Ensure StartPlacementListConnection connects with username supplied by the caller

2018-07-10 18:07:30 +02:00 · 2018-07-10 18:07:30 +02:00 · 69a3ebea5f
parent 1485945f27
commit 69a3ebea5f
3 changed files with 29 additions and 3 deletions
--- a/src/backend/distributed/connection/placement_connection.c
+++ b/src/backend/distributed/connection/placement_connection.c
@ -311,7 +311,8 @@ StartPlacementListConnection(uint32 flags, List *placementAccessList,
 		 * No suitable connection in the placement->connection mapping, get one from
 		 * the node->connection pool.
 		 */
-		chosenConnection = StartNodeConnection(flags, nodeName, nodePort);
+		chosenConnection = StartNodeUserDatabaseConnection(flags, nodeName, nodePort,
+														   userName, NULL);

 		if (flags & CONNECTION_PER_PLACEMENT &&
 			ConnectionAccessedDifferentPlacement(chosenConnection, placement))
@ -328,8 +329,10 @@ StartPlacementListConnection(uint32 flags, List *placementAccessList,
 			 * ID as the current placement, then we'd no longer able to write to
 			 * placement B later in the COPY.
 			 */
-			chosenConnection = StartNodeConnection(flags | FORCE_NEW_CONNECTION, nodeName,
-												   nodePort);
+			chosenConnection = StartNodeUserDatabaseConnection(flags |
+															   FORCE_NEW_CONNECTION,
+															   nodeName, nodePort,
+															   userName, NULL);

 			Assert(!ConnectionAccessedDifferentPlacement(chosenConnection, placement));
 		}
--- a/src/test/regress/expected/multi_multiuser_0.out
+++ b/src/test/regress/expected/multi_multiuser_0.out
@ -212,7 +212,24 @@ ERROR:  permission denied for relation test
 ABORT;
 SELECT * FROM citus_stat_statements_reset();
 ERROR:  permission denied for function citus_stat_statements_reset
+-- table owner should be the same on the shards, even when distributing the table as superuser
+SET ROLE full_access;
+CREATE TABLE my_table (id integer, val integer);
 RESET ROLE;
+SELECT create_distributed_table('my_table', 'id');
+ create_distributed_table 
+--------------------------
+ 
+(1 row)
+
+SELECT result FROM run_command_on_workers($$SELECT tableowner FROM pg_tables WHERE tablename LIKE 'my_table_%' LIMIT 1$$);
+   result    
+-------------
+ full_access
+ full_access
+(2 rows)
+
+DROP TABLE my_table;
 DROP TABLE test;
 DROP USER full_access;
 DROP USER read_access;
--- a/src/test/regress/sql/multi_multiuser.sql
+++ b/src/test/regress/sql/multi_multiuser.sql
@ -138,8 +138,14 @@ ABORT;

 SELECT * FROM citus_stat_statements_reset();

+-- table owner should be the same on the shards, even when distributing the table as superuser
+SET ROLE full_access;
+CREATE TABLE my_table (id integer, val integer);
 RESET ROLE;
+SELECT create_distributed_table('my_table', 'id');
+SELECT result FROM run_command_on_workers($$SELECT tableowner FROM pg_tables WHERE tablename LIKE 'my_table_%' LIMIT 1$$);

+DROP TABLE my_table;
 DROP TABLE test;
 DROP USER full_access;
 DROP USER read_access;