Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitdf761e3

Browse files
committed
Move security_label test
Rather than have the core security_label regression test depend on thedummy_seclabel module, have that part of the test be executed bydummy_seclabel itself directly. This simplifies the testing rig a bit;in particular it should silence the problems from the MSVC buildfarmphylum, which haven't yet gotten taught how to install src/test/modules.
1 parente09996f commitdf761e3

File tree

8 files changed

+268
-243
lines changed

8 files changed

+268
-243
lines changed

‎src/test/modules/dummy_seclabel/Makefile

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@
33
MODULES = dummy_seclabel
44
PGFILEDESC = "dummy_seclabel - regression testing of the SECURITY LABEL statement"
55

6+
REGRESS = dummy_seclabel
7+
68
ifdefUSE_PGXS
79
PG_CONFIG = pg_config
810
PGXS :=$(shell$(PG_CONFIG) --pgxs)
Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
--
2+
-- Test for facilities of security label
3+
--
4+
LOAD '@libdir@/dummy_seclabel@DLSUFFIX@';
5+
6+
-- initial setups
7+
SET client_min_messages TO 'warning';
8+
9+
DROP ROLE IF EXISTS dummy_seclabel_user1;
10+
DROP ROLE IF EXISTS dummy_seclabel_user2;
11+
12+
DROP TABLE IF EXISTS dummy_seclabel_tbl1;
13+
DROP TABLE IF EXISTS dummy_seclabel_tbl2;
14+
DROP TABLE IF EXISTS dummy_seclabel_tbl3;
15+
16+
CREATE USER dummy_seclabel_user1 WITH CREATEROLE;
17+
CREATE USER dummy_seclabel_user2;
18+
19+
CREATE TABLE dummy_seclabel_tbl1 (a int, b text);
20+
CREATE TABLE dummy_seclabel_tbl2 (x int, y text);
21+
CREATE VIEW dummy_seclabel_view1 AS SELECT * FROM dummy_seclabel_tbl2;
22+
CREATE FUNCTION dummy_seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql;
23+
CREATE DOMAIN dummy_seclabel_domain AS text;
24+
25+
ALTER TABLE dummy_seclabel_tbl1 OWNER TO dummy_seclabel_user1;
26+
ALTER TABLE dummy_seclabel_tbl2 OWNER TO dummy_seclabel_user2;
27+
28+
RESET client_min_messages;
29+
30+
--
31+
-- Test of SECURITY LABEL statement with a plugin
32+
--
33+
SET SESSION AUTHORIZATION dummy_seclabel_user1;
34+
35+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'classified';-- OK
36+
SECURITY LABEL ON COLUMN dummy_seclabel_tbl1.a IS 'unclassified';-- OK
37+
SECURITY LABEL ON COLUMN dummy_seclabel_tbl1 IS 'unclassified';-- fail
38+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS '...invalid label...';-- fail
39+
SECURITY LABEL FOR 'dummy' ON TABLE dummy_seclabel_tbl1 IS 'unclassified';-- OK
40+
SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified';-- fail
41+
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified';-- fail (not owner)
42+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret';-- fail (not superuser)
43+
SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified';-- fail (not found)
44+
45+
SET SESSION AUTHORIZATION dummy_seclabel_user2;
46+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified';-- fail
47+
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified';-- OK
48+
49+
--
50+
-- Test for shared database object
51+
--
52+
SET SESSION AUTHORIZATION dummy_seclabel_user1;
53+
54+
SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'classified';-- OK
55+
SECURITY LABEL ON ROLE dummy_seclabel_user1 IS '...invalid label...';-- fail
56+
SECURITY LABEL FOR 'dummy' ON ROLE dummy_seclabel_user2 IS 'unclassified';-- OK
57+
SECURITY LABEL FOR 'unknown_seclabel' ON ROLE dummy_seclabel_user1 IS 'unclassified';-- fail
58+
SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'secret';-- fail (not superuser)
59+
SECURITY LABEL ON ROLE dummy_seclabel_user3 IS 'unclassified';-- fail (not found)
60+
61+
SET SESSION AUTHORIZATION dummy_seclabel_user2;
62+
SECURITY LABEL ON ROLE dummy_seclabel_user2 IS 'unclassified';-- fail (not privileged)
63+
64+
RESET SESSION AUTHORIZATION;
65+
66+
--
67+
-- Test for various types of object
68+
--
69+
RESET SESSION AUTHORIZATION;
70+
71+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'top secret';-- OK
72+
SECURITY LABEL ON VIEW dummy_seclabel_view1 IS 'classified';-- OK
73+
SECURITY LABEL ON FUNCTION dummy_seclabel_four() IS 'classified';-- OK
74+
SECURITY LABEL ON DOMAIN dummy_seclabel_domain IS 'classified';-- OK
75+
CREATE SCHEMA dummy_seclabel_test;
76+
SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';-- OK
77+
78+
SELECT objtype, objname, provider, label FROM pg_seclabels
79+
ORDER BY objtype, objname;
Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
--
2+
-- Test for facilities of security label
3+
--
4+
LOAD '@libdir@/dummy_seclabel@DLSUFFIX@';
5+
-- initial setups
6+
SET client_min_messages TO 'warning';
7+
DROP ROLE IF EXISTS dummy_seclabel_user1;
8+
DROP ROLE IF EXISTS dummy_seclabel_user2;
9+
DROP TABLE IF EXISTS dummy_seclabel_tbl1;
10+
DROP TABLE IF EXISTS dummy_seclabel_tbl2;
11+
DROP TABLE IF EXISTS dummy_seclabel_tbl3;
12+
CREATE USER dummy_seclabel_user1 WITH CREATEROLE;
13+
CREATE USER dummy_seclabel_user2;
14+
CREATE TABLE dummy_seclabel_tbl1 (a int, b text);
15+
CREATE TABLE dummy_seclabel_tbl2 (x int, y text);
16+
CREATE VIEW dummy_seclabel_view1 AS SELECT * FROM dummy_seclabel_tbl2;
17+
CREATE FUNCTION dummy_seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql;
18+
CREATE DOMAIN dummy_seclabel_domain AS text;
19+
ALTER TABLE dummy_seclabel_tbl1 OWNER TO dummy_seclabel_user1;
20+
ALTER TABLE dummy_seclabel_tbl2 OWNER TO dummy_seclabel_user2;
21+
RESET client_min_messages;
22+
--
23+
-- Test of SECURITY LABEL statement with a plugin
24+
--
25+
SET SESSION AUTHORIZATION dummy_seclabel_user1;
26+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'classified';-- OK
27+
SECURITY LABEL ON COLUMN dummy_seclabel_tbl1.a IS 'unclassified';-- OK
28+
SECURITY LABEL ON COLUMN dummy_seclabel_tbl1 IS 'unclassified';-- fail
29+
ERROR: column name must be qualified
30+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS '...invalid label...';-- fail
31+
ERROR: '...invalid label...' is not a valid security label
32+
SECURITY LABEL FOR 'dummy' ON TABLE dummy_seclabel_tbl1 IS 'unclassified';-- OK
33+
SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified';-- fail
34+
ERROR: security label provider "unknown_seclabel" is not loaded
35+
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified';-- fail (not owner)
36+
ERROR: must be owner of relation dummy_seclabel_tbl2
37+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret';-- fail (not superuser)
38+
ERROR: only superuser can set 'secret' label
39+
SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified';-- fail (not found)
40+
ERROR: relation "dummy_seclabel_tbl3" does not exist
41+
SET SESSION AUTHORIZATION dummy_seclabel_user2;
42+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified';-- fail
43+
ERROR: must be owner of relation dummy_seclabel_tbl1
44+
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified';-- OK
45+
--
46+
-- Test for shared database object
47+
--
48+
SET SESSION AUTHORIZATION dummy_seclabel_user1;
49+
SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'classified';-- OK
50+
SECURITY LABEL ON ROLE dummy_seclabel_user1 IS '...invalid label...';-- fail
51+
ERROR: '...invalid label...' is not a valid security label
52+
SECURITY LABEL FOR 'dummy' ON ROLE dummy_seclabel_user2 IS 'unclassified';-- OK
53+
SECURITY LABEL FOR 'unknown_seclabel' ON ROLE dummy_seclabel_user1 IS 'unclassified';-- fail
54+
ERROR: security label provider "unknown_seclabel" is not loaded
55+
SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'secret';-- fail (not superuser)
56+
ERROR: only superuser can set 'secret' label
57+
SECURITY LABEL ON ROLE dummy_seclabel_user3 IS 'unclassified';-- fail (not found)
58+
ERROR: role "dummy_seclabel_user3" does not exist
59+
SET SESSION AUTHORIZATION dummy_seclabel_user2;
60+
SECURITY LABEL ON ROLE dummy_seclabel_user2 IS 'unclassified';-- fail (not privileged)
61+
ERROR: must have CREATEROLE privilege
62+
RESET SESSION AUTHORIZATION;
63+
--
64+
-- Test for various types of object
65+
--
66+
RESET SESSION AUTHORIZATION;
67+
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'top secret';-- OK
68+
SECURITY LABEL ON VIEW dummy_seclabel_view1 IS 'classified';-- OK
69+
SECURITY LABEL ON FUNCTION dummy_seclabel_four() IS 'classified';-- OK
70+
SECURITY LABEL ON DOMAIN dummy_seclabel_domain IS 'classified';-- OK
71+
CREATE SCHEMA dummy_seclabel_test;
72+
SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';-- OK
73+
SELECT objtype, objname, provider, label FROM pg_seclabels
74+
ORDER BY objtype, objname;
75+
objtype | objname | provider | label
76+
----------+-----------------------+----------+--------------
77+
column | dummy_seclabel_tbl1.a | dummy | unclassified
78+
domain | dummy_seclabel_domain | dummy | classified
79+
function | dummy_seclabel_four() | dummy | classified
80+
role | dummy_seclabel_user1 | dummy | classified
81+
role | dummy_seclabel_user2 | dummy | unclassified
82+
schema | dummy_seclabel_test | dummy | unclassified
83+
table | dummy_seclabel_tbl1 | dummy | top secret
84+
table | dummy_seclabel_tbl2 | dummy | classified
85+
view | dummy_seclabel_view1 | dummy | classified
86+
(9 rows)
87+

‎src/test/regress/GNUmakefile

Lines changed: 4 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -101,32 +101,24 @@ installdirs-tests: installdirs
101101
$(MKDIR_P)$(patsubst$(srcdir)/%/,'$(DESTDIR)$(pkglibdir)/regress/%',$(sort$(dir$(regress_data_files))))
102102

103103

104-
# Get some extra C modules from contrib/spi and src/test/modules/dummy_seclabel...
104+
# Get some extra C modules from contrib/spi
105105

106-
all: refint$(DLSUFFIX) autoinc$(DLSUFFIX) dummy_seclabel$(DLSUFFIX)
106+
all: refint$(DLSUFFIX) autoinc$(DLSUFFIX)
107107

108108
refint$(DLSUFFIX):$(top_builddir)/contrib/spi/refint$(DLSUFFIX)
109109
cp$<$@
110110

111111
autoinc$(DLSUFFIX):$(top_builddir)/contrib/spi/autoinc$(DLSUFFIX)
112112
cp$<$@
113113

114-
dummy_seclabel$(DLSUFFIX):$(top_builddir)/src/test/modules/dummy_seclabel/dummy_seclabel$(DLSUFFIX)
115-
cp$<$@
116-
117114
$(top_builddir)/contrib/spi/refint$(DLSUFFIX): | submake-contrib-spi ;
118115

119116
$(top_builddir)/contrib/spi/autoinc$(DLSUFFIX): | submake-contrib-spi ;
120117

121-
$(top_builddir)/src/test/modules/dummy_seclabel/dummy_seclabel$(DLSUFFIX): | submake-dummy_seclabel ;
122-
123118
submake-contrib-spi:
124119
$(MAKE) -C$(top_builddir)/contrib/spi
125120

126-
submake-dummy_seclabel:
127-
$(MAKE) -C$(top_builddir)/src/test/modules/dummy_seclabel
128-
129-
.PHONY: submake-contrib-spi submake-dummy_seclabel
121+
.PHONY: submake-contrib-spi
130122

131123
# Tablespace setup
132124

@@ -179,7 +171,7 @@ bigcheck: all tablespace-setup
179171

180172
cleandistcleanmaintainer-clean: clean-lib
181173
# things built by `all' target
182-
rm -f $(OBJS) refint$(DLSUFFIX) autoinc$(DLSUFFIX) dummy_seclabel$(DLSUFFIX)
174+
rm -f $(OBJS) refint$(DLSUFFIX) autoinc$(DLSUFFIX)
183175
rm -f pg_regress_main.o pg_regress.o pg_regress$(X)
184176
# things created by various check targets
185177
rm -f $(output_files) $(input_files)
Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
--
2+
-- Test for facilities of security label
3+
--
4+
-- initial setups
5+
SET client_min_messages TO 'warning';
6+
DROP ROLE IF EXISTS seclabel_user1;
7+
DROP ROLE IF EXISTS seclabel_user2;
8+
DROP TABLE IF EXISTS seclabel_tbl1;
9+
DROP TABLE IF EXISTS seclabel_tbl2;
10+
DROP TABLE IF EXISTS seclabel_tbl3;
11+
CREATE USER seclabel_user1 WITH CREATEROLE;
12+
CREATE USER seclabel_user2;
13+
CREATE TABLE seclabel_tbl1 (a int, b text);
14+
CREATE TABLE seclabel_tbl2 (x int, y text);
15+
CREATE VIEW seclabel_view1 AS SELECT * FROM seclabel_tbl2;
16+
CREATE FUNCTION seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql;
17+
CREATE DOMAIN seclabel_domain AS text;
18+
ALTER TABLE seclabel_tbl1 OWNER TO seclabel_user1;
19+
ALTER TABLE seclabel_tbl2 OWNER TO seclabel_user2;
20+
RESET client_min_messages;
21+
--
22+
-- Test of SECURITY LABEL statement without a plugin
23+
--
24+
SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified';-- fail
25+
ERROR: no security label providers have been loaded
26+
SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'classified';-- fail
27+
ERROR: security label provider "dummy" is not loaded
28+
SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...';-- fail
29+
ERROR: no security label providers have been loaded
30+
SECURITY LABEL ON TABLE seclabel_tbl3 IS 'unclassified';-- fail
31+
ERROR: no security label providers have been loaded
32+
SECURITY LABEL ON ROLE seclabel_user1 IS 'classified';-- fail
33+
ERROR: no security label providers have been loaded
34+
SECURITY LABEL FOR 'dummy' ON ROLE seclabel_user1 IS 'classified';-- fail
35+
ERROR: security label provider "dummy" is not loaded
36+
SECURITY LABEL ON ROLE seclabel_user1 IS '...invalid label...';-- fail
37+
ERROR: no security label providers have been loaded
38+
SECURITY LABEL ON ROLE seclabel_user3 IS 'unclassified';-- fail
39+
ERROR: no security label providers have been loaded
40+
-- clean up objects
41+
DROP FUNCTION seclabel_four();
42+
DROP DOMAIN seclabel_domain;
43+
DROP VIEW seclabel_view1;
44+
DROP TABLE seclabel_tbl1;
45+
DROP TABLE seclabel_tbl2;
46+
DROP USER seclabel_user1;
47+
DROP USER seclabel_user2;

‎src/test/regress/input/security_label.source

Lines changed: 0 additions & 108 deletions
This file was deleted.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp