From: Peter Eisentraut Date: Thu, 23 Oct 2014 01:39:07 +0000 (-0400) Subject: Add tests for sequence privileges X-Git-Tag: REL9_5_ALPHA1~1319 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a5f7d581943e70235264098c35313d16e932ee0c;p=postgresql Add tests for sequence privileges --- diff --git a/src/test/regress/expected/sequence.out b/src/test/regress/expected/sequence.out index a27b5fda04..8783ca62a6 100644 --- a/src/test/regress/expected/sequence.out +++ b/src/test/regress/expected/sequence.out @@ -367,6 +367,41 @@ DROP SEQUENCE seq2; SELECT lastval(); ERROR: lastval is not yet defined in this session CREATE USER seq_user; +-- privileges tests +-- nextval +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT nextval('seq3'); +ERROR: permission denied for sequence seq3 +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +ROLLBACK; +-- currval BEGIN; SET LOCAL SESSION AUTHORIZATION seq_user; CREATE SEQUENCE seq3; @@ -377,8 +412,96 @@ SELECT nextval('seq3'); (1 row) REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT currval('seq3'); + currval +--------- + 1 +(1 row) + +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; +SELECT currval('seq3'); +ERROR: permission denied for sequence seq3 +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT currval('seq3'); + currval +--------- + 1 +(1 row) + +ROLLBACK; +-- lastval +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT lastval(); + lastval +--------- + 1 +(1 row) + +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; SELECT lastval(); ERROR: permission denied for sequence seq3 +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT lastval(); + lastval +--------- + 1 +(1 row) + ROLLBACK; -- Sequences should get wiped out as well: DROP TABLE serialTest, serialTest2; diff --git a/src/test/regress/expected/sequence_1.out b/src/test/regress/expected/sequence_1.out index e426f64278..951fc9e791 100644 --- a/src/test/regress/expected/sequence_1.out +++ b/src/test/regress/expected/sequence_1.out @@ -367,6 +367,41 @@ DROP SEQUENCE seq2; SELECT lastval(); ERROR: lastval is not yet defined in this session CREATE USER seq_user; +-- privileges tests +-- nextval +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT nextval('seq3'); +ERROR: permission denied for sequence seq3 +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +ROLLBACK; +-- currval BEGIN; SET LOCAL SESSION AUTHORIZATION seq_user; CREATE SEQUENCE seq3; @@ -377,8 +412,96 @@ SELECT nextval('seq3'); (1 row) REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT currval('seq3'); + currval +--------- + 1 +(1 row) + +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; +SELECT currval('seq3'); +ERROR: permission denied for sequence seq3 +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT currval('seq3'); + currval +--------- + 1 +(1 row) + +ROLLBACK; +-- lastval +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT lastval(); + lastval +--------- + 1 +(1 row) + +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; SELECT lastval(); ERROR: permission denied for sequence seq3 +ROLLBACK; +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); + nextval +--------- + 1 +(1 row) + +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT lastval(); + lastval +--------- + 1 +(1 row) + ROLLBACK; -- Sequences should get wiped out as well: DROP TABLE serialTest, serialTest2; diff --git a/src/test/regress/sql/sequence.sql b/src/test/regress/sql/sequence.sql index 8d3b700f7d..0dd653dc22 100644 --- a/src/test/regress/sql/sequence.sql +++ b/src/test/regress/sql/sequence.sql @@ -168,11 +168,86 @@ SELECT lastval(); CREATE USER seq_user; +-- privileges tests + +-- nextval +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT nextval('seq3'); +ROLLBACK; + +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; +SELECT nextval('seq3'); +ROLLBACK; + +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT nextval('seq3'); +ROLLBACK; + +-- currval +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); +REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT currval('seq3'); +ROLLBACK; + +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; +SELECT currval('seq3'); +ROLLBACK; + +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); +REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; +SELECT currval('seq3'); +ROLLBACK; + +-- lastval +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); +REVOKE ALL ON seq3 FROM seq_user; +GRANT SELECT ON seq3 TO seq_user; +SELECT lastval(); +ROLLBACK; + +BEGIN; +SET LOCAL SESSION AUTHORIZATION seq_user; +CREATE SEQUENCE seq3; +SELECT nextval('seq3'); +REVOKE ALL ON seq3 FROM seq_user; +GRANT UPDATE ON seq3 TO seq_user; +SELECT lastval(); +ROLLBACK; + BEGIN; SET LOCAL SESSION AUTHORIZATION seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); REVOKE ALL ON seq3 FROM seq_user; +GRANT USAGE ON seq3 TO seq_user; SELECT lastval(); ROLLBACK;