All Products
Search

This Product

    Hologres:APPLY_PRIVILEGES

    Document Center

    Hologres:APPLY_PRIVILEGES

    Last Updated:Jul 20, 2023

    You can use the APPLY_PRIVILEGES function in the standard PostgreSQL authorization model to apply the permissions of a user on a source table to a destination table. This way, the user has identical permissions on both tables. This topic describes how to use the APPLY_PRIVILEGES function in Hologres.

    Use scenarios

    When you use the CREATE TABLE LIKE or INSERT OVERWRITE statement or perform automatic partitioning to create a table in the standard PostgreSQL authorization model, a user must be granted permissions on the table before the user can use the table. The APPLY_PRIVILEGES function can be used to apply all permissions on a source table to a destination table to simplify permission granting operations.

    Limits

    • Only Hologres V1.1.48 and later allow you to use the APPLY_PRIVILEGES function. If the version of your instance is earlier than V1.1.48, manually upgrade your Hologres instance in the Hologres console or join a DingTalk group to apply for an instance upgrade. For more information about how to manually upgrade a Hologres instance, see Instance upgrades. For more information about how to join a DingTalk group, see Obtain online support for Hologres.

    • You must enable the standard PostgreSQL authorization model for the database. If the simple permission model (SPM) or the schema-level permission model (SLPM) is enabled for the database, you must switch the permission model to the standard PostgreSQL authorization model. For more information, see Switch between permission models.

    • You must have the GRANT and REVOKE permissions on the destination table.

    • If the destination table is a partitioned table, the APPLY_PRIVILEGES function applies permissions only to the parent table, not the child tables.

    Syntax

    -- Apply permissions on a source table to a destination table without revoking existing permissions on the destination table.
CALL apply_privileges('<old_table>','<new_table>', false);


-- Apply permissions on a source table to a destination table and revoke existing permissions on the destination table.
CALL apply_privileges('<old_table>','<new_table>');

    The following table describes the parameters in the syntax.

    Parameter

    Description

    old_table

    The name of the source table from which permissions are copied.

    new_table

    The name of the destination table to which the permissions from the source table are applied.

    Examples

    The following examples show how to use the APPLY_PRIVILEGES function to apply permissions. 

    -- Apply the ACL-based and owner permissions on the test_table1 table to the test_table2 table. The value false indicates that existing permissions on the test_table2 table are not revoked.
CALL apply_privileges('test_table1','test_table2', false);

-- Apply the ACL-based and owner permissions on the test_table1 table to the test_table2 table and revoke existing permissions on the test_table2 table to keep the permissions on the two tables identical.
CALL apply_privileges('test_table1','test_table2');