Review changes for pg16 update GRANT and REVOKE

2023-09-07 12:12:16 -04:00 · 2023-09-07 12:12:16 -04:00 · c6d5240af7
parent 587718aeae
commit c6d5240af7
2 changed files with 56 additions and 23 deletions
--- a/src/backend/distributed/deparser/deparse_role_stmts.c
+++ b/src/backend/distributed/deparser/deparse_role_stmts.c
@ -408,20 +408,31 @@ AppendRevokeAdminOptionFor(StringInfo buf, GrantRoleStmt *stmt)
 		{
 			switch (opt->defname)
 			{
+				case "admin":
 					appendStringInfo(buf, "ADMIN OPTION FOR ");
-			}
-			else if (strcmp(opt->defname, "inherit") == 0);
+					opt_count++;
+					break;
+
+				case "inherit":
+					if (opt_count > 0)
 					{
-				appendStringInfo(buf, "INHERIT TRUE");
-				appendStringInfo(buf, "GRANT x TO y WITH INHERIT TRUE, SET TRUE;");
+						appendStringInfo(buf, ", ");
 					}
-			else if (strcmp(opt->defname, "set") == 0)
+					appendStringInfo(buf, "INHERIT OPTION FOR ");
+					opt_count++;
+					break;
+
+				case "set":
+					if (opt_count > 0)
 					{
-				appendStringInfo(buf, "SET TRUE"); 
+						appendStringInfo(buf, ", ");
+					}
+					appendStringInfo(buf, "SET OPTION FOR ");
+					opt_count++;
+					break;
 			}
 		}
 	}
-}
 #else
 	if (!stmt->is_grant && stmt->admin_opt)
 	{
@ -438,16 +449,34 @@ AppendGrantWithAdminOption(StringInfo buf, GrantRoleStmt *stmt)
 	{
 #if PG_VERSION_NUM >= PG_VERSION_16
 		DefElem *opt = NULL;
-		 int opt_count = 0;
 		foreach_ptr(opt, stmt->opt)
 		{
-			bool admin_option = false;
-			char *optval = defGetString(opt);
-			if (strcmp(opt->defname, "admin") == 0 &&
-				parse_bool(optval, &admin_option) && admin_option)
+			switch (opt->defname)
        {
+            case "admin":
                appendStringInfo(buf, " WITH ADMIN OPTION");
+                opt_count++;
                break;
+
+			case "inherit":
+				if (opt_count > 0)
+				{
+					appendStringInfo(buf, ", ");
+				}
+				appendStringInfo(buf, "INHERIT OPTION ");
+				opt_count++;
+				break;
+
+				
+        	case "set":
+  				if (opt_count > 0)
+				{
+					appendStringInfo(buf, ", ");
+				}
+				appendStringInfo(buf, "SET OPTION ");
+				opt_count++;
+				break;
+        }
 			}
 		}
 	}
--- a/src/test/regress/sql/pg16.sql
+++ b/src/test/regress/sql/pg16.sql
@ -899,10 +899,14 @@ GRANT create_group TO create_role_4 WITH SET;
 -- ADMIN role can perfom administrative tasks 
 -- role can now access the data and permissions of the table (owner of table)
 -- role can change current user to any other user/role that has access 
-GRANT ADMIN ON DATABASE db_name TO role_name;
-GRANT INHERIT ON TABLE table_name TO role_name;
-GRANT SET SESSION AUTHORIZATION TO role_name;
+GRANT ADMIN TO joe;
+GRANT INHERIT ON ROLE joe TO james;

-SELECT * FROM table_name WHERE column_name = 'value';
+GRANT SELECT ON companies TO joe WITH GRANT OPTION;
+GRANT SET (SELECT) ON companies TO james;
+
+
+\set VERBOSITY terse
+SET client_min_messages TO ERROR;
+DROP SCHEMA pg16 CASCADE;

-SELECT COUNT(*) FROM table_name WHERE column_name = 'value';