Make CDB_OAuth independent of the PG version
This commit is contained in:
parent
409b067721
commit
7f9a748119
4
Makefile
4
Makefile
@ -182,11 +182,7 @@ legacy_regress: $(REGRESS_OLD) Makefile
|
|||||||
$(SED) -e 's/@@VERSION@@/$(EXTVERSION)/' -e 's/@extschema@/cartodb/g' -e "s/@postgisschema@/public/g" >> $${of}; \
|
$(SED) -e 's/@@VERSION@@/$(EXTVERSION)/' -e 's/@extschema@/cartodb/g' -e "s/@postgisschema@/public/g" >> $${of}; \
|
||||||
exp=expected/test/$${tn}.out; \
|
exp=expected/test/$${tn}.out; \
|
||||||
echo '\set ECHO none' > $${exp}; \
|
echo '\set ECHO none' > $${exp}; \
|
||||||
if [[ -f "test/$${tn}_expect.pg$(PG_VERSION)" ]]; then \
|
|
||||||
cat test/$${tn}_expect.pg$(PG_VERSION) >> $${exp}; \
|
|
||||||
else \
|
|
||||||
cat test/$${tn}_expect >> $${exp}; \
|
cat test/$${tn}_expect >> $${exp}; \
|
||||||
fi \
|
|
||||||
done
|
done
|
||||||
|
|
||||||
test_organization:
|
test_organization:
|
||||||
|
@ -1,6 +1,23 @@
|
|||||||
-- Create user and enable OAuth event trigger
|
-- Create user and enable OAuth event trigger
|
||||||
\set QUIET on
|
\set QUIET on
|
||||||
SET client_min_messages TO error;
|
SET client_min_messages TO error;
|
||||||
|
|
||||||
|
-- The permission error changed between pre PG11 and post 11 (before everythin "relation", now it's "view", "table" and so on
|
||||||
|
CREATE OR REPLACE FUNCTION catch_permission_error(query text)
|
||||||
|
RETURNS bool
|
||||||
|
AS $$
|
||||||
|
BEGIN
|
||||||
|
EXECUTE query;
|
||||||
|
RETURN FALSE;
|
||||||
|
EXCEPTION
|
||||||
|
WHEN insufficient_privilege THEN
|
||||||
|
RETURN TRUE;
|
||||||
|
WHEN OTHERS THEN
|
||||||
|
RAISE WARNING 'Exception %', sqlstate;
|
||||||
|
RETURN FALSE;
|
||||||
|
END
|
||||||
|
$$ LANGUAGE 'plpgsql';
|
||||||
|
|
||||||
DROP ROLE IF EXISTS "creator_role";
|
DROP ROLE IF EXISTS "creator_role";
|
||||||
CREATE ROLE "creator_role" LOGIN;
|
CREATE ROLE "creator_role" LOGIN;
|
||||||
DROP ROLE IF EXISTS "ownership_role";
|
DROP ROLE IF EXISTS "ownership_role";
|
||||||
@ -30,11 +47,11 @@ SELECT * FROM test_selectinto;
|
|||||||
SET SESSION AUTHORIZATION "ownership_role";
|
SET SESSION AUTHORIZATION "ownership_role";
|
||||||
\set QUIET off
|
\set QUIET off
|
||||||
|
|
||||||
SELECT * FROM test;
|
SELECT 'denied_table', catch_permission_error($$SELECT * FROM test;$$);
|
||||||
SELECT * FROM test_tablesas;
|
SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$);
|
||||||
SELECT * FROM test_view;
|
SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$);
|
||||||
SELECT * FROM test_mview;
|
SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$);
|
||||||
SELECT * FROM test_selectinto;
|
SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$);
|
||||||
|
|
||||||
\set QUIET on
|
\set QUIET on
|
||||||
SET SESSION AUTHORIZATION "creator_role";
|
SET SESSION AUTHORIZATION "creator_role";
|
||||||
@ -71,11 +88,11 @@ SELECT * FROM test2_selectinto;
|
|||||||
SET SESSION AUTHORIZATION "ownership_role";
|
SET SESSION AUTHORIZATION "ownership_role";
|
||||||
\set QUIET off
|
\set QUIET off
|
||||||
|
|
||||||
SELECT * FROM test2;
|
SELECT 'denied_table2', catch_permission_error($$SELECT * FROM test2;$$);
|
||||||
SELECT * FROM test2_tablesas;
|
SELECT 'denied_tableas2', catch_permission_error($$SELECT * FROM test2_tablesas;$$);
|
||||||
SELECT * FROM test2_view;
|
SELECT 'denied_view2', catch_permission_error($$SELECT * FROM test2_view;$$);
|
||||||
SELECT * FROM test2_mview;
|
SELECT 'denied_mview2', catch_permission_error($$SELECT * FROM test2_mview;$$);
|
||||||
SELECT * FROM test2_selectinto;
|
SELECT 'denied_selectinto2', catch_permission_error($$SELECT * FROM test2_selectinto;$$);
|
||||||
|
|
||||||
\set QUIET on
|
\set QUIET on
|
||||||
SET SESSION AUTHORIZATION "creator_role";
|
SET SESSION AUTHORIZATION "creator_role";
|
||||||
@ -112,11 +129,11 @@ SELECT * FROM test3_selectinto;
|
|||||||
SET SESSION AUTHORIZATION "ownership_role";
|
SET SESSION AUTHORIZATION "ownership_role";
|
||||||
\set QUIET off
|
\set QUIET off
|
||||||
|
|
||||||
SELECT * FROM test3;
|
SELECT 'denied_table3', catch_permission_error($$SELECT * FROM test3;$$);
|
||||||
SELECT * FROM test3_tablesas;
|
SELECT 'denied_tableas3', catch_permission_error($$SELECT * FROM test3_tablesas;$$);
|
||||||
SELECT * FROM test3_view;
|
SELECT 'denied_view3', catch_permission_error($$SELECT * FROM test3_view;$$);
|
||||||
SELECT * FROM test3_mview;
|
SELECT 'denied_mview3', catch_permission_error($$SELECT * FROM test3_mview;$$);
|
||||||
SELECT * FROM test3_selectinto;
|
SELECT 'denied_selectinto3', catch_permission_error($$SELECT * FROM test3_selectinto;$$);
|
||||||
|
|
||||||
\set QUIET on
|
\set QUIET on
|
||||||
SET SESSION AUTHORIZATION "creator_role";
|
SET SESSION AUTHORIZATION "creator_role";
|
||||||
@ -174,4 +191,5 @@ DROP ROLE "ownership_role";
|
|||||||
REVOKE ALL ON SCHEMA cartodb FROM "creator_role";
|
REVOKE ALL ON SCHEMA cartodb FROM "creator_role";
|
||||||
DROP ROLE "creator_role";
|
DROP ROLE "creator_role";
|
||||||
DELETE FROM cdb_conf WHERE key = 'api_keys_creator_role';
|
DELETE FROM cdb_conf WHERE key = 'api_keys_creator_role';
|
||||||
|
DROP FUNCTION catch_permission_error(text);
|
||||||
\set QUIET off
|
\set QUIET off
|
||||||
|
@ -10,11 +10,11 @@ SELECT 1
|
|||||||
1
|
1
|
||||||
1
|
1
|
||||||
1
|
1
|
||||||
ERROR: permission denied for relation test
|
denied_table|t
|
||||||
ERROR: permission denied for relation test_tablesas
|
denied_tableas|t
|
||||||
ERROR: permission denied for relation test_view
|
denied_view|t
|
||||||
ERROR: permission denied for relation test_mview
|
denied_mview|t
|
||||||
ERROR: permission denied for relation test_selectinto
|
denied_selectinto|t
|
||||||
DROP TABLE
|
DROP TABLE
|
||||||
DROP VIEW
|
DROP VIEW
|
||||||
DROP MATERIALIZED VIEW
|
DROP MATERIALIZED VIEW
|
||||||
@ -33,11 +33,11 @@ SELECT 1
|
|||||||
1
|
1
|
||||||
1
|
1
|
||||||
1
|
1
|
||||||
ERROR: permission denied for relation test2
|
denied_table2|t
|
||||||
ERROR: permission denied for relation test2_tablesas
|
denied_tableas2|t
|
||||||
ERROR: permission denied for relation test2_view
|
denied_view2|t
|
||||||
ERROR: permission denied for relation test2_mview
|
denied_mview2|t
|
||||||
ERROR: permission denied for relation test2_selectinto
|
denied_selectinto2|t
|
||||||
DROP TABLE
|
DROP TABLE
|
||||||
DROP VIEW
|
DROP VIEW
|
||||||
DROP MATERIALIZED VIEW
|
DROP MATERIALIZED VIEW
|
||||||
@ -55,11 +55,11 @@ SELECT 1
|
|||||||
1
|
1
|
||||||
1
|
1
|
||||||
1
|
1
|
||||||
ERROR: permission denied for relation test3
|
denied_table3|t
|
||||||
ERROR: permission denied for relation test3_tablesas
|
denied_tableas3|t
|
||||||
ERROR: permission denied for relation test3_view
|
denied_view3|t
|
||||||
ERROR: permission denied for relation test3_mview
|
denied_mview3|t
|
||||||
ERROR: permission denied for relation test3_selectinto
|
denied_selectinto3|t
|
||||||
DROP TABLE
|
DROP TABLE
|
||||||
DROP VIEW
|
DROP VIEW
|
||||||
DROP MATERIALIZED VIEW
|
DROP MATERIALIZED VIEW
|
||||||
|
@ -1,90 +0,0 @@
|
|||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
ERROR: permission denied for table test
|
|
||||||
ERROR: permission denied for table test_tablesas
|
|
||||||
ERROR: permission denied for view test_view
|
|
||||||
ERROR: permission denied for materialized view test_mview
|
|
||||||
ERROR: permission denied for table test_selectinto
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
NOTICE: event trigger "oauth_reassign_tables_trigger" does not exist, skipping
|
|
||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
ERROR: permission denied for table test2
|
|
||||||
ERROR: permission denied for table test2_tablesas
|
|
||||||
ERROR: permission denied for view test2_view
|
|
||||||
ERROR: permission denied for materialized view test2_mview
|
|
||||||
ERROR: permission denied for table test2_selectinto
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
ERROR: permission denied for table test3
|
|
||||||
ERROR: permission denied for table test3_tablesas
|
|
||||||
ERROR: permission denied for view test3_view
|
|
||||||
ERROR: permission denied for materialized view test3_mview
|
|
||||||
ERROR: permission denied for table test3_selectinto
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
|
|
@ -1,90 +0,0 @@
|
|||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
ERROR: permission denied for table test
|
|
||||||
ERROR: permission denied for table test_tablesas
|
|
||||||
ERROR: permission denied for view test_view
|
|
||||||
ERROR: permission denied for materialized view test_mview
|
|
||||||
ERROR: permission denied for table test_selectinto
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
NOTICE: event trigger "oauth_reassign_tables_trigger" does not exist, skipping
|
|
||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
ERROR: permission denied for table test2
|
|
||||||
ERROR: permission denied for table test2_tablesas
|
|
||||||
ERROR: permission denied for view test2_view
|
|
||||||
ERROR: permission denied for materialized view test2_mview
|
|
||||||
ERROR: permission denied for table test2_selectinto
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
ERROR: permission denied for table test3
|
|
||||||
ERROR: permission denied for table test3_tablesas
|
|
||||||
ERROR: permission denied for view test3_view
|
|
||||||
ERROR: permission denied for materialized view test3_mview
|
|
||||||
ERROR: permission denied for table test3_selectinto
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
|
|
||||||
CREATE TABLE
|
|
||||||
INSERT 0 1
|
|
||||||
SELECT 1
|
|
||||||
CREATE VIEW
|
|
||||||
SELECT 1
|
|
||||||
SELECT 1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
1
|
|
||||||
DROP TABLE
|
|
||||||
DROP VIEW
|
|
||||||
DROP MATERIALIZED VIEW
|
|
||||||
DROP TABLE
|
|
||||||
DROP TABLE
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user