postgres/timescaledb
1
0
Fork 0
mirror of https://github.com/timescale/timescaledb.git synced 2025-05-19 20:24:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix role type deparsing for GRANT command

Browse Source 
This change fixes GRANT command deparsing by including
handling of the special role types such as: PUBLIC, CURRENT_USER,
SESSION_USER and CURRENT_ROLE (PG14).

Fix #3910
This commit is contained in:
Dmitry Simonenko 2021-12-13 14:29:24 +03:00 committed by Dmitry Simonenko
parent 765d7375ce
commit 519e5de21c
5 changed files with 97 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
tsl/src/deparse.c
View File

@ -980,10 +980,30 @@ deparse_grant_revoke_on_database(const GrantStmt *stmt, const char *dbname)
foreach (lc, stmt->grantees) foreach (lc, stmt->grantees)
{ {
RoleSpec *role_spec = lfirst(lc); RoleSpec *role_spec = lfirst(lc);
const char *role_name = NULL;
switch (role_spec->roletype)
{
case ROLESPEC_CSTRING:
role_name = role_spec->rolename;
break;
case ROLESPEC_PUBLIC:
role_name = "PUBLIC";
break;
case ROLESPEC_SESSION_USER:
role_name = "SESSION_USER";
break;
case ROLESPEC_CURRENT_USER:
role_name = "CURRENT_USER";
break;
#if PG14
case ROLESPEC_CURRENT_ROLE:
role_name = "CURRENT_ROLE";
break;
#endif
}
appendStringInfo(command, appendStringInfo(command,
"%s%s ", "%s%s ",
role_spec->rolename, role_name,
lnext_compat(stmt->grantees, lc) != NULL ? "," : ""); lnext_compat(stmt->grantees, lc) != NULL ? "," : "");
} }

21
tsl/test/expected/dist_grant-12.out
View File

@ -1083,6 +1083,27 @@ DEBUG: [data1]: REVOKE ALL ON DATABASE db_dist_grant_1 FROM cluster_super_user
DEBUG: [data2]: REVOKE ALL ON DATABASE db_dist_grant_2 FROM cluster_super_user DEBUG: [data2]: REVOKE ALL ON DATABASE db_dist_grant_2 FROM cluster_super_user
DEBUG: [data3]: REVOKE ALL ON DATABASE db_dist_grant_3 FROM cluster_super_user DEBUG: [data3]: REVOKE ALL ON DATABASE db_dist_grant_3 FROM cluster_super_user
DEBUG: [data4]: REVOKE ALL ON DATABASE db_dist_grant_4 FROM cluster_super_user DEBUG: [data4]: REVOKE ALL ON DATABASE db_dist_grant_4 FROM cluster_super_user
-- Grant to specific role types
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO PUBLIC;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO PUBLIC
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO PUBLIC
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO PUBLIC
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO PUBLIC
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_USER;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO CURRENT_USER
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO CURRENT_USER
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO CURRENT_USER
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO CURRENT_USER
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO SESSION_USER, :ROLE_CLUSTER_SUPERUSER;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO SESSION_USER, cluster_super_user
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO SESSION_USER, cluster_super_user
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO SESSION_USER, cluster_super_user
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO SESSION_USER, cluster_super_user
-- PG14 added support for CURRENT_ROLE
\set ON_ERROR_STOP 0
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_ROLE;
ERROR: syntax error at or near "CURRENT_ROLE" at character 52
\set ON_ERROR_STOP 1
-- Grant on other database should not be propagated -- Grant on other database should not be propagated
GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER; GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER;
-- Prevent mixing databases -- Prevent mixing databases

21
tsl/test/expected/dist_grant-13.out
View File

@ -1083,6 +1083,27 @@ DEBUG: [data1]: REVOKE ALL ON DATABASE db_dist_grant_1 FROM cluster_super_user
DEBUG: [data2]: REVOKE ALL ON DATABASE db_dist_grant_2 FROM cluster_super_user DEBUG: [data2]: REVOKE ALL ON DATABASE db_dist_grant_2 FROM cluster_super_user
DEBUG: [data3]: REVOKE ALL ON DATABASE db_dist_grant_3 FROM cluster_super_user DEBUG: [data3]: REVOKE ALL ON DATABASE db_dist_grant_3 FROM cluster_super_user
DEBUG: [data4]: REVOKE ALL ON DATABASE db_dist_grant_4 FROM cluster_super_user DEBUG: [data4]: REVOKE ALL ON DATABASE db_dist_grant_4 FROM cluster_super_user
-- Grant to specific role types
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO PUBLIC;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO PUBLIC
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO PUBLIC
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO PUBLIC
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO PUBLIC
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_USER;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO CURRENT_USER
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO CURRENT_USER
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO CURRENT_USER
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO CURRENT_USER
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO SESSION_USER, :ROLE_CLUSTER_SUPERUSER;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO SESSION_USER, cluster_super_user
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO SESSION_USER, cluster_super_user
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO SESSION_USER, cluster_super_user
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO SESSION_USER, cluster_super_user
-- PG14 added support for CURRENT_ROLE
\set ON_ERROR_STOP 0
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_ROLE;
ERROR: syntax error at or near "CURRENT_ROLE" at character 52
\set ON_ERROR_STOP 1
-- Grant on other database should not be propagated -- Grant on other database should not be propagated
GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER; GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER;
-- Prevent mixing databases -- Prevent mixing databases

24
tsl/test/expected/dist_grant-14.out
View File

@ -1083,6 +1083,30 @@ DEBUG: [data1]: REVOKE ALL ON DATABASE db_dist_grant_1 FROM cluster_super_user
DEBUG: [data2]: REVOKE ALL ON DATABASE db_dist_grant_2 FROM cluster_super_user DEBUG: [data2]: REVOKE ALL ON DATABASE db_dist_grant_2 FROM cluster_super_user
DEBUG: [data3]: REVOKE ALL ON DATABASE db_dist_grant_3 FROM cluster_super_user DEBUG: [data3]: REVOKE ALL ON DATABASE db_dist_grant_3 FROM cluster_super_user
DEBUG: [data4]: REVOKE ALL ON DATABASE db_dist_grant_4 FROM cluster_super_user DEBUG: [data4]: REVOKE ALL ON DATABASE db_dist_grant_4 FROM cluster_super_user
-- Grant to specific role types
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO PUBLIC;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO PUBLIC
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO PUBLIC
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO PUBLIC
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO PUBLIC
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_USER;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO CURRENT_USER
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO CURRENT_USER
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO CURRENT_USER
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO CURRENT_USER
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO SESSION_USER, :ROLE_CLUSTER_SUPERUSER;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO SESSION_USER, cluster_super_user
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO SESSION_USER, cluster_super_user
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO SESSION_USER, cluster_super_user
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO SESSION_USER, cluster_super_user
-- PG14 added support for CURRENT_ROLE
\set ON_ERROR_STOP 0
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_ROLE;
DEBUG: [data1]: GRANT temp, temporary ON DATABASE db_dist_grant_1 TO CURRENT_ROLE
DEBUG: [data2]: GRANT temp, temporary ON DATABASE db_dist_grant_2 TO CURRENT_ROLE
DEBUG: [data3]: GRANT temp, temporary ON DATABASE db_dist_grant_3 TO CURRENT_ROLE
DEBUG: [data4]: GRANT temp, temporary ON DATABASE db_dist_grant_4 TO CURRENT_ROLE
\set ON_ERROR_STOP 1
-- Grant on other database should not be propagated -- Grant on other database should not be propagated
GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER; GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER;
-- Prevent mixing databases -- Prevent mixing databases

9
tsl/test/sql/dist_grant.sql.in
View File

@ -315,6 +315,15 @@ REVOKE ALL ON DATABASE :TEST_DBNAME FROM :ROLE_CLUSTER_SUPERUSER;
REVOKE ALL ON DATABASE :TEST_DBNAME FROM :ROLE_CLUSTER_SUPERUSER CASCADE; REVOKE ALL ON DATABASE :TEST_DBNAME FROM :ROLE_CLUSTER_SUPERUSER CASCADE;
REVOKE ALL ON DATABASE :TEST_DBNAME FROM :ROLE_CLUSTER_SUPERUSER RESTRICT; REVOKE ALL ON DATABASE :TEST_DBNAME FROM :ROLE_CLUSTER_SUPERUSER RESTRICT;
-- Grant to specific role types
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO PUBLIC;
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_USER;
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO SESSION_USER, :ROLE_CLUSTER_SUPERUSER;
-- PG14 added support for CURRENT_ROLE
\set ON_ERROR_STOP 0
GRANT TEMP, TEMPORARY ON DATABASE :TEST_DBNAME TO CURRENT_ROLE;
\set ON_ERROR_STOP 1
-- Grant on other database should not be propagated -- Grant on other database should not be propagated
GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER; GRANT CREATE ON DATABASE :DN_DBNAME_1 TO :ROLE_CLUSTER_SUPERUSER;