Merge pull request #99 from CartoDB/usertables_fix
added tests for usertables to check private tables are not returned
This commit is contained in:
javi santana
commit
d52e05c474
@ -17,9 +17,8 @@ WHERE c.relkind = 'r'
|
||||
AND c.relname NOT IN ('cdb_tablemetadata', 'spatial_ref_sys')
|
||||
AND n.nspname NOT IN ('pg_catalog', 'information_schema', 'topology')
|
||||
AND CASE WHEN perm = 'public' THEN has_table_privilege('publicuser', c.oid, 'SELECT')
|
||||
WHEN perm = 'private' THEN (has_table_privilege(c.relowner, c.oid, 'SELECT') OR has_table_privilege(current_user, c.oid, 'SELECT'))
|
||||
AND NOT has_table_privilege('publicuser', c.oid, 'SELECT')
|
||||
WHEN perm = 'all' THEN has_table_privilege(c.relowner, c.oid, 'SELECT') OR has_table_privilege('publicuser', c.oid, 'SELECT')
|
||||
WHEN perm = 'private' THEN has_table_privilege(current_user, c.oid, 'SELECT') AND NOT has_table_privilege('publicuser', c.oid, 'SELECT')
|
||||
WHEN perm = 'all' THEN has_table_privilege(current_user, c.oid, 'SELECT') OR has_table_privilege('publicuser', c.oid, 'SELECT')
|
||||
ELSE false END;
|
||||
|
||||
$$ LANGUAGE 'sql';
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
CREATE ROLE publicuser;
|
||||
CREATE ROLE publicuser LOGIN;
|
||||
CREATE TABLE pub(a int);
|
||||
CREATE TABLE prv(a int);
|
||||
GRANT SELECT ON TABLE pub TO publicuser;
|
||||
@ -8,6 +8,12 @@ SELECT 'all',CDB_UserTables('all') ORDER BY 2;
|
||||
SELECT 'public',CDB_UserTables('public') ORDER BY 2;
|
||||
SELECT 'private',CDB_UserTables('private') ORDER BY 2;
|
||||
SELECT '--unsupported--',CDB_UserTables('--unsupported--') ORDER BY 2;
|
||||
-- now tests with public user
|
||||
\c contrib_regression publicuser
|
||||
SELECT 'all_publicuser',CDB_UserTables('all') ORDER BY 2;
|
||||
SELECT 'public_publicuser',CDB_UserTables('public') ORDER BY 2;
|
||||
SELECT 'private_publicuser',CDB_UserTables('private') ORDER BY 2;
|
||||
\c contrib_regression postgres
|
||||
DROP TABLE pub;
|
||||
DROP TABLE prv;
|
||||
DROP ROLE publicuser;
|
||||
|
||||
@ -9,6 +9,10 @@ all|prv
|
||||
all|pub
|
||||
public|pub
|
||||
private|prv
|
||||
You are now connected to database "contrib_regression" as user "publicuser".
|
||||
all_publicuser|pub
|
||||
public_publicuser|pub
|
||||
You are now connected to database "contrib_regression" as user "postgres".
|
||||
DROP TABLE
|
||||
DROP TABLE
|
||||
DROP ROLE
|
||||
|
||||
@ -142,6 +142,8 @@ function setup() {
|
||||
log_info "############################# SETUP #############################"
|
||||
create_role_and_schema cdb_testmember_1
|
||||
create_role_and_schema cdb_testmember_2
|
||||
sql "CREATE ROLE publicuser LOGIN;"
|
||||
sql "GRANT CONNECT ON DATABASE \"${DATABASE}\" TO publicuser;"
|
||||
|
||||
create_table cdb_testmember_1 foo
|
||||
sql cdb_testmember_1 'INSERT INTO cdb_testmember_1.foo VALUES (1), (2), (3), (4), (5);'
|
||||
@ -168,9 +170,11 @@ function tear_down() {
|
||||
|
||||
sql "REVOKE CONNECT ON DATABASE \"${DATABASE}\" FROM cdb_testmember_1;"
|
||||
sql "REVOKE CONNECT ON DATABASE \"${DATABASE}\" FROM cdb_testmember_2;"
|
||||
sql "REVOKE CONNECT ON DATABASE \"${DATABASE}\" FROM publicuser;"
|
||||
|
||||
sql 'DROP ROLE cdb_testmember_1;'
|
||||
sql 'DROP ROLE cdb_testmember_2;'
|
||||
sql 'DROP ROLE publicuser;'
|
||||
|
||||
${CMD} -c "DROP DATABASE ${DATABASE}"
|
||||
}
|
||||
@ -346,6 +350,25 @@ function test_cdb_querytables_does_not_return_functions_as_part_of_the_resultset
|
||||
sql postgres "select * from CDB_QueryTables('select * from cdb_testmember_1.foo, cdb_testmember_2.bar, plainto_tsquery(''foo'')');" should "{cdb_testmember_1.foo,cdb_testmember_2.bar}"
|
||||
}
|
||||
|
||||
function test_cdb_usertables_should_work_with_orgusers() {
|
||||
sql "GRANT USAGE ON SCHEMA cartodb TO publicuser;"
|
||||
${CMD} -d ${DATABASE} -f scripts-available/CDB_UserTables.sql
|
||||
sql cdb_testmember_1 "CREATE TABLE test_perms_pub (a int)"
|
||||
sql cdb_testmember_1 "CREATE TABLE test_perms_priv (a int)"
|
||||
sql cdb_testmember_1 "GRANT SELECT ON TABLE test_perms_pub TO publicuser"
|
||||
sql publicuser "SELECT count(*) FROM CDB_UserTables('all')" should 1
|
||||
sql publicuser "SELECT count(*) FROM CDB_UserTables('public')" should 1
|
||||
sql publicuser "SELECT count(*) FROM CDB_UserTables('private')" should 0
|
||||
# the following tests are for https://github.com/CartoDB/cartodb-postgresql/issues/98
|
||||
#sql cdb_testmember_2 "SELECT count(*) FROM CDB_UserTables('all')" should 1
|
||||
#sql cdb_testmember_2 "SELECT count(*) FROM CDB_UserTables('public')" should 1
|
||||
#sql cdb_testmember_2 "SELECT count(*) FROM CDB_UserTables('private')" should 0
|
||||
|
||||
sql cdb_testmember_1 "DROP TABLE test_perms_pub"
|
||||
sql cdb_testmember_1 "DROP TABLE test_perms_priv"
|
||||
}
|
||||
|
||||
|
||||
#################################################### TESTS END HERE ####################################################
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user