database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-19 04:21:08 +03:00
Code Activity

Add more documentation and tests for publications

Browse Source 
Add/correct documentation and add some tests related to how access
control around adding tables to publications works.
This commit is contained in:
Peter Eisentraut
2017-03-15 13:52:07 -04:00
parent b5dd50f2c0
commit e76db009f0
4 changed files with 51 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/test/regress/expected/publication.out
View File

@ -2,6 +2,7 @@
-- PUBLICATION
--
CREATE ROLE regress_publication_user LOGIN SUPERUSER;
CREATE ROLE regress_publication_user2;
CREATE ROLE regress_publication_user_dummy LOGIN NOSUPERUSER;
SET SESSION AUTHORIZATION 'regress_publication_user';
CREATE PUBLICATION testpub_default;
@ -140,6 +141,23 @@ Publications:
"testpib_ins_trunct"
"testpub_fortbl"
-- permissions
SET ROLE regress_publication_user2;
CREATE PUBLICATION testpub2; -- fail
ERROR: permission denied for database regression
SET ROLE regress_publication_user;
GRANT CREATE ON DATABASE regression TO regress_publication_user2;
SET ROLE regress_publication_user2;
CREATE PUBLICATION testpub2; -- ok
ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1; -- fail
ERROR: must be owner of relation testpub_tbl1
SET ROLE regress_publication_user;
GRANT regress_publication_user TO regress_publication_user2;
SET ROLE regress_publication_user2;
ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1; -- ok
DROP PUBLICATION testpub2;
SET ROLE regress_publication_user;
REVOKE CREATE ON DATABASE regression FROM regress_publication_user2;
DROP VIEW testpub_view;
DROP TABLE testpub_tbl1;
\dRp+ testpub_default
@ -168,5 +186,5 @@ DROP PUBLICATION testpub_fortbl;
DROP SCHEMA pub_test CASCADE;
NOTICE: drop cascades to table pub_test.testpub_nopk
RESET SESSION AUTHORIZATION;
DROP ROLE regress_publication_user;
DROP ROLE regress_publication_user, regress_publication_user2;
DROP ROLE regress_publication_user_dummy;

24
src/test/regress/sql/publication.sql
View File

@ -2,6 +2,7 @@
-- PUBLICATION
--
CREATE ROLE regress_publication_user LOGIN SUPERUSER;
CREATE ROLE regress_publication_user2;
CREATE ROLE regress_publication_user_dummy LOGIN NOSUPERUSER;
SET SESSION AUTHORIZATION 'regress_publication_user';
@ -69,6 +70,27 @@ ALTER PUBLICATION testpub_default DROP TABLE pub_test.testpub_nopk;
\d+ testpub_tbl1
-- permissions
SET ROLE regress_publication_user2;
CREATE PUBLICATION testpub2; -- fail
SET ROLE regress_publication_user;
GRANT CREATE ON DATABASE regression TO regress_publication_user2;
SET ROLE regress_publication_user2;
CREATE PUBLICATION testpub2; -- ok
ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1; -- fail
SET ROLE regress_publication_user;
GRANT regress_publication_user TO regress_publication_user2;
SET ROLE regress_publication_user2;
ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1; -- ok
DROP PUBLICATION testpub2;
SET ROLE regress_publication_user;
REVOKE CREATE ON DATABASE regression FROM regress_publication_user2;
DROP VIEW testpub_view;
DROP TABLE testpub_tbl1;
@ -90,5 +112,5 @@ DROP PUBLICATION testpub_fortbl;
DROP SCHEMA pub_test CASCADE;
RESET SESSION AUTHORIZATION;
DROP ROLE regress_publication_user;
DROP ROLE regress_publication_user, regress_publication_user2;
DROP ROLE regress_publication_user_dummy;