Updated on 2024-05-07 GMT+08:00

Creating and Managing Schemas

Context

Schemas allow multiple users to use the same database without interference. In this way, database objects can be organized into logical groups that are easy to manage, and third-party applications can be added to corresponding schemas without causing conflicts. Schema management involves creating a schema, using a schema, deleting a schema, setting a search path for a schema, and setting schema permissions.

Precautions

  • A database cluster can have one or more databases. Users and user groups are shared within entire cluster, but their data is exclusive. Any user who has connected to a server can access only the database specified in the connection request.
  • A database can have one or more schemas, and a schema can contain tables and other data objects, such as data types, functions, and operators. One object name can be used in different schemas. For example, both schema1 and schema2 can have a table named mytable.
  • Different from databases, schemas are not isolated. You can access the objects in a schema of the connected database if you have schema permissions. To manage schema permissions, you need to have knowledge about database permissions.
  • A schema named with the PG_ prefix cannot be created because this type of schema is reserved for the database system.
  • Each time a new user is created, the system creates a schema with the same name for the new user in the current database. In other databases, such a schema needs to be manually created.
  • To reference a table that is not modified with a schema name, the system uses search_path to find the schema that the table belongs to. pg_temp and pg_catalog are always the first two schemas to be searched no matter whether or how they are specified in search_path. search_path is a schema name list, and the first table detected in it is the target table. If no target table is found, an error will be reported. (If a table exists but the schema it belongs to is not listed in search_path, the search fails as well.) The first schema in search_path is called "current schema". This schema is the first one to be searched. If no schema name is declared, newly created database objects are saved in this schema by default.
  • Each database has a pg_catalog schema, which contains system catalogs and all built-in data types, functions, and operators. pg_catalog is a part of the search path and has the second highest search priority. It is searched after the schema of temporary tables and before other schemas specified in search_path. This search order ensures that database built-in objects can be found. To use a custom object that has the same name as a built-in object, you can specify the schema of the custom object.

Procedure

  • Create a schema.
    • Create a schema.
      1
      gaussdb=# CREATE SCHEMA myschema;
      

      If the following information is displayed, the schema named myschema is successfully created:

      1
      CREATE SCHEMA
      

      To create or access an object in the schema, specify the complete object name, which consists of the schema name and the object names separated by periods (.). Example: myschema.table.

    • Create a schema and specify the owner.
      1
      gaussdb=# CREATE SCHEMA myschema AUTHORIZATION omm;
      

      If the following information is displayed, the myschema schema that belongs to omm is created successfully:

      1
      CREATE SCHEMA
      
  • Use a schema.

    If you want to create or access an object in a specified schema, the object name must contain the schema name. To be specific, the name consists of a schema name and an object name, which are separated by a dot (.).

    • Create the mytable table in myschema:
      1
      2
      gaussdb=# CREATE TABLE myschema.mytable(id int, name varchar(20));
      CREATE TABLE
      

      To specify the location of an object, the object name must contain the schema name.

    • Query all data of the mytable table in myschema.
      1
      2
      3
      4
      gaussdb=# SELECT * FROM myschema.mytable;
      id | name 
      ----+------
      (0 rows)
      
  • View the search path of a schema.

    You can set search_path to specify the sequence of schemas in which objects are searched. The first schema listed in the search path will become the default schema. If no schema is specified during object creation, the object will be created in the default schema.

    • View the search path.
      1
      2
      3
      4
      5
      gaussdb=# SHOW SEARCH_PATH;
       search_path
      ----------------
       "$user",public
      (1 row)
      
    • Set the search path to myschema, public (myschema will be searched first).
      1
      2
      gaussdb=# SET SEARCH_PATH TO myschema, public;
      SET
      
  • Set permissions for a schema.

    By default, a user can only access database objects in their own schema. Only after a user is granted with the usage permission for a schema by the schema owner, the user can access the objects in the schema.

    By granting the CREATE permission for a schema to a user, the user can create objects in this schema. By default, all roles have the USAGE permission in the public schema, but common users do not have the CREATE permission in the public schema. It is insecure for a common user to connect to a specified database and create objects in its public schema. If the common user has the CREATE permission on the public schema, it is advised to:

    • Revoke PUBLIC's permission to create objects in the public schema. public indicates the schema and PUBLIC indicates all roles.
      1
      2
      gaussdb=# REVOKE CREATE ON SCHEMA public FROM PUBLIC;
      REVOKE
      
    • View the current schema.
      1
      2
      3
      4
      5
      gaussdb=# SELECT current_schema();
       current_schema 
      ----------------
       myschema
      (1 row)
      
    • Create user jack and grant the usage permission for myschema to the user.
      1
      2
      3
      4
      gaussdb=# CREATE USER jack IDENTIFIED BY '********';
      CREATE ROLE
      gaussdb=# GRANT USAGE ON schema myschema TO jack;
      GRANT
      
    • Revoke the usage permission for myschema from jack.
      1
      2
      gaussdb=# REVOKE USAGE ON schema myschema FROM jack;
      REVOKE
      
  • Delete a schema.
    • If a schema is empty, that is, it contains no database objects, you can run the DROP SCHEMA command. For example, delete an empty schema named nullschema.
      1
      2
      gaussdb=# DROP SCHEMA IF EXISTS nullschema;
      DROP SCHEMA
      
    • To delete a schema that is not null, use the keyword CASCADE to delete it and all its objects. For example, delete myschema and all its objects in it.
      1
      2
      gaussdb=# DROP SCHEMA myschema CASCADE;
      DROP SCHEMA
      
    • Delete user jack.
      1
      2
      gaussdb=# DROP USER jack;
      DROP ROLE