postgresql/src/test/regress/expected/dependency.out

--
-- DEPENDENCIES
--
CREATE USER regression_user;
CREATE USER regression_user2;
CREATE USER regression_user3;
CREATE GROUP regression_group;
CREATE TABLE deptest (f1 serial primary key, f2 text);
GRANT SELECT ON TABLE deptest TO GROUP regression_group;
GRANT ALL ON TABLE deptest TO regression_user, regression_user2;
-- can't drop neither because they have privileges somewhere
DROP USER regression_user;
ERROR:  role "regression_user" cannot be dropped because some objects depend on it
DETAIL:  privileges for table deptest
DROP GROUP regression_group;
ERROR:  role "regression_group" cannot be dropped because some objects depend on it
DETAIL:  privileges for table deptest
-- if we revoke the privileges we can drop the group
REVOKE SELECT ON deptest FROM GROUP regression_group;
DROP GROUP regression_group;
-- can't drop the user if we revoke the privileges partially
REVOKE SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES ON deptest FROM regression_user;
DROP USER regression_user;
ERROR:  role "regression_user" cannot be dropped because some objects depend on it
DETAIL:  privileges for table deptest
-- now we are OK to drop him
REVOKE TRIGGER ON deptest FROM regression_user;
DROP USER regression_user;
-- we are OK too if we drop the privileges all at once
REVOKE ALL ON deptest FROM regression_user2;
DROP USER regression_user2;
-- can't drop the owner of an object
-- the error message detail here would include a pg_toast_nnn name that
-- is not constant, so suppress it
\set VERBOSITY terse
ALTER TABLE deptest OWNER TO regression_user3;
DROP USER regression_user3;
ERROR:  role "regression_user3" cannot be dropped because some objects depend on it
\set VERBOSITY default
-- if we drop the object, we can drop the user too
DROP TABLE deptest;
DROP USER regression_user3;
-- Test DROP OWNED
CREATE USER regression_user0;
CREATE USER regression_user1;
CREATE USER regression_user2;
SET SESSION AUTHORIZATION regression_user0;
-- permission denied
DROP OWNED BY regression_user1;
ERROR:  permission denied to drop objects
DROP OWNED BY regression_user0, regression_user2;
ERROR:  permission denied to drop objects
REASSIGN OWNED BY regression_user0 TO regression_user1;
ERROR:  permission denied to reassign objects
REASSIGN OWNED BY regression_user1 TO regression_user0;
ERROR:  permission denied to reassign objects
-- this one is allowed
DROP OWNED BY regression_user0;
CREATE TABLE deptest1 (f1 int unique);
GRANT ALL ON deptest1 TO regression_user1 WITH GRANT OPTION;
SET SESSION AUTHORIZATION regression_user1;
CREATE TABLE deptest (a serial primary key, b text);
GRANT ALL ON deptest1 TO regression_user2;
RESET SESSION AUTHORIZATION;
\z deptest1
                                              Access privileges
 Schema |   Name   | Type  |                Access privileges                 | Column privileges | Policies 
--------+----------+-------+--------------------------------------------------+-------------------+----------
 public | deptest1 | table | regression_user0=arwdDxt/regression_user0       +|                   | 
        |          |       | regression_user1=a*r*w*d*D*x*t*/regression_user0+|                   | 
        |          |       | regression_user2=arwdDxt/regression_user1        |                   | 
(1 row)

DROP OWNED BY regression_user1;
-- all grants revoked
\z deptest1
                                          Access privileges
 Schema |   Name   | Type  |             Access privileges             | Column privileges | Policies 
--------+----------+-------+-------------------------------------------+-------------------+----------
 public | deptest1 | table | regression_user0=arwdDxt/regression_user0 |                   | 
(1 row)

-- table was dropped
\d deptest
-- Test REASSIGN OWNED
GRANT ALL ON deptest1 TO regression_user1;
GRANT CREATE ON DATABASE regression TO regression_user1;
SET SESSION AUTHORIZATION regression_user1;
CREATE SCHEMA deptest;
CREATE TABLE deptest (a serial primary key, b text);
ALTER DEFAULT PRIVILEGES FOR ROLE regression_user1 IN SCHEMA deptest
  GRANT ALL ON TABLES TO regression_user2;
CREATE FUNCTION deptest_func() RETURNS void LANGUAGE plpgsql
  AS $$ BEGIN END; $$;
CREATE TYPE deptest_enum AS ENUM ('red');
CREATE TYPE deptest_range AS RANGE (SUBTYPE = int4);
CREATE TABLE deptest2 (f1 int);
-- make a serial column the hard way
CREATE SEQUENCE ss1;
ALTER TABLE deptest2 ALTER f1 SET DEFAULT nextval('ss1');
ALTER SEQUENCE ss1 OWNED BY deptest2.f1;
-- When reassigning ownership of a composite type, its pg_class entry
-- should match
CREATE TYPE deptest_t AS (a int);
SELECT typowner = relowner
FROM pg_type JOIN pg_class c ON typrelid = c.oid WHERE typname = 'deptest_t';
 ?column? 
----------
 t
(1 row)

RESET SESSION AUTHORIZATION;
REASSIGN OWNED BY regression_user1 TO regression_user2;
\dt deptest
              List of relations
 Schema |  Name   | Type  |      Owner       
--------+---------+-------+------------------
 public | deptest | table | regression_user2
(1 row)

SELECT typowner = relowner
FROM pg_type JOIN pg_class c ON typrelid = c.oid WHERE typname = 'deptest_t';
 ?column? 
----------
 t
(1 row)

-- doesn't work: grant still exists
DROP USER regression_user1;
ERROR:  role "regression_user1" cannot be dropped because some objects depend on it
DETAIL:  owner of default privileges on new relations belonging to role regression_user1 in schema deptest
privileges for database regression
privileges for table deptest1
DROP OWNED BY regression_user1;
DROP USER regression_user1;
\set VERBOSITY terse
DROP USER regression_user2;
ERROR:  role "regression_user2" cannot be dropped because some objects depend on it
DROP OWNED BY regression_user2, regression_user0;
DROP USER regression_user2;
DROP USER regression_user0;