mirror of
				https://github.com/postgres/postgres.git
				synced 2025-10-21 02:52:47 +03:00 
			
		
		
		
	Add COMMENT and SECURITY LABEL support for publications and subscriptions
This commit is contained in:
		| @@ -46,12 +46,14 @@ COMMENT ON | |||||||
|   OPERATOR FAMILY <replaceable class="PARAMETER">object_name</replaceable> USING <replaceable class="parameter">index_method</replaceable> | |   OPERATOR FAMILY <replaceable class="PARAMETER">object_name</replaceable> USING <replaceable class="parameter">index_method</replaceable> | | ||||||
|   POLICY <replaceable class="PARAMETER">policy_name</replaceable> ON <replaceable class="PARAMETER">table_name</replaceable> | |   POLICY <replaceable class="PARAMETER">policy_name</replaceable> ON <replaceable class="PARAMETER">table_name</replaceable> | | ||||||
|   [ PROCEDURAL ] LANGUAGE <replaceable class="PARAMETER">object_name</replaceable> | |   [ PROCEDURAL ] LANGUAGE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|  |   PUBLICATION <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   ROLE <replaceable class="PARAMETER">object_name</replaceable> | |   ROLE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   RULE <replaceable class="PARAMETER">rule_name</replaceable> ON <replaceable class="PARAMETER">table_name</replaceable> | |   RULE <replaceable class="PARAMETER">rule_name</replaceable> ON <replaceable class="PARAMETER">table_name</replaceable> | | ||||||
|   SCHEMA <replaceable class="PARAMETER">object_name</replaceable> | |   SCHEMA <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   SEQUENCE <replaceable class="PARAMETER">object_name</replaceable> | |   SEQUENCE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   SERVER <replaceable class="PARAMETER">object_name</replaceable> | |   SERVER <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   STATISTICS <replaceable class="PARAMETER">object_name</replaceable> | |   STATISTICS <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|  |   SUBSCRIPTION <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   TABLE <replaceable class="PARAMETER">object_name</replaceable> | |   TABLE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   TABLESPACE <replaceable class="PARAMETER">object_name</replaceable> | |   TABLESPACE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   TEXT SEARCH CONFIGURATION <replaceable class="PARAMETER">object_name</replaceable> | |   TEXT SEARCH CONFIGURATION <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   | |||||||
| @@ -34,9 +34,11 @@ SECURITY LABEL [ FOR <replaceable class="PARAMETER">provider</replaceable> ] ON | |||||||
|   LARGE OBJECT <replaceable class="PARAMETER">large_object_oid</replaceable> | |   LARGE OBJECT <replaceable class="PARAMETER">large_object_oid</replaceable> | | ||||||
|   MATERIALIZED VIEW <replaceable class="PARAMETER">object_name</replaceable> | |   MATERIALIZED VIEW <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   [ PROCEDURAL ] LANGUAGE <replaceable class="PARAMETER">object_name</replaceable> | |   [ PROCEDURAL ] LANGUAGE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|  |   PUBLICATION <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   ROLE <replaceable class="PARAMETER">object_name</replaceable> | |   ROLE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   SCHEMA <replaceable class="PARAMETER">object_name</replaceable> | |   SCHEMA <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   SEQUENCE <replaceable class="PARAMETER">object_name</replaceable> | |   SEQUENCE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|  |   SUBSCRIPTION <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   TABLESPACE <replaceable class="PARAMETER">object_name</replaceable> | |   TABLESPACE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   TYPE <replaceable class="PARAMETER">object_name</replaceable> | |   TYPE <replaceable class="PARAMETER">object_name</replaceable> | | ||||||
|   VIEW <replaceable class="PARAMETER">object_name</replaceable> |   VIEW <replaceable class="PARAMETER">object_name</replaceable> | ||||||
|   | |||||||
| @@ -424,6 +424,28 @@ FROM | |||||||
| WHERE | WHERE | ||||||
| 	l.objsubid = 0 | 	l.objsubid = 0 | ||||||
| UNION ALL | UNION ALL | ||||||
|  | SELECT | ||||||
|  | 	l.objoid, l.classoid, l.objsubid, | ||||||
|  | 	'publication'::text AS objtype, | ||||||
|  | 	NULL::oid AS objnamespace, | ||||||
|  | 	quote_ident(p.pubname) AS objname, | ||||||
|  | 	l.provider, l.label | ||||||
|  | FROM | ||||||
|  | 	pg_seclabel l | ||||||
|  | 	JOIN pg_publication p ON l.classoid = p.tableoid AND l.objoid = p.oid | ||||||
|  | WHERE | ||||||
|  | 	l.objsubid = 0 | ||||||
|  | UNION ALL | ||||||
|  | SELECT | ||||||
|  | 	l.objoid, l.classoid, 0::int4 AS objsubid, | ||||||
|  | 	'subscription'::text AS objtype, | ||||||
|  | 	NULL::oid AS objnamespace, | ||||||
|  | 	quote_ident(s.subname) AS objname, | ||||||
|  | 	l.provider, l.label | ||||||
|  | FROM | ||||||
|  | 	pg_shseclabel l | ||||||
|  | 	JOIN pg_subscription s ON l.classoid = s.tableoid AND l.objoid = s.oid | ||||||
|  | UNION ALL | ||||||
| SELECT | SELECT | ||||||
| 	l.objoid, l.classoid, 0::int4 AS objsubid, | 	l.objoid, l.classoid, 0::int4 AS objsubid, | ||||||
| 	'database'::text AS objtype, | 	'database'::text AS objtype, | ||||||
|   | |||||||
| @@ -6340,9 +6340,11 @@ comment_type_name: | |||||||
| 			| EXTENSION							{ $$ = OBJECT_EXTENSION; } | 			| EXTENSION							{ $$ = OBJECT_EXTENSION; } | ||||||
| 			| FOREIGN DATA_P WRAPPER			{ $$ = OBJECT_FDW; } | 			| FOREIGN DATA_P WRAPPER			{ $$ = OBJECT_FDW; } | ||||||
| 			| opt_procedural LANGUAGE			{ $$ = OBJECT_LANGUAGE; } | 			| opt_procedural LANGUAGE			{ $$ = OBJECT_LANGUAGE; } | ||||||
|  | 			| PUBLICATION						{ $$ = OBJECT_PUBLICATION; } | ||||||
| 			| ROLE								{ $$ = OBJECT_ROLE; } | 			| ROLE								{ $$ = OBJECT_ROLE; } | ||||||
| 			| SCHEMA							{ $$ = OBJECT_SCHEMA; } | 			| SCHEMA							{ $$ = OBJECT_SCHEMA; } | ||||||
| 			| SERVER							{ $$ = OBJECT_FOREIGN_SERVER; } | 			| SERVER							{ $$ = OBJECT_FOREIGN_SERVER; } | ||||||
|  | 			| SUBSCRIPTION						{ $$ = OBJECT_SUBSCRIPTION; } | ||||||
| 			| TABLESPACE						{ $$ = OBJECT_TABLESPACE; } | 			| TABLESPACE						{ $$ = OBJECT_TABLESPACE; } | ||||||
| 		; | 		; | ||||||
|  |  | ||||||
| @@ -6453,8 +6455,10 @@ security_label_type_name: | |||||||
| 			DATABASE							{ $$ = OBJECT_DATABASE; } | 			DATABASE							{ $$ = OBJECT_DATABASE; } | ||||||
| 			| EVENT TRIGGER						{ $$ = OBJECT_EVENT_TRIGGER; } | 			| EVENT TRIGGER						{ $$ = OBJECT_EVENT_TRIGGER; } | ||||||
| 			| opt_procedural LANGUAGE			{ $$ = OBJECT_LANGUAGE; } | 			| opt_procedural LANGUAGE			{ $$ = OBJECT_LANGUAGE; } | ||||||
|  | 			| PUBLICATION						{ $$ = OBJECT_PUBLICATION; } | ||||||
| 			| ROLE								{ $$ = OBJECT_ROLE; } | 			| ROLE								{ $$ = OBJECT_ROLE; } | ||||||
| 			| SCHEMA							{ $$ = OBJECT_SCHEMA; } | 			| SCHEMA							{ $$ = OBJECT_SCHEMA; } | ||||||
|  | 			| SUBSCRIPTION						{ $$ = OBJECT_SUBSCRIPTION; } | ||||||
| 			| TABLESPACE						{ $$ = OBJECT_TABLESPACE; } | 			| TABLESPACE						{ $$ = OBJECT_TABLESPACE; } | ||||||
| 		; | 		; | ||||||
|  |  | ||||||
|   | |||||||
| @@ -67,20 +67,28 @@ SECURITY LABEL ON FUNCTION dummy_seclabel_four() IS 'classified';		-- OK | |||||||
| SECURITY LABEL ON DOMAIN dummy_seclabel_domain IS 'classified';		-- OK | SECURITY LABEL ON DOMAIN dummy_seclabel_domain IS 'classified';		-- OK | ||||||
| CREATE SCHEMA dummy_seclabel_test; | CREATE SCHEMA dummy_seclabel_test; | ||||||
| SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';		-- OK | SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';		-- OK | ||||||
|  | SET client_min_messages = error; | ||||||
|  | CREATE PUBLICATION dummy_pub; | ||||||
|  | CREATE SUBSCRIPTION dummy_sub CONNECTION '' PUBLICATION foo WITH (NOCONNECT); | ||||||
|  | RESET client_min_messages; | ||||||
|  | SECURITY LABEL ON PUBLICATION dummy_pub IS 'classified'; | ||||||
|  | SECURITY LABEL ON SUBSCRIPTION dummy_sub IS 'classified'; | ||||||
| SELECT objtype, objname, provider, label FROM pg_seclabels | SELECT objtype, objname, provider, label FROM pg_seclabels | ||||||
| 	ORDER BY objtype, objname; | 	ORDER BY objtype, objname; | ||||||
|    objtype    |           objname            | provider |    label      |    objtype    |           objname            | provider |    label      | ||||||
| ----------+------------------------------+----------+-------------- | --------------+------------------------------+----------+-------------- | ||||||
|  column       | dummy_seclabel_tbl1.a        | dummy    | unclassified |  column       | dummy_seclabel_tbl1.a        | dummy    | unclassified | ||||||
|  domain       | dummy_seclabel_domain        | dummy    | classified |  domain       | dummy_seclabel_domain        | dummy    | classified | ||||||
|  function     | dummy_seclabel_four()        | dummy    | classified |  function     | dummy_seclabel_four()        | dummy    | classified | ||||||
|  |  publication  | dummy_pub                    | dummy    | classified | ||||||
|  role         | regress_dummy_seclabel_user1 | dummy    | classified |  role         | regress_dummy_seclabel_user1 | dummy    | classified | ||||||
|  role         | regress_dummy_seclabel_user2 | dummy    | unclassified |  role         | regress_dummy_seclabel_user2 | dummy    | unclassified | ||||||
|  schema       | dummy_seclabel_test          | dummy    | unclassified |  schema       | dummy_seclabel_test          | dummy    | unclassified | ||||||
|  |  subscription | dummy_sub                    | dummy    | classified | ||||||
|  table        | dummy_seclabel_tbl1          | dummy    | top secret |  table        | dummy_seclabel_tbl1          | dummy    | top secret | ||||||
|  table        | dummy_seclabel_tbl2          | dummy    | classified |  table        | dummy_seclabel_tbl2          | dummy    | classified | ||||||
|  view         | dummy_seclabel_view1         | dummy    | classified |  view         | dummy_seclabel_view1         | dummy    | classified | ||||||
| (9 rows) | (11 rows) | ||||||
|  |  | ||||||
| -- check for event trigger | -- check for event trigger | ||||||
| CREATE FUNCTION event_trigger_test() | CREATE FUNCTION event_trigger_test() | ||||||
|   | |||||||
| @@ -71,6 +71,13 @@ SECURITY LABEL ON DOMAIN dummy_seclabel_domain IS 'classified';		-- OK | |||||||
| CREATE SCHEMA dummy_seclabel_test; | CREATE SCHEMA dummy_seclabel_test; | ||||||
| SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';		-- OK | SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';		-- OK | ||||||
|  |  | ||||||
|  | SET client_min_messages = error; | ||||||
|  | CREATE PUBLICATION dummy_pub; | ||||||
|  | CREATE SUBSCRIPTION dummy_sub CONNECTION '' PUBLICATION foo WITH (NOCONNECT); | ||||||
|  | RESET client_min_messages; | ||||||
|  | SECURITY LABEL ON PUBLICATION dummy_pub IS 'classified'; | ||||||
|  | SECURITY LABEL ON SUBSCRIPTION dummy_sub IS 'classified'; | ||||||
|  |  | ||||||
| SELECT objtype, objname, provider, label FROM pg_seclabels | SELECT objtype, objname, provider, label FROM pg_seclabels | ||||||
| 	ORDER BY objtype, objname; | 	ORDER BY objtype, objname; | ||||||
|  |  | ||||||
|   | |||||||
| @@ -6,6 +6,13 @@ CREATE ROLE regress_publication_user2; | |||||||
| CREATE ROLE regress_publication_user_dummy LOGIN NOSUPERUSER; | CREATE ROLE regress_publication_user_dummy LOGIN NOSUPERUSER; | ||||||
| SET SESSION AUTHORIZATION 'regress_publication_user'; | SET SESSION AUTHORIZATION 'regress_publication_user'; | ||||||
| CREATE PUBLICATION testpub_default; | CREATE PUBLICATION testpub_default; | ||||||
|  | COMMENT ON PUBLICATION testpub_default IS 'test publication'; | ||||||
|  | SELECT obj_description(p.oid, 'pg_publication') FROM pg_publication p; | ||||||
|  |  obj_description   | ||||||
|  | ------------------ | ||||||
|  |  test publication | ||||||
|  | (1 row) | ||||||
|  |  | ||||||
| CREATE PUBLICATION testpib_ins_trunct WITH (nopublish delete, nopublish update); | CREATE PUBLICATION testpib_ins_trunct WITH (nopublish delete, nopublish update); | ||||||
| ALTER PUBLICATION testpub_default WITH (nopublish insert, nopublish delete); | ALTER PUBLICATION testpub_default WITH (nopublish insert, nopublish delete); | ||||||
| \dRp | \dRp | ||||||
|   | |||||||
| @@ -1605,6 +1605,29 @@ UNION ALL | |||||||
|    FROM (pg_seclabel l |    FROM (pg_seclabel l | ||||||
|      JOIN pg_event_trigger evt ON (((l.classoid = evt.tableoid) AND (l.objoid = evt.oid)))) |      JOIN pg_event_trigger evt ON (((l.classoid = evt.tableoid) AND (l.objoid = evt.oid)))) | ||||||
|   WHERE (l.objsubid = 0) |   WHERE (l.objsubid = 0) | ||||||
|  | UNION ALL | ||||||
|  |  SELECT l.objoid, | ||||||
|  |     l.classoid, | ||||||
|  |     l.objsubid, | ||||||
|  |     'publication'::text AS objtype, | ||||||
|  |     NULL::oid AS objnamespace, | ||||||
|  |     quote_ident((p.pubname)::text) AS objname, | ||||||
|  |     l.provider, | ||||||
|  |     l.label | ||||||
|  |    FROM (pg_seclabel l | ||||||
|  |      JOIN pg_publication p ON (((l.classoid = p.tableoid) AND (l.objoid = p.oid)))) | ||||||
|  |   WHERE (l.objsubid = 0) | ||||||
|  | UNION ALL | ||||||
|  |  SELECT l.objoid, | ||||||
|  |     l.classoid, | ||||||
|  |     0 AS objsubid, | ||||||
|  |     'subscription'::text AS objtype, | ||||||
|  |     NULL::oid AS objnamespace, | ||||||
|  |     quote_ident((s.subname)::text) AS objname, | ||||||
|  |     l.provider, | ||||||
|  |     l.label | ||||||
|  |    FROM (pg_shseclabel l | ||||||
|  |      JOIN pg_subscription s ON (((l.classoid = s.tableoid) AND (l.objoid = s.oid)))) | ||||||
| UNION ALL | UNION ALL | ||||||
|  SELECT l.objoid, |  SELECT l.objoid, | ||||||
|     l.classoid, |     l.classoid, | ||||||
|   | |||||||
| @@ -30,6 +30,13 @@ ERROR:  publication name "foo" used more than once | |||||||
| -- ok | -- ok | ||||||
| CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | ||||||
| WARNING:  tables were not subscribed, you will have to run ALTER SUBSCRIPTION ... REFRESH PUBLICATION to subscribe the tables | WARNING:  tables were not subscribed, you will have to run ALTER SUBSCRIPTION ... REFRESH PUBLICATION to subscribe the tables | ||||||
|  | COMMENT ON SUBSCRIPTION testsub IS 'test subscription'; | ||||||
|  | SELECT obj_description(s.oid, 'pg_subscription') FROM pg_subscription s; | ||||||
|  |   obj_description   | ||||||
|  | ------------------- | ||||||
|  |  test subscription | ||||||
|  | (1 row) | ||||||
|  |  | ||||||
| -- fail - name already exists | -- fail - name already exists | ||||||
| CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | ||||||
| ERROR:  subscription "testsub" already exists | ERROR:  subscription "testsub" already exists | ||||||
|   | |||||||
| @@ -8,6 +8,9 @@ SET SESSION AUTHORIZATION 'regress_publication_user'; | |||||||
|  |  | ||||||
| CREATE PUBLICATION testpub_default; | CREATE PUBLICATION testpub_default; | ||||||
|  |  | ||||||
|  | COMMENT ON PUBLICATION testpub_default IS 'test publication'; | ||||||
|  | SELECT obj_description(p.oid, 'pg_publication') FROM pg_publication p; | ||||||
|  |  | ||||||
| CREATE PUBLICATION testpib_ins_trunct WITH (nopublish delete, nopublish update); | CREATE PUBLICATION testpib_ins_trunct WITH (nopublish delete, nopublish update); | ||||||
|  |  | ||||||
| ALTER PUBLICATION testpub_default WITH (nopublish insert, nopublish delete); | ALTER PUBLICATION testpub_default WITH (nopublish insert, nopublish delete); | ||||||
|   | |||||||
| @@ -27,6 +27,9 @@ CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION foo, te | |||||||
| -- ok | -- ok | ||||||
| CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | ||||||
|  |  | ||||||
|  | COMMENT ON SUBSCRIPTION testsub IS 'test subscription'; | ||||||
|  | SELECT obj_description(s.oid, 'pg_subscription') FROM pg_subscription s; | ||||||
|  |  | ||||||
| -- fail - name already exists | -- fail - name already exists | ||||||
| CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT); | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user