Add COMMENT and SECURITY LABEL support for publications and subscriptions

author Peter Eisentraut <peter_e@gmx.net>

Sat, 25 Mar 2017 03:25:24 +0000 (23:25 -0400)

committer Peter Eisentraut <peter_e@gmx.net>

Sat, 25 Mar 2017 03:44:23 +0000 (23:44 -0400)
author Peter Eisentraut <peter_e@gmx.net>
Sat, 25 Mar 2017 03:25:24 +0000 (23:25 -0400)
committer Peter Eisentraut <peter_e@gmx.net>
Sat, 25 Mar 2017 03:44:23 +0000 (23:44 -0400)
diff --git a/doc/src/sgml/ref/comment.sgml b/doc/src/sgml/ref/comment.sgml

index 8fe17a5767d7e70d0b548345378ea901c7e7d7c7..df328117f1d803adfa8cf9957747fd70fdf8576e 100644 (file)
--- a/doc/src/sgml/ref/comment.sgml
+++ b/doc/src/sgml/ref/comment.sgml
@@ -46,12 +46,14 @@ COMMENT ON
    OPERATOR FAMILY <replaceable class="PARAMETER">object_name</replaceable> USING <replaceable class="parameter">index_method</replaceable> |
    POLICY <replaceable class="PARAMETER">policy_name</replaceable> ON <replaceable class="PARAMETER">table_name</replaceable> |
    [ PROCEDURAL ] LANGUAGE <replaceable class="PARAMETER">object_name</replaceable> |
+  PUBLICATION <replaceable class="PARAMETER">object_name</replaceable> |
    ROLE <replaceable class="PARAMETER">object_name</replaceable> |
    RULE <replaceable class="PARAMETER">rule_name</replaceable> ON <replaceable class="PARAMETER">table_name</replaceable> |
    SCHEMA <replaceable class="PARAMETER">object_name</replaceable> |
    SEQUENCE <replaceable class="PARAMETER">object_name</replaceable> |
    SERVER <replaceable class="PARAMETER">object_name</replaceable> |
    STATISTICS <replaceable class="PARAMETER">object_name</replaceable> |
+  SUBSCRIPTION <replaceable class="PARAMETER">object_name</replaceable> |
    TABLE <replaceable class="PARAMETER">object_name</replaceable> |
    TABLESPACE <replaceable class="PARAMETER">object_name</replaceable> |
    TEXT SEARCH CONFIGURATION <replaceable class="PARAMETER">object_name</replaceable> |
diff --git a/doc/src/sgml/ref/security_label.sgml b/doc/src/sgml/ref/security_label.sgml

index afd86aff3a01eefed82f1d091c5e271782ac5640..aa8be473bdf7efdfc9e528c418a6b7f1d841c0c4 100644 (file)
--- a/doc/src/sgml/ref/security_label.sgml
+++ b/doc/src/sgml/ref/security_label.sgml
@@ -34,9 +34,11 @@ SECURITY LABEL [ FOR <replaceable class="PARAMETER">provider</replaceable> ] ON
    LARGE OBJECT <replaceable class="PARAMETER">large_object_oid</replaceable> |
    MATERIALIZED VIEW <replaceable class="PARAMETER">object_name</replaceable> |
    [ PROCEDURAL ] LANGUAGE <replaceable class="PARAMETER">object_name</replaceable> |
+  PUBLICATION <replaceable class="PARAMETER">object_name</replaceable> |
    ROLE <replaceable class="PARAMETER">object_name</replaceable> |
    SCHEMA <replaceable class="PARAMETER">object_name</replaceable> |
    SEQUENCE <replaceable class="PARAMETER">object_name</replaceable> |
+  SUBSCRIPTION <replaceable class="PARAMETER">object_name</replaceable> |
    TABLESPACE <replaceable class="PARAMETER">object_name</replaceable> |
    TYPE <replaceable class="PARAMETER">object_name</replaceable> |
    VIEW <replaceable class="PARAMETER">object_name</replaceable>
diff --git a/src/backend/catalog/system_views.sql b/src/backend/catalog/system_views.sql

index b41882aa5210cda567f85f6db520008ca97b59fb..d8b762ee3fb62dece6cf3e746ef3dc2ce5894e62 100644 (file)
--- a/src/backend/catalog/system_views.sql
+++ b/src/backend/catalog/system_views.sql
@@ -424,6 +424,28 @@ FROM
  WHERE
         l.objsubid = 0
  UNION ALL
+SELECT
+       l.objoid, l.classoid, l.objsubid,
+       'publication'::text AS objtype,
+       NULL::oid AS objnamespace,
+       quote_ident(p.pubname) AS objname,
+       l.provider, l.label
+FROM
+       pg_seclabel l
+       JOIN pg_publication p ON l.classoid = p.tableoid AND l.objoid = p.oid
+WHERE
+       l.objsubid = 0
+UNION ALL
+SELECT
+       l.objoid, l.classoid, 0::int4 AS objsubid,
+       'subscription'::text AS objtype,
+       NULL::oid AS objnamespace,
+       quote_ident(s.subname) AS objname,
+       l.provider, l.label
+FROM
+       pg_shseclabel l
+       JOIN pg_subscription s ON l.classoid = s.tableoid AND l.objoid = s.oid
+UNION ALL
  SELECT
         l.objoid, l.classoid, 0::int4 AS objsubid,
         'database'::text AS objtype,
diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y

index bbcfc1fb4fdb50791efbf8f3b353b4dc16923065..19dd77d7877e90606026aa02a98c1bd1a846b922 100644 (file)
--- a/src/backend/parser/gram.y
+++ b/src/backend/parser/gram.y
@@ -6340,9 +6340,11 @@ comment_type_name:
                         | EXTENSION                                                     { $$ = OBJECT_EXTENSION; }
                         | FOREIGN DATA_P WRAPPER                        { $$ = OBJECT_FDW; }
                         | opt_procedural LANGUAGE                       { $$ = OBJECT_LANGUAGE; }
+                       | PUBLICATION                                           { $$ = OBJECT_PUBLICATION; }
                         | ROLE                                                          { $$ = OBJECT_ROLE; }
                         | SCHEMA                                                        { $$ = OBJECT_SCHEMA; }
                         | SERVER                                                        { $$ = OBJECT_FOREIGN_SERVER; }
+                       | SUBSCRIPTION                                          { $$ = OBJECT_SUBSCRIPTION; }
                         | TABLESPACE                                            { $$ = OBJECT_TABLESPACE; }
                 ;
  
@@ -6453,8 +6455,10 @@ security_label_type_name:
                         DATABASE                                                        { $$ = OBJECT_DATABASE; }
                         | EVENT TRIGGER                                         { $$ = OBJECT_EVENT_TRIGGER; }
                         | opt_procedural LANGUAGE                       { $$ = OBJECT_LANGUAGE; }
+                       | PUBLICATION                                           { $$ = OBJECT_PUBLICATION; }
                         | ROLE                                                          { $$ = OBJECT_ROLE; }
                         | SCHEMA                                                        { $$ = OBJECT_SCHEMA; }
+                       | SUBSCRIPTION                                          { $$ = OBJECT_SUBSCRIPTION; }
                         | TABLESPACE                                            { $$ = OBJECT_TABLESPACE; }
                 ;
  
diff --git a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out

index 9c0c9cd815bc777c18bbfd6216eb50fed56c3ad9..7273df17b2ea12390e9e183a32d5970f383aa3d9 100644 (file)
--- a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
+++ b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
@@ -67,20 +67,28 @@ SECURITY LABEL ON FUNCTION dummy_seclabel_four() IS 'classified';           -- OK
  SECURITY LABEL ON DOMAIN dummy_seclabel_domain IS 'classified';                -- OK
  CREATE SCHEMA dummy_seclabel_test;
  SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';                -- OK
+SET client_min_messages = error;
+CREATE PUBLICATION dummy_pub;
+CREATE SUBSCRIPTION dummy_sub CONNECTION '' PUBLICATION foo WITH (NOCONNECT);
+RESET client_min_messages;
+SECURITY LABEL ON PUBLICATION dummy_pub IS 'classified';
+SECURITY LABEL ON SUBSCRIPTION dummy_sub IS 'classified';
  SELECT objtype, objname, provider, label FROM pg_seclabels
         ORDER BY objtype, objname;
- objtype  |           objname            | provider |    label     
-----------+------------------------------+----------+--------------
- column   | dummy_seclabel_tbl1.a        | dummy    | unclassified
- domain   | dummy_seclabel_domain        | dummy    | classified
- function | dummy_seclabel_four()        | dummy    | classified
- role     | regress_dummy_seclabel_user1 | dummy    | classified
- role     | regress_dummy_seclabel_user2 | dummy    | unclassified
- schema   | dummy_seclabel_test          | dummy    | unclassified
- table    | dummy_seclabel_tbl1          | dummy    | top secret
- table    | dummy_seclabel_tbl2          | dummy    | classified
- view     | dummy_seclabel_view1         | dummy    | classified
-(9 rows)
+   objtype    |           objname            | provider |    label     
+--------------+------------------------------+----------+--------------
+ column       | dummy_seclabel_tbl1.a        | dummy    | unclassified
+ domain       | dummy_seclabel_domain        | dummy    | classified
+ function     | dummy_seclabel_four()        | dummy    | classified
+ publication  | dummy_pub                    | dummy    | classified
+ role         | regress_dummy_seclabel_user1 | dummy    | classified
+ role         | regress_dummy_seclabel_user2 | dummy    | unclassified
+ schema       | dummy_seclabel_test          | dummy    | unclassified
+ subscription | dummy_sub                    | dummy    | classified
+ table        | dummy_seclabel_tbl1          | dummy    | top secret
+ table        | dummy_seclabel_tbl2          | dummy    | classified
+ view         | dummy_seclabel_view1         | dummy    | classified
+(11 rows)
  
  -- check for event trigger
  CREATE FUNCTION event_trigger_test()
diff --git a/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql b/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql

index 854906f3ed98196c9c652129f59e636f70bff8f0..6b0d0acbff5a02dc313bcc3ca5eb7bd192233101 100644 (file)
--- a/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql
+++ b/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql
@@ -71,6 +71,13 @@ SECURITY LABEL ON DOMAIN dummy_seclabel_domain IS 'classified';              -- OK
  CREATE SCHEMA dummy_seclabel_test;
  SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified';                -- OK
  
+SET client_min_messages = error;
+CREATE PUBLICATION dummy_pub;
+CREATE SUBSCRIPTION dummy_sub CONNECTION '' PUBLICATION foo WITH (NOCONNECT);
+RESET client_min_messages;
+SECURITY LABEL ON PUBLICATION dummy_pub IS 'classified';
+SECURITY LABEL ON SUBSCRIPTION dummy_sub IS 'classified';
+
  SELECT objtype, objname, provider, label FROM pg_seclabels
         ORDER BY objtype, objname;
  
diff --git a/src/test/regress/expected/publication.out b/src/test/regress/expected/publication.out

index 5a7c0edf7d5da3d8c86c7f7637244317dd6ad940..0964718a60e0e2f412c43b168aa4747635c029f0 100644 (file)
--- a/src/test/regress/expected/publication.out
+++ b/src/test/regress/expected/publication.out
@@ -6,6 +6,13 @@ CREATE ROLE regress_publication_user2;
  CREATE ROLE regress_publication_user_dummy LOGIN NOSUPERUSER;
  SET SESSION AUTHORIZATION 'regress_publication_user';
  CREATE PUBLICATION testpub_default;
+COMMENT ON PUBLICATION testpub_default IS 'test publication';
+SELECT obj_description(p.oid, 'pg_publication') FROM pg_publication p;
+ obj_description  
+------------------
+ test publication
+(1 row)
+
  CREATE PUBLICATION testpib_ins_trunct WITH (nopublish delete, nopublish update);
  ALTER PUBLICATION testpub_default WITH (nopublish insert, nopublish delete);
  \dRp
diff --git a/src/test/regress/expected/rules.out b/src/test/regress/expected/rules.out

index 7f04c7a7cc8dabf41ef9066453dcac1386a9c44d..e8f8726c5377c2b26df131cc9f35204672e248d6 100644 (file)
--- a/src/test/regress/expected/rules.out
+++ b/src/test/regress/expected/rules.out
@@ -1605,6 +1605,29 @@ UNION ALL
     FROM (pg_seclabel l
       JOIN pg_event_trigger evt ON (((l.classoid = evt.tableoid) AND (l.objoid = evt.oid))))
    WHERE (l.objsubid = 0)
+UNION ALL
+ SELECT l.objoid,
+    l.classoid,
+    l.objsubid,
+    'publication'::text AS objtype,
+    NULL::oid AS objnamespace,
+    quote_ident((p.pubname)::text) AS objname,
+    l.provider,
+    l.label
+   FROM (pg_seclabel l
+     JOIN pg_publication p ON (((l.classoid = p.tableoid) AND (l.objoid = p.oid))))
+  WHERE (l.objsubid = 0)
+UNION ALL
+ SELECT l.objoid,
+    l.classoid,
+    0 AS objsubid,
+    'subscription'::text AS objtype,
+    NULL::oid AS objnamespace,
+    quote_ident((s.subname)::text) AS objname,
+    l.provider,
+    l.label
+   FROM (pg_shseclabel l
+     JOIN pg_subscription s ON (((l.classoid = s.tableoid) AND (l.objoid = s.oid))))
  UNION ALL
   SELECT l.objoid,
      l.classoid,
diff --git a/src/test/regress/expected/subscription.out b/src/test/regress/expected/subscription.out

index 74a5255e2a5ae663c57181fe89d294a153cd34fb..41f8def2f7f6f0122ce8018cc27a96e432990f9d 100644 (file)
--- a/src/test/regress/expected/subscription.out
+++ b/src/test/regress/expected/subscription.out
@@ -30,6 +30,13 @@ ERROR:  publication name "foo" used more than once
  -- ok
  CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT);
  WARNING:  tables were not subscribed, you will have to run ALTER SUBSCRIPTION ... REFRESH PUBLICATION to subscribe the tables
+COMMENT ON SUBSCRIPTION testsub IS 'test subscription';
+SELECT obj_description(s.oid, 'pg_subscription') FROM pg_subscription s;
+  obj_description  
+-------------------
+ test subscription
+(1 row)
+
  -- fail - name already exists
  CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT);
  ERROR:  subscription "testsub" already exists
diff --git a/src/test/regress/sql/publication.sql b/src/test/regress/sql/publication.sql

index cff9931a77f56dff789c02876bf2e41a803e8094..85530bec0e72f912e22800e17b8267b040959fa9 100644 (file)
--- a/src/test/regress/sql/publication.sql
+++ b/src/test/regress/sql/publication.sql
@@ -8,6 +8,9 @@ SET SESSION AUTHORIZATION 'regress_publication_user';
  
  CREATE PUBLICATION testpub_default;
  
+COMMENT ON PUBLICATION testpub_default IS 'test publication';
+SELECT obj_description(p.oid, 'pg_publication') FROM pg_publication p;
+
  CREATE PUBLICATION testpib_ins_trunct WITH (nopublish delete, nopublish update);
  
  ALTER PUBLICATION testpub_default WITH (nopublish insert, nopublish delete);
diff --git a/src/test/regress/sql/subscription.sql b/src/test/regress/sql/subscription.sql

index b0eac1878523af1f88f1997b62dc3442dcb4fbc7..2db97db2f5105f0a99dd3b1c075283c970572290 100644 (file)
--- a/src/test/regress/sql/subscription.sql
+++ b/src/test/regress/sql/subscription.sql
@@ -27,6 +27,9 @@ CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION foo, te
  -- ok
  CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT);
  
+COMMENT ON SUBSCRIPTION testsub IS 'test subscription';
+SELECT obj_description(s.oid, 'pg_subscription') FROM pg_subscription s;
+
  -- fail - name already exists
  CREATE SUBSCRIPTION testsub CONNECTION 'dbname=doesnotexist' PUBLICATION testpub WITH (NOCONNECT);
author	Peter Eisentraut <peter_e@gmx.net>
	Sat, 25 Mar 2017 03:25:24 +0000 (23:25 -0400)
committer	Peter Eisentraut <peter_e@gmx.net>
	Sat, 25 Mar 2017 03:44:23 +0000 (23:44 -0400)
doc/src/sgml/ref/comment.sgml		patch \| blob \| history
doc/src/sgml/ref/security_label.sgml		patch \| blob \| history
src/backend/catalog/system_views.sql		patch \| blob \| history
src/backend/parser/gram.y		patch \| blob \| history
src/test/modules/dummy_seclabel/expected/dummy_seclabel.out		patch \| blob \| history
src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql		patch \| blob \| history
src/test/regress/expected/publication.out		patch \| blob \| history
src/test/regress/expected/rules.out		patch \| blob \| history
src/test/regress/expected/subscription.out		patch \| blob \| history
src/test/regress/sql/publication.sql		patch \| blob \| history
src/test/regress/sql/subscription.sql		patch \| blob \| history