32.7. column_privileges

The view column_privileges identifies all privileges granted on columns to the current user or by the current user. There is one row for each combination of column, grantor, and grantee. Privileges granted to groups are identified in the view role_column_grants.

In PostgreSQL, you can only grant privileges on entire tables, not individual columns. Therefore, this view contains the same information as table_privileges, just represented through one row for each column in each appropriate table, but it only covers privilege types where column granularity is possible: SELECT, INSERT, UPDATE, REFERENCES. If you want to make your applications fit for possible future developments, it is generally the right choice to use this view instead of table_privileges if one of those privilege types is concerned.

Table 32-5. column_privileges Columns

NameData TypeDescription
grantorsql_identifierName of the user that granted the privilege
granteesql_identifierName of the user or group that the privilege was granted to
table_catalogsql_identifierName of the database that contains the table that contains the column (always the current database)
table_schemasql_identifierName of the schema that contains the table that contains the column
table_namesql_identifierName of the table that contains the column
column_namesql_identifierName of the column
privilege_typecharacter_data Type of the privilege: SELECT, INSERT, UPDATE, or REFERENCES
is_grantablecharacter_dataYES if the privilege is grantable, NO if not

Note that the column grantee makes no distinction between users and groups. If you have users and groups with the same name, there is unfortunately no way to distinguish them. A future version of PostgreSQL will possibly prohibit having users and groups with the same name.