mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-10-01 11:11:19 +02:00
Add a regression test for allow_system_table_mods
Add a regression test file that exercises the kinds of commands that allow_system_table_mods allows. This is put in the "unsafe_tests" suite, so it won't accidentally create a mess if someone runs the normal regression tests against an instance that they care about. Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us> Discussion: https://www.postgresql.org/message-id/flat/8b00ea5e-28a7-88ba-e848-21528b632354%402ndquadrant.com
This commit is contained in:
parent
c4a7a392ec
commit
7fc380f83d
@ -1,6 +1,6 @@
|
||||
# src/test/modules/unsafe_tests/Makefile
|
||||
|
||||
REGRESS = rolenames
|
||||
REGRESS = rolenames alter_system_table
|
||||
|
||||
ifdef USE_PGXS
|
||||
PG_CONFIG = pg_config
|
||||
|
168
src/test/modules/unsafe_tests/expected/alter_system_table.out
Normal file
168
src/test/modules/unsafe_tests/expected/alter_system_table.out
Normal file
@ -0,0 +1,168 @@
|
||||
--
|
||||
-- Tests for things affected by allow_system_table_mods
|
||||
--
|
||||
-- We run the same set of commands once with allow_system_table_mods
|
||||
-- off and then again with on.
|
||||
--
|
||||
-- The "on" tests should where possible be wrapped in BEGIN/ROLLBACK
|
||||
-- blocks so as to not leave a mess around.
|
||||
CREATE USER regress_user_ast;
|
||||
SET allow_system_table_mods = off;
|
||||
-- create new table in pg_catalog
|
||||
CREATE TABLE pg_catalog.test (a int);
|
||||
ERROR: permission denied to create "pg_catalog.test"
|
||||
DETAIL: System catalog modifications are currently disallowed.
|
||||
-- anyarray column
|
||||
CREATE TABLE t1x (a int, b anyarray);
|
||||
ERROR: column "b" has pseudo-type anyarray
|
||||
-- index on system catalog
|
||||
ALTER TABLE pg_namespace ADD UNIQUE USING INDEX pg_namespace_oid_index;
|
||||
ERROR: permission denied: "pg_namespace" is a system catalog
|
||||
-- write to system catalog table as superuser
|
||||
-- (allowed even without allow_system_table_mods)
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 0, 'foo');
|
||||
-- write to system catalog table as normal user
|
||||
GRANT INSERT ON pg_description TO regress_user_ast;
|
||||
SET ROLE regress_user_ast;
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 1, 'foo');
|
||||
ERROR: permission denied for table pg_description
|
||||
RESET ROLE;
|
||||
-- policy on system catalog
|
||||
CREATE POLICY foo ON pg_description FOR SELECT USING (description NOT LIKE 'secret%');
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- reserved schema name
|
||||
CREATE SCHEMA pg_foo;
|
||||
ERROR: unacceptable schema name "pg_foo"
|
||||
DETAIL: The prefix "pg_" is reserved for system schemas.
|
||||
-- drop system table
|
||||
DROP TABLE pg_description;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- truncate of system table
|
||||
TRUNCATE pg_description;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- rename column of system table
|
||||
ALTER TABLE pg_description RENAME COLUMN description TO comment;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- ATSimplePermissions()
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET NOT NULL;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- SET STATISTICS
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET STATISTICS -1;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- foreign key referencing catalog
|
||||
CREATE TABLE foo (a oid, b oid, c int, FOREIGN KEY (a, b, c) REFERENCES pg_description);
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- RangeVarCallbackOwnsRelation()
|
||||
CREATE INDEX pg_descripton_test_index ON pg_description (description);
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- RangeVarCallbackForAlterRelation()
|
||||
ALTER TABLE pg_description RENAME TO pg_comment;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
ALTER TABLE pg_description SET SCHEMA public;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
-- reserved tablespace name
|
||||
CREATE TABLESPACE pg_foo LOCATION '/no/such/location';
|
||||
ERROR: unacceptable tablespace name "pg_foo"
|
||||
DETAIL: The prefix "pg_" is reserved for system tablespaces.
|
||||
-- triggers
|
||||
CREATE FUNCTION tf1() RETURNS trigger
|
||||
LANGUAGE plpgsql
|
||||
AS $$
|
||||
BEGIN
|
||||
RETURN NULL;
|
||||
END $$;
|
||||
CREATE TRIGGER t1 BEFORE INSERT ON pg_description EXECUTE FUNCTION tf1();
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
ALTER TRIGGER t1 ON pg_description RENAME TO t2;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
--DROP TRIGGER t2 ON pg_description;
|
||||
-- rules
|
||||
CREATE RULE r1 AS ON INSERT TO pg_description DO INSTEAD NOTHING;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
ALTER RULE r1 ON pg_description RENAME TO r2;
|
||||
ERROR: permission denied: "pg_description" is a system catalog
|
||||
--DROP RULE r2 ON pg_description;
|
||||
SET allow_system_table_mods = on;
|
||||
-- create new table in pg_catalog
|
||||
BEGIN;
|
||||
CREATE TABLE pg_catalog.test (a int);
|
||||
ROLLBACK;
|
||||
-- anyarray column
|
||||
BEGIN;
|
||||
CREATE TABLE t1 (a int, b anyarray);
|
||||
ROLLBACK;
|
||||
-- index on system catalog
|
||||
BEGIN;
|
||||
ALTER TABLE pg_namespace ADD UNIQUE USING INDEX pg_namespace_oid_index;
|
||||
ROLLBACK;
|
||||
-- write to system catalog table as superuser
|
||||
BEGIN;
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 2, 'foo');
|
||||
ROLLBACK;
|
||||
-- write to system catalog table as normal user
|
||||
-- (not allowed)
|
||||
SET ROLE regress_user_ast;
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 3, 'foo');
|
||||
ERROR: permission denied for table pg_description
|
||||
RESET ROLE;
|
||||
-- policy on system catalog
|
||||
BEGIN;
|
||||
CREATE POLICY foo ON pg_description FOR SELECT USING (description NOT LIKE 'secret%');
|
||||
ROLLBACK;
|
||||
-- reserved schema name
|
||||
BEGIN;
|
||||
CREATE SCHEMA pg_foo;
|
||||
ROLLBACK;
|
||||
-- drop system table
|
||||
-- (This will fail anyway because it's pinned.)
|
||||
BEGIN;
|
||||
DROP TABLE pg_description;
|
||||
ERROR: cannot drop table pg_description because it is required by the database system
|
||||
ROLLBACK;
|
||||
-- truncate of system table
|
||||
BEGIN;
|
||||
TRUNCATE pg_description;
|
||||
ROLLBACK;
|
||||
-- rename column of system table
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description RENAME COLUMN description TO comment;
|
||||
ROLLBACK;
|
||||
-- ATSimplePermissions()
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET NOT NULL;
|
||||
ROLLBACK;
|
||||
-- SET STATISTICS
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET STATISTICS -1;
|
||||
ROLLBACK;
|
||||
-- foreign key referencing catalog
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description ADD PRIMARY KEY USING INDEX pg_description_o_c_o_index;
|
||||
CREATE TABLE foo (a oid, b oid, c int, FOREIGN KEY (a, b, c) REFERENCES pg_description);
|
||||
ROLLBACK;
|
||||
-- RangeVarCallbackOwnsRelation()
|
||||
BEGIN;
|
||||
CREATE INDEX pg_descripton_test_index ON pg_description (description);
|
||||
ROLLBACK;
|
||||
-- RangeVarCallbackForAlterRelation()
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description RENAME TO pg_comment;
|
||||
ROLLBACK;
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description SET SCHEMA public;
|
||||
ROLLBACK;
|
||||
-- reserved tablespace name
|
||||
CREATE TABLESPACE pg_foo LOCATION '/no/such/location';
|
||||
ERROR: directory "/no/such/location" does not exist
|
||||
-- triggers
|
||||
CREATE TRIGGER t1 BEFORE INSERT ON pg_description EXECUTE FUNCTION tf1();
|
||||
ALTER TRIGGER t1 ON pg_description RENAME TO t2;
|
||||
DROP TRIGGER t2 ON pg_description;
|
||||
-- rules
|
||||
CREATE RULE r1 AS ON INSERT TO pg_description DO INSTEAD NOTHING;
|
||||
ALTER RULE r1 ON pg_description RENAME TO r2;
|
||||
DROP RULE r2 ON pg_description;
|
||||
-- cleanup
|
||||
REVOKE ALL ON pg_description FROM regress_user_ast;
|
||||
DROP USER regress_user_ast;
|
||||
DROP FUNCTION tf1;
|
185
src/test/modules/unsafe_tests/sql/alter_system_table.sql
Normal file
185
src/test/modules/unsafe_tests/sql/alter_system_table.sql
Normal file
@ -0,0 +1,185 @@
|
||||
--
|
||||
-- Tests for things affected by allow_system_table_mods
|
||||
--
|
||||
-- We run the same set of commands once with allow_system_table_mods
|
||||
-- off and then again with on.
|
||||
--
|
||||
-- The "on" tests should where possible be wrapped in BEGIN/ROLLBACK
|
||||
-- blocks so as to not leave a mess around.
|
||||
|
||||
CREATE USER regress_user_ast;
|
||||
|
||||
SET allow_system_table_mods = off;
|
||||
|
||||
-- create new table in pg_catalog
|
||||
CREATE TABLE pg_catalog.test (a int);
|
||||
|
||||
-- anyarray column
|
||||
CREATE TABLE t1x (a int, b anyarray);
|
||||
|
||||
-- index on system catalog
|
||||
ALTER TABLE pg_namespace ADD UNIQUE USING INDEX pg_namespace_oid_index;
|
||||
|
||||
-- write to system catalog table as superuser
|
||||
-- (allowed even without allow_system_table_mods)
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 0, 'foo');
|
||||
|
||||
-- write to system catalog table as normal user
|
||||
GRANT INSERT ON pg_description TO regress_user_ast;
|
||||
SET ROLE regress_user_ast;
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 1, 'foo');
|
||||
RESET ROLE;
|
||||
|
||||
-- policy on system catalog
|
||||
CREATE POLICY foo ON pg_description FOR SELECT USING (description NOT LIKE 'secret%');
|
||||
|
||||
-- reserved schema name
|
||||
CREATE SCHEMA pg_foo;
|
||||
|
||||
-- drop system table
|
||||
DROP TABLE pg_description;
|
||||
|
||||
-- truncate of system table
|
||||
TRUNCATE pg_description;
|
||||
|
||||
-- rename column of system table
|
||||
ALTER TABLE pg_description RENAME COLUMN description TO comment;
|
||||
|
||||
-- ATSimplePermissions()
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET NOT NULL;
|
||||
|
||||
-- SET STATISTICS
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET STATISTICS -1;
|
||||
|
||||
-- foreign key referencing catalog
|
||||
CREATE TABLE foo (a oid, b oid, c int, FOREIGN KEY (a, b, c) REFERENCES pg_description);
|
||||
|
||||
-- RangeVarCallbackOwnsRelation()
|
||||
CREATE INDEX pg_descripton_test_index ON pg_description (description);
|
||||
|
||||
-- RangeVarCallbackForAlterRelation()
|
||||
ALTER TABLE pg_description RENAME TO pg_comment;
|
||||
ALTER TABLE pg_description SET SCHEMA public;
|
||||
|
||||
-- reserved tablespace name
|
||||
CREATE TABLESPACE pg_foo LOCATION '/no/such/location';
|
||||
|
||||
-- triggers
|
||||
CREATE FUNCTION tf1() RETURNS trigger
|
||||
LANGUAGE plpgsql
|
||||
AS $$
|
||||
BEGIN
|
||||
RETURN NULL;
|
||||
END $$;
|
||||
|
||||
CREATE TRIGGER t1 BEFORE INSERT ON pg_description EXECUTE FUNCTION tf1();
|
||||
ALTER TRIGGER t1 ON pg_description RENAME TO t2;
|
||||
--DROP TRIGGER t2 ON pg_description;
|
||||
|
||||
-- rules
|
||||
CREATE RULE r1 AS ON INSERT TO pg_description DO INSTEAD NOTHING;
|
||||
ALTER RULE r1 ON pg_description RENAME TO r2;
|
||||
--DROP RULE r2 ON pg_description;
|
||||
|
||||
|
||||
SET allow_system_table_mods = on;
|
||||
|
||||
-- create new table in pg_catalog
|
||||
BEGIN;
|
||||
CREATE TABLE pg_catalog.test (a int);
|
||||
ROLLBACK;
|
||||
|
||||
-- anyarray column
|
||||
BEGIN;
|
||||
CREATE TABLE t1 (a int, b anyarray);
|
||||
ROLLBACK;
|
||||
|
||||
-- index on system catalog
|
||||
BEGIN;
|
||||
ALTER TABLE pg_namespace ADD UNIQUE USING INDEX pg_namespace_oid_index;
|
||||
ROLLBACK;
|
||||
|
||||
-- write to system catalog table as superuser
|
||||
BEGIN;
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 2, 'foo');
|
||||
ROLLBACK;
|
||||
|
||||
-- write to system catalog table as normal user
|
||||
-- (not allowed)
|
||||
SET ROLE regress_user_ast;
|
||||
INSERT INTO pg_description (objoid, classoid, objsubid, description) VALUES (0, 0, 3, 'foo');
|
||||
RESET ROLE;
|
||||
|
||||
-- policy on system catalog
|
||||
BEGIN;
|
||||
CREATE POLICY foo ON pg_description FOR SELECT USING (description NOT LIKE 'secret%');
|
||||
ROLLBACK;
|
||||
|
||||
-- reserved schema name
|
||||
BEGIN;
|
||||
CREATE SCHEMA pg_foo;
|
||||
ROLLBACK;
|
||||
|
||||
-- drop system table
|
||||
-- (This will fail anyway because it's pinned.)
|
||||
BEGIN;
|
||||
DROP TABLE pg_description;
|
||||
ROLLBACK;
|
||||
|
||||
-- truncate of system table
|
||||
BEGIN;
|
||||
TRUNCATE pg_description;
|
||||
ROLLBACK;
|
||||
|
||||
-- rename column of system table
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description RENAME COLUMN description TO comment;
|
||||
ROLLBACK;
|
||||
|
||||
-- ATSimplePermissions()
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET NOT NULL;
|
||||
ROLLBACK;
|
||||
|
||||
-- SET STATISTICS
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description ALTER COLUMN description SET STATISTICS -1;
|
||||
ROLLBACK;
|
||||
|
||||
-- foreign key referencing catalog
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description ADD PRIMARY KEY USING INDEX pg_description_o_c_o_index;
|
||||
CREATE TABLE foo (a oid, b oid, c int, FOREIGN KEY (a, b, c) REFERENCES pg_description);
|
||||
ROLLBACK;
|
||||
|
||||
-- RangeVarCallbackOwnsRelation()
|
||||
BEGIN;
|
||||
CREATE INDEX pg_descripton_test_index ON pg_description (description);
|
||||
ROLLBACK;
|
||||
|
||||
-- RangeVarCallbackForAlterRelation()
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description RENAME TO pg_comment;
|
||||
ROLLBACK;
|
||||
BEGIN;
|
||||
ALTER TABLE pg_description SET SCHEMA public;
|
||||
ROLLBACK;
|
||||
|
||||
-- reserved tablespace name
|
||||
CREATE TABLESPACE pg_foo LOCATION '/no/such/location';
|
||||
|
||||
-- triggers
|
||||
CREATE TRIGGER t1 BEFORE INSERT ON pg_description EXECUTE FUNCTION tf1();
|
||||
ALTER TRIGGER t1 ON pg_description RENAME TO t2;
|
||||
DROP TRIGGER t2 ON pg_description;
|
||||
|
||||
-- rules
|
||||
CREATE RULE r1 AS ON INSERT TO pg_description DO INSTEAD NOTHING;
|
||||
ALTER RULE r1 ON pg_description RENAME TO r2;
|
||||
DROP RULE r2 ON pg_description;
|
||||
|
||||
|
||||
-- cleanup
|
||||
REVOKE ALL ON pg_description FROM regress_user_ast;
|
||||
DROP USER regress_user_ast;
|
||||
DROP FUNCTION tf1;
|
@ -3309,10 +3309,6 @@ WHERE c.oid IS NOT NULL OR m.mapped_oid IS NOT NULL;
|
||||
|
||||
-- Checks on creating and manipulation of user defined relations in
|
||||
-- pg_catalog.
|
||||
--
|
||||
-- XXX: It would be useful to add checks around trying to manipulate
|
||||
-- catalog tables, but that might have ugly consequences when run
|
||||
-- against an existing server with allow_system_table_mods = on.
|
||||
SHOW allow_system_table_mods;
|
||||
allow_system_table_mods
|
||||
-------------------------
|
||||
|
@ -2079,10 +2079,6 @@ WHERE c.oid IS NOT NULL OR m.mapped_oid IS NOT NULL;
|
||||
|
||||
-- Checks on creating and manipulation of user defined relations in
|
||||
-- pg_catalog.
|
||||
--
|
||||
-- XXX: It would be useful to add checks around trying to manipulate
|
||||
-- catalog tables, but that might have ugly consequences when run
|
||||
-- against an existing server with allow_system_table_mods = on.
|
||||
|
||||
SHOW allow_system_table_mods;
|
||||
-- disallowed because of search_path issues with pg_dump
|
||||
|
Loading…
Reference in New Issue
Block a user