NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit5de08f1

committed

Test "options=-crole=" and "ALTER DATABASE SET role".

Commit7b88529 fixed a regressionspanning these features, but it didn't test them. It did test codepaths sufficient for their present implementations, so no back-patch.Reported by Matthew Woodcraft.Discussion:https://postgr.es/m/87iksnsbhx.fsf@golux.woodcraft.me.uk

1 parentae45691 commit5de08f1Copy full SHA for 5de08f1

File tree

4 files changed

+128

-7

lines changed

src/test/modules/unsafe_tests
- Makefile
- expected
  - setconfig.out
- meson.build
- sql
  - setconfig.sql

4 files changed

+128

-7

lines changed

`‎src/test/modules/unsafe_tests/Makefile`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,8 @@`
`2`	`2`
`3`	`3`	`REGRESS = rolenames setconfig alter_system_table guc_privs`
`4`	`4`	`REGRESS_OPTS =\`
	`5`	`+--create-role=regress_authenticated_user_db_sr\`
	`6`	`+--create-role=regress_authenticated_user_db_ssa\`
`5`	`7`	`--create-role=regress_authenticated_user_sr\`
`6`	`8`	`--create-role=regress_authenticated_user_ssa`
`7`	`9`

`‎src/test/modules/unsafe_tests/expected/setconfig.out`

Lines changed: 72 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,24 +1,92 @@`
`1`	`1`	`-- This is borderline unsafe in that an additional login-capable user exists`
`2`	`2`	`-- during the test run. Under installcheck, a too-permissive pg_hba.conf`
`3`	`3`	`-- might allow unwanted logins as regress_authenticated_user_ssa.`
	`4`	`+-- Setup catalog state.`
	`5`	`+ALTER USER regress_authenticated_user_db_ssa superuser;`
`4`	`6`	`ALTER USER regress_authenticated_user_ssa superuser;`
`5`	`7`	`CREATE ROLE regress_session_user;`
`6`	`8`	`CREATE ROLE regress_current_user;`
	`9`	`+GRANT regress_current_user TO regress_authenticated_user_db_sr;`
`7`	`10`	`GRANT regress_current_user TO regress_authenticated_user_sr;`
	`11`	`+GRANT regress_session_user TO regress_authenticated_user_db_ssa;`
`8`	`12`	`GRANT regress_session_user TO regress_authenticated_user_ssa;`
	`13`	`+DO $$BEGIN EXECUTE format(`
	`14`	`+'ALTER DATABASE %I SET session_authorization = regress_session_user',`
	`15`	`+current_catalog); END$$;`
`9`	`16`	`ALTER ROLE regress_authenticated_user_ssa`
`10`	`17`	`SET session_authorization = regress_session_user;`
`11`	`18`	`ALTER ROLE regress_authenticated_user_sr SET ROLE = regress_current_user;`
`12`		`-\c - regress_authenticated_user_sr`
	`19`	`+-- Test ALTER DATABASE consequences`
	`20`	`+-- The longstanding historical behavior is that session_authorization in`
	`21`	`+-- setconfig has no effect. Hence, session_user remains`
	`22`	`+-- regress_authenticated_user_ssa. See comment in InitializeSessionUserId().`
	`23`	`+\c - regress_authenticated_user_db_ssa`
	`24`	`+SELECT current_user, session_user;`
	`25`	`+ current_user \| session_user`
	`26`	`+-----------------------------------+-----------------------------------`
	`27`	`+ regress_authenticated_user_db_ssa \| regress_authenticated_user_db_ssa`
	`28`	`+(1 row)`
	`29`	`+`
	`30`	`+-- We document "The DEFAULT and RESET forms reset the session and current user`
	`31`	`+-- identifiers to be the originally authenticated user name." If we let`
	`32`	`+-- session_authorization in setconfig have an effect, we'll need to decide`
	`33`	`+-- whether to make RESET differ from DEFAULT.`
	`34`	`+RESET SESSION AUTHORIZATION;`
	`35`	`+SELECT current_user, session_user;`
	`36`	`+ current_user \| session_user`
	`37`	`+-----------------------------------+-----------------------------------`
	`38`	`+ regress_authenticated_user_db_ssa \| regress_authenticated_user_db_ssa`
	`39`	`+(1 row)`
	`40`	`+`
	`41`	`+DO $$BEGIN`
	`42`	`+EXECUTE format(`
	`43`	`+'ALTER DATABASE %I RESET session_authorization', current_catalog);`
	`44`	`+EXECUTE format(`
	`45`	`+'ALTER DATABASE %I SET role = regress_current_user', current_catalog);`
	`46`	`+END$$;`
	`47`	`+\c - regress_authenticated_user_db_sr`
	`48`	`+SELECT current_user, session_user;`
	`49`	`+ current_user \| session_user`
	`50`	`+----------------------+----------------------------------`
	`51`	`+ regress_current_user \| regress_authenticated_user_db_sr`
	`52`	`+(1 row)`
	`53`	`+`
	`54`	`+-- Back to superuser, to reverse ALTER DATABASE`
	`55`	`+\c - regress_authenticated_user_db_ssa`
	`56`	`+SELECT current_user, session_user;`
	`57`	`+ current_user \| session_user`
	`58`	`+----------------------+-----------------------------------`
	`59`	`+ regress_current_user \| regress_authenticated_user_db_ssa`
	`60`	`+(1 row)`
	`61`	`+`
	`62`	`+SET ROLE NONE;`
	`63`	`+DO $$BEGIN EXECUTE format(`
	`64`	`+'ALTER DATABASE %I RESET role', current_catalog); END$$;`
	`65`	`+-- Test connection string options`
	`66`	`+\c -reuse-previous=on "user=regress_authenticated_user_db_sr options=-crole=regress_current_user"`
	`67`	`+SELECT current_user, session_user;`
	`68`	`+ current_user \| session_user`
	`69`	`+----------------------+----------------------------------`
	`70`	`+ regress_current_user \| regress_authenticated_user_db_sr`
	`71`	`+(1 row)`
	`72`	`+`
	`73`	`+-- As above, session_authorization has no effect.`
	`74`	`+\c -reuse-previous=on "user=regress_authenticated_user_db_ssa options=-csession_authorization=regress_session_user"`
	`75`	`+SELECT current_user, session_user;`
	`76`	`+ current_user \| session_user`
	`77`	`+-----------------------------------+-----------------------------------`
	`78`	`+ regress_authenticated_user_db_ssa \| regress_authenticated_user_db_ssa`
	`79`	`+(1 row)`
	`80`	`+`
	`81`	`+-- Test ALTER ROLE consequences`
	`82`	`+\c -reuse-previous=on "user=regress_authenticated_user_sr options="`
`13`	`83`	`SELECT current_user, session_user;`
`14`	`84`	`current_user \| session_user`
`15`	`85`	`----------------------+-------------------------------`
`16`	`86`	`regress_current_user \| regress_authenticated_user_sr`
`17`	`87`	`(1 row)`
`18`	`88`
`19`		`--- The longstanding historical behavior is that session_authorization in`
`20`		`--- setconfig has no effect. Hence, session_user remains`
`21`		`--- regress_authenticated_user_ssa. See comment in InitializeSessionUserId().`
	`89`	`+-- As above, session_authorization has no effect.`
`22`	`90`	`\c - regress_authenticated_user_ssa`
`23`	`91`	`SELECT current_user, session_user;`
`24`	`92`	`current_user \| session_user`

`‎src/test/modules/unsafe_tests/meson.build`

Lines changed: 3 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,9 @@ tests += {`
`11`	`11`	`'alter_system_table',`
`12`	`12`	`'guc_privs',`
`13`	`13`	`],`
`14`		`-'regress_args': ['--create-role=regress_authenticated_user_sr',`
	`14`	`+'regress_args': ['--create-role=regress_authenticated_user_db_sr',`
	`15`	`+'--create-role=regress_authenticated_user_db_ssa',`
	`16`	`+'--create-role=regress_authenticated_user_sr',`
`15`	`17`	`'--create-role=regress_authenticated_user_ssa'],`
`16`	`18`	`'runningcheck':false,`
`17`	`19`	`},`

`‎src/test/modules/unsafe_tests/sql/setconfig.sql`

Lines changed: 51 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -2,21 +2,70 @@`
`2`	`2`	`-- during the test run. Under installcheck, a too-permissive pg_hba.conf`
`3`	`3`	`-- might allow unwanted logins as regress_authenticated_user_ssa.`
`4`	`4`
	`5`	`+-- Setup catalog state.`
	`6`	`+ALTERUSER regress_authenticated_user_db_ssa superuser;`
`5`	`7`	`ALTERUSER regress_authenticated_user_ssa superuser;`
`6`	`8`	`CREATE ROLE regress_session_user;`
`7`	`9`	`CREATE ROLE regress_current_user;`
	`10`	`+GRANT regress_current_user TO regress_authenticated_user_db_sr;`
`8`	`11`	`GRANT regress_current_user TO regress_authenticated_user_sr;`
	`12`	`+GRANT regress_session_user TO regress_authenticated_user_db_ssa;`
`9`	`13`	`GRANT regress_session_user TO regress_authenticated_user_ssa;`
	`14`	`+DO $$BEGIN EXECUTE format(`
	`15`	`+'ALTER DATABASE %I SET session_authorization = regress_session_user',`
	`16`	`+current_catalog); END$$;`
`10`	`17`	`ALTER ROLE regress_authenticated_user_ssa`
`11`	`18`	`SET session_authorization= regress_session_user;`
`12`	`19`	`ALTER ROLE regress_authenticated_user_srSET ROLE= regress_current_user;`
`13`	`20`
`14`		`-\c- regress_authenticated_user_sr`
`15`		`-SELECTcurrent_user,session_user;`
	`21`	`+`
	`22`	`+-- Test ALTER DATABASE consequences`
`16`	`23`
`17`	`24`	`-- The longstanding historical behavior is that session_authorization in`
`18`	`25`	`-- setconfig has no effect. Hence, session_user remains`
`19`	`26`	`-- regress_authenticated_user_ssa. See comment in InitializeSessionUserId().`
	`27`	`+\c- regress_authenticated_user_db_ssa`
	`28`	`+SELECTcurrent_user,session_user;`
	`29`	`+-- We document "The DEFAULT and RESET forms reset the session and current user`
	`30`	`+-- identifiers to be the originally authenticated user name." If we let`
	`31`	`+-- session_authorization in setconfig have an effect, we'll need to decide`
	`32`	`+-- whether to make RESET differ from DEFAULT.`
	`33`	`+RESET SESSION AUTHORIZATION;`
	`34`	`+SELECTcurrent_user,session_user;`
	`35`	`+DO $$BEGIN`
	`36`	`+EXECUTE format(`
	`37`	`+'ALTER DATABASE %I RESET session_authorization', current_catalog);`
	`38`	`+EXECUTE format(`
	`39`	`+'ALTER DATABASE %I SET role = regress_current_user', current_catalog);`
	`40`	`+END$$;`
	`41`	`+`
	`42`	`+\c- regress_authenticated_user_db_sr`
	`43`	`+SELECTcurrent_user,session_user;`
	`44`	`+`
	`45`	`+-- Back to superuser, to reverse ALTER DATABASE`
	`46`	`+\c- regress_authenticated_user_db_ssa`
	`47`	`+SELECTcurrent_user,session_user;`
	`48`	`+SET ROLE NONE;`
	`49`	`+DO $$BEGIN EXECUTE format(`
	`50`	`+'ALTER DATABASE %I RESET role', current_catalog); END$$;`
	`51`	`+`
	`52`	`+`
	`53`	`+-- Test connection string options`
	`54`	`+`
	`55`	`+\c-reuse-previous=on"user=regress_authenticated_user_db_sr options=-crole=regress_current_user"`
	`56`	`+SELECTcurrent_user,session_user;`
	`57`	`+`
	`58`	`+-- As above, session_authorization has no effect.`
	`59`	`+\c-reuse-previous=on"user=regress_authenticated_user_db_ssa options=-csession_authorization=regress_session_user"`
	`60`	`+SELECTcurrent_user,session_user;`
	`61`	`+`
	`62`	`+`
	`63`	`+-- Test ALTER ROLE consequences`
	`64`	`+`
	`65`	`+\c-reuse-previous=on"user=regress_authenticated_user_sr options="`
	`66`	`+SELECTcurrent_user,session_user;`
	`67`	`+`
	`68`	`+-- As above, session_authorization has no effect.`
`20`	`69`	`\c- regress_authenticated_user_ssa`
`21`	`70`	`SELECTcurrent_user,session_user;`
`22`	`71`	`RESET SESSION AUTHORIZATION;`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit5de08f1

File tree

4 files changed

4 files changed

`‎src/test/modules/unsafe_tests/Makefile`

`‎src/test/modules/unsafe_tests/expected/setconfig.out`

`‎src/test/modules/unsafe_tests/meson.build`

`‎src/test/modules/unsafe_tests/sql/setconfig.sql`

0 commit comments