external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix create schema authorization bug (#7015) 

Fixes a bug related to `CREATE SCHEMA AUTHORIZATION <rolename>` for single shard
tables. We should properly fetch schema name from role specification if schema name is not given.
pull/7009/head^2
aykut-bozkurt 2023-06-20 22:05:17 +03:00 committed by GitHub
parent f667f14029
commit 1bb667ce6e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 45 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/backend/distributed/commands/schema.c
View File

@ -68,6 +68,16 @@ PostprocessCreateSchemaStmt(Node *node, const char *queryString)
EnsureSequentialMode(OBJECT_SCHEMA);
bool missingOk = createSchemaStmt->if_not_exists;
List *schemaAdressList = CreateSchemaStmtObjectAddress(node, missingOk, true);
Assert(list_length(schemaAdressList) == 1);
ObjectAddress *schemaAdress = linitial(schemaAdressList);
Oid schemaId = schemaAdress->objectId;
if (!OidIsValid(schemaId))
{
return NIL;
}
/* to prevent recursion with mx we disable ddl propagation */
List *commands = list_make1(DISABLE_DDL_PROPAGATION);
@ -78,7 +88,8 @@ PostprocessCreateSchemaStmt(Node *node, const char *queryString)
commands = list_concat(commands, GetGrantCommandsFromCreateSchemaStmt(node));
if (ShouldUseSchemaBasedSharding(createSchemaStmt->schemaname))
char *schemaName = get_namespace_name(schemaId);
if (ShouldUseSchemaBasedSharding(schemaName))
{
/* for now, we don't allow creating tenant tables when creating the schema itself */
if (CreateSchemaStmtCreatesTable(createSchemaStmt))
@ -90,9 +101,6 @@ PostprocessCreateSchemaStmt(Node *node, const char *queryString)
"tenant tables.")));
}
bool missingOk = false;
Oid schemaId = get_namespace_oid(createSchemaStmt->schemaname, missingOk);
/*
* Register the tenant schema on the coordinator and save the command
* to register it on the workers.

21
src/test/regress/expected/schema_based_sharding.out
View File

@ -1675,9 +1675,26 @@ FROM public.citus_schemas WHERE schema_name::text LIKE 'citus\_sch_' ORDER BY sc
\c - - - :master_port
SET search_path TO regular_schema;
-- test we handle create schema with authorization properly for distributed schema
SET citus.enable_schema_based_sharding TO ON;
CREATE ROLE authschema;
CREATE SCHEMA AUTHORIZATION authschema;
SET citus.enable_schema_based_sharding TO OFF;
SELECT result FROM run_command_on_all_nodes($$
SELECT COUNT(*)=1
FROM pg_dist_schema
WHERE schemaid::regnamespace::text = 'authschema';
$$);
result
---------------------------------------------------------------------
t
t
t
(3 rows)
SET client_min_messages TO WARNING;
DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2 CASCADE;
DROP ROLE citus_schema_role, citus_schema_nonpri;
DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2, authschema CASCADE;
DROP ROLE citus_schema_role, citus_schema_nonpri, authschema;
SELECT citus_remove_node('localhost', :master_port);
citus_remove_node
---------------------------------------------------------------------

16
src/test/regress/sql/schema_based_sharding.sql
View File

@ -1141,8 +1141,20 @@ FROM public.citus_schemas WHERE schema_name::text LIKE 'citus\_sch_' ORDER BY sc
\c - - - :master_port
SET search_path TO regular_schema;
-- test we handle create schema with authorization properly for distributed schema
SET citus.enable_schema_based_sharding TO ON;
CREATE ROLE authschema;
CREATE SCHEMA AUTHORIZATION authschema;
SET citus.enable_schema_based_sharding TO OFF;
SELECT result FROM run_command_on_all_nodes($$
SELECT COUNT(*)=1
FROM pg_dist_schema
WHERE schemaid::regnamespace::text = 'authschema';
$$);
SET client_min_messages TO WARNING;
DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2 CASCADE;
DROP ROLE citus_schema_role, citus_schema_nonpri;
DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2, authschema CASCADE;
DROP ROLE citus_schema_role, citus_schema_nonpri, authschema;
SELECT citus_remove_node('localhost', :master_port);