0
0
PostgreSQLquery~10 mins

Column-level permissions in PostgreSQL - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Concept Flow - Column-level permissions
Start
Define Table with Columns
Grant SELECT on specific columns to user
User queries table
Database checks column permissions
Return only allowed columns
End
This flow shows how column-level permissions control which columns a user can see when querying a table.
Execution Sample
PostgreSQL
CREATE TABLE employees(id INT, name TEXT, salary INT);
GRANT SELECT (id, name) ON employees TO user1;
-- user1 runs: SELECT * FROM employees;
Create a table, grant select permission on specific columns, then user queries the table.
Execution Table
StepActionPermission CheckResultOutput Columns
1Create table employees with columns id, name, salaryN/ATable createdid, name, salary
2Grant SELECT on columns id, name to user1N/APermissions grantedid, name
3user1 runs SELECT * FROM employeesCheck user1 permissions on employeesAllowed columns: id, nameid, name
4Return query result to user1N/AOnly allowed columns returnedid, name
5EndN/AQuery completeid, name
💡 Query returns only columns user1 has SELECT permission on; salary column excluded.
Variable Tracker
VariableStartAfter Step 2After Step 3Final
Table columnsid, name, salaryid, name, salaryid, name, salaryid, name, salary
User1 permissionsNoneSELECT on id, nameSELECT on id, nameSELECT on id, name
Query output columnsNoneNoneid, nameid, name
Key Moments - 2 Insights
Why does user1 not see the salary column in the query result?
Because in step 2, SELECT permission was granted only on columns id and name. The database enforces this in step 3 by filtering out salary.
What happens if user1 tries to SELECT salary explicitly?
The query will fail with a permission error because user1 lacks SELECT permission on salary, as shown in the permission check in step 3.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, which columns does user1 have SELECT permission on after step 2?
Aid, name, salary
Bsalary only
Cid, name
DNo columns
💡 Hint
Check the 'User1 permissions' variable in variable_tracker after step 2.
At which step does the database filter out columns user1 cannot access?
AStep 1
BStep 3
CStep 2
DStep 5
💡 Hint
Look at the 'Permission Check' and 'Result' columns in execution_table at step 3.
If user1 is granted SELECT on salary as well, how would the output columns change at step 4?
Aid, name, salary
Bsalary only
Cid, name
DNo columns
💡 Hint
Consider the 'User1 permissions' variable and how it affects 'Query output columns' in variable_tracker.
Concept Snapshot
Column-level permissions in SQL allow granting SELECT rights on specific columns.
Use GRANT SELECT(column1, column2) ON table TO user;
When querying, users see only allowed columns.
Unauthorized columns are hidden or cause errors.
This controls sensitive data access at column granularity.
Full Transcript
This visual execution trace shows how column-level permissions work in PostgreSQL. First, a table named employees is created with three columns: id, name, and salary. Then, SELECT permission is granted only on the id and name columns to user1. When user1 runs a SELECT * query on employees, the database checks permissions and returns only the columns user1 is allowed to see, which are id and name. The salary column is excluded because user1 lacks permission. This example highlights how column-level permissions restrict data visibility to protect sensitive information.