external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

pg_database_owner -- commit To be renamed

version-15-socket
naisila 2022-08-22 16:40:21 +03:00
parent 7a48229753
commit c85b7589ef
8 changed files with 2633 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/test/regress/expected/grant_on_schema_propagation.out
View File

@ -1,6 +1,16 @@
--
-- GRANT_ON_SCHEMA_PROPAGATION
--
-- this test has different output for PG13/14 compared to PG15
-- In PG15, public schema is owned by pg_database_owner role
-- Relevant PG commit: b073c3ccd06e4cb845e121387a43faa8c68a7b62
SHOW server_version \gset
SELECT substring(:'server_version', '\d+')::int > 10 AS server_version_above_fourteen;
server_version_above_fourteen
---------------------------------------------------------------------
t
(1 row)
-- test grants are propagated when the schema is
CREATE SCHEMA dist_schema;
CREATE TABLE dist_schema.dist_table (id int);
@ -332,16 +342,16 @@ GRANT USAGE ON SCHEMA PUBLIC TO PUBLIC;
RESET ROLE;
-- check if the grants are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
public | {pg_database_owner=UC/pg_database_owner,=UC/pg_database_owner,role_1=U*C*/pg_database_owner,=U/role_1}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
public | {pg_database_owner=UC/pg_database_owner,=UC/pg_database_owner,role_1=U*C*/pg_database_owner,=U/role_1}
(1 row)
\c - - - :master_port
@ -354,16 +364,16 @@ SELECT 1 FROM master_add_node('localhost', :worker_2_port);
-- check if the grants are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
public | {pg_database_owner=UC/pg_database_owner,=UC/pg_database_owner,role_1=U*C*/pg_database_owner,=U/role_1}
(1 row)
\c - - - :worker_2_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
public | {pg_database_owner=UC/pg_database_owner,=UC/pg_database_owner,role_1=U*C*/pg_database_owner,=U/role_1}
(1 row)
\c - - - :master_port
@ -371,16 +381,16 @@ SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspna
REVOKE CREATE, USAGE ON SCHEMA PUBLIC FROM role_1 CASCADE;
-- check if the grants are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres}
public | {pg_database_owner=UC/pg_database_owner,=UC/pg_database_owner}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres}
public | {pg_database_owner=UC/pg_database_owner,=UC/pg_database_owner}
(1 row)
\c - - - :master_port

398
src/test/regress/expected/grant_on_schema_propagation_0.out Normal file
View File

@ -0,0 +1,398 @@
--
-- GRANT_ON_SCHEMA_PROPAGATION
--
-- this test has different output for PG13/14 compared to PG15
-- In PG15, public schema is owned by pg_database_owner role
-- Relevant PG commit: b073c3ccd06e4cb845e121387a43faa8c68a7b62
SHOW server_version \gset
SELECT substring(:'server_version', '\d+')::int > 10 AS server_version_above_fourteen;
server_version_above_fourteen
---------------------------------------------------------------------
t
(1 row)
-- test grants are propagated when the schema is
CREATE SCHEMA dist_schema;
CREATE TABLE dist_schema.dist_table (id int);
CREATE SCHEMA another_dist_schema;
CREATE TABLE another_dist_schema.dist_table (id int);
SET citus.enable_ddl_propagation TO off;
CREATE SCHEMA non_dist_schema;
SET citus.enable_ddl_propagation TO on;
-- create roles on all nodes
CREATE USER role_1;
CREATE USER role_2;
CREATE USER role_3;
-- do some varying grants
GRANT USAGE, CREATE ON SCHEMA dist_schema TO role_1 WITH GRANT OPTION;
GRANT USAGE ON SCHEMA dist_schema TO role_2;
SET ROLE role_1;
GRANT USAGE ON SCHEMA dist_schema TO role_3 WITH GRANT OPTION;
GRANT CREATE ON SCHEMA dist_schema TO role_3;
GRANT CREATE, USAGE ON SCHEMA dist_schema TO PUBLIC;
RESET ROLE;
GRANT USAGE ON SCHEMA dist_schema TO PUBLIC;
SELECT create_distributed_table('dist_schema.dist_table', 'id');
create_distributed_table
---------------------------------------------------------------------
(1 row)
SELECT create_distributed_table('another_dist_schema.dist_table', 'id');
create_distributed_table
---------------------------------------------------------------------
(1 row)
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'dist_schema';
nspname | nspacl
---------------------------------------------------------------------
dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U/postgres,role_3=U*C/role_1,=UC/role_1,=U/postgres}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'dist_schema';
nspname | nspacl
---------------------------------------------------------------------
dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U/postgres,role_3=U*C/role_1,=UC/role_1,=U/postgres}
(1 row)
\c - - - :master_port
-- grant all permissions
GRANT ALL ON SCHEMA dist_schema, another_dist_schema, non_dist_schema TO role_1, role_2, role_3 WITH GRANT OPTION;
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U*C*/postgres,role_3=U*C*/postgres}
dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U*C*/postgres,role_3=U*C/role_1,=UC/role_1,=U/postgres,role_3=U*C*/postgres}
non_dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U*C*/postgres,role_3=U*C*/postgres}
(3 rows)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U*C*/postgres,role_3=U*C*/postgres}
dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U*C*/postgres,role_3=U*C/role_1,=UC/role_1,=U/postgres,role_3=U*C*/postgres}
(2 rows)
\c - - - :master_port
-- revoke all permissions
REVOKE ALL ON SCHEMA dist_schema, another_dist_schema, non_dist_schema FROM role_1, role_2, role_3, PUBLIC CASCADE;
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres}
dist_schema | {postgres=UC/postgres}
non_dist_schema | {postgres=UC/postgres}
(3 rows)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres}
dist_schema | {postgres=UC/postgres}
(2 rows)
\c - - - :master_port
-- grant with multiple permissions, roles and schemas
GRANT USAGE, CREATE ON SCHEMA dist_schema, another_dist_schema, non_dist_schema TO role_1, role_2, role_3;
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_1=UC/postgres,role_2=UC/postgres,role_3=UC/postgres}
dist_schema | {postgres=UC/postgres,role_1=UC/postgres,role_2=UC/postgres,role_3=UC/postgres}
non_dist_schema | {postgres=UC/postgres,role_1=UC/postgres,role_2=UC/postgres,role_3=UC/postgres}
(3 rows)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_1=UC/postgres,role_2=UC/postgres,role_3=UC/postgres}
dist_schema | {postgres=UC/postgres,role_1=UC/postgres,role_2=UC/postgres,role_3=UC/postgres}
(2 rows)
\c - - - :master_port
-- revoke with multiple permissions, roles and schemas
REVOKE USAGE, CREATE ON SCHEMA dist_schema, another_dist_schema, non_dist_schema FROM role_1, role_2;
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
non_dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
(3 rows)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
(2 rows)
\c - - - :master_port
-- grant with grant option
GRANT USAGE ON SCHEMA dist_schema TO role_1, role_3 WITH GRANT OPTION;
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
dist_schema | {postgres=UC/postgres,role_3=U*C/postgres,role_1=U*/postgres}
(2 rows)
\c - - - :master_port
-- revoke grant option for
REVOKE GRANT OPTION FOR USAGE ON SCHEMA dist_schema FROM role_3;
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
dist_schema | {postgres=UC/postgres,role_3=UC/postgres,role_1=U*/postgres}
(2 rows)
\c - - - :master_port
-- test current_user
SET citus.enable_alter_role_propagation TO ON;
ALTER ROLE role_1 SUPERUSER;
SET citus.enable_alter_role_propagation TO OFF;
SET ROLE role_1;
-- this is only supported on citus enterprise where multiple users can be managed
-- The output of the nspname select below will indicate if the create has been granted
GRANT CREATE ON SCHEMA dist_schema TO CURRENT_USER;
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname IN ('dist_schema', 'another_dist_schema', 'non_dist_schema') ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
another_dist_schema | {postgres=UC/postgres,role_3=UC/postgres}
dist_schema | {postgres=UC/postgres,role_3=UC/postgres,role_1=U*C/postgres}
(2 rows)
\c - - - :master_port
RESET ROLE;
SET citus.enable_alter_role_propagation TO ON;
ALTER ROLE role_1 NOSUPERUSER;
SET citus.enable_alter_role_propagation TO OFF;
DROP TABLE dist_schema.dist_table, another_dist_schema.dist_table;
DROP SCHEMA dist_schema;
DROP SCHEMA another_dist_schema;
DROP SCHEMA non_dist_schema;
-- test if the grantors are propagated correctly
-- first remove one of the worker nodes
SET citus.shard_replication_factor TO 1;
SELECT master_remove_node('localhost', :worker_2_port);
master_remove_node
---------------------------------------------------------------------
(1 row)
-- create a new schema
CREATE SCHEMA grantor_schema;
-- give cascading permissions
GRANT USAGE, CREATE ON SCHEMA grantor_schema TO role_1 WITH GRANT OPTION;
GRANT CREATE ON SCHEMA grantor_schema TO PUBLIC;
SET ROLE role_1;
GRANT USAGE ON SCHEMA grantor_schema TO role_2 WITH GRANT OPTION;
GRANT CREATE ON SCHEMA grantor_schema TO role_2;
GRANT USAGE, CREATE ON SCHEMA grantor_schema TO role_3;
GRANT CREATE, USAGE ON SCHEMA grantor_schema TO PUBLIC;
SET ROLE role_2;
GRANT USAGE ON SCHEMA grantor_schema TO role_3;
RESET ROLE;
-- distribute the schema
CREATE TABLE grantor_schema.grantor_table (id INT);
SELECT create_distributed_table('grantor_schema.grantor_table', 'id');
create_distributed_table
---------------------------------------------------------------------
(1 row)
-- check if the grantors are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=U*C*/postgres,=C/postgres,role_2=U*C/role_1,role_3=UC/role_1,=UC/role_1,role_3=U/role_2}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=U*C*/postgres,=C/postgres,role_2=U*C/role_1,role_3=UC/role_1,=UC/role_1,role_3=U/role_2}
(1 row)
\c - - - :master_port
-- add the previously removed node
SELECT 1 FROM master_add_node('localhost', :worker_2_port);
?column?
---------------------------------------------------------------------
1
(1 row)
-- check if the grantors are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=U*C*/postgres,=C/postgres,role_2=U*C/role_1,role_3=UC/role_1,=UC/role_1,role_3=U/role_2}
(1 row)
\c - - - :worker_2_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=U*C*/postgres,=C/postgres,role_2=U*C/role_1,role_3=UC/role_1,=UC/role_1,role_3=U/role_2}
(1 row)
\c - - - :master_port
-- revoke one of the permissions
REVOKE USAGE ON SCHEMA grantor_schema FROM role_1 CASCADE;
-- check if revoke worked correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=C*/postgres,=C/postgres,role_2=C/role_1,role_3=C/role_1,=C/role_1}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=C*/postgres,=C/postgres,role_2=C/role_1,role_3=C/role_1,=C/role_1}
(1 row)
\c - - - :master_port
-- test if grantor propagates correctly on already distributed schemas
GRANT USAGE ON SCHEMA grantor_schema TO role_1 WITH GRANT OPTION;
SET ROLE role_1;
GRANT USAGE ON SCHEMA grantor_schema TO role_2;
GRANT USAGE ON SCHEMA grantor_schema TO role_3 WITH GRANT OPTION;
SET ROLE role_3;
GRANT USAGE ON SCHEMA grantor_schema TO role_2;
RESET ROLE;
-- check the results
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=U*C*/postgres,=C/postgres,role_2=UC/role_1,role_3=U*C/role_1,=C/role_1,role_2=U/role_3}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'grantor_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
grantor_schema | {postgres=UC/postgres,role_1=U*C*/postgres,=C/postgres,role_2=UC/role_1,role_3=U*C/role_1,=C/role_1,role_2=U/role_3}
(1 row)
\c - - - :master_port
DROP TABLE grantor_schema.grantor_table;
DROP SCHEMA grantor_schema CASCADE;
-- test distributing the schema with another user
CREATE SCHEMA dist_schema;
GRANT ALL ON SCHEMA dist_schema TO role_1 WITH GRANT OPTION;
SET ROLE role_1;
GRANT ALL ON SCHEMA dist_schema TO role_2 WITH GRANT OPTION;
CREATE TABLE dist_schema.dist_table (id int);
SELECT create_distributed_table('dist_schema.dist_table', 'id');
create_distributed_table
---------------------------------------------------------------------
(1 row)
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'dist_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U*C*/role_1}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'dist_schema' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
dist_schema | {postgres=UC/postgres,role_1=U*C*/postgres,role_2=U*C*/role_1}
(1 row)
\c - - - :master_port
DROP TABLE dist_schema.dist_table;
DROP SCHEMA dist_schema CASCADE;
-- test grants on public schema
-- first remove one of the worker nodes
SET citus.shard_replication_factor TO 1;
SELECT master_remove_node('localhost', :worker_2_port);
master_remove_node
---------------------------------------------------------------------
(1 row)
-- distribute the public schema (it has to be distributed by now but just in case)
CREATE TABLE public_schema_table (id INT);
SELECT create_distributed_table('public_schema_table', 'id');
create_distributed_table
---------------------------------------------------------------------
(1 row)
-- give cascading permissions
GRANT USAGE, CREATE ON SCHEMA PUBLIC TO role_1 WITH GRANT OPTION;
SET ROLE role_1;
GRANT USAGE ON SCHEMA PUBLIC TO PUBLIC;
RESET ROLE;
-- check if the grants are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
(1 row)
\c - - - :master_port
-- add the previously removed node
SELECT 1 FROM master_add_node('localhost', :worker_2_port);
?column?
---------------------------------------------------------------------
1
(1 row)
-- check if the grants are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
(1 row)
\c - - - :worker_2_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres,role_1=U*C*/postgres,=U/role_1}
(1 row)
\c - - - :master_port
-- revoke those new permissions
REVOKE CREATE, USAGE ON SCHEMA PUBLIC FROM role_1 CASCADE;
-- check if the grants are propagated correctly
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres}
(1 row)
\c - - - :worker_1_port
SELECT nspname, nspacl FROM pg_namespace WHERE nspname = 'public' ORDER BY nspname;
nspname | nspacl
---------------------------------------------------------------------
public | {postgres=UC/postgres,=UC/postgres}
(1 row)
\c - - - :master_port
DROP TABLE public_schema_table;
DROP ROLE role_1, role_2, role_3;

8
src/test/regress/expected/multi_extension.out
View File

@ -724,6 +724,14 @@ SELECT * FROM multi_extension.print_extension_changes();
-- recreate public schema, and recreate citus_tables in the public schema by default
CREATE SCHEMA public;
-- In PG15, public schema is owned by pg_database_owner role
-- Relevant PG commit: b073c3ccd06e4cb845e121387a43faa8c68a7b62
SHOW server_version \gset
SELECT substring(:'server_version', '\d+')::int > 14 AS server_version_above_fourteen
\gset
\if :server_version_above_fourteen
ALTER SCHEMA public OWNER TO pg_database_owner;
\endif
GRANT ALL ON SCHEMA public TO public;
ALTER EXTENSION citus UPDATE TO '9.5-1';
ALTER EXTENSION citus UPDATE TO '10.0-4';

80
src/test/regress/expected/multi_metadata_sync.out
View File

@ -1,6 +1,16 @@
--
-- MULTI_METADATA_SYNC
--
-- this test has different output for PG13/14 compared to PG15
-- In PG15, public schema is owned by pg_database_owner role
-- Relevant PG commit: b073c3ccd06e4cb845e121387a43faa8c68a7b62
SHOW server_version \gset
SELECT substring(:'server_version', '\d+')::int > 10 AS server_version_above_fourteen;
server_version_above_fourteen
---------------------------------------------------------------------
t
(1 row)
-- Tests for metadata snapshot functions, metadata syncing functions and propagation of
-- metadata changes to MX tables.
-- Turn metadata sync off at first
@ -62,7 +72,7 @@ SELECT unnest(activate_node_snapshot()) order by 1;
unnest
---------------------------------------------------------------------
ALTER DATABASE regression OWNER TO postgres;
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION pg_database_owner
DELETE FROM pg_catalog.pg_dist_colocation
DELETE FROM pg_catalog.pg_dist_object
DELETE FROM pg_dist_node
@ -70,9 +80,9 @@ SELECT unnest(activate_node_snapshot()) order by 1;
DELETE FROM pg_dist_placement
DELETE FROM pg_dist_shard
GRANT CREATE ON SCHEMA public TO PUBLIC;
GRANT CREATE ON SCHEMA public TO postgres;
GRANT CREATE ON SCHEMA public TO pg_database_owner;
GRANT USAGE ON SCHEMA public TO PUBLIC;
GRANT USAGE ON SCHEMA public TO postgres;
GRANT USAGE ON SCHEMA public TO pg_database_owner;
INSERT INTO pg_dist_node (nodeid, groupid, nodename, nodeport, noderack, hasmetadata, metadatasynced, isactive, noderole, nodecluster, shouldhaveshards) VALUES (1, 1, 'localhost', 57637, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE),(2, 2, 'localhost', 57638, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE)
RESET ROLE
RESET ROLE
@ -80,8 +90,8 @@ SELECT unnest(activate_node_snapshot()) order by 1;
SELECT pg_catalog.worker_drop_sequence_dependency(logicalrelid::regclass::text) FROM pg_dist_partition
SELECT worker_create_or_alter_role('postgres', 'CREATE ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''', 'ALTER ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''')
SELECT worker_drop_shell_table(logicalrelid::regclass::text) FROM pg_dist_partition
SET ROLE postgres
SET ROLE postgres
SET ROLE pg_database_owner
SET ROLE pg_database_owner
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
@ -131,7 +141,7 @@ SELECT unnest(activate_node_snapshot()) order by 1;
ALTER SEQUENCE public.user_defined_seq OWNER TO postgres
ALTER TABLE public.mx_test_table ADD CONSTRAINT mx_test_table_col_1_key UNIQUE (col_1)
ALTER TABLE public.mx_test_table OWNER TO postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION pg_database_owner
CREATE TABLE public.mx_test_table (col_1 integer, col_2 text NOT NULL, col_3 bigint DEFAULT nextval('public.mx_test_table_col_3_seq'::regclass) NOT NULL, col_4 bigint DEFAULT nextval('public.user_defined_seq'::regclass))
DELETE FROM pg_catalog.pg_dist_colocation
DELETE FROM pg_catalog.pg_dist_object
@ -140,9 +150,9 @@ SELECT unnest(activate_node_snapshot()) order by 1;
DELETE FROM pg_dist_placement
DELETE FROM pg_dist_shard
GRANT CREATE ON SCHEMA public TO PUBLIC;
GRANT CREATE ON SCHEMA public TO postgres;
GRANT CREATE ON SCHEMA public TO pg_database_owner;
GRANT USAGE ON SCHEMA public TO PUBLIC;
GRANT USAGE ON SCHEMA public TO postgres;
GRANT USAGE ON SCHEMA public TO pg_database_owner;
INSERT INTO pg_dist_node (nodeid, groupid, nodename, nodeport, noderack, hasmetadata, metadatasynced, isactive, noderole, nodecluster, shouldhaveshards) VALUES (1, 1, 'localhost', 57637, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE),(2, 2, 'localhost', 57638, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE)
RESET ROLE
RESET ROLE
@ -155,8 +165,8 @@ SELECT unnest(activate_node_snapshot()) order by 1;
SELECT worker_create_or_alter_role('postgres', 'CREATE ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''', 'ALTER ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''')
SELECT worker_create_truncate_trigger('public.mx_test_table')
SELECT worker_drop_shell_table(logicalrelid::regclass::text) FROM pg_dist_partition
SET ROLE postgres
SET ROLE postgres
SET ROLE pg_database_owner
SET ROLE pg_database_owner
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
@ -181,7 +191,7 @@ SELECT unnest(activate_node_snapshot()) order by 1;
ALTER TABLE public.mx_test_table ADD CONSTRAINT mx_test_table_col_1_key UNIQUE (col_1)
ALTER TABLE public.mx_test_table OWNER TO postgres
CREATE INDEX mx_index ON public.mx_test_table USING btree (col_2)
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION pg_database_owner
CREATE TABLE public.mx_test_table (col_1 integer, col_2 text NOT NULL, col_3 bigint DEFAULT nextval('public.mx_test_table_col_3_seq'::regclass) NOT NULL, col_4 bigint DEFAULT nextval('public.user_defined_seq'::regclass))
DELETE FROM pg_catalog.pg_dist_colocation
DELETE FROM pg_catalog.pg_dist_object
@ -190,9 +200,9 @@ SELECT unnest(activate_node_snapshot()) order by 1;
DELETE FROM pg_dist_placement
DELETE FROM pg_dist_shard
GRANT CREATE ON SCHEMA public TO PUBLIC;
GRANT CREATE ON SCHEMA public TO postgres;
GRANT CREATE ON SCHEMA public TO pg_database_owner;
GRANT USAGE ON SCHEMA public TO PUBLIC;
GRANT USAGE ON SCHEMA public TO postgres;
GRANT USAGE ON SCHEMA public TO pg_database_owner;
INSERT INTO pg_dist_node (nodeid, groupid, nodename, nodeport, noderack, hasmetadata, metadatasynced, isactive, noderole, nodecluster, shouldhaveshards) VALUES (1, 1, 'localhost', 57637, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE),(2, 2, 'localhost', 57638, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE)
RESET ROLE
RESET ROLE
@ -205,8 +215,8 @@ SELECT unnest(activate_node_snapshot()) order by 1;
SELECT worker_create_or_alter_role('postgres', 'CREATE ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''', 'ALTER ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''')
SELECT worker_create_truncate_trigger('public.mx_test_table')
SELECT worker_drop_shell_table(logicalrelid::regclass::text) FROM pg_dist_partition
SET ROLE postgres
SET ROLE postgres
SET ROLE pg_database_owner
SET ROLE pg_database_owner
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
@ -233,7 +243,7 @@ SELECT unnest(activate_node_snapshot()) order by 1;
ALTER TABLE mx_testing_schema.mx_test_table OWNER TO postgres
CREATE INDEX mx_index ON mx_testing_schema.mx_test_table USING btree (col_2)
CREATE SCHEMA IF NOT EXISTS mx_testing_schema AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION pg_database_owner
CREATE TABLE mx_testing_schema.mx_test_table (col_1 integer, col_2 text NOT NULL, col_3 bigint DEFAULT nextval('mx_testing_schema.mx_test_table_col_3_seq'::regclass) NOT NULL, col_4 bigint DEFAULT nextval('public.user_defined_seq'::regclass))
DELETE FROM pg_catalog.pg_dist_colocation
DELETE FROM pg_catalog.pg_dist_object
@ -242,9 +252,9 @@ SELECT unnest(activate_node_snapshot()) order by 1;
DELETE FROM pg_dist_placement
DELETE FROM pg_dist_shard
GRANT CREATE ON SCHEMA public TO PUBLIC;
GRANT CREATE ON SCHEMA public TO postgres;
GRANT CREATE ON SCHEMA public TO pg_database_owner;
GRANT USAGE ON SCHEMA public TO PUBLIC;
GRANT USAGE ON SCHEMA public TO postgres;
GRANT USAGE ON SCHEMA public TO pg_database_owner;
INSERT INTO pg_dist_node (nodeid, groupid, nodename, nodeport, noderack, hasmetadata, metadatasynced, isactive, noderole, nodecluster, shouldhaveshards) VALUES (1, 1, 'localhost', 57637, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE),(2, 2, 'localhost', 57638, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE)
RESET ROLE
RESET ROLE
@ -257,8 +267,8 @@ SELECT unnest(activate_node_snapshot()) order by 1;
SELECT worker_create_or_alter_role('postgres', 'CREATE ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''', 'ALTER ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''')
SELECT worker_create_truncate_trigger('mx_testing_schema.mx_test_table')
SELECT worker_drop_shell_table(logicalrelid::regclass::text) FROM pg_dist_partition
SET ROLE postgres
SET ROLE postgres
SET ROLE pg_database_owner
SET ROLE pg_database_owner
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
@ -291,7 +301,7 @@ SELECT unnest(activate_node_snapshot()) order by 1;
ALTER TABLE mx_testing_schema.mx_test_table OWNER TO postgres
CREATE INDEX mx_index ON mx_testing_schema.mx_test_table USING btree (col_2)
CREATE SCHEMA IF NOT EXISTS mx_testing_schema AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION pg_database_owner
CREATE TABLE mx_testing_schema.mx_test_table (col_1 integer, col_2 text NOT NULL, col_3 bigint DEFAULT nextval('mx_testing_schema.mx_test_table_col_3_seq'::regclass) NOT NULL, col_4 bigint DEFAULT nextval('public.user_defined_seq'::regclass))
DELETE FROM pg_catalog.pg_dist_colocation
DELETE FROM pg_catalog.pg_dist_object
@ -300,9 +310,9 @@ SELECT unnest(activate_node_snapshot()) order by 1;
DELETE FROM pg_dist_placement
DELETE FROM pg_dist_shard
GRANT CREATE ON SCHEMA public TO PUBLIC;
GRANT CREATE ON SCHEMA public TO postgres;
GRANT CREATE ON SCHEMA public TO pg_database_owner;
GRANT USAGE ON SCHEMA public TO PUBLIC;
GRANT USAGE ON SCHEMA public TO postgres;
GRANT USAGE ON SCHEMA public TO pg_database_owner;
INSERT INTO pg_dist_node (nodeid, groupid, nodename, nodeport, noderack, hasmetadata, metadatasynced, isactive, noderole, nodecluster, shouldhaveshards) VALUES (1, 1, 'localhost', 57637, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE),(2, 2, 'localhost', 57638, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE)
RESET ROLE
RESET ROLE
@ -315,8 +325,8 @@ SELECT unnest(activate_node_snapshot()) order by 1;
SELECT worker_create_or_alter_role('postgres', 'CREATE ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''', 'ALTER ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''')
SELECT worker_create_truncate_trigger('mx_testing_schema.mx_test_table')
SELECT worker_drop_shell_table(logicalrelid::regclass::text) FROM pg_dist_partition
SET ROLE postgres
SET ROLE postgres
SET ROLE pg_database_owner
SET ROLE pg_database_owner
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
@ -342,7 +352,7 @@ SELECT unnest(activate_node_snapshot()) order by 1;
ALTER TABLE mx_testing_schema.mx_test_table OWNER TO postgres
CREATE INDEX mx_index ON mx_testing_schema.mx_test_table USING btree (col_2)
CREATE SCHEMA IF NOT EXISTS mx_testing_schema AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION pg_database_owner
CREATE TABLE mx_testing_schema.mx_test_table (col_1 integer, col_2 text NOT NULL, col_3 bigint DEFAULT nextval('mx_testing_schema.mx_test_table_col_3_seq'::regclass) NOT NULL, col_4 bigint DEFAULT nextval('public.user_defined_seq'::regclass))
DELETE FROM pg_catalog.pg_dist_colocation
DELETE FROM pg_catalog.pg_dist_object
@ -351,9 +361,9 @@ SELECT unnest(activate_node_snapshot()) order by 1;
DELETE FROM pg_dist_placement
DELETE FROM pg_dist_shard
GRANT CREATE ON SCHEMA public TO PUBLIC;
GRANT CREATE ON SCHEMA public TO postgres;
GRANT CREATE ON SCHEMA public TO pg_database_owner;
GRANT USAGE ON SCHEMA public TO PUBLIC;
GRANT USAGE ON SCHEMA public TO postgres;
GRANT USAGE ON SCHEMA public TO pg_database_owner;
INSERT INTO pg_dist_node (nodeid, groupid, nodename, nodeport, noderack, hasmetadata, metadatasynced, isactive, noderole, nodecluster, shouldhaveshards) VALUES (1, 1, 'localhost', 57637, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE),(2, 2, 'localhost', 57638, 'default', FALSE, FALSE, TRUE, 'primary'::noderole, 'default', TRUE)
RESET ROLE
RESET ROLE
@ -366,8 +376,8 @@ SELECT unnest(activate_node_snapshot()) order by 1;
SELECT worker_create_or_alter_role('postgres', 'CREATE ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''', 'ALTER ROLE postgres SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN REPLICATION BYPASSRLS CONNECTION LIMIT 0 PASSWORD ''md5c53670dddfc3bb4b5675c7872bc2249a'' VALID UNTIL ''2052-05-05 00:00:00-07''')
SELECT worker_create_truncate_trigger('mx_testing_schema.mx_test_table')
SELECT worker_drop_shell_table(logicalrelid::regclass::text) FROM pg_dist_partition
SET ROLE postgres
SET ROLE postgres
SET ROLE pg_database_owner
SET ROLE pg_database_owner
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
@ -1868,7 +1878,7 @@ SELECT unnest(activate_node_snapshot()) order by 1;
CREATE SCHEMA IF NOT EXISTS mx_test_schema_2 AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS mx_testing_schema AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS mx_testing_schema_2 AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION postgres
CREATE SCHEMA IF NOT EXISTS public AUTHORIZATION pg_database_owner
CREATE TABLE mx_test_schema_1.mx_table_1 (col1 integer, col2 text, col3 integer)
CREATE TABLE mx_test_schema_2.mx_table_2 (col1 integer, col2 text)
CREATE TABLE mx_testing_schema.mx_test_table (col_1 integer, col_2 text NOT NULL, col_3 bigint DEFAULT nextval('mx_testing_schema.mx_test_table_col_3_seq'::regclass) NOT NULL, col_4 bigint DEFAULT nextval('public.user_defined_seq'::regclass))
@ -1882,9 +1892,9 @@ SELECT unnest(activate_node_snapshot()) order by 1;
DELETE FROM pg_dist_placement
DELETE FROM pg_dist_shard
GRANT CREATE ON SCHEMA public TO PUBLIC;
GRANT CREATE ON SCHEMA public TO postgres;
GRANT CREATE ON SCHEMA public TO pg_database_owner;
GRANT USAGE ON SCHEMA public TO PUBLIC;
GRANT USAGE ON SCHEMA public TO postgres;
GRANT USAGE ON SCHEMA public TO pg_database_owner;
INSERT INTO pg_dist_node (nodeid, groupid, nodename, nodeport, noderack, hasmetadata, metadatasynced, isactive, noderole, nodecluster, shouldhaveshards) VALUES (4, 1, 'localhost', 8888, 'default', FALSE, FALSE, TRUE, 'secondary'::noderole, 'default', TRUE),(5, 1, 'localhost', 8889, 'default', FALSE, FALSE, TRUE, 'secondary'::noderole, 'second-cluster', TRUE),(1, 1, 'localhost', 57637, 'default', TRUE, TRUE, TRUE, 'primary'::noderole, 'default', TRUE),(7, 5, 'localhost', 57638, 'default', TRUE, TRUE, TRUE, 'primary'::noderole, 'default', TRUE)
RESET ROLE
RESET ROLE
@ -1909,8 +1919,8 @@ SELECT unnest(activate_node_snapshot()) order by 1;
SELECT worker_create_truncate_trigger('public.mx_ref')
SELECT worker_create_truncate_trigger('public.test_table')
SELECT worker_drop_shell_table(logicalrelid::regclass::text) FROM pg_dist_partition
SET ROLE postgres
SET ROLE postgres
SET ROLE pg_database_owner
SET ROLE pg_database_owner
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'
SET citus.enable_ddl_propagation TO 'off'

2142
src/test/regress/expected/multi_metadata_sync_0.out Normal file
View File

File diff suppressed because it is too large Load Diff

5
src/test/regress/sql/grant_on_schema_propagation.sql
View File

@ -1,6 +1,11 @@
--
-- GRANT_ON_SCHEMA_PROPAGATION
--
-- this test has different output for PG13/14 compared to PG15
-- In PG15, public schema is owned by pg_database_owner role
-- Relevant PG commit: b073c3ccd06e4cb845e121387a43faa8c68a7b62
SHOW server_version \gset
SELECT substring(:'server_version', '\d+')::int > 10 AS server_version_above_fourteen;
-- test grants are propagated when the schema is
CREATE SCHEMA dist_schema;

8
src/test/regress/sql/multi_extension.sql
View File

@ -294,6 +294,14 @@ SELECT * FROM multi_extension.print_extension_changes();
-- recreate public schema, and recreate citus_tables in the public schema by default
CREATE SCHEMA public;
-- In PG15, public schema is owned by pg_database_owner role
-- Relevant PG commit: b073c3ccd06e4cb845e121387a43faa8c68a7b62
SHOW server_version \gset
SELECT substring(:'server_version', '\d+')::int > 14 AS server_version_above_fourteen
\gset
\if :server_version_above_fourteen
ALTER SCHEMA public OWNER TO pg_database_owner;
\endif
GRANT ALL ON SCHEMA public TO public;
ALTER EXTENSION citus UPDATE TO '9.5-1';
ALTER EXTENSION citus UPDATE TO '10.0-4';

5
src/test/regress/sql/multi_metadata_sync.sql
View File

@ -1,6 +1,11 @@
--
-- MULTI_METADATA_SYNC
--
-- this test has different output for PG13/14 compared to PG15
-- In PG15, public schema is owned by pg_database_owner role
-- Relevant PG commit: b073c3ccd06e4cb845e121387a43faa8c68a7b62
SHOW server_version \gset
SELECT substring(:'server_version', '\d+')::int > 10 AS server_version_above_fourteen;
-- Tests for metadata snapshot functions, metadata syncing functions and propagation of
-- metadata changes to MX tables.