PostgreSQL创建只读用户

创建用户及指定密码：

CREATE USER readonly WITH ENCRYPTED PASSWORD 'ropass';

设置用户默认事务只读：

alter user readonly set default_transaction_read_only=on;

赋予用户权限，查看public模式下所有表：

GRANT USAGE ON SCHEMA public to readonly;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readonly;

赋予用户连接数据库权限：

GRANT CONNECT ON DATABASE foo to readonly;

切换到指定数据库：

\c foo

赋予用户表、序列查看权限：

GRANT USAGE ON SCHEMA public to readonly;
GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO readonly;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly;