postgres/timescaledb
1
0
Fork 0
mirror of https://github.com/timescale/timescaledb.git synced 2025-05-18 03:23:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add simple test for new PG17 MAINTAIN privilege

Browse Source 
Test maintain privilege gets propagated to chunks.
This commit is contained in:
Sven Klemm 2024-09-10 12:40:18 +02:00 committed by Sven Klemm
parent 8333128589
commit b125a7f0e0
3 changed files with 188 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

139
tsl/test/expected/privilege_maintain.out Normal file
View File

@ -0,0 +1,139 @@
-- This file and its contents are licensed under the Apache License 2.0.
-- Please see the included NOTICE for copyright information and
-- LICENSE-APACHE for a copy of the license.
\c :TEST_DBNAME :ROLE_SUPERUSER
CREATE ROLE r_maintain;
CREATE TABLE metrics(time timestamptz, device text, value float);
SELECT create_hypertable('metrics', 'time');
NOTICE: adding not-null constraint to column "time"
create_hypertable
----------------------
(1,public,metrics,t)
(1 row)
INSERT INTO metrics SELECT generate_series('2020-01-01'::timestamptz, '2020-01-09'::timestamptz, '3 day'::interval);
\dp metrics
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
--------+---------+-------+-------------------+-------------------+----------
public | metrics | table | | |
(1 row)
\dp _timescaledb_internal._hyper_*
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
-----------------------+------------------+-------+-------------------+-------------------+----------
_timescaledb_internal | _hyper_1_1_chunk | table | | |
_timescaledb_internal | _hyper_1_2_chunk | table | | |
(2 rows)
GRANT MAINTAIN ON TABLE metrics TO r_maintain;
-- check privilege is present on all the chunks
\dp metrics
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
--------+---------+-------+--------------------------------+-------------------+----------
public | metrics | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
(1 row)
\dp _timescaledb_internal._hyper_*
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
-----------------------+------------------+-------+--------------------------------+-------------------+----------
_timescaledb_internal | _hyper_1_1_chunk | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
_timescaledb_internal | _hyper_1_2_chunk | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
(2 rows)
REVOKE MAINTAIN ON TABLE metrics FROM r_maintain;
-- check privilege got removed from all the chunks
\dp metrics
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
--------+---------+-------+--------------------------------+-------------------+----------
public | metrics | table | super_user=arwdDxtm/super_user | |
(1 row)
\dp _timescaledb_internal._hyper_*
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
-----------------------+------------------+-------+--------------------------------+-------------------+----------
_timescaledb_internal | _hyper_1_1_chunk | table | super_user=arwdDxtm/super_user | |
_timescaledb_internal | _hyper_1_2_chunk | table | super_user=arwdDxtm/super_user | |
(2 rows)
ALTER TABLE metrics SET (timescaledb.compress);
WARNING: there was some uncertainty picking the default segment by for the hypertable: You do not have any indexes on columns that can be used for segment_by and thus we are not using segment_by for compression. Please make sure you are not missing any indexes
NOTICE: default segment by for hypertable "metrics" is set to ""
NOTICE: default order by for hypertable "metrics" is set to ""time" DESC"
SELECT compress_chunk(chunk) FROM show_chunks('metrics') chunk;
compress_chunk
----------------------------------------
_timescaledb_internal._hyper_1_1_chunk
_timescaledb_internal._hyper_1_2_chunk
(2 rows)
GRANT MAINTAIN ON TABLE metrics TO r_maintain;
-- check privilege is present on all the chunks
\dp metrics
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
--------+---------+-------+--------------------------------+-------------------+----------
public | metrics | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
(1 row)
\dp _timescaledb_internal._hyper_*
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
-----------------------+------------------+-------+--------------------------------+-------------------+----------
_timescaledb_internal | _hyper_1_1_chunk | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
_timescaledb_internal | _hyper_1_2_chunk | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
(2 rows)
\dp _timescaledb_internal.*compress*
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
-----------------------+--------------------------+-------+--------------------------------+-------------------+----------
_timescaledb_internal | _compressed_hypertable_2 | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
_timescaledb_internal | compress_hyper_2_3_chunk | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
_timescaledb_internal | compress_hyper_2_4_chunk | table | super_user=arwdDxtm/super_user+| |
| | | r_maintain=m/super_user | |
_timescaledb_internal | compressed_chunk_stats | view | super_user=arwdDxtm/super_user+| |
| | | =r/super_user | |
(4 rows)
REVOKE MAINTAIN ON TABLE metrics FROM r_maintain;
-- check privilege got removed from all the chunks
\dp metrics
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
--------+---------+-------+--------------------------------+-------------------+----------
public | metrics | table | super_user=arwdDxtm/super_user | |
(1 row)
\dp _timescaledb_internal._hyper_*
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
-----------------------+------------------+-------+--------------------------------+-------------------+----------
_timescaledb_internal | _hyper_1_1_chunk | table | super_user=arwdDxtm/super_user | |
_timescaledb_internal | _hyper_1_2_chunk | table | super_user=arwdDxtm/super_user | |
(2 rows)
\dp _timescaledb_internal.*compress*
Access privileges
Schema | Name | Type | Access privileges | Column privileges | Policies
-----------------------+--------------------------+-------+--------------------------------+-------------------+----------
_timescaledb_internal | _compressed_hypertable_2 | table | super_user=arwdDxtm/super_user | |
_timescaledb_internal | compress_hyper_2_3_chunk | table | super_user=arwdDxtm/super_user | |
_timescaledb_internal | compress_hyper_2_4_chunk | table | super_user=arwdDxtm/super_user | |
_timescaledb_internal | compressed_chunk_stats | view | super_user=arwdDxtm/super_user+| |
| | | =r/super_user | |
(4 rows)

4
tsl/test/sql/CMakeLists.txt
View File

@ -110,6 +110,10 @@ if((${PG_VERSION_MAJOR} GREATER_EQUAL "15"))
list(APPEND TEST_FILES merge_compress.sql)
endif()
if((${PG_VERSION_MAJOR} GREATER_EQUAL "17"))
list(APPEND TEST_FILES privilege_maintain.sql)
endif()
set(SOLO_TESTS
# This interferes with other tests since it reloads the config to increase
# log level.

45
tsl/test/sql/privilege_maintain.sql Normal file
View File

@ -0,0 +1,45 @@
-- This file and its contents are licensed under the Timescale License.
-- Please see the included NOTICE for copyright information and
-- LICENSE-TIMESCALE for a copy of the license.
\c :TEST_DBNAME :ROLE_SUPERUSER
CREATE ROLE r_maintain;
CREATE TABLE metrics(time timestamptz, device text, value float);
SELECT create_hypertable('metrics', 'time');
INSERT INTO metrics SELECT generate_series('2020-01-01'::timestamptz, '2020-01-09'::timestamptz, '3 day'::interval);
\dp metrics
\dp _timescaledb_internal._hyper_*
GRANT MAINTAIN ON TABLE metrics TO r_maintain;
-- check privilege is present on all the chunks
\dp metrics
\dp _timescaledb_internal._hyper_*
REVOKE MAINTAIN ON TABLE metrics FROM r_maintain;
-- check privilege got removed from all the chunks
\dp metrics
\dp _timescaledb_internal._hyper_*
ALTER TABLE metrics SET (timescaledb.compress);
SELECT compress_chunk(chunk) FROM show_chunks('metrics') chunk;
GRANT MAINTAIN ON TABLE metrics TO r_maintain;
-- check privilege is present on all the chunks
\dp metrics
\dp _timescaledb_internal._hyper_*
\dp _timescaledb_internal.*compress*
REVOKE MAINTAIN ON TABLE metrics FROM r_maintain;
-- check privilege got removed from all the chunks
\dp metrics
\dp _timescaledb_internal._hyper_*
\dp _timescaledb_internal.*compress*