Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commita92624d

Browse files
committed
enable regression tests again, use GetUserId() instead of GetAuthenticatedUserId(), improve error message emitted by check_security_policy_internal()
1 parent553918a commita92624d

File tree

5 files changed

+24
-30
lines changed

5 files changed

+24
-30
lines changed

‎Makefile‎

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,12 @@ EXTVERSION = 1.0
1212
DATA_built =$(EXTENSION)--$(EXTVERSION).sql
1313
PGFILEDESC = "pg_pathman - partitioning tool"
1414

15-
# REGRESS = pathman_basic\
16-
# pathman_runtime_nodes\
17-
# pathman_callbacks\
18-
# pathman_domains\
19-
# pathman_foreign_keys\
20-
# pathman_permissions
21-
REGRESS = pathman_permissions
15+
REGRESS = pathman_basic\
16+
pathman_runtime_nodes\
17+
pathman_callbacks\
18+
pathman_domains\
19+
pathman_foreign_keys\
20+
pathman_permissions
2221
EXTRA_REGRESS_OPTS=--temp-config=$(top_srcdir)/$(subdir)/conf.add
2322
EXTRA_CLEAN =$(EXTENSION)--$(EXTVERSION).sql ./isolation_output
2423

‎expected/pathman_permissions.out‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,9 @@ NOTICE: sequence "user1_table_seq" does not exist, skipping
2222
SET ROLE user2;
2323
/* Try to change partitioning parameters for user1_table */
2424
SELECT set_enable_parent('user1_table', true);
25-
ERROR:Only table owner or superuser can change partitioning configuration
25+
ERROR:only the owner or superuser can change partitioning configuration of table "user1_table"
2626
SELECT set_auto('user1_table', false);
27-
ERROR:Only table owner or superuser can change partitioning configuration
27+
ERROR:only the owner or superuser can change partitioning configuration of table "user1_table"
2828
/*
2929
* Check that user is able to propagate partitions by inserting rows that
3030
* doesn't fit into range

‎src/pathman_workers.c‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -632,7 +632,7 @@ partition_table_concurrently(PG_FUNCTION_ARGS)
632632
{
633633
/* Initialize concurrent part slot */
634634
InitConcurrentPartSlot(&concurrent_part_slots[empty_slot_idx],
635-
GetAuthenticatedUserId(),CPS_WORKING,
635+
GetUserId(),CPS_WORKING,
636636
MyDatabaseId,relid,1000,1.0);
637637

638638
/* Now we can safely unlock slot for new BGWorker */

‎src/pl_funcs.c‎

Lines changed: 4 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -848,19 +848,14 @@ invoke_on_partition_created_callback(PG_FUNCTION_ARGS)
848848
}
849849

850850
/*
851-
* Check if user can alter/drop specified relation. This function is used to
852-
* make sure that current user can change pg_pathman's config. Returns true
853-
* if user can manage relation, false otherwise.
854-
*
855-
* XXX currently we just check if user is a table owner. Probably it's better to
856-
* check user permissions in order to let other users.
851+
* Function to be used for RLS rules on PATHMAN_CONFIG and
852+
* PATHMAN_CONFIG_PARAMS tables.
853+
* NOTE: check_security_policy_internal() is used under the hood.
857854
*/
858855
Datum
859856
check_security_policy(PG_FUNCTION_ARGS)
860857
{
861-
Oidrelid=PG_GETARG_OID(0);
862-
863-
PG_RETURN_BOOL(check_security_policy_internal(relid));
858+
PG_RETURN_BOOL(check_security_policy_internal(PG_GETARG_OID(0)));
864859
}
865860

866861

‎src/utils.c‎

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -749,31 +749,31 @@ validate_on_part_init_cb(Oid procid, bool emit_error)
749749
* make sure that current user can change pg_pathman's config. Returns true
750750
* if user can manage relation, false otherwise.
751751
*
752-
* XXX currently we just check if user is a table owner. Probably it's better to
753-
* check user permissions in order to let other users.
752+
* XXX currently we just check if user is a table owner. Probably it's
753+
*better tocheck user permissions in order to let other users participate.
754754
*/
755755
bool
756756
check_security_policy_internal(Oidrelid)
757757
{
758-
Oidowner;
758+
Oidowner;
759759

760-
/*
761-
* If user has superuser privileges then he or she can do whatever wants
762-
*/
760+
/* Superuser is allowed to do anything */
763761
if (superuser())
764762
return true;
765763

766764
/*
767-
* Sometimes the relation doesn't exist anymore but there is still a record
768-
* in config.It for example happens in event trigger function. So we
769-
* should be able to remove this record
765+
* Sometimes the relation doesn't exist anymore but there is still
766+
*a recordin config.For instance, it happens inDDLevent trigger.
767+
*Still weshould be able to remove this record.
770768
*/
771769
if ((owner=get_rel_owner(relid))==InvalidOid)
772770
return true;
773771

774-
/* Check if current user isan owner of the relation */
772+
/* Check if current user isthe owner of the relation */
775773
if (owner!=GetUserId())
776-
elog(ERROR,"Only table owner or superuser can change partitioning configuration");
774+
elog(ERROR,"only the owner or superuser can change "
775+
"partitioning configuration of table \"%s\"",
776+
get_rel_name_or_relid(relid));
777777

778778
return true;
779779
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp