Restrict user to one schema in PostgreSQL?

Question

Is it possible in PostgreSQL to create a user that can only access a single schema?

Here is what I tried:

REVOKE ALL ON DATABASE testdb FROM public;
GRANT CONNECT ON DATABASE testdb TO testuser;

When I connect as testuser indeed I cannot access the actual data:

> SELECT * FROM some_table;
ERROR:  permission denied for relation some_table

However, I can still list all the tables, etc. in all the other schemas:

SELECT * FROM pg_tables;
     schemaname     |                 tablename                 | tableowner | tablespace | hasindexes | hasrules | hastriggers | rowsecurity
--------------------+-------------------------------------------+------------+------------+------------+----------+-------------+-------------
 test2              | foo                                       | postgres   |            | t          | f        | f           | f
 test2              | bar                                       | postgres   |            | t          | f        | f           | f
...

Answer 1

It is impossible to configure PostgreSQL so that a user can only see those objects in the system catalogs for which he or she has permissions.

If you need such a setup, you should create a database per user.