GRANT privilege [, ...] ON object [, ...] TO { PUBLIC | GROUP group | username }
This parameter takes the privilege you wish to set. Possible uses of this parameter are:
Allow the specified user or group to access all columns in a specific table/view.
Allow the specified user or group to insert data into all columns of a specified table.
Allow the specified user or group to update all columns of a specified table.
Allow the specified user or group to delete rows from a specific table.
Allow the specified user or group to delete rules from a specified table or rule.
Grant all of the above to the specified user or group.
Use this parameter to specify the name of the object that you are granting a user or group access to. Possible objects are a table, view or sequence.
This parameter is an easier way of referring to all users.
Use this parameter to specify the name of a group you wish to grant additional privileges.
Use this parameter to specify the username of a user to be granted additional privileges. You can use PUBLIC here to represent all users.
Use the GRANT command to setup user and group permissions for an object you are the owner of. You can set permissions for specific users and groups or set them for PUBLIC, which represents all users in the database. By default, no one but the object owner has access permissions, unless granted them by the object's owner after its creation.
To grant privileges to a only part of a table, create a view that contains the columns you wish to grant access to. To allow users access to those columns, you would allow them access to the view.
Use the backslash z (\z) command to display permission information on existing objects. For an example of this, see Example 13-1. The '. . .' denotes that data is deliberately missing from the listing to conserve space.
Example 13-1. Accessing Database Permissions
Access permissions for database "booktown" Relation | Access permissions ------------------------+-------------------------------------- 1st_bent_rule | authors | auto_identified | . . . inv_totals | inventory | {"=","pma=arwR","group sales=arwR"} inventory_audit | {"=","mark=arwR","group sales=arwR"} . . .