mirror of
https://github.com/postgres/postgres.git
synced 2025-07-09 22:41:56 +03:00
has_table_privilege functions from Joe Conway (with some kibitzing from
Tom Lane). For the moment, only the OID/name variants are provided. I didn't force initdb, but the additions to the 'privileges' regress test won't pass until you do one.
This commit is contained in:
@ -188,6 +188,274 @@ SELECT * FROM atestv3; -- ok
|
||||
-----+-----+-------
|
||||
(0 rows)
|
||||
|
||||
-- has_table_privilege function
|
||||
-- bad-input checks
|
||||
select has_table_privilege(NULL,'pg_shadow','select');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege('pg_shad','select');
|
||||
ERROR: has_table_privilege: relation "pg_shad" does not exist
|
||||
select has_table_privilege('nosuchuser','pg_shadow','select');
|
||||
ERROR: user "nosuchuser" does not exist
|
||||
select has_table_privilege('pg_shadow','sel');
|
||||
ERROR: has_table_privilege: invalid privilege type sel
|
||||
select has_table_privilege(-999999,'pg_shadow','update');
|
||||
ERROR: pg_aclcheck: invalid user id 4293967297
|
||||
select has_table_privilege(1,'rule');
|
||||
ERROR: has_table_privilege: invalid relation oid 1
|
||||
-- superuser
|
||||
\c regression
|
||||
select has_table_privilege(current_user,'pg_shadow','select');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,'pg_shadow','insert');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,'pg_shadow','update')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,'pg_shadow','delete')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'rule')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'references')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege('pg_shadow','update');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege('pg_shadow','delete');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t1.oid,'trigger')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
-- non-superuser
|
||||
SET SESSION AUTHORIZATION regressuser3;
|
||||
select has_table_privilege(current_user,'pg_class','select');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,'pg_class','insert');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,'pg_class','update')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,'pg_class','delete')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'rule')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'references')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege('pg_class','update');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege('pg_class','delete');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t1.oid,'trigger')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,'atest1','select');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,'atest1','insert');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,'atest1','update')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,'atest1','delete')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'rule')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'references')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege('atest1','update');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege('atest1','delete');
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
t
|
||||
(1 row)
|
||||
|
||||
select has_table_privilege(t1.oid,'trigger')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
has_table_privilege
|
||||
---------------------
|
||||
f
|
||||
(1 row)
|
||||
|
||||
-- clean up
|
||||
\c regression
|
||||
DROP TABLE atest1;
|
||||
|
@ -126,6 +126,106 @@ SELECT * FROM atestv1; -- ok
|
||||
SELECT * FROM atestv3; -- ok
|
||||
|
||||
|
||||
-- has_table_privilege function
|
||||
|
||||
-- bad-input checks
|
||||
select has_table_privilege(NULL,'pg_shadow','select');
|
||||
select has_table_privilege('pg_shad','select');
|
||||
select has_table_privilege('nosuchuser','pg_shadow','select');
|
||||
select has_table_privilege('pg_shadow','sel');
|
||||
select has_table_privilege(-999999,'pg_shadow','update');
|
||||
select has_table_privilege(1,'rule');
|
||||
|
||||
-- superuser
|
||||
\c regression
|
||||
select has_table_privilege(current_user,'pg_shadow','select');
|
||||
select has_table_privilege(current_user,'pg_shadow','insert');
|
||||
|
||||
select has_table_privilege(t2.usesysid,'pg_shadow','update')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
select has_table_privilege(t2.usesysid,'pg_shadow','delete')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'rule')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
select has_table_privilege(current_user,t1.oid,'references')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
|
||||
select has_table_privilege('pg_shadow','update');
|
||||
select has_table_privilege('pg_shadow','delete');
|
||||
|
||||
select has_table_privilege(t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
select has_table_privilege(t1.oid,'trigger')
|
||||
from (select oid from pg_class where relname = 'pg_shadow') as t1;
|
||||
|
||||
-- non-superuser
|
||||
SET SESSION AUTHORIZATION regressuser3;
|
||||
|
||||
select has_table_privilege(current_user,'pg_class','select');
|
||||
select has_table_privilege(current_user,'pg_class','insert');
|
||||
|
||||
select has_table_privilege(t2.usesysid,'pg_class','update')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
select has_table_privilege(t2.usesysid,'pg_class','delete')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'rule')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
select has_table_privilege(current_user,t1.oid,'references')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
|
||||
select has_table_privilege('pg_class','update');
|
||||
select has_table_privilege('pg_class','delete');
|
||||
|
||||
select has_table_privilege(t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
select has_table_privilege(t1.oid,'trigger')
|
||||
from (select oid from pg_class where relname = 'pg_class') as t1;
|
||||
|
||||
select has_table_privilege(current_user,'atest1','select');
|
||||
select has_table_privilege(current_user,'atest1','insert');
|
||||
|
||||
select has_table_privilege(t2.usesysid,'atest1','update')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
select has_table_privilege(t2.usesysid,'atest1','delete')
|
||||
from (select usesysid from pg_user where usename = current_user) as t2;
|
||||
|
||||
select has_table_privilege(current_user,t1.oid,'rule')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
select has_table_privilege(current_user,t1.oid,'references')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
select has_table_privilege(t2.usesysid,t1.oid,'insert')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1,
|
||||
(select usesysid from pg_user where usename = current_user) as t2;
|
||||
|
||||
select has_table_privilege('atest1','update');
|
||||
select has_table_privilege('atest1','delete');
|
||||
|
||||
select has_table_privilege(t1.oid,'select')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
select has_table_privilege(t1.oid,'trigger')
|
||||
from (select oid from pg_class where relname = 'atest1') as t1;
|
||||
|
||||
|
||||
-- clean up
|
||||
|
||||
\c regression
|
||||
|
Reference in New Issue
Block a user