mirror of https://github.com/citusdata/citus.git
Fixes test errors after merge
gurkanindibay
parent
166e27da8e
commit
3a5cc909a4
|
|
@ -2,6 +2,7 @@ CREATE SCHEMA metadata_sync_2pc_schema;
|
||||||
SET search_path TO metadata_sync_2pc_schema;
|
SET search_path TO metadata_sync_2pc_schema;
|
||||||
set citus.enable_create_database_propagation to on;
|
set citus.enable_create_database_propagation to on;
|
||||||
CREATE DATABASE metadata_sync_2pc_db;
|
CREATE DATABASE metadata_sync_2pc_db;
|
||||||
|
revoke connect,temp,temporary on database metadata_sync_2pc_db from public;
|
||||||
\c metadata_sync_2pc_db
|
\c metadata_sync_2pc_db
|
||||||
SHOW citus.main_db;
|
SHOW citus.main_db;
|
||||||
citus.main_db
|
citus.main_db
|
||||||
|
|
@ -24,7 +25,41 @@ select 1 from citus_remove_node('localhost', :worker_2_port);
|
||||||
\c metadata_sync_2pc_db
|
\c metadata_sync_2pc_db
|
||||||
grant "grant_role2pc'_user1","grant_role2pc'_user2" to "grant_role2pc'_user3" WITH ADMIN OPTION;
|
grant "grant_role2pc'_user1","grant_role2pc'_user2" to "grant_role2pc'_user3" WITH ADMIN OPTION;
|
||||||
grant "grant_role2pc'_user1","grant_role2pc'_user2" to grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
grant "grant_role2pc'_user1","grant_role2pc'_user2" to grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
||||||
|
--test for grant on database
|
||||||
|
\c metadata_sync_2pc_db - - :master_port
|
||||||
|
grant create on database metadata_sync_2pc_db to "grant_role2pc'_user1";
|
||||||
|
grant connect on database metadata_sync_2pc_db to "grant_role2pc'_user2";
|
||||||
|
grant ALL on database metadata_sync_2pc_db to "grant_role2pc'_user3";
|
||||||
\c regression
|
\c regression
|
||||||
|
select check_database_privileges('grant_role2pc''_user1','metadata_sync_2pc_db',ARRAY['CREATE']);
|
||||||
|
check_database_privileges
|
||||||
|
---------------------------------------------------------------------
|
||||||
|
(CREATE,t)
|
||||||
|
(CREATE,t)
|
||||||
|
(2 rows)
|
||||||
|
|
||||||
|
select check_database_privileges('grant_role2pc''_user2','metadata_sync_2pc_db',ARRAY['CONNECT']);
|
||||||
|
check_database_privileges
|
||||||
|
---------------------------------------------------------------------
|
||||||
|
(CONNECT,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(2 rows)
|
||||||
|
|
||||||
|
select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']);
|
||||||
|
check_database_privileges
|
||||||
|
---------------------------------------------------------------------
|
||||||
|
(CREATE,t)
|
||||||
|
(CREATE,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(TEMP,t)
|
||||||
|
(TEMP,t)
|
||||||
|
(TEMPORARY,t)
|
||||||
|
(TEMPORARY,t)
|
||||||
|
(8 rows)
|
||||||
|
|
||||||
|
\c regression
|
||||||
|
set citus.enable_create_database_propagation to on;
|
||||||
select 1 from citus_add_node('localhost', :worker_2_port);
|
select 1 from citus_add_node('localhost', :worker_2_port);
|
||||||
?column?
|
?column?
|
||||||
---------------------------------------------------------------------
|
---------------------------------------------------------------------
|
||||||
|
|
@ -48,10 +83,46 @@ $$);
|
||||||
[{"member":"\"grant_role2pc'_user3\"","role":"\"grant_role2pc'_user1\"","grantor":"postgres","admin_option":true},{"member":"\"grant_role2pc'_user3\"","role":"\"grant_role2pc'_user2\"","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user4","role":"\"grant_role2pc'_user1\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false},{"member":"grant_role2pc_user4","role":"\"grant_role2pc'_user2\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false},{"member":"grant_role2pc_user5","role":"\"grant_role2pc'_user1\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false},{"member":"grant_role2pc_user5","role":"\"grant_role2pc'_user2\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false}]
|
[{"member":"\"grant_role2pc'_user3\"","role":"\"grant_role2pc'_user1\"","grantor":"postgres","admin_option":true},{"member":"\"grant_role2pc'_user3\"","role":"\"grant_role2pc'_user2\"","grantor":"postgres","admin_option":true},{"member":"grant_role2pc_user4","role":"\"grant_role2pc'_user1\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false},{"member":"grant_role2pc_user4","role":"\"grant_role2pc'_user2\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false},{"member":"grant_role2pc_user5","role":"\"grant_role2pc'_user1\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false},{"member":"grant_role2pc_user5","role":"\"grant_role2pc'_user2\"","grantor":"\"grant_role2pc'_user3\"","admin_option":false}]
|
||||||
(3 rows)
|
(3 rows)
|
||||||
|
|
||||||
|
select check_database_privileges('grant_role2pc''_user1','metadata_sync_2pc_db',ARRAY['CREATE']);
|
||||||
|
check_database_privileges
|
||||||
|
---------------------------------------------------------------------
|
||||||
|
(CREATE,t)
|
||||||
|
(CREATE,t)
|
||||||
|
(CREATE,t)
|
||||||
|
(3 rows)
|
||||||
|
|
||||||
|
select check_database_privileges('grant_role2pc''_user2','metadata_sync_2pc_db',ARRAY['CONNECT']);
|
||||||
|
check_database_privileges
|
||||||
|
---------------------------------------------------------------------
|
||||||
|
(CONNECT,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(3 rows)
|
||||||
|
|
||||||
|
select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']);
|
||||||
|
check_database_privileges
|
||||||
|
---------------------------------------------------------------------
|
||||||
|
(CREATE,t)
|
||||||
|
(CREATE,t)
|
||||||
|
(CREATE,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(CONNECT,t)
|
||||||
|
(TEMP,t)
|
||||||
|
(TEMP,t)
|
||||||
|
(TEMP,t)
|
||||||
|
(TEMPORARY,t)
|
||||||
|
(TEMPORARY,t)
|
||||||
|
(TEMPORARY,t)
|
||||||
|
(12 rows)
|
||||||
|
|
||||||
\c metadata_sync_2pc_db
|
\c metadata_sync_2pc_db
|
||||||
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
||||||
revoke admin option for "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
revoke admin option for "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
||||||
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
||||||
|
revoke ALL on database metadata_sync_2pc_db from "grant_role2pc'_user3";
|
||||||
|
revoke CONNECT on database metadata_sync_2pc_db from "grant_role2pc'_user2";
|
||||||
|
revoke CREATE on database metadata_sync_2pc_db from "grant_role2pc'_user1";
|
||||||
\c regression
|
\c regression
|
||||||
drop user "grant_role2pc'_user1","grant_role2pc'_user2","grant_role2pc'_user3",grant_role2pc_user4,grant_role2pc_user5;
|
drop user "grant_role2pc'_user1","grant_role2pc'_user2","grant_role2pc'_user3",grant_role2pc_user4,grant_role2pc_user5;
|
||||||
set citus.enable_create_database_propagation to on;
|
set citus.enable_create_database_propagation to on;
|
||||||
|
|
|
||||||
|
|
@ -1,90 +0,0 @@
|
||||||
|
|
||||||
CREATE SCHEMA metadata_sync_2pc_schema;
|
|
||||||
|
|
||||||
SET search_path TO metadata_sync_2pc_schema;
|
|
||||||
|
|
||||||
set citus.enable_create_database_propagation to on;
|
|
||||||
|
|
||||||
|
|
||||||
CREATE DATABASE metadata_sync_2pc_db;
|
|
||||||
|
|
||||||
revoke connect,temp,temporary on database metadata_sync_2pc_db from public;
|
|
||||||
|
|
||||||
|
|
||||||
\c metadata_sync_2pc_db
|
|
||||||
SHOW citus.main_db;
|
|
||||||
|
|
||||||
CREATE USER grant_role2pc_user1;
|
|
||||||
CREATE USER grant_role2pc_user2;
|
|
||||||
CREATE USER grant_role2pc_user3;
|
|
||||||
CREATE USER grant_role2pc_user4;
|
|
||||||
CREATE USER grant_role2pc_user5;
|
|
||||||
|
|
||||||
\c regression
|
|
||||||
select 1 from citus_remove_node('localhost', :worker_2_port);
|
|
||||||
|
|
||||||
--tests for grant role
|
|
||||||
\c metadata_sync_2pc_db
|
|
||||||
grant grant_role2pc_user1,grant_role2pc_user2 to grant_role2pc_user3 WITH ADMIN OPTION;
|
|
||||||
grant grant_role2pc_user1,grant_role2pc_user2 to grant_role2pc_user4,grant_role2pc_user5 granted by grant_role2pc_user3;
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
--test for grant on database
|
|
||||||
\c metadata_sync_2pc_db - - :master_port
|
|
||||||
grant create on database metadata_sync_2pc_db to grant_role2pc_user1;
|
|
||||||
grant connect on database metadata_sync_2pc_db to grant_role2pc_user2;
|
|
||||||
grant ALL on database metadata_sync_2pc_db to grant_role2pc_user3;
|
|
||||||
|
|
||||||
\c regression
|
|
||||||
|
|
||||||
select check_database_privileges('grant_role2pc_user1','metadata_sync_2pc_db',ARRAY['CREATE']);
|
|
||||||
select check_database_privileges('grant_role2pc_user2','metadata_sync_2pc_db',ARRAY['CONNECT']);
|
|
||||||
select check_database_privileges('grant_role2pc_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']);
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
\c regression
|
|
||||||
set citus.enable_create_database_propagation to on;
|
|
||||||
select 1 from citus_add_node('localhost', :worker_2_port);
|
|
||||||
|
|
||||||
|
|
||||||
select result FROM run_command_on_all_nodes($$
|
|
||||||
SELECT array_to_json(array_agg(row_to_json(t)))
|
|
||||||
FROM (
|
|
||||||
SELECT member::regrole, roleid::regrole as role, grantor::regrole, admin_option
|
|
||||||
FROM pg_auth_members
|
|
||||||
WHERE member::regrole::text in
|
|
||||||
('grant_role2pc_user2','grant_role2pc_user3','grant_role2pc_user4','grant_role2pc_user5')
|
|
||||||
order by member::regrole::text
|
|
||||||
) t
|
|
||||||
$$);
|
|
||||||
|
|
||||||
select check_database_privileges('grant_role2pc_user1','metadata_sync_2pc_db',ARRAY['CREATE']);
|
|
||||||
select check_database_privileges('grant_role2pc_user2','metadata_sync_2pc_db',ARRAY['CONNECT']);
|
|
||||||
select check_database_privileges('grant_role2pc_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']);
|
|
||||||
|
|
||||||
|
|
||||||
\c metadata_sync_2pc_db
|
|
||||||
revoke grant_role2pc_user1,grant_role2pc_user2 from grant_role2pc_user4,grant_role2pc_user5 granted by grant_role2pc_user3;
|
|
||||||
|
|
||||||
revoke admin option for grant_role2pc_user1,grant_role2pc_user2 from grant_role2pc_user3;
|
|
||||||
|
|
||||||
revoke grant_role2pc_user1,grant_role2pc_user2 from grant_role2pc_user3;
|
|
||||||
|
|
||||||
revoke ALL on database metadata_sync_2pc_db from grant_role2pc_user3;
|
|
||||||
revoke CONNECT on database metadata_sync_2pc_db from grant_role2pc_user2;
|
|
||||||
revoke CREATE on database metadata_sync_2pc_db from grant_role2pc_user1;
|
|
||||||
|
|
||||||
\c regression
|
|
||||||
|
|
||||||
drop user grant_role2pc_user1,grant_role2pc_user2,grant_role2pc_user3,grant_role2pc_user4,grant_role2pc_user5;
|
|
||||||
|
|
||||||
set citus.enable_create_database_propagation to on;
|
|
||||||
drop database metadata_sync_2pc_db;
|
|
||||||
|
|
||||||
drop schema metadata_sync_2pc_schema;
|
|
||||||
|
|
||||||
reset citus.enable_create_database_propagation;
|
|
||||||
reset search_path;
|
|
||||||
|
|
||||||
|
|
@ -1,8 +1,16 @@
|
||||||
|
|
||||||
CREATE SCHEMA metadata_sync_2pc_schema;
|
CREATE SCHEMA metadata_sync_2pc_schema;
|
||||||
|
|
||||||
SET search_path TO metadata_sync_2pc_schema;
|
SET search_path TO metadata_sync_2pc_schema;
|
||||||
|
|
||||||
set citus.enable_create_database_propagation to on;
|
set citus.enable_create_database_propagation to on;
|
||||||
|
|
||||||
|
|
||||||
CREATE DATABASE metadata_sync_2pc_db;
|
CREATE DATABASE metadata_sync_2pc_db;
|
||||||
|
|
||||||
|
revoke connect,temp,temporary on database metadata_sync_2pc_db from public;
|
||||||
|
|
||||||
|
|
||||||
\c metadata_sync_2pc_db
|
\c metadata_sync_2pc_db
|
||||||
SHOW citus.main_db;
|
SHOW citus.main_db;
|
||||||
|
|
||||||
|
|
@ -18,10 +26,25 @@ select 1 from citus_remove_node('localhost', :worker_2_port);
|
||||||
\c metadata_sync_2pc_db
|
\c metadata_sync_2pc_db
|
||||||
grant "grant_role2pc'_user1","grant_role2pc'_user2" to "grant_role2pc'_user3" WITH ADMIN OPTION;
|
grant "grant_role2pc'_user1","grant_role2pc'_user2" to "grant_role2pc'_user3" WITH ADMIN OPTION;
|
||||||
grant "grant_role2pc'_user1","grant_role2pc'_user2" to grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
grant "grant_role2pc'_user1","grant_role2pc'_user2" to grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
||||||
|
--test for grant on database
|
||||||
|
\c metadata_sync_2pc_db - - :master_port
|
||||||
|
grant create on database metadata_sync_2pc_db to "grant_role2pc'_user1";
|
||||||
|
grant connect on database metadata_sync_2pc_db to "grant_role2pc'_user2";
|
||||||
|
grant ALL on database metadata_sync_2pc_db to "grant_role2pc'_user3";
|
||||||
|
|
||||||
\c regression
|
\c regression
|
||||||
|
|
||||||
|
select check_database_privileges('grant_role2pc''_user1','metadata_sync_2pc_db',ARRAY['CREATE']);
|
||||||
|
select check_database_privileges('grant_role2pc''_user2','metadata_sync_2pc_db',ARRAY['CONNECT']);
|
||||||
|
select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
\c regression
|
||||||
|
set citus.enable_create_database_propagation to on;
|
||||||
select 1 from citus_add_node('localhost', :worker_2_port);
|
select 1 from citus_add_node('localhost', :worker_2_port);
|
||||||
|
|
||||||
|
|
||||||
select result FROM run_command_on_all_nodes($$
|
select result FROM run_command_on_all_nodes($$
|
||||||
SELECT array_to_json(array_agg(row_to_json(t)))
|
SELECT array_to_json(array_agg(row_to_json(t)))
|
||||||
FROM (
|
FROM (
|
||||||
|
|
@ -33,19 +56,29 @@ FROM (
|
||||||
) t
|
) t
|
||||||
$$);
|
$$);
|
||||||
|
|
||||||
|
select check_database_privileges('grant_role2pc''_user1','metadata_sync_2pc_db',ARRAY['CREATE']);
|
||||||
|
select check_database_privileges('grant_role2pc''_user2','metadata_sync_2pc_db',ARRAY['CONNECT']);
|
||||||
|
select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']);
|
||||||
|
|
||||||
|
|
||||||
\c metadata_sync_2pc_db
|
\c metadata_sync_2pc_db
|
||||||
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from grant_role2pc_user4,grant_role2pc_user5 granted by "grant_role2pc'_user3";
|
||||||
|
|
||||||
revoke admin option for "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
revoke admin option for "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
||||||
|
|
||||||
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
revoke "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3";
|
||||||
|
revoke ALL on database metadata_sync_2pc_db from "grant_role2pc'_user3";
|
||||||
|
revoke CONNECT on database metadata_sync_2pc_db from "grant_role2pc'_user2";
|
||||||
|
revoke CREATE on database metadata_sync_2pc_db from "grant_role2pc'_user1";
|
||||||
|
|
||||||
\c regression
|
\c regression
|
||||||
|
|
||||||
drop user "grant_role2pc'_user1","grant_role2pc'_user2","grant_role2pc'_user3",grant_role2pc_user4,grant_role2pc_user5;
|
drop user "grant_role2pc'_user1","grant_role2pc'_user2","grant_role2pc'_user3",grant_role2pc_user4,grant_role2pc_user5;
|
||||||
set citus.enable_create_database_propagation to on;
|
set citus.enable_create_database_propagation to on;
|
||||||
drop database metadata_sync_2pc_db;
|
drop database metadata_sync_2pc_db;
|
||||||
|
|
||||||
drop schema metadata_sync_2pc_schema;
|
drop schema metadata_sync_2pc_schema;
|
||||||
|
|
||||||
reset citus.enable_create_database_propagation;
|
reset citus.enable_create_database_propagation;
|
||||||
reset search_path;
|
reset search_path;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -661,7 +661,8 @@ DECLARE
|
||||||
BEGIN
|
BEGIN
|
||||||
FOREACH permission IN ARRAY permissions
|
FOREACH permission IN ARRAY permissions
|
||||||
LOOP
|
LOOP
|
||||||
RETURN QUERY EXECUTE format($inner$SELECT '%s', result FROM run_command_on_all_nodes($$select has_database_privilege('%s','%s', '%s'); $$)$inner$, permission, role_name, db_name, permission);
|
RETURN QUERY EXECUTE format($inner$SELECT %s, result FROM run_command_on_all_nodes($$select has_database_privilege(%s,%s,%s); $$)$inner$,
|
||||||
|
quote_literal(permission), quote_literal(role_name), quote_literal(db_name), quote_literal(permission));
|
||||||
END LOOP;
|
END LOOP;
|
||||||
END;
|
END;
|
||||||
$func$ LANGUAGE plpgsql;
|
$func$ LANGUAGE plpgsql;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue