Separating data and users is a key part of administration. There will always be a need to give users a private, secure, or simply risk-free area (sandbox) to use the database. Here's how.
Again, make sure you've read the Deciding on a design for multitenancy recipe so that you're certain this is the route you wish to take. Other options exist, and they may be preferable in some cases.
Follow these steps to create a database with restricted access to a specific user:
- We can create a database for a specific user with some ease. From the command line, as a superuser, these actions would be as follows:
postgres=# create user fred; CREATE ROLE postgres=# create database fred owner fred; CREATE DATABASE
- As the database owners, users have login privileges, so they can connect to any database by default. There is a command named
ALTER DEFAULT PRIVILEGES
; however, this does not currently apply to databases, tablespaces, or languages. The...