external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create CIMV related internal things in cimv_internal 

When we create internal tables in citus_internal, a regular user cannot
really do that because they can't access citus_internal. Even if we
switch to extension owner, we will need to switch while also dropping
tables etc, which is not trivial and clear.

Hence cimv_internal schema is created and the owner of the CIMV will own
the tables in this schema, hence only they can access those tables.
cimv
Sait Talha Nisanci 2021-01-10 19:44:57 +03:00
parent a35ac7c7d9
commit aa4c44b495
5 changed files with 7 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/backend/distributed/cimv/create.c
View File

@ -150,14 +150,6 @@ CreateCimv(CimvCreate *cimvCreate)
elog(ERROR, "SPI_connect failed");
}
Oid savedUserId = InvalidOid;
int savedSecurityContext = 0;
char* currentUserName = CurrentUserName();
GetUserIdAndSecContext(&savedUserId, &savedSecurityContext);
SetUserIdAndSecContext(CitusExtensionOwner(), SECURITY_LOCAL_USERID_CHANGE);
CreateMatTable(cimvCreate, false);
if (cimvCreate->createOptions->schedule != NULL)
@ -172,14 +164,6 @@ CreateCimv(CimvCreate *cimvCreate)
CreateDataChangeTriggers(cimvCreate);
InsertIntoPgCimv(cimvCreate->formCimv);
AlterTableOwner(cimvCreate->matTableName, currentUserName);
AlterTableOwner(cimvCreate->refreshViewName, currentUserName);
AlterTableOwner(cimvCreate->userViewName, currentUserName);
SetUserIdAndSecContext(savedUserId, savedSecurityContext);
if (SPI_finish() != SPI_OK_FINISH)
{
elog(ERROR, "SPI_finish failed");
@ -921,7 +905,7 @@ InitializeCimvCreate(const CreateTableAsStmt *stmt, MatViewCreateOptions *create
cimvCreate->prefixId = UniqueId();
cimvCreate->prefix = CIMVInternalPrefix(cimvCreate->baseTableName, cimvCreate->prefixId);
namestrcpy(&cimvCreate->formCimv->triggerfnnamespace, CITUS_INTERNAL_SCHEMA);
namestrcpy(&cimvCreate->formCimv->triggerfnnamespace, CIMV_INTERNAL_SCHEMA);
char* funcName = CIMVTriggerFuncName(cimvCreate->prefixId, stmt->into->rel->relname);
namestrcpy(&cimvCreate->formCimv->triggerfnname, funcName);
StringInfo mat = makeStringInfo();
@ -933,10 +917,10 @@ InitializeCimvCreate(const CreateTableAsStmt *stmt, MatViewCreateOptions *create
StringInfo ld = makeStringInfo();
appendStringInfo(ld, "%s_cimv_%s", cimvCreate->prefix, LANDING_TABLE_SUFFIX);
cimvCreate->matTableName = makeRangeVar(CITUS_INTERNAL_SCHEMA, mat->data, -1);
cimvCreate->matTableName = makeRangeVar(CIMV_INTERNAL_SCHEMA, mat->data, -1);
cimvCreate->userViewName = stmt->into->rel;
cimvCreate->refreshViewName = makeRangeVar(CITUS_INTERNAL_SCHEMA, rv->data, -1);
cimvCreate->landingTableName = makeRangeVar(CITUS_INTERNAL_SCHEMA, ld->data, -1);
cimvCreate->refreshViewName = makeRangeVar(CIMV_INTERNAL_SCHEMA, rv->data, -1);
cimvCreate->landingTableName = makeRangeVar(CIMV_INTERNAL_SCHEMA, ld->data, -1);
cimvCreate->targetListEntries = NIL;
cimvCreate->groupTargetListEntries = NIL;
cimvCreate->aggTargetListEntries = NIL;

8
src/backend/distributed/cimv/drop.c
View File

@ -124,12 +124,6 @@ static void
DropCimv(Form_pg_cimv formCimv, DropBehavior behavior)
{
Oid savedUserId = InvalidOid;
int savedSecurityContext = 0;
// GetUserIdAndSecContext(&savedUserId, &savedSecurityContext);
// SetUserIdAndSecContext(CitusExtensionOwner(), SECURITY_LOCAL_USERID_CHANGE);
ObjectAddress matTableAddress;
matTableAddress.classId = RelationRelationId;
matTableAddress.objectId = formCimv->mattable;
@ -199,8 +193,6 @@ DropCimv(Form_pg_cimv formCimv, DropBehavior behavior)
DeletePgCimvRow(userViewAddress.objectId);
// SetUserIdAndSecContext(savedUserId, savedSecurityContext);
/* Close SPI context. */
if (SPI_finish() != SPI_OK_FINISH)
{

12
src/backend/distributed/cimv/refresh.c
View File

@ -57,9 +57,6 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
matTableSchemaName = quote_identifier(matTableSchemaName);
matTableName = quote_identifier(matTableName);
Oid savedUserId = InvalidOid;
int savedSecurityContext = 0;
const char *landingTableSchemaName = NULL;
const char *landingTableName = NULL;
@ -74,8 +71,6 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
if (skipData)
{
// GetUserIdAndSecContext(&savedUserId, &savedSecurityContext);
// SetUserIdAndSecContext(CitusExtensionOwner(), SECURITY_LOCAL_USERID_CHANGE);
if (formCimv->landingtable)
{
appendStringInfo(&querybuf,
@ -108,9 +103,6 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
SPI_commit();
SPI_start_transaction();
// GetUserIdAndSecContext(&savedUserId, &savedSecurityContext);
// SetUserIdAndSecContext(CitusExtensionOwner(), SECURITY_LOCAL_USERID_CHANGE);
/* TODO: cleanup if this fails */
appendStringInfo(&querybuf,
"INSERT INTO %s.%s "
@ -129,8 +121,6 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
{
Snapshot snapshot = GetLatestSnapshot();
// GetUserIdAndSecContext(&savedUserId, &savedSecurityContext);
// SetUserIdAndSecContext(CitusExtensionOwner(), SECURITY_LOCAL_USERID_CHANGE);
/* TODO: DELETE only if !isCreate */
appendStringInfo(&querybuf,
"DELETE FROM %s.%s",
@ -162,8 +152,6 @@ RefreshCimv(Form_pg_cimv formCimv, bool skipData, bool isCreate)
}
}
// SetUserIdAndSecContext(savedUserId, savedSecurityContext);
/* Close SPI context. */
if (SPI_finish() != SPI_OK_FINISH)
{

3
src/backend/distributed/sql/citus--9.5-1--10.0-1.sql
View File

@ -10,4 +10,5 @@ DROP FUNCTION IF EXISTS pg_catalog.citus_total_relation_size(regclass);
#include "../../columnar/sql/columnar--9.5-1--10.0-1.sql"
GRANT USAGE ON SCHEMA citus_internal TO public;
CREATE SCHEMA cimv_internal;
GRANT ALL ON SCHEMA cimv_internal to public;

2
src/include/distributed/cimv.h
View File

@ -4,7 +4,7 @@
#include "postgres.h"
#include "nodes/plannodes.h"
#define CITUS_INTERNAL_SCHEMA "citus_internal"
#define CIMV_INTERNAL_SCHEMA "cimv_internal"
#define CITUS_NAMESPACE "citus"
#define MATERIALIZATION_TABLE_SUFFIX "mt"
#define LANDING_TABLE_SUFFIX "ld"