What's the difference between ALL_TABLES and TABLES?
https://dba.stackexchange.com/questions/214804
-
07-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianDomanda
The docs are unenlightening:
- ALL_TABLES:
Provides summary information about tables in a Vertica database.
- TABLES:
Provides information about all tables in the database.
The reason I'm asking is that users are confused about why they can see some tables in one but not the other. It's related to permissions, but it's not clear exactly how.
For example, a user is telling me they have access to query a table. However, that table doesn't show up in TABLES and its columns don't show up in COLUMNS, but the table does show up in ALL_TABLES.
So, this leads to the following questions:
- What's the difference between
ALL_TABLESandTABLES? - How can users see a list of all the tables (and columns!) they have access to query?
Soluzione
ALL_TABLES shows tables and views. TABLES shows only tables:
dbadmin=> create or replace view test as select now() ;
CREATE VIEW
dbadmin=>
dbadmin=> select * from test;
now
-------------------------------
2018-08-13 13:04:24.500297-04
(1 row)
dbadmin=>
dbadmin=> select * from all_tables where table_type = 'VIEW';
schema_name | table_id | table_name | table_type | remarks
-------------+-------------------+------------+------------+---------
public | 45035996273742356 | test | VIEW |
(1 row)
dbadmin=>
dbadmin=>
dbadmin=>
dbadmin=> select table_name, owner_name from tables where table_name = 'test' ;
table_name | owner_name
------------+------------
(0 rows)
dbadmin=>
dbadmin=>
There is also a system table called views:
dbadmin=>
dbadmin=>
dbadmin=>
dbadmin=> select table_name, owner_name from views ;
table_name | owner_name
------------+------------
test | dbadmin
(1 row)
A user can select from tables, all_tables and views to see which tables and vies he has permissions for. I believe I got this from http://www.vertica-forums.com/viewtopic.php?t=726
Here is a tool I use as DBADMIN to summarize permissions:
SELECT X.object_type,
X.object_schema,
X.object_name,
X.permissions,
X.grantor,
X.owner,
X."grant_sql (for permissions that have '*')"
FROM ( SELECT 1 AS ordinal,
g.object_schema,
g.object_name,
g.object_type,
CASE WHEN (g.privileges_description = 'USAGE'::varchar(5)) THEN (g.privileges_description || ' (READONLY access) '::varchar(19)) WHEN (g.privileges_description ~~ '%CREATE%'::varchar(8)) THEN (g.privileges_description || ' (can read, create & drop tables) '::varchar(34)) ELSE NULL END AS permissions,
g.grantor,
s.schema_owner AS owner,
CASE WHEN (g.privileges_description ~~ '%*%'::varchar(3)) THEN (('grant <INSERT, SELECT, UPDATE, DELETE, REFERENCES> on '::varchar(54) || g.object_name) || ' to <user_name> ; '::varchar(18)) ELSE NULL END AS "grant_sql (for permissions that have '*')"
FROM (v_catalog.grants g JOIN v_catalog.schemata s ON ((g.object_name = s.schema_name)))
WHERE (g.object_type = 'SCHEMA'::varchar(6)) UNION SELECT 2 AS ordinal,
g.object_schema,
((t.table_schema || '.'::varchar(1)) || t.table_name) AS object_name,
g.object_type,
g.privileges_description AS permissions,
g.grantor,
t.owner_name AS owner,
CASE WHEN (g.privileges_description ~~ '%*%'::varchar(3)) THEN (('grant <usage, create> on '::varchar(25) || g.object_name) || ' to <user_name> ; '::varchar(18)) ELSE NULL END AS "grant_sql (for permissions that have '*')"
FROM (v_catalog.grants g JOIN v_catalog.tables t ON (((g.object_schema = t.table_schema) AND (g.object_name = t.table_name))))
WHERE (g.object_type = 'TABLE'::varchar(5))) X
ORDER BY X.ordinal,
X.object_name;
