external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes granted by cascade/restrict statements for revoke

pull/7517/head
gurkanindibay 2024-02-19 10:49:58 +03:00
parent 74b55d0546
commit 47b4b7779f
4 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/backend/distributed/deparser/citus_grantutils.c
View File

@ -74,7 +74,7 @@ AppendGrantRestrictAndCascade(StringInfo buf, GrantStmt *stmt)
void void
AppendGrantedByInGrantForRoleSpec(StringInfo buf, RoleSpec *grantor, bool isGrant) AppendGrantedByInGrantForRoleSpec(StringInfo buf, RoleSpec *grantor, bool isGrant)
{ {
if (isGrant && grantor) if (grantor)
{ {
appendStringInfo(buf, " GRANTED BY %s", RoleSpecString(grantor, true)); appendStringInfo(buf, " GRANTED BY %s", RoleSpecString(grantor, true));
} }

2
src/backend/distributed/deparser/deparse_role_stmts.c
View File

@ -486,8 +486,8 @@ AppendGrantRoleStmt(StringInfo buf, GrantRoleStmt *stmt)
appendStringInfo(buf, "%s ", stmt->is_grant ? " TO " : " FROM "); appendStringInfo(buf, "%s ", stmt->is_grant ? " TO " : " FROM ");
AppendRoleList(buf, stmt->grantee_roles); AppendRoleList(buf, stmt->grantee_roles);
AppendGrantWithAdminOption(buf, stmt); AppendGrantWithAdminOption(buf, stmt);
AppendGrantRestrictAndCascadeForRoleSpec(buf, stmt->behavior, stmt->is_grant);
AppendGrantedByInGrantForRoleSpec(buf, stmt->grantor, stmt->is_grant); AppendGrantedByInGrantForRoleSpec(buf, stmt->grantor, stmt->is_grant);
AppendGrantRestrictAndCascadeForRoleSpec(buf, stmt->behavior,stmt->is_grant);
appendStringInfo(buf, ";"); appendStringInfo(buf, ";");
} }

2
src/test/regress/expected/create_role_propagation.out
View File

@ -282,7 +282,7 @@ SELECT objid::regrole FROM pg_catalog.pg_dist_object WHERE classid='pg_authid'::
non_dist_role_4 non_dist_role_4
(5 rows) (5 rows)
REVOKE dist_role_3 from non_dist_role_3 granted by test_admin_role; REVOKE dist_role_3 from non_dist_role_3 granted by test_admin_role cascade;
revoke dist_role_3,dist_role_1 from test_admin_role cascade; revoke dist_role_3,dist_role_1 from test_admin_role cascade;
drop role test_admin_role; drop role test_admin_role;
\c - - - :worker_1_port \c - - - :worker_1_port

2
src/test/regress/sql/create_role_propagation.sql
View File

@ -137,7 +137,7 @@ REVOKE dist_role_3 from dist_role_4 granted by test_admin_role;
SELECT roleid::regrole::text AS role, member::regrole::text, (grantor::regrole::text IN ('postgres', 'non_dist_role_1', 'dist_role_1','test_admin_role')) AS grantor, admin_option FROM pg_auth_members WHERE roleid::regrole::text LIKE '%dist\_%' ORDER BY 1, 2; SELECT roleid::regrole::text AS role, member::regrole::text, (grantor::regrole::text IN ('postgres', 'non_dist_role_1', 'dist_role_1','test_admin_role')) AS grantor, admin_option FROM pg_auth_members WHERE roleid::regrole::text LIKE '%dist\_%' ORDER BY 1, 2;
SELECT objid::regrole FROM pg_catalog.pg_dist_object WHERE classid='pg_authid'::regclass::oid AND objid::regrole::text LIKE '%dist\_%' ORDER BY 1; SELECT objid::regrole FROM pg_catalog.pg_dist_object WHERE classid='pg_authid'::regclass::oid AND objid::regrole::text LIKE '%dist\_%' ORDER BY 1;
REVOKE dist_role_3 from non_dist_role_3 granted by test_admin_role; REVOKE dist_role_3 from non_dist_role_3 granted by test_admin_role cascade;
revoke dist_role_3,dist_role_1 from test_admin_role cascade; revoke dist_role_3,dist_role_1 from test_admin_role cascade;
drop role test_admin_role; drop role test_admin_role;