From: Jan Wieck <jwieck@debis.com>
I thought it would be a good idea to ensure that the new view
permission model will not get broken by subsequent
fixes/changes. So I wrote a little regression test for it.
There is an ugly thing in this regression test. It creates
temporary a test user that is required for the tests. The
user is removed at the end of the test, but if sometimes the
regression suite is aborted or crashes exactly here, the test
user will lay around in the pg_shadow. Don't have a clue how
to get around.
This commit is contained in:
Marc G. Fournier
parent
50e4120d5e
commit
877224154d
|
|
@ -0,0 +1,101 @@
|
|||
QUERY: CREATE FUNCTION viewperms_nextid () RETURNS int4 AS '
|
||||
SELECT max(usesysid) + 1 AS ret FROM pg_user;
|
||||
' LANGUAGE 'sql';
|
||||
QUERY: CREATE FUNCTION viewperms_testid () RETURNS oid AS '
|
||||
SELECT oid(textin(int4out(usesysid))) FROM pg_user
|
||||
WHERE usename = ''viewperms_testuser'';
|
||||
' LANGUAGE 'sql';
|
||||
QUERY: INSERT INTO pg_shadow VALUES (
|
||||
'viewperms_testuser',
|
||||
viewperms_nextid(),
|
||||
false, true, false, true,
|
||||
NULL, NULL
|
||||
);
|
||||
QUERY: CREATE TABLE viewperms_t1 (
|
||||
a int4,
|
||||
b text
|
||||
);
|
||||
QUERY: CREATE TABLE viewperms_t2 (
|
||||
a int4,
|
||||
b text
|
||||
);
|
||||
QUERY: INSERT INTO viewperms_t1 VALUES (1, 'one');
|
||||
QUERY: INSERT INTO viewperms_t1 VALUES (2, 'two');
|
||||
QUERY: INSERT INTO viewperms_t1 VALUES (3, 'three');
|
||||
QUERY: INSERT INTO viewperms_t2 VALUES (1, 'one');
|
||||
QUERY: INSERT INTO viewperms_t2 VALUES (2, 'two');
|
||||
QUERY: INSERT INTO viewperms_t2 VALUES (3, 'three');
|
||||
QUERY: CREATE VIEW viewperms_v1 AS SELECT * FROM viewperms_t1;
|
||||
QUERY: CREATE VIEW viewperms_v2 AS SELECT * FROM viewperms_t2;
|
||||
QUERY: CREATE VIEW viewperms_v3 AS SELECT * FROM viewperms_t1;
|
||||
QUERY: CREATE VIEW viewperms_v4 AS SELECT * FROM viewperms_t2;
|
||||
QUERY: CREATE VIEW viewperms_v5 AS SELECT * FROM viewperms_v1;
|
||||
QUERY: CREATE VIEW viewperms_v6 AS SELECT * FROM viewperms_v4;
|
||||
QUERY: CREATE VIEW viewperms_v7 AS SELECT * FROM viewperms_v2;
|
||||
QUERY: UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_t1';
|
||||
QUERY: UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_v3';
|
||||
QUERY: UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_v4';
|
||||
QUERY: UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_v7';
|
||||
QUERY: SELECT * FROM viewperms_v1;
|
||||
a|b
|
||||
-+-----
|
||||
1|one
|
||||
2|two
|
||||
3|three
|
||||
(3 rows)
|
||||
|
||||
QUERY: SELECT * FROM viewperms_v2;
|
||||
a|b
|
||||
-+-----
|
||||
1|one
|
||||
2|two
|
||||
3|three
|
||||
(3 rows)
|
||||
|
||||
QUERY: SELECT * FROM viewperms_v3;
|
||||
a|b
|
||||
-+-----
|
||||
1|one
|
||||
2|two
|
||||
3|three
|
||||
(3 rows)
|
||||
|
||||
QUERY: SELECT * FROM viewperms_v4;
|
||||
ERROR: viewperms_t2: Permission denied.
|
||||
QUERY: SELECT * FROM viewperms_v5;
|
||||
a|b
|
||||
-+-----
|
||||
1|one
|
||||
2|two
|
||||
3|three
|
||||
(3 rows)
|
||||
|
||||
QUERY: SELECT * FROM viewperms_v6;
|
||||
ERROR: viewperms_t2: Permission denied.
|
||||
QUERY: SELECT * FROM viewperms_v7;
|
||||
ERROR: viewperms_v2: Permission denied.
|
||||
QUERY: GRANT SELECT ON viewperms_v2 TO PUBLIC;
|
||||
QUERY: SELECT * FROM viewperms_v7;
|
||||
a|b
|
||||
-+-----
|
||||
1|one
|
||||
2|two
|
||||
3|three
|
||||
(3 rows)
|
||||
|
||||
QUERY: DROP VIEW viewperms_v1;
|
||||
QUERY: DROP VIEW viewperms_v2;
|
||||
QUERY: DROP VIEW viewperms_v3;
|
||||
QUERY: DROP VIEW viewperms_v4;
|
||||
QUERY: DROP VIEW viewperms_v5;
|
||||
QUERY: DROP VIEW viewperms_v6;
|
||||
QUERY: DROP VIEW viewperms_v7;
|
||||
QUERY: DROP TABLE viewperms_t1;
|
||||
QUERY: DROP TABLE viewperms_t2;
|
||||
QUERY: DROP FUNCTION viewperms_nextid ();
|
||||
QUERY: DROP FUNCTION viewperms_testid ();
|
||||
QUERY: DELETE FROM pg_shadow WHERE usename = 'viewperms_testuser';
|
||||
|
|
@ -0,0 +1,121 @@
|
|||
--
|
||||
-- Create a new user with the next unused usesysid
|
||||
--
|
||||
CREATE FUNCTION viewperms_nextid () RETURNS int4 AS '
|
||||
SELECT max(usesysid) + 1 AS ret FROM pg_user;
|
||||
' LANGUAGE 'sql';
|
||||
|
||||
CREATE FUNCTION viewperms_testid () RETURNS oid AS '
|
||||
SELECT oid(textin(int4out(usesysid))) FROM pg_user
|
||||
WHERE usename = ''viewperms_testuser'';
|
||||
' LANGUAGE 'sql';
|
||||
|
||||
INSERT INTO pg_shadow VALUES (
|
||||
'viewperms_testuser',
|
||||
viewperms_nextid(),
|
||||
false, true, false, true,
|
||||
NULL, NULL
|
||||
);
|
||||
|
||||
--
|
||||
-- Create tables and views
|
||||
--
|
||||
CREATE TABLE viewperms_t1 (
|
||||
a int4,
|
||||
b text
|
||||
);
|
||||
|
||||
CREATE TABLE viewperms_t2 (
|
||||
a int4,
|
||||
b text
|
||||
);
|
||||
|
||||
INSERT INTO viewperms_t1 VALUES (1, 'one');
|
||||
INSERT INTO viewperms_t1 VALUES (2, 'two');
|
||||
INSERT INTO viewperms_t1 VALUES (3, 'three');
|
||||
|
||||
INSERT INTO viewperms_t2 VALUES (1, 'one');
|
||||
INSERT INTO viewperms_t2 VALUES (2, 'two');
|
||||
INSERT INTO viewperms_t2 VALUES (3, 'three');
|
||||
|
||||
CREATE VIEW viewperms_v1 AS SELECT * FROM viewperms_t1;
|
||||
CREATE VIEW viewperms_v2 AS SELECT * FROM viewperms_t2;
|
||||
CREATE VIEW viewperms_v3 AS SELECT * FROM viewperms_t1;
|
||||
CREATE VIEW viewperms_v4 AS SELECT * FROM viewperms_t2;
|
||||
CREATE VIEW viewperms_v5 AS SELECT * FROM viewperms_v1;
|
||||
CREATE VIEW viewperms_v6 AS SELECT * FROM viewperms_v4;
|
||||
CREATE VIEW viewperms_v7 AS SELECT * FROM viewperms_v2;
|
||||
|
||||
--
|
||||
-- Change ownership
|
||||
-- t1 tuser
|
||||
-- t2 pgslq
|
||||
-- v1 pgslq
|
||||
-- v2 pgslq
|
||||
-- v3 tuser
|
||||
-- v4 tuser
|
||||
-- v5 pgsql
|
||||
-- v6 pgsql
|
||||
-- v7 tuser
|
||||
--
|
||||
UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_t1';
|
||||
UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_v3';
|
||||
UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_v4';
|
||||
UPDATE pg_class SET relowner = viewperms_testid()
|
||||
WHERE relname = 'viewperms_v7';
|
||||
|
||||
--
|
||||
-- Now for the tests.
|
||||
--
|
||||
|
||||
-- View v1 owner pgsql has access to t1 owned by tuser
|
||||
SELECT * FROM viewperms_v1;
|
||||
|
||||
-- View v2 owner pgsql has access to t2 owned by pgsql (of cause)
|
||||
SELECT * FROM viewperms_v2;
|
||||
|
||||
-- View v3 owner tuser has access to t1 owned by tuser
|
||||
SELECT * FROM viewperms_v3;
|
||||
|
||||
-- View v4 owner tuser has NO access to t2 owned by pgsql
|
||||
-- MUST fail with permission denied
|
||||
SELECT * FROM viewperms_v4;
|
||||
|
||||
-- v5 (pgsql) can access v2 (pgsql) can access t1 (tuser)
|
||||
SELECT * FROM viewperms_v5;
|
||||
|
||||
-- v6 (pgsql) can access v4 (tuser) CANNOT access t2 (pgsql)
|
||||
SELECT * FROM viewperms_v6;
|
||||
|
||||
-- v7 (tuser) CANNOT access v2 (pgsql) wanna access t2 (pgslq)
|
||||
SELECT * FROM viewperms_v7;
|
||||
|
||||
GRANT SELECT ON viewperms_v2 TO PUBLIC;
|
||||
-- but now
|
||||
-- v7 (tuser) can access v2 (pgsql via grant) can access t2 (pgsql)
|
||||
SELECT * FROM viewperms_v7;
|
||||
|
||||
--
|
||||
-- Tidy up - we remove the testuser below and we don't let
|
||||
-- objects lay around with bad owner reference
|
||||
--
|
||||
DROP VIEW viewperms_v1;
|
||||
DROP VIEW viewperms_v2;
|
||||
DROP VIEW viewperms_v3;
|
||||
DROP VIEW viewperms_v4;
|
||||
DROP VIEW viewperms_v5;
|
||||
DROP VIEW viewperms_v6;
|
||||
DROP VIEW viewperms_v7;
|
||||
DROP TABLE viewperms_t1;
|
||||
DROP TABLE viewperms_t2;
|
||||
DROP FUNCTION viewperms_nextid ();
|
||||
DROP FUNCTION viewperms_testid ();
|
||||
|
||||
--
|
||||
-- Remove the testuser
|
||||
--
|
||||
DELETE FROM pg_shadow WHERE usename = 'viewperms_testuser';
|
||||
|
||||
Loading…
Reference in New Issue