external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes assert error

grant_parameter_propagation
gurkanindibay 2024-01-17 14:53:42 +03:00
parent 1247c0d4b5
commit bf47d20148
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/backend/distributed/commands/parameter.c
View File

@ -107,7 +107,7 @@ CheckPermissionsAndGrants(AclItem *aclItem, AclMode modes[], int numModes)
for (int i = 0; i < numModes; i++) for (int i = 0; i < numModes; i++)
{ {
AclMode mode = modes[i]; AclMode mode = modes[i];
if (!(grants & mode) || (permissions & mode)) if ((grants & mode) && !(permissions & mode))
{ {
#if PG_VERSION_NUM >= PG_VERSION_16 #if PG_VERSION_NUM >= PG_VERSION_16
ereport(ERROR, (errmsg("ACL item has no grant option for mode %lu", mode))); ereport(ERROR, (errmsg("ACL item has no grant option for mode %lu", mode)));

16
src/test/regress/expected/grant_on_parameter_propagation.out
View File

@ -209,27 +209,39 @@ SELECT check_parameter_privileges(ARRAY['grant_param_user3','grant_param_user5-\
(16 rows) (16 rows)
SELECT 1 FROM citus_add_node('localhost', :worker_2_port); SELECT 1 FROM citus_add_node('localhost', :worker_2_port);
ERROR: ACL item has no grant option for mode 4096 ?column?
---------------------------------------------------------------------
1
(1 row)
SELECT check_parameter_privileges(ARRAY['grant_param_user3','grant_param_user5-\!'],ARRAY['max_connections','shared_buffers'], ARRAY['SET','ALTER SYSTEM']); SELECT check_parameter_privileges(ARRAY['grant_param_user3','grant_param_user5-\!'],ARRAY['max_connections','shared_buffers'], ARRAY['SET','ALTER SYSTEM']);
check_parameter_privileges check_parameter_privileges
--------------------------------------------------------------------- ---------------------------------------------------------------------
(t,grant_param_user3,max_connections,SET) (t,grant_param_user3,max_connections,SET)
(t,grant_param_user3,max_connections,SET) (t,grant_param_user3,max_connections,SET)
(t,grant_param_user3,max_connections,SET)
(t,grant_param_user3,max_connections,"ALTER SYSTEM")
(t,grant_param_user3,max_connections,"ALTER SYSTEM") (t,grant_param_user3,max_connections,"ALTER SYSTEM")
(t,grant_param_user3,max_connections,"ALTER SYSTEM") (t,grant_param_user3,max_connections,"ALTER SYSTEM")
(t,grant_param_user3,shared_buffers,SET) (t,grant_param_user3,shared_buffers,SET)
(t,grant_param_user3,shared_buffers,SET) (t,grant_param_user3,shared_buffers,SET)
(t,grant_param_user3,shared_buffers,SET)
(t,grant_param_user3,shared_buffers,"ALTER SYSTEM")
(t,grant_param_user3,shared_buffers,"ALTER SYSTEM") (t,grant_param_user3,shared_buffers,"ALTER SYSTEM")
(t,grant_param_user3,shared_buffers,"ALTER SYSTEM") (t,grant_param_user3,shared_buffers,"ALTER SYSTEM")
(t,"grant_param_user5-\\!",max_connections,SET) (t,"grant_param_user5-\\!",max_connections,SET)
(t,"grant_param_user5-\\!",max_connections,SET) (t,"grant_param_user5-\\!",max_connections,SET)
(t,"grant_param_user5-\\!",max_connections,SET)
(t,"grant_param_user5-\\!",max_connections,"ALTER SYSTEM")
(t,"grant_param_user5-\\!",max_connections,"ALTER SYSTEM") (t,"grant_param_user5-\\!",max_connections,"ALTER SYSTEM")
(t,"grant_param_user5-\\!",max_connections,"ALTER SYSTEM") (t,"grant_param_user5-\\!",max_connections,"ALTER SYSTEM")
(t,"grant_param_user5-\\!",shared_buffers,SET) (t,"grant_param_user5-\\!",shared_buffers,SET)
(t,"grant_param_user5-\\!",shared_buffers,SET) (t,"grant_param_user5-\\!",shared_buffers,SET)
(t,"grant_param_user5-\\!",shared_buffers,SET)
(t,"grant_param_user5-\\!",shared_buffers,"ALTER SYSTEM") (t,"grant_param_user5-\\!",shared_buffers,"ALTER SYSTEM")
(t,"grant_param_user5-\\!",shared_buffers,"ALTER SYSTEM") (t,"grant_param_user5-\\!",shared_buffers,"ALTER SYSTEM")
(16 rows) (t,"grant_param_user5-\\!",shared_buffers,"ALTER SYSTEM")
(24 rows)
REVOKE SET,ALTER SYSTEM ON PARAMETER max_connections,shared_buffers FROM grant_param_user3,"grant_param_user5-\!" cascade; REVOKE SET,ALTER SYSTEM ON PARAMETER max_connections,shared_buffers FROM grant_param_user3,"grant_param_user5-\!" cascade;
--clean all resources --clean all resources