ERROR: permission denied for relation tablename on Postgres while trying a SELECT as a readonly user

postgresql 
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;

The readonly user can connect, see the tables but when it tries to do a simple select it gets:

ERROR: permission denied for relation mytable
SQL state: 42501

This is happening on PostgreSQL 9.1

What I did wrong?


Solution 1:

Here is the complete solution for PostgreSQL 9+, updated recently.

CREATE USER readonly  WITH ENCRYPTED PASSWORD 'readonly';
GRANT USAGE ON SCHEMA public to readonly;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readonly;

-- repeat code below for each database:

GRANT CONNECT ON DATABASE foo to readonly;
\c foo
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readonly; --- this grants privileges on new tables generated in new database "foo"
GRANT USAGE ON SCHEMA public to readonly; 
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;

Thanks to https://jamie.curle.io/creating-a-read-only-user-in-postgres/ for several important aspects

If anyone find shorter code, and preferably one that is able to perform this for all existing databases, extra kudos.

Solution 2:

Try to add

GRANT USAGE ON SCHEMA public to readonly;

You probably were not aware that one needs to have the requisite permissions to a schema, in order to use objects in the schema.

Related

Pie chart with jQuery
Android - how to get android.R.anim.slide_in_right
How do I Unignore a file in TortoiseSVN?
Why do people still use iframes? [closed]
Is gcc C compiler written in C itself?
Git add all subdirectories
How to quit the JShell and go back to the command-line?
How to avoid sending input fields which are hidden by display:none to a server?
Define a function within another function in JavaScript
Slack clean all messages (~8K) in a channel
Force lowercase property names from Json() in ASP.NET MVC
Basic Drag and Drop in iOS