--创建用户
CREATE USER readonly WITH ENCRYPTED PASSWORD '123456';
--设置用户默认开启只读事务
ALTER USER readonly SET default_transaction_read_only = ON;
--将schema中usage权限赋予给readonly用户,访问所有已存在的表
GRANT usage ON SCHEMA xyh TO readonly;
--将schema中表的查询权限赋予给readonly用户,访问所有已存在的表
GRANT SELECT ON ALL tables IN SCHEMA xyh TO readonly;
--未来访问xyh模式下所有新建的表：
ALTER DEFAULT privileges IN SCHEMA xyh GRANT SELECT ON tables TO readonly;

CREATE ROLE poss_sc;

GRANT USAGE ON SCHEMA poss TO poss_sc;

GRANT SELECT ON poss.dm_image,poss.dm_defect,poss.dm_result_data,poss.dm_hidden_trouble TO poss_sc;

CREATE USER poss_sc_user WITH PASSWORD 'Poss_sc_$%^' VALID UNTIL '2019-11-30 23:00';
GRANT poss_sc TO poss_sc_user;