018 15:34:11 +0200
Module names and descriptions + some more styling
1 -- Create a database owner role, which is also a privileged user
2 create user lightpit_dbo with password 'lpit_dbo_changeme';
4 -- Create the actual (unprivileged) database user
5 create user lightpit_user with password 'lpit_user_changeme';
7 -- Create the LightPIT schema
8 create schema lightpit authorization lightpit_dbo;
9 grant usage on schema lightpit to lightpit_user;
11 -- Grant basic privileges to user (the granting user must be the dbo)
12 alter default privileges for role lightpit_dbo in schema lightpit
13 grant select, insert, update, delete on tables to lightpit_user;
14 alter default privileges for role lightpit_dbo in schema lightpit
15 grant usage, select on sequences to lightpit_user;
16 alter default privileges for role lightpit_dbo in schema lightpit
17 grant execute on functions to lightpit_user;
18 alter default privileges for role lightpit_dbo in schema lightpit
19 grant usage on types to lightpit_user;
21 -- restrict the search path to the lightpit schema
22 alter role lightpit_dbo set search_path to lightpit;
23 alter role lightpit_user set search_path to lightpit;