diff --git a/src/backend/distributed/commands/utility_hook.c b/src/backend/distributed/commands/utility_hook.c index 6957d6a83..b97d23826 100644 --- a/src/backend/distributed/commands/utility_hook.c +++ b/src/backend/distributed/commands/utility_hook.c @@ -43,7 +43,6 @@ #include "foreign/foreign.h" #include "lib/stringinfo.h" #include "nodes/makefuncs.h" -#include "nodes/nodes.h" #include "nodes/parsenodes.h" #include "nodes/pg_list.h" #include "postmaster/postmaster.h" @@ -100,7 +99,6 @@ * supported from non-main databases and whether it should be marked as * distributed explicitly (*). * - * * (*) We always have to mark such objects as "distributed" but while for some * object types we can delegate this to main database, for some others we have * to explicitly send a command to all nodes in this code-path to achieve this. @@ -113,7 +111,10 @@ typedef struct NonMainDbDistributedStatementInfo int supportedObjectTypesSize; } NonMainDbDistributedStatementInfo; - +/* + * MarkObjectDistributedParams is used to pass parameters to the + * MarkObjectDistributedFromNonMainDb function. +*/ typedef struct MarkObjectDistributedParams { char *name; @@ -121,7 +122,6 @@ typedef struct MarkObjectDistributedParams uint16 catalogRelId; } MarkObjectDistributedParams; - /* * NonMainDbSupportedStatements is an array of statements that are supported * from non-main databases. @@ -164,7 +164,6 @@ static bool IsDropSchemaOrDB(Node *parsetree); static bool ShouldCheckUndistributeCitusLocalTables(void); static void RunPreprocessMainDBCommand(Node *parsetree); static void RunPostprocessMainDBCommand(Node *parsetree); - static bool IsStatementSupportedFromNonMainDb(Node *parsetree); static bool StatementRequiresMarkDistributedFromNonMainDb(Node *parsetree); static void MarkObjectDistributedFromNonMainDb(Node *parsetree); @@ -1659,8 +1658,8 @@ RunPreprocessMainDBCommand(Node *parsetree) { return; } - char *queryString = DeparseTreeNode(parsetree); + char *queryString = DeparseTreeNode(parsetree); StringInfo mainDBQuery = makeStringInfo(); appendStringInfo(mainDBQuery, START_MANAGEMENT_TRANSACTION, @@ -1774,5 +1773,6 @@ GetMarkObjectDistributedParams(Node *parsetree) } /* Add else if branches for other statement types */ + elog(ERROR, "unsupported statement type"); } diff --git a/src/test/regress/expected/metadata_sync_2pc.out b/src/test/regress/expected/metadata_sync_2pc.out deleted file mode 100644 index 7130a4db8..000000000 --- a/src/test/regress/expected/metadata_sync_2pc.out +++ /dev/null @@ -1,133 +0,0 @@ -CREATE SCHEMA metadata_sync_2pc_schema; -SET search_path TO metadata_sync_2pc_schema; -set citus.enable_create_database_propagation to on; -CREATE DATABASE metadata_sync_2pc_db; -revoke connect,temp,temporary on database metadata_sync_2pc_db from public; -\c metadata_sync_2pc_db -SHOW citus.main_db; - citus.main_db ---------------------------------------------------------------------- - regression -(1 row) - -CREATE USER grant_role2pc_user1; -CREATE USER grant_role2pc_user2; -CREATE USER grant_role2pc_user3; -CREATE USER grant_role2pc_user4; -CREATE USER grant_role2pc_user5; -\c regression -select 1 from citus_remove_node('localhost', :worker_2_port); - ?column? ---------------------------------------------------------------------- - 1 -(1 row) - ---tests for grant role -\c metadata_sync_2pc_db -grant grant_role2pc_user1,grant_role2pc_user2 to grant_role2pc_user3 WITH ADMIN OPTION; -grant grant_role2pc_user1,grant_role2pc_user2 to grant_role2pc_user4,grant_role2pc_user5 granted by grant_role2pc_user3; ---test for grant on database -\c metadata_sync_2pc_db - - :master_port -grant create on database metadata_sync_2pc_db to grant_role2pc_user1; -grant connect on database metadata_sync_2pc_db to grant_role2pc_user2; -grant ALL on database metadata_sync_2pc_db to grant_role2pc_user3; -\c regression -select check_database_privileges('grant_role2pc_user1','metadata_sync_2pc_db',ARRAY['CREATE']); - check_database_privileges ---------------------------------------------------------------------- - (CREATE,t) - (CREATE,t) -(2 rows) - -select check_database_privileges('grant_role2pc_user2','metadata_sync_2pc_db',ARRAY['CONNECT']); - check_database_privileges ---------------------------------------------------------------------- - (CONNECT,t) - (CONNECT,t) -(2 rows) - -select check_database_privileges('grant_role2pc_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']); - check_database_privileges ---------------------------------------------------------------------- - (CREATE,t) - (CREATE,t) - (CONNECT,t) - (CONNECT,t) - (TEMP,t) - (TEMP,t) - (TEMPORARY,t) - (TEMPORARY,t) -(8 rows) - -\c regression -set citus.enable_create_database_propagation to on; -select 1 from citus_add_node('localhost', :worker_2_port); - ?column? ---------------------------------------------------------------------- - 1 -(1 row) - -select result FROM run_command_on_all_nodes($$ -SELECT array_to_json(array_agg(row_to_json(t))) -FROM ( - SELECT member::regrole, roleid::regrole as role, grantor::regrole, admin_option - FROM pg_auth_members - WHERE member::regrole::text in - ('grant_role2pc_user2','grant_role2pc_user3','grant_role2pc_user4','grant_role2pc_user5') - order by member::regrole::text -) t -$$); - result ---------------------------------------------------------------------- - [{"member":"grant_role2pc_user3","role":"grant_role2pc_user1","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user3","role":"grant_role2pc_user2","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user4","role":"grant_role2pc_user1","grantor":"grant_role2pc_user3","admin_option":false},{"member":"grant_role2pc_user4","role":"grant_role2pc_user2","grantor":"grant_role2pc_user3","admin_option":false},{"member":"grant_role2pc_user5","role":"grant_role2pc_user1","grantor":"grant_role2pc_user3","admin_option":false},{"member":"grant_role2pc_user5","role":"grant_role2pc_user2","grantor":"grant_role2pc_user3","admin_option":false}] - [{"member":"grant_role2pc_user3","role":"grant_role2pc_user1","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user3","role":"grant_role2pc_user2","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user4","role":"grant_role2pc_user1","grantor":"grant_role2pc_user3","admin_option":false},{"member":"grant_role2pc_user4","role":"grant_role2pc_user2","grantor":"grant_role2pc_user3","admin_option":false},{"member":"grant_role2pc_user5","role":"grant_role2pc_user1","grantor":"grant_role2pc_user3","admin_option":false},{"member":"grant_role2pc_user5","role":"grant_role2pc_user2","grantor":"grant_role2pc_user3","admin_option":false}] - [{"member":"grant_role2pc_user3","role":"grant_role2pc_user1","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user3","role":"grant_role2pc_user2","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user4","role":"grant_role2pc_user1","grantor":"postgres","admin_option":false},{"member":"grant_role2pc_user4","role":"grant_role2pc_user2","grantor":"postgres","admin_option":false},{"member":"grant_role2pc_user5","role":"grant_role2pc_user1","grantor":"postgres","admin_option":false},{"member":"grant_role2pc_user5","role":"grant_role2pc_user2","grantor":"postgres","admin_option":false}] -(3 rows) - -select check_database_privileges('grant_role2pc_user1','metadata_sync_2pc_db',ARRAY['CREATE']); - check_database_privileges ---------------------------------------------------------------------- - (CREATE,t) - (CREATE,t) - (CREATE,t) -(3 rows) - -select check_database_privileges('grant_role2pc_user2','metadata_sync_2pc_db',ARRAY['CONNECT']); - check_database_privileges ---------------------------------------------------------------------- - (CONNECT,t) - (CONNECT,t) - (CONNECT,t) -(3 rows) - -select check_database_privileges('grant_role2pc_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']); - check_database_privileges ---------------------------------------------------------------------- - (CREATE,t) - (CREATE,t) - (CREATE,t) - (CONNECT,t) - (CONNECT,t) - (CONNECT,t) - (TEMP,t) - (TEMP,t) - (TEMP,t) - (TEMPORARY,t) - (TEMPORARY,t) - (TEMPORARY,t) -(12 rows) - -\c metadata_sync_2pc_db -revoke grant_role2pc_user1,grant_role2pc_user2 from grant_role2pc_user4,grant_role2pc_user5 granted by grant_role2pc_user3; -revoke admin option for grant_role2pc_user1,grant_role2pc_user2 from grant_role2pc_user3; -revoke grant_role2pc_user1,grant_role2pc_user2 from grant_role2pc_user3; -revoke ALL on database metadata_sync_2pc_db from grant_role2pc_user3; -revoke CONNECT on database metadata_sync_2pc_db from grant_role2pc_user2; -revoke CREATE on database metadata_sync_2pc_db from grant_role2pc_user1; -\c regression -drop user grant_role2pc_user1,grant_role2pc_user2,grant_role2pc_user3,grant_role2pc_user4,grant_role2pc_user5; -set citus.enable_create_database_propagation to on; -drop database metadata_sync_2pc_db; -drop schema metadata_sync_2pc_schema; -reset citus.enable_create_database_propagation; -reset search_path; diff --git a/src/test/regress/multi_1_schedule b/src/test/regress/multi_1_schedule index d23413175..015f74973 100644 --- a/src/test/regress/multi_1_schedule +++ b/src/test/regress/multi_1_schedule @@ -58,8 +58,7 @@ test: multi_metadata_attributes test: multi_read_from_secondaries -test: grant_on_database_propagation -test: grant_on_database_propagation_2pc +test: grant_on_database_propagation grant_on_database_propagation_from_non_maindb test: alter_database_propagation test: citus_shards diff --git a/src/test/regress/sql/grant_on_database_propagation_2pc.sql b/src/test/regress/sql/grant_on_database_propagation_from_non_maindb.sql similarity index 100% rename from src/test/regress/sql/grant_on_database_propagation_2pc.sql rename to src/test/regress/sql/grant_on_database_propagation_from_non_maindb.sql diff --git a/src/test/regress/sql/grant_role_2pc.sql b/src/test/regress/sql/grant_role_2pc.sql deleted file mode 100644 index 1684bfe12..000000000 --- a/src/test/regress/sql/grant_role_2pc.sql +++ /dev/null @@ -1,156 +0,0 @@ - - -CREATE SCHEMA grant_role2pc; - -SET search_path TO grant_role2pc; - -set citus.enable_create_database_propagation to on; - - -CREATE DATABASE grant_role2pc_db; - - -\c grant_role2pc_db -SHOW citus.main_db; - - -SET citus.superuser TO 'postgres'; -CREATE USER grant_role2pc_user1; -CREATE USER grant_role2pc_user2; -CREATE USER grant_role2pc_user3; -CREATE USER grant_role2pc_user4; -CREATE USER grant_role2pc_user5; -CREATE USER grant_role2pc_user6; -CREATE USER grant_role2pc_user7; - -\c grant_role2pc_db - ---test with empty superuser -SET citus.superuser TO ''; -grant grant_role2pc_user1 to grant_role2pc_user2; - -SET citus.superuser TO 'postgres'; -grant grant_role2pc_user1 to grant_role2pc_user2 with admin option granted by CURRENT_USER; - -\c regression - -select result FROM run_command_on_all_nodes( - $$ - SELECT array_to_json(array_agg(row_to_json(t))) - FROM ( - SELECT member::regrole, roleid::regrole as role, grantor::regrole, admin_option - FROM pg_auth_members - WHERE member::regrole::text = 'grant_role2pc_user2' - order by member::regrole::text - ) t - $$ -); - -\c grant_role2pc_db ---test grant under transactional context with multiple operations -BEGIN; -grant grant_role2pc_user1,grant_role2pc_user2 to grant_role2pc_user3 WITH ADMIN OPTION; -grant grant_role2pc_user1 to grant_role2pc_user4 granted by grant_role2pc_user3 ; -COMMIT; - -BEGIN; -grant grant_role2pc_user1 to grant_role2pc_user5 WITH ADMIN OPTION granted by grant_role2pc_user3; -grant grant_role2pc_user1 to grant_role2pc_user6; -ROLLBACK; - - - -BEGIN; -grant grant_role2pc_user1 to grant_role2pc_user7; -SELECT 1/0; -commit; - - -\c regression - -select result FROM run_command_on_all_nodes($$ -SELECT array_to_json(array_agg(row_to_json(t))) -FROM ( - SELECT member::regrole, roleid::regrole as role, grantor::regrole, admin_option - FROM pg_auth_members - WHERE member::regrole::text in - ('grant_role2pc_user3','grant_role2pc_user4','grant_role2pc_user5','grant_role2pc_user6','grant_role2pc_user7') - order by member::regrole::text -) t -$$); - - -\c grant_role2pc_db - -grant grant_role2pc_user1,grant_role2pc_user2 to grant_role2pc_user5,grant_role2pc_user6,grant_role2pc_user7 granted by grant_role2pc_user3; - -\c regression - -select result FROM run_command_on_all_nodes($$ -SELECT array_to_json(array_agg(row_to_json(t))) -FROM ( - SELECT member::regrole, roleid::regrole as role, grantor::regrole, admin_option - FROM pg_auth_members - WHERE member::regrole::text in - ('grant_role2pc_user5','grant_role2pc_user6','grant_role2pc_user7') - order by member::regrole::text -) t -$$); - -\c grant_role2pc_db -revoke admin option for grant_role2pc_user1 from grant_role2pc_user5 granted by grant_role2pc_user3; - ---test revoke under transactional context with multiple operations -BEGIN; -revoke grant_role2pc_user1 from grant_role2pc_user5 granted by grant_role2pc_user3 ; -revoke grant_role2pc_user1 from grant_role2pc_user4 granted by grant_role2pc_user3; -COMMIT; - -BEGIN; -revoke grant_role2pc_user1 from grant_role2pc_user6,grant_role2pc_user7 granted by grant_role2pc_user3; -revoke grant_role2pc_user1 from grant_role2pc_user3 cascade; -COMMIT; - -\c regression - -select result FROM run_command_on_all_nodes($$ -SELECT array_to_json(array_agg(row_to_json(t))) -FROM ( - SELECT member::regrole, roleid::regrole as role, grantor::regrole, admin_option - FROM pg_auth_members - WHERE member::regrole::text in - ('grant_role2pc_user2','grant_role2pc_user3','grant_role2pc_user4','grant_role2pc_user5','grant_role2pc_user6','grant_role2pc_user7') - order by member::regrole::text -) t -$$); - -\c - - - :worker_1_port -BEGIN; -grant grant_role2pc_user1 to grant_role2pc_user5 WITH ADMIN OPTION; -grant grant_role2pc_user1 to grant_role2pc_user6; -COMMIT; - -\c - - - :master_port - -select result FROM run_command_on_all_nodes($$ -SELECT array_to_json(array_agg(row_to_json(t))) -FROM ( - SELECT member::regrole, roleid::regrole as role, grantor::regrole, admin_option - FROM pg_auth_members - WHERE member::regrole::text in - ('grant_role2pc_user5','grant_role2pc_user6') - order by member::regrole::text -) t -$$); - -revoke grant_role2pc_user1 from grant_role2pc_user5,grant_role2pc_user6; - ---clean resources -DROP SCHEMA grant_role2pc; -set citus.enable_create_database_propagation to on; -DROP DATABASE grant_role2pc_db; - -drop user grant_role2pc_user2,grant_role2pc_user3,grant_role2pc_user4,grant_role2pc_user5,grant_role2pc_user6,grant_role2pc_user7; -drop user grant_role2pc_user1; - -reset citus.enable_create_database_propagation;