Skip to main content

Managing PostgreSQL for 1C users

Last update:

Users are created to access databases in a PostgreSQL for 1C cluster.

To create a database in a cluster, you must first create a user.

Only the cluster itself is available to users—they do not have access to cluster nodes since those are managed by Selectel. By default, all users in a cluster have the same permissions.

Multiple users can be granted access to a single PostgreSQL for 1C database, but there can be only one database owner. You can grant privileges to users for database objects.

Database owner

When creating a PostgreSQL for 1C database, you must select an owner user.

The owner of a PostgreSQL for 1C database is the user to whom ownership rights of objects created by deleted users are transferred. After a user is deleted, you will not lose access to the objects they created; instead, you will be able to manage them through the database owner. Unlike a regular user, the database owner has access to all database objects and can perform operations on them.

Create a user

  1. In the Control Panel, click Products in the top menu and select Managed Databases.
  2. Open the Active tab.
  3. Open the database cluster page → Users tab.
  4. Click Create consumer.
  5. Enter a name and password. Save the password—it will not be stored in the Control Panel.
  6. Click Save.

Change a user password

After a cluster is created, you can change the user password. Do not forget to update the password in your application.

  1. In the Control Panel, click Products in the top menu and select Managed Databases.
  2. Open the Active tab.
  3. Open the cluster page → Users tab.
  4. In the user's menu, select Change password.
  5. Enter or generate a new password and save the changes.

Configure database access

Grant access to a user

You can grant access to a single PostgreSQL for 1C database to multiple users.

  1. In the Control Panel, click Products in the top menu and select Managed Databases.
  2. Open the Active tab.
  3. Open the database cluster page → Databases tab → database page.
  4. In the Have access block, click Add and select a user.

The user can only connect to the database (CONNECT) and cannot perform operations on objects. To give the user access to objects, grant them the necessary privileges.

Change database owner

A PostgreSQL for 1C database owner is assigned when the database is created. The owner cannot be deleted (every database must have an owner), but you can change the owner to another user.

  1. In the Control Panel, click Products in the top menu and select Managed Databases.
  2. Open the Active tab.
  3. Open the database cluster page → Databases tab → database page.
  4. In the Database owner list, select another owner.

Remove user access

  1. In the Control Panel, click Products in the top menu and select Managed Databases.
  2. Open the Active tab.
  3. Open the database cluster page → Databases tab → database page.
  4. In the Have access block, remove the user.

Configure user privileges

By default, a user has no access to operations on any database objects (schemas, tables, functions) unless they are the owner of that database. You can grant users a privilege (access right) for an object.

By default, object owners have access and all rights to the object.

Grant privileges

You can grant users privileges for database objects using the GRANT command. Privileges can be as follows: SELECT, INSERT, DELETE, USAGE.

Example of granting read access (SELECT) to the table table for the user:

GRANT SELECT ON table TO user;

Create a schema user with read-only rights

You can create a user with access to the cluster database, a table in the default schema, and all tables in the schema.

Automatically, all new tables will be created with read-only access for this user.

  1. Create a user.

  2. Connect to the database.

  3. Create a schema and a table:

    CREATE SCHEMA schema;
    CREATE TABLE schema.table(i int);
    INSERT INTO schema.table(i) values(1);

  4. Grant privileges to the user:

    GRANT USAGE ON SCHEMA schema TO user;
    GRANT SELECT ON ALL TABLES IN SCHEMA schema TO user;
    ALTER DEFAULT PRIVILEGES IN SCHEMA schema GRANT SELECT ON TABLES TO user;

Revoke privileges

You can revoke privileges from a user using the REVOKE command.

Example of revoking a privilege from the user for the schema:

REVOKE USAGE ON SCHEMA schema FROM user;