external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Review changes

pg16_grant_inherit_set
Jodi-Ann Francis 2023-08-30 15:09:59 -04:00
parent f03291a8c8
commit 71a2932355
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/backend/distributed/deparser/deparse_role_stmts.c
View File

@ -359,7 +359,15 @@ AppendGrantRoleStmt(StringInfo buf, GrantRoleStmt *stmt)
if (strcmp(opt->defname, "admin") == 0)
{
appendStringInfo(buf, "ADMIN OPTION FOR ");
break;
}
else if (strcmp(opt->defname, "inherit") == 0);
{
appendStringInfo(buf, "INHERIT TRUE");
appendStringInfo(buf, "GRANT x TO y WITH INHERIT TRUE, SET TRUE;");
}
else if (strcmp(opt->defname, "set") == 0)
{
appendStringInfo(buf, "SET TRUE");
}
}
}

31
src/test/regress/sql/pg16.sql
View File

@ -335,3 +335,34 @@ SET search_path TO pg16;
\set VERBOSITY terse
SET client_min_messages TO ERROR;
DROP SCHEMA pg16 CASCADE;
--
-- PG16 allows GRANT WITH ADMIN | INHERIT | SET
--
-- GRANT privileges to a role or roles
\c - - - :master_port
CREATE ROLE create_role;
CREATE ROLE create_role_2;
CREATE ROLE create_role_3;
CREATE ROLE create_role_4;
CREATE USER create_user;
CREATE USER create_user_2;
CREATE GROUP create_group;
CREATE GROUP create_group_2;
--test grant role
GRANT create_group TO create_role;
GRANT create_group TO create_role_2 WITH ADMIN OPTION;
GRANT create_group TO create_role_3 WITH INHERIT;
GRANT create_group TO create_role_4 WITH SET;
-- ADMIN role can perfom administrative tasks
-- role can now access the data and permissions of the table (owner of table)
-- role can change current user to any other user/role that has access
GRANT ADMIN ON DATABASE db_name TO role_name;
GRANT INHERIT ON TABLE table_name TO role_name;
GRANT SET SESSION AUTHORIZATION TO role_name;
SELECT * FROM table_name WHERE column_name = 'value';
SELECT COUNT(*) FROM table_name WHERE column_name = 'value';