diff --git a/src/backend/distributed/commands/distribute_object_ops.c b/src/backend/distributed/commands/distribute_object_ops.c index a17d75e17..c0fe607ef 100644 --- a/src/backend/distributed/commands/distribute_object_ops.c +++ b/src/backend/distributed/commands/distribute_object_ops.c @@ -150,6 +150,17 @@ static DistributeObjectOps Any_AlterRole = { .address = AlterRoleStmtObjectAddress, .markDistributed = false, }; + +static DistributeObjectOps Any_AlterRoleRename = { + .deparse = DeparseAlterRoleStmt, + .qualify = NULL, + .preprocess = NULL, + .postprocess = PostprocessAlterRoleStmt, + .operationType = DIST_OPS_ALTER, + .address = AlterRoleStmtObjectAddress, + .markDistributed = false, +}; + static DistributeObjectOps Any_AlterRoleSet = { .deparse = DeparseAlterRoleSetStmt, .qualify = QualifyAlterRoleSetStmt, @@ -2059,6 +2070,11 @@ GetDistributeObjectOps(Node *node) return &Publication_Rename; } + case OBJECT_ROLE: + { + return &Role_Rename; + } + case OBJECT_ROUTINE: { return &Routine_Rename; diff --git a/src/backend/distributed/deparser/deparse_role_stmts.c b/src/backend/distributed/deparser/deparse_role_stmts.c index 4d41f8ec4..8cdc6ef9e 100644 --- a/src/backend/distributed/deparser/deparse_role_stmts.c +++ b/src/backend/distributed/deparser/deparse_role_stmts.c @@ -164,6 +164,10 @@ AppendRoleOption(StringInfo buf, ListCell *optionCell) { appendStringInfo(buf, " CONNECTION LIMIT %d", intVal(option->arg)); } + else if (strcmp(option->defname, "sysid") == 0) + { + appendStringInfo(buf, " SYSID %d", intVal(option->arg)); + } else if (strcmp(option->defname, "password") == 0) { if (option->arg != NULL) @@ -201,17 +205,34 @@ DeparseCreateRoleStmt(Node *node) } + /* - * AppendCreateRoleStmt generates the string representation of the - * CreateRoleStmt and appends it to the buffer. - */ + * AppendRoleOption generates the string representation of the DefElem option + * and appends it to the buffer. + */ static void -AppendCreateRoleStmt(StringInfo buf, CreateRoleStmt *stmt) +AppendInlinePriviliges(StringInfo buf, ListCell *optionCell) { - ListCell *optionCell = NULL; + DefElem *option = (DefElem *) lfirst(optionCell); - appendStringInfo(buf, "CREATE "); + if (strcmp(option->defname, "adminmembers") == 0) + { + appendStringInfo(buf, " ADMIN "); + AppendRoleList(buf, (List *) option->arg); + } + else if (strcmp(option->defname, "rolemembers") == 0) + { + appendStringInfo(buf, " ROLE "); + AppendRoleList(buf, (List *) option->arg); + } + else if (strcmp(option->defname, "addroleto") == 0) + { + appendStringInfo(buf, " IN ROLE "); + AppendRoleList(buf, (List *) option->arg); + } +} +static void AppendStatementType(StringInfo buf, CreateRoleStmt *stmt){ switch (stmt->stmt_type) { case ROLESTMT_ROLE: @@ -232,34 +253,28 @@ AppendCreateRoleStmt(StringInfo buf, CreateRoleStmt *stmt) break; } } +} + + +/* + * AppendCreateRoleStmt generates the string representation of the + * CreateRoleStmt and appends it to the buffer. + */ +static void +AppendCreateRoleStmt(StringInfo buf, CreateRoleStmt *stmt) +{ + ListCell *optionCell = NULL; + + appendStringInfo(buf, "CREATE "); + + AppendStatementType(buf, stmt); appendStringInfo(buf, "%s", quote_identifier(stmt->role)); foreach(optionCell, stmt->options) { AppendRoleOption(buf, optionCell); - - DefElem *option = (DefElem *) lfirst(optionCell); - - if (strcmp(option->defname, "sysid") == 0) - { - appendStringInfo(buf, " SYSID %d", intVal(option->arg)); - } - else if (strcmp(option->defname, "adminmembers") == 0) - { - appendStringInfo(buf, " ADMIN "); - AppendRoleList(buf, (List *) option->arg); - } - else if (strcmp(option->defname, "rolemembers") == 0) - { - appendStringInfo(buf, " ROLE "); - AppendRoleList(buf, (List *) option->arg); - } - else if (strcmp(option->defname, "addroleto") == 0) - { - appendStringInfo(buf, " IN ROLE "); - AppendRoleList(buf, (List *) option->arg); - } + AppendInlinePriviliges(buf, optionCell); } } diff --git a/src/test/regress/expected/alter_role_propagation.out b/src/test/regress/expected/alter_role_propagation.out index 4e04f0e92..b8e122db2 100644 --- a/src/test/regress/expected/alter_role_propagation.out +++ b/src/test/regress/expected/alter_role_propagation.out @@ -356,5 +356,53 @@ SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_passwor RESET password_encryption; DROP ROLE new_role; +drop user if exists test1 ; +NOTICE: role "test1" does not exist, skipping +create user test1; +SELECT run_command_on_workers($$SELECT row() FROM pg_roles WHERE rolname = 'test1'$$); + run_command_on_workers +--------------------------------------------------------------------- + (localhost,57637,t,"()") + (localhost,57638,t,"()") +(2 rows) + +alter user test1 with encrypted password 'test1' nosuperuser noinherit nocreaterole nocreatedb nologin noreplication nobypassrls connection limit -1 valid until 'infinity'; +SELECT run_command_on_workers($$SELECT row(rolname, rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin, rolreplication, rolbypassrls, rolconnlimit, EXTRACT (year FROM rolvaliduntil)) FROM pg_authid WHERE rolname = 'test1'$$); + run_command_on_workers +--------------------------------------------------------------------- + (localhost,57637,t,"(test1,f,f,f,f,f,f,f,-1,Infinity)") + (localhost,57638,t,"(test1,f,f,f,f,f,f,f,-1,Infinity)") +(2 rows) + +alter user test1 with password NULL superuser inherit createrole createdb login replication bypassrls connection limit 10 valid until '2019-01-01'; +SELECT run_command_on_workers($$SELECT row(rolname, rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin, rolreplication, rolbypassrls, rolconnlimit, EXTRACT (year FROM rolvaliduntil)) FROM pg_authid WHERE rolname = 'test1'$$); + run_command_on_workers +--------------------------------------------------------------------- + (localhost,57637,t,"(test1,t,t,t,t,t,t,t,10,2019)") + (localhost,57638,t,"(test1,t,t,t,t,t,t,t,10,2019)") +(2 rows) + +alter user test1 rename to test2; +NOTICE: not propagating ALTER ROLE ... RENAME TO commands to worker nodes +HINT: Connect to worker nodes directly to manually rename the role +drop user if exists test2; +create user test1 with password NULL superuser inherit createrole createdb login replication bypassrls connection limit 10 valid until '2019-01-01'; +SELECT run_command_on_workers($$SELECT row(rolname, rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin, rolreplication, rolbypassrls, rolconnlimit, EXTRACT (year FROM rolvaliduntil)) FROM pg_authid WHERE rolname = 'test1'$$); + run_command_on_workers +--------------------------------------------------------------------- + (localhost,57637,t,"(test1,t,t,t,t,t,t,t,10,2019)") + (localhost,57638,t,"(test1,t,t,t,t,t,t,t,10,2019)") +(2 rows) + +drop user if exists test1; +create user test1 with encrypted password 'test1' nosuperuser noinherit nocreaterole nocreatedb nologin noreplication nobypassrls connection limit -1 valid until 'infinity'; +SELECT run_command_on_workers($$SELECT row(rolname, rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin, rolreplication, rolbypassrls, rolconnlimit, EXTRACT (year FROM rolvaliduntil)) FROM pg_authid WHERE rolname = 'test1'$$); + run_command_on_workers +--------------------------------------------------------------------- + (localhost,57637,t,"(test1,f,f,f,f,f,f,f,-1,Infinity)") + (localhost,57638,t,"(test1,f,f,f,f,f,f,f,-1,Infinity)") +(2 rows) + +drop user test1; DROP TABLE test_search_path; DROP SCHEMA alter_role, ",CitUs,.TeeN!?", test_sp CASCADE; diff --git a/src/test/regress/sql/alter_role_propagation.sql b/src/test/regress/sql/alter_role_propagation.sql index 40c7395c4..044f93d62 100644 --- a/src/test/regress/sql/alter_role_propagation.sql +++ b/src/test/regress/sql/alter_role_propagation.sql @@ -119,5 +119,54 @@ SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_passwor RESET password_encryption; DROP ROLE new_role; + + +drop user if exists test1 ; + +create user test1; + +SELECT run_command_on_workers($$SELECT row() FROM pg_roles WHERE rolname = 'test1'$$); + + +alter user test1 with encrypted password 'test1' nosuperuser noinherit nocreaterole nocreatedb nologin noreplication nobypassrls connection limit -1 valid until 'infinity'; +SELECT run_command_on_workers($$SELECT row(rolname, rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin, rolreplication, rolbypassrls, rolconnlimit, EXTRACT (year FROM rolvaliduntil)) FROM pg_authid WHERE rolname = 'test1'$$); +alter user test1 with password NULL superuser inherit createrole createdb login replication bypassrls connection limit 10 valid until '2019-01-01'; +SELECT run_command_on_workers($$SELECT row(rolname, rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin, rolreplication, rolbypassrls, rolconnlimit, EXTRACT (year FROM rolvaliduntil)) FROM pg_authid WHERE rolname = 'test1'$$); + + +SET citus.log_remote_commands = true; +-- Set a custom value for the search_path parameter +ALTER USER test1 SET search_path TO public, schema2; + +-- Reset the search_path parameter to its default value +ALTER USER test1 SET search_path TO DEFAULT; + +-- Set a custom value for the timezone parameter +ALTER USER test1 SET timezone TO 'America/New_York'; + +-- Reset the timezone parameter to its default value +ALTER USER test1 SET timezone TO DEFAULT; + +-- Set a custom value for the work_mem parameter +ALTER USER test1 SET work_mem TO '64MB'; + +-- Reset the work_mem parameter to its default value +ALTER USER test1 SET work_mem TO DEFAULT; + +-- Set a custom value for the max_connections parameter +ALTER USER test1 SET max_connections TO 100; + +-- Reset the max_connections parameter to its default value +ALTER USER test1 SET max_connections TO DEFAULT; + +-- Set a custom float value for the random_page_cost parameter +ALTER USER test1 SET random_page_cost TO 1.5; + +alter user test1 rename to test2; + +drop user if exists test2; + +drop user test1; + DROP TABLE test_search_path; DROP SCHEMA alter_role, ",CitUs,.TeeN!?", test_sp CASCADE;