mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-10-02 19:26:51 +02:00
30ec31604d
to build dependencies for rules, constraint expressions, and default expressions. Repair some problems in the original design of recursiveDeletion() exposed by more complex dependency sets. Fix regression tests that were deleting things in illegal sequences.
566 lines
15 KiB
Plaintext
566 lines
15 KiB
Plaintext
--
|
|
-- Test access privileges
|
|
--
|
|
CREATE USER regressuser1;
|
|
CREATE USER regressuser2;
|
|
CREATE USER regressuser3;
|
|
CREATE USER regressuser4;
|
|
CREATE USER regressuser4; -- duplicate
|
|
ERROR: CREATE USER: user name "regressuser4" already exists
|
|
CREATE GROUP regressgroup1;
|
|
CREATE GROUP regressgroup2 WITH USER regressuser1, regressuser2;
|
|
ALTER GROUP regressgroup1 ADD USER regressuser4;
|
|
ALTER GROUP regressgroup2 ADD USER regressuser2; -- duplicate
|
|
WARNING: ALTER GROUP: user "regressuser2" is already in group "regressgroup2"
|
|
ALTER GROUP regressgroup2 DROP USER regressuser2;
|
|
ALTER GROUP regressgroup2 ADD USER regressuser4;
|
|
-- test owner privileges
|
|
SET SESSION AUTHORIZATION regressuser1;
|
|
SELECT session_user, current_user;
|
|
session_user | current_user
|
|
--------------+--------------
|
|
regressuser1 | regressuser1
|
|
(1 row)
|
|
|
|
CREATE TABLE atest1 ( a int, b text );
|
|
SELECT * FROM atest1;
|
|
a | b
|
|
---+---
|
|
(0 rows)
|
|
|
|
INSERT INTO atest1 VALUES (1, 'one');
|
|
DELETE FROM atest1;
|
|
UPDATE atest1 SET a = 1 WHERE b = 'blech';
|
|
LOCK atest1 IN ACCESS EXCLUSIVE MODE;
|
|
REVOKE ALL ON atest1 FROM PUBLIC;
|
|
SELECT * FROM atest1;
|
|
a | b
|
|
---+---
|
|
(0 rows)
|
|
|
|
GRANT ALL ON atest1 TO regressuser2;
|
|
GRANT SELECT ON atest1 TO regressuser3, regressuser4;
|
|
SELECT * FROM atest1;
|
|
a | b
|
|
---+---
|
|
(0 rows)
|
|
|
|
CREATE TABLE atest2 (col1 varchar(10), col2 boolean);
|
|
GRANT SELECT ON atest2 TO regressuser2;
|
|
GRANT UPDATE ON atest2 TO regressuser3;
|
|
GRANT INSERT ON atest2 TO regressuser4;
|
|
SET SESSION AUTHORIZATION regressuser2;
|
|
SELECT session_user, current_user;
|
|
session_user | current_user
|
|
--------------+--------------
|
|
regressuser2 | regressuser2
|
|
(1 row)
|
|
|
|
-- try various combinations of queries on atest1 and atest2
|
|
SELECT * FROM atest1; -- ok
|
|
a | b
|
|
---+---
|
|
(0 rows)
|
|
|
|
SELECT * FROM atest2; -- ok
|
|
col1 | col2
|
|
------+------
|
|
(0 rows)
|
|
|
|
INSERT INTO atest1 VALUES (2, 'two'); -- ok
|
|
INSERT INTO atest2 VALUES ('foo', true); -- fail
|
|
ERROR: atest2: permission denied
|
|
INSERT INTO atest1 SELECT 1, b FROM atest1; -- ok
|
|
UPDATE atest1 SET a = 1 WHERE a = 2; -- ok
|
|
UPDATE atest2 SET col2 = NOT col2; -- fail
|
|
ERROR: atest2: permission denied
|
|
SELECT * FROM atest1 FOR UPDATE; -- ok
|
|
a | b
|
|
---+-----
|
|
1 | two
|
|
1 | two
|
|
(2 rows)
|
|
|
|
SELECT * FROM atest2 FOR UPDATE; -- fail
|
|
ERROR: atest2: permission denied
|
|
DELETE FROM atest2; -- fail
|
|
ERROR: atest2: permission denied
|
|
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- fail
|
|
ERROR: atest2: permission denied
|
|
COPY atest2 FROM stdin; -- fail
|
|
ERROR: atest2: permission denied
|
|
GRANT ALL ON atest1 TO PUBLIC; -- fail
|
|
ERROR: atest1: must be owner
|
|
-- checks in subquery, both ok
|
|
SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) );
|
|
a | b
|
|
---+---
|
|
(0 rows)
|
|
|
|
SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) );
|
|
col1 | col2
|
|
------+------
|
|
(0 rows)
|
|
|
|
SET SESSION AUTHORIZATION regressuser3;
|
|
SELECT session_user, current_user;
|
|
session_user | current_user
|
|
--------------+--------------
|
|
regressuser3 | regressuser3
|
|
(1 row)
|
|
|
|
SELECT * FROM atest1; -- ok
|
|
a | b
|
|
---+-----
|
|
1 | two
|
|
1 | two
|
|
(2 rows)
|
|
|
|
SELECT * FROM atest2; -- fail
|
|
ERROR: atest2: permission denied
|
|
INSERT INTO atest1 VALUES (2, 'two'); -- fail
|
|
ERROR: atest1: permission denied
|
|
INSERT INTO atest2 VALUES ('foo', true); -- fail
|
|
ERROR: atest2: permission denied
|
|
INSERT INTO atest1 SELECT 1, b FROM atest1; -- fail
|
|
ERROR: atest1: permission denied
|
|
UPDATE atest1 SET a = 1 WHERE a = 2; -- fail
|
|
ERROR: atest1: permission denied
|
|
UPDATE atest2 SET col2 = NULL; -- ok
|
|
UPDATE atest2 SET col2 = NOT col2; -- fails; requires SELECT on atest2
|
|
ERROR: atest2: permission denied
|
|
UPDATE atest2 SET col2 = true WHERE atest1.a = 5; -- ok
|
|
SELECT * FROM atest1 FOR UPDATE; -- fail
|
|
ERROR: atest1: permission denied
|
|
SELECT * FROM atest2 FOR UPDATE; -- fail
|
|
ERROR: atest2: permission denied
|
|
DELETE FROM atest2; -- fail
|
|
ERROR: atest2: permission denied
|
|
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- ok
|
|
COPY atest2 FROM stdin; -- fail
|
|
ERROR: atest2: permission denied
|
|
-- checks in subquery, both fail
|
|
SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) );
|
|
ERROR: atest2: permission denied
|
|
SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) );
|
|
ERROR: atest2: permission denied
|
|
SET SESSION AUTHORIZATION regressuser4;
|
|
COPY atest2 FROM stdin; -- ok
|
|
SELECT * FROM atest1; -- ok
|
|
a | b
|
|
---+-----
|
|
1 | two
|
|
1 | two
|
|
(2 rows)
|
|
|
|
-- groups
|
|
SET SESSION AUTHORIZATION regressuser3;
|
|
CREATE TABLE atest3 (one int, two int, three int);
|
|
GRANT DELETE ON atest3 TO GROUP regressgroup2;
|
|
SET SESSION AUTHORIZATION regressuser1;
|
|
SELECT * FROM atest3; -- fail
|
|
ERROR: atest3: permission denied
|
|
DELETE FROM atest3; -- ok
|
|
-- views
|
|
SET SESSION AUTHORIZATION regressuser3;
|
|
CREATE VIEW atestv1 AS SELECT * FROM atest1; -- ok
|
|
/* The next *should* fail, but it's not implemented that way yet. */
|
|
CREATE VIEW atestv2 AS SELECT * FROM atest2;
|
|
CREATE VIEW atestv3 AS SELECT * FROM atest3; -- ok
|
|
SELECT * FROM atestv1; -- ok
|
|
a | b
|
|
---+-----
|
|
1 | two
|
|
1 | two
|
|
(2 rows)
|
|
|
|
SELECT * FROM atestv2; -- fail
|
|
ERROR: atest2: permission denied
|
|
GRANT SELECT ON atestv1, atestv3 TO regressuser4;
|
|
GRANT SELECT ON atestv2 TO regressuser2;
|
|
SET SESSION AUTHORIZATION regressuser4;
|
|
SELECT * FROM atestv1; -- ok
|
|
a | b
|
|
---+-----
|
|
1 | two
|
|
1 | two
|
|
(2 rows)
|
|
|
|
SELECT * FROM atestv2; -- fail
|
|
ERROR: atestv2: permission denied
|
|
SELECT * FROM atestv3; -- ok
|
|
one | two | three
|
|
-----+-----+-------
|
|
(0 rows)
|
|
|
|
CREATE VIEW atestv4 AS SELECT * FROM atestv3; -- nested view
|
|
SELECT * FROM atestv4; -- ok
|
|
one | two | three
|
|
-----+-----+-------
|
|
(0 rows)
|
|
|
|
GRANT SELECT ON atestv4 TO regressuser2;
|
|
SET SESSION AUTHORIZATION regressuser2;
|
|
-- Two complex cases:
|
|
SELECT * FROM atestv3; -- fail
|
|
ERROR: atestv3: permission denied
|
|
SELECT * FROM atestv4; -- ok (even though regressuser2 cannot access underlying atestv3)
|
|
one | two | three
|
|
-----+-----+-------
|
|
(0 rows)
|
|
|
|
SELECT * FROM atest2; -- ok
|
|
col1 | col2
|
|
------+------
|
|
bar | t
|
|
(1 row)
|
|
|
|
SELECT * FROM atestv2; -- fail (even though regressuser2 can access underlying atest2)
|
|
ERROR: atest2: permission denied
|
|
-- privileges on functions, languages
|
|
-- switch to superuser
|
|
\c -
|
|
REVOKE ALL PRIVILEGES ON LANGUAGE sql FROM PUBLIC;
|
|
GRANT USAGE ON LANGUAGE sql TO regressuser1; -- ok
|
|
GRANT USAGE ON LANGUAGE c TO PUBLIC; -- fail
|
|
ERROR: language "c" is not trusted
|
|
SET SESSION AUTHORIZATION regressuser1;
|
|
GRANT USAGE ON LANGUAGE sql TO regressuser2; -- fail
|
|
ERROR: permission denied
|
|
CREATE FUNCTION testfunc1(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql;
|
|
CREATE FUNCTION testfunc2(int) RETURNS int AS 'select 3 * $1;' LANGUAGE sql;
|
|
GRANT EXECUTE ON FUNCTION testfunc1(int), testfunc2(int) TO regressuser2;
|
|
GRANT USAGE ON FUNCTION testfunc1(int) TO regressuser3; -- semantic error
|
|
ERROR: invalid privilege type USAGE for function object
|
|
GRANT ALL PRIVILEGES ON FUNCTION testfunc1(int) TO regressuser4;
|
|
GRANT ALL PRIVILEGES ON FUNCTION testfunc_nosuch(int) TO regressuser4;
|
|
ERROR: GRANT: function testfunc_nosuch(integer) does not exist
|
|
CREATE FUNCTION testfunc4(boolean) RETURNS text
|
|
AS 'select col1 from atest2 where col2 = $1;'
|
|
LANGUAGE sql SECURITY DEFINER;
|
|
GRANT EXECUTE ON FUNCTION testfunc4(boolean) TO regressuser3;
|
|
SET SESSION AUTHORIZATION regressuser2;
|
|
SELECT testfunc1(5), testfunc2(5); -- ok
|
|
testfunc1 | testfunc2
|
|
-----------+-----------
|
|
10 | 15
|
|
(1 row)
|
|
|
|
CREATE FUNCTION testfunc3(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; -- fail
|
|
ERROR: sql: permission denied
|
|
SET SESSION AUTHORIZATION regressuser3;
|
|
SELECT testfunc1(5); -- fail
|
|
ERROR: testfunc1: permission denied
|
|
SELECT col1 FROM atest2 WHERE col2 = true; -- fail
|
|
ERROR: atest2: permission denied
|
|
SELECT testfunc4(true); -- ok
|
|
testfunc4
|
|
-----------
|
|
bar
|
|
(1 row)
|
|
|
|
SET SESSION AUTHORIZATION regressuser4;
|
|
SELECT testfunc1(5); -- ok
|
|
testfunc1
|
|
-----------
|
|
10
|
|
(1 row)
|
|
|
|
DROP FUNCTION testfunc1(int); -- fail
|
|
ERROR: testfunc1: must be owner
|
|
\c -
|
|
DROP FUNCTION testfunc1(int); -- ok
|
|
-- restore to sanity
|
|
GRANT ALL PRIVILEGES ON LANGUAGE sql TO PUBLIC;
|
|
-- has_table_privilege function
|
|
-- bad-input checks
|
|
select has_table_privilege(NULL,'pg_shadow','select');
|
|
has_table_privilege
|
|
---------------------
|
|
|
|
(1 row)
|
|
|
|
select has_table_privilege('pg_shad','select');
|
|
ERROR: Relation "pg_shad" does not exist
|
|
select has_table_privilege('nosuchuser','pg_shadow','select');
|
|
ERROR: user "nosuchuser" does not exist
|
|
select has_table_privilege('pg_shadow','sel');
|
|
ERROR: has_table_privilege: invalid privilege type sel
|
|
select has_table_privilege(-999999,'pg_shadow','update');
|
|
ERROR: pg_class_aclcheck: invalid user id 4293967297
|
|
select has_table_privilege(1,'rule');
|
|
ERROR: pg_class_aclcheck: relation 1 not found
|
|
-- superuser
|
|
\c -
|
|
select has_table_privilege(current_user,'pg_shadow','select');
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,'pg_shadow','insert');
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,'pg_shadow','update')
|
|
from (select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,'pg_shadow','delete')
|
|
from (select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,t1.oid,'rule')
|
|
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,t1.oid,'references')
|
|
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
|
from (select oid from pg_class where relname = 'pg_shadow') as t1,
|
|
(select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
|
from (select oid from pg_class where relname = 'pg_shadow') as t1,
|
|
(select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege('pg_shadow','update');
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege('pg_shadow','delete');
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t1.oid,'select')
|
|
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t1.oid,'trigger')
|
|
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
-- non-superuser
|
|
SET SESSION AUTHORIZATION regressuser3;
|
|
select has_table_privilege(current_user,'pg_class','select');
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,'pg_class','insert');
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,'pg_class','update')
|
|
from (select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,'pg_class','delete')
|
|
from (select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,t1.oid,'rule')
|
|
from (select oid from pg_class where relname = 'pg_class') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,t1.oid,'references')
|
|
from (select oid from pg_class where relname = 'pg_class') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
|
from (select oid from pg_class where relname = 'pg_class') as t1,
|
|
(select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
|
from (select oid from pg_class where relname = 'pg_class') as t1,
|
|
(select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege('pg_class','update');
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege('pg_class','delete');
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t1.oid,'select')
|
|
from (select oid from pg_class where relname = 'pg_class') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t1.oid,'trigger')
|
|
from (select oid from pg_class where relname = 'pg_class') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,'atest1','select');
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,'atest1','insert');
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,'atest1','update')
|
|
from (select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,'atest1','delete')
|
|
from (select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,t1.oid,'rule')
|
|
from (select oid from pg_class where relname = 'atest1') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(current_user,t1.oid,'references')
|
|
from (select oid from pg_class where relname = 'atest1') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
|
from (select oid from pg_class where relname = 'atest1') as t1,
|
|
(select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
|
from (select oid from pg_class where relname = 'atest1') as t1,
|
|
(select usesysid from pg_user where usename = current_user) as t2;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege('atest1','update');
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege('atest1','delete');
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
select has_table_privilege(t1.oid,'select')
|
|
from (select oid from pg_class where relname = 'atest1') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
t
|
|
(1 row)
|
|
|
|
select has_table_privilege(t1.oid,'trigger')
|
|
from (select oid from pg_class where relname = 'atest1') as t1;
|
|
has_table_privilege
|
|
---------------------
|
|
f
|
|
(1 row)
|
|
|
|
-- clean up
|
|
\c regression
|
|
DROP FUNCTION testfunc2(int);
|
|
DROP FUNCTION testfunc4(boolean);
|
|
DROP VIEW atestv1;
|
|
DROP VIEW atestv2;
|
|
-- this should cascade to drop atestv4
|
|
DROP VIEW atestv3 CASCADE;
|
|
NOTICE: Drop cascades to rule _RETURN on view atestv3
|
|
NOTICE: Drop cascades to rule _RETURN on view atestv4
|
|
NOTICE: Drop cascades to view atestv4
|
|
-- this should complain "does not exist"
|
|
DROP VIEW atestv4;
|
|
ERROR: view "atestv4" does not exist
|
|
DROP TABLE atest1;
|
|
DROP TABLE atest2;
|
|
DROP TABLE atest3;
|
|
DROP GROUP regressgroup1;
|
|
DROP GROUP regressgroup2;
|
|
DROP USER regressuser1;
|
|
DROP USER regressuser2;
|
|
DROP USER regressuser3;
|
|
DROP USER regressuser4;
|