diff --git a/src/backend/distributed/commands/schema.c b/src/backend/distributed/commands/schema.c index c0affce58..c16b87fa2 100644 --- a/src/backend/distributed/commands/schema.c +++ b/src/backend/distributed/commands/schema.c @@ -68,6 +68,16 @@ PostprocessCreateSchemaStmt(Node *node, const char *queryString) EnsureSequentialMode(OBJECT_SCHEMA); + bool missingOk = createSchemaStmt->if_not_exists; + List *schemaAdressList = CreateSchemaStmtObjectAddress(node, missingOk, true); + Assert(list_length(schemaAdressList) == 1); + ObjectAddress *schemaAdress = linitial(schemaAdressList); + Oid schemaId = schemaAdress->objectId; + if (!OidIsValid(schemaId)) + { + return NIL; + } + /* to prevent recursion with mx we disable ddl propagation */ List *commands = list_make1(DISABLE_DDL_PROPAGATION); @@ -78,7 +88,8 @@ PostprocessCreateSchemaStmt(Node *node, const char *queryString) commands = list_concat(commands, GetGrantCommandsFromCreateSchemaStmt(node)); - if (ShouldUseSchemaBasedSharding(createSchemaStmt->schemaname)) + char *schemaName = get_namespace_name(schemaId); + if (ShouldUseSchemaBasedSharding(schemaName)) { /* for now, we don't allow creating tenant tables when creating the schema itself */ if (CreateSchemaStmtCreatesTable(createSchemaStmt)) @@ -90,9 +101,6 @@ PostprocessCreateSchemaStmt(Node *node, const char *queryString) "tenant tables."))); } - bool missingOk = false; - Oid schemaId = get_namespace_oid(createSchemaStmt->schemaname, missingOk); - /* * Register the tenant schema on the coordinator and save the command * to register it on the workers. diff --git a/src/test/regress/expected/schema_based_sharding.out b/src/test/regress/expected/schema_based_sharding.out index b041708cf..ad456ad8e 100644 --- a/src/test/regress/expected/schema_based_sharding.out +++ b/src/test/regress/expected/schema_based_sharding.out @@ -1675,9 +1675,26 @@ FROM public.citus_schemas WHERE schema_name::text LIKE 'citus\_sch_' ORDER BY sc \c - - - :master_port SET search_path TO regular_schema; +-- test we handle create schema with authorization properly for distributed schema +SET citus.enable_schema_based_sharding TO ON; +CREATE ROLE authschema; +CREATE SCHEMA AUTHORIZATION authschema; +SET citus.enable_schema_based_sharding TO OFF; +SELECT result FROM run_command_on_all_nodes($$ + SELECT COUNT(*)=1 + FROM pg_dist_schema + WHERE schemaid::regnamespace::text = 'authschema'; +$$); + result +--------------------------------------------------------------------- + t + t + t +(3 rows) + SET client_min_messages TO WARNING; -DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2 CASCADE; -DROP ROLE citus_schema_role, citus_schema_nonpri; +DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2, authschema CASCADE; +DROP ROLE citus_schema_role, citus_schema_nonpri, authschema; SELECT citus_remove_node('localhost', :master_port); citus_remove_node --------------------------------------------------------------------- diff --git a/src/test/regress/sql/schema_based_sharding.sql b/src/test/regress/sql/schema_based_sharding.sql index 7b16ba904..1e5208332 100644 --- a/src/test/regress/sql/schema_based_sharding.sql +++ b/src/test/regress/sql/schema_based_sharding.sql @@ -1141,8 +1141,20 @@ FROM public.citus_schemas WHERE schema_name::text LIKE 'citus\_sch_' ORDER BY sc \c - - - :master_port SET search_path TO regular_schema; +-- test we handle create schema with authorization properly for distributed schema +SET citus.enable_schema_based_sharding TO ON; +CREATE ROLE authschema; +CREATE SCHEMA AUTHORIZATION authschema; +SET citus.enable_schema_based_sharding TO OFF; + +SELECT result FROM run_command_on_all_nodes($$ + SELECT COUNT(*)=1 + FROM pg_dist_schema + WHERE schemaid::regnamespace::text = 'authschema'; +$$); + SET client_min_messages TO WARNING; -DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2 CASCADE; -DROP ROLE citus_schema_role, citus_schema_nonpri; +DROP SCHEMA regular_schema, tenant_3, tenant_5, tenant_7, tenant_6, type_sch, citus_sch1, citus_sch2, citus_empty_sch1, citus_empty_sch2, authschema CASCADE; +DROP ROLE citus_schema_role, citus_schema_nonpri, authschema; SELECT citus_remove_node('localhost', :master_port);