From: Tomas Vondra Date: Sun, 22 Jan 2017 16:45:46 +0000 (+0100) Subject: fix tests broken by the unification of role names X-Git-Tag: XL_10_R1BETA1~418 X-Git-Url: http://git.postgresql.org/gitweb/static/gitweb.js?a=commitdiff_plain;h=a7019f8b642fbb3e7a7fa573d1c6c9e6ebd97c5c;p=postgres-xl.git fix tests broken by the unification of role names A bunch of regression suites were broken by upstream changes to role names used for testing. --- diff --git a/src/test/regress/expected/event_trigger.out b/src/test/regress/expected/event_trigger.out index 314c88ffeb..f025a8bb91 100644 --- a/src/test/regress/expected/event_trigger.out +++ b/src/test/regress/expected/event_trigger.out @@ -35,7 +35,7 @@ create event trigger regress_event_trigger2 on ddl_command_start when food in ('sandwich') execute procedure test_event_trigger(); ERROR: EVENT TRIGGER not yet supported in Postgres-XL --- should fail, sandwhich is not a valid command tag +-- should fail, sandwich is not a valid command tag create event trigger regress_event_trigger2 on ddl_command_start when tag in ('sandwich') execute procedure test_event_trigger(); @@ -117,17 +117,17 @@ DETAIL: The feature is not currently supported create server useless_server foreign data wrapper useless; ERROR: Postgres-XL does not support SERVER yet DETAIL: The feature is not currently supported -create user mapping for regression_bob server useless_server; +create user mapping for regress_evt_user server useless_server; ERROR: Postgres-XL does not support USER MAPPING yet DETAIL: The feature is not currently supported -alter default privileges for role regression_bob - revoke delete on tables from regression_bob; +alter default privileges for role regress_evt_user + revoke delete on tables from regress_evt_user; -- alter owner to non-superuser should fail -alter event trigger regress_event_trigger owner to regression_bob; +alter event trigger regress_event_trigger owner to regress_evt_user; ERROR: event trigger "regress_event_trigger" does not exist -- alter owner to superuser should work -alter role regression_bob superuser; -alter event trigger regress_event_trigger owner to regression_bob; +alter role regress_evt_user superuser; +alter event trigger regress_event_trigger owner to regress_evt_user; ERROR: event trigger "regress_event_trigger" does not exist -- should fail, name collision alter event trigger regress_event_trigger rename to regress_event_trigger2; @@ -141,9 +141,7 @@ ERROR: event trigger "regress_event_trigger" does not exist -- should fail, regress_evt_user owns some objects drop role regress_evt_user; ERROR: role "regress_evt_user" cannot be dropped because some objects depend on it -DETAIL: owner of event trigger regress_event_trigger3 -owner of default privileges on new relations belonging to role regress_evt_user -owner of user mapping for regress_evt_user on server useless_server +DETAIL: owner of default privileges on new relations belonging to role regress_evt_user -- cleanup before next test -- these are all OK; the second one should emit a NOTICE drop event trigger if exists regress_event_trigger2; @@ -243,51 +241,18 @@ drop cascades to function schema_two.newton(integer) drop cascades to table schema_one.table_one drop cascades to table schema_one."table two" drop cascades to table schema_one.table_three -NOTICE: table "schema_two_table_two" does not exist, skipping -NOTICE: table "audit_tbls_schema_two_table_three" does not exist, skipping -ERROR: object audit_tbls.schema_two_table_three of type table cannot be dropped -CONTEXT: PL/pgSQL function undroppable() line 14 at RAISE -SQL statement "DROP TABLE IF EXISTS audit_tbls.schema_two_table_three" -PL/pgSQL function test_evtrig_dropped_objects() line 8 at EXECUTE DELETE FROM undroppable_objs WHERE object_identity = 'audit_tbls.schema_two_table_three'; DROP SCHEMA schema_one, schema_two CASCADE; -NOTICE: drop cascades to 7 other objects -DETAIL: drop cascades to table schema_two.table_two -drop cascades to table schema_two.table_three -drop cascades to function schema_two.add(integer,integer) -drop cascades to function schema_two.newton(integer) -drop cascades to table schema_one.table_one -drop cascades to table schema_one."table two" -drop cascades to table schema_one.table_three -NOTICE: table "schema_two_table_two" does not exist, skipping -NOTICE: table "audit_tbls_schema_two_table_three" does not exist, skipping -NOTICE: table "schema_one_table_one" does not exist, skipping -NOTICE: table "schema_one_table two" does not exist, skipping -NOTICE: table "schema_one_table_three" does not exist, skipping -ERROR: object schema_one.table_three of type table cannot be dropped -CONTEXT: PL/pgSQL function undroppable() line 14 at RAISE +ERROR: schema "schema_one" does not exist DELETE FROM undroppable_objs WHERE object_identity = 'schema_one.table_three'; DROP SCHEMA schema_one, schema_two CASCADE; -NOTICE: drop cascades to 7 other objects -DETAIL: drop cascades to table schema_two.table_two -drop cascades to table schema_two.table_three -drop cascades to function schema_two.add(integer,integer) -drop cascades to function schema_two.newton(integer) -drop cascades to table schema_one.table_one -drop cascades to table schema_one."table two" -drop cascades to table schema_one.table_three -NOTICE: table "schema_two_table_two" does not exist, skipping -NOTICE: table "audit_tbls_schema_two_table_three" does not exist, skipping -NOTICE: table "schema_one_table_one" does not exist, skipping -NOTICE: table "schema_one_table two" does not exist, skipping -NOTICE: table "schema_one_table_three" does not exist, skipping +ERROR: schema "schema_one" does not exist SELECT * FROM dropped_objects WHERE schema IS NULL OR schema <> 'pg_toast'; type | schema | object ------+--------+-------- (0 rows) DROP OWNED BY regress_evt_user; -NOTICE: schema "audit_tbls" does not exist, skipping SELECT * FROM dropped_objects WHERE type = 'schema'; type | schema | object ------+--------+-------- @@ -349,11 +314,7 @@ create table rewriteme (id serial primary key, foo float); insert into rewriteme select x * 1.001 from generate_series(1, 500) as t(x); alter table rewriteme alter column foo type numeric; -ERROR: rewrites not allowed -CONTEXT: PL/pgSQL function test_evtrig_no_rewrite() line 3 at RAISE alter table rewriteme add column baz int default 0; -ERROR: rewrites not allowed -CONTEXT: PL/pgSQL function test_evtrig_no_rewrite() line 3 at RAISE -- test with more than one reason to rewrite a single table CREATE OR REPLACE FUNCTION test_evtrig_no_rewrite() RETURNS event_trigger LANGUAGE plpgsql AS $$ diff --git a/src/test/regress/expected/object_address.out b/src/test/regress/expected/object_address.out index 77450ba3df..e82d8f84fb 100644 --- a/src/test/regress/expected/object_address.out +++ b/src/test/regress/expected/object_address.out @@ -39,11 +39,11 @@ CREATE POLICY genpol ON addr_nsp.gentable; CREATE SERVER "integer" FOREIGN DATA WRAPPER addr_fdw; ERROR: Postgres-XL does not support SERVER yet DETAIL: The feature is not currently supported -CREATE USER MAPPING FOR regtest_addr_user SERVER "integer"; +CREATE USER MAPPING FOR regress_addr_user SERVER "integer"; ERROR: Postgres-XL does not support USER MAPPING yet DETAIL: The feature is not currently supported -ALTER DEFAULT PRIVILEGES FOR ROLE regtest_addr_user IN SCHEMA public GRANT ALL ON TABLES TO regtest_addr_user; -ALTER DEFAULT PRIVILEGES FOR ROLE regtest_addr_user REVOKE DELETE ON TABLES FROM regtest_addr_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_addr_user IN SCHEMA public GRANT ALL ON TABLES TO regress_addr_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_addr_user REVOKE DELETE ON TABLES FROM regress_addr_user; CREATE TRANSFORM FOR int LANGUAGE SQL ( FROM SQL WITH FUNCTION varchar_transform(internal), TO SQL WITH FUNCTION int4recv(internal)); diff --git a/src/test/regress/expected/roleattributes.out b/src/test/regress/expected/roleattributes.out index f26ddff419..570aa5f834 100644 --- a/src/test/regress/expected/roleattributes.out +++ b/src/test/regress/expected/roleattributes.out @@ -1,239 +1,4 @@ -- default for superuser is false -CREATE ROLE test_def_superuser; -SELECT * FROM pg_authid WHERE rolname = 'test_def_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_superuser | f | t | f | f | f | f | f | -1 | | -(1 row) - -CREATE ROLE test_superuser WITH SUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_superuser | t | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_superuser WITH NOSUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_superuser | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_superuser WITH SUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_superuser | t | t | f | f | f | f | f | -1 | | -(1 row) - --- default for inherit is true -CREATE ROLE test_def_inherit; -SELECT * FROM pg_authid WHERE rolname = 'test_def_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_inherit | f | t | f | f | f | f | f | -1 | | -(1 row) - -CREATE ROLE test_inherit WITH NOINHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_inherit | f | f | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_inherit WITH INHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_inherit | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_inherit WITH NOINHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_inherit | f | f | f | f | f | f | f | -1 | | -(1 row) - --- default for create role is false -CREATE ROLE test_def_createrole; -SELECT * FROM pg_authid WHERE rolname = 'test_def_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_createrole | f | t | f | f | f | f | f | -1 | | -(1 row) - -CREATE ROLE test_createrole WITH CREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createrole | f | t | t | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_createrole WITH NOCREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createrole | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_createrole WITH CREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createrole | f | t | t | f | f | f | f | -1 | | -(1 row) - --- default for create database is false -CREATE ROLE test_def_createdb; -SELECT * FROM pg_authid WHERE rolname = 'test_def_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil --------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_createdb | f | t | f | f | f | f | f | -1 | | -(1 row) - -CREATE ROLE test_createdb WITH CREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createdb | f | t | f | t | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_createdb WITH NOCREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createdb | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_createdb WITH CREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createdb | f | t | f | t | f | f | f | -1 | | -(1 row) - --- default for can login is false for role -CREATE ROLE test_def_role_canlogin; -SELECT * FROM pg_authid WHERE rolname = 'test_def_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_role_canlogin | f | t | f | f | f | f | f | -1 | | -(1 row) - -CREATE ROLE test_role_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_role_canlogin | f | t | f | f | t | f | f | -1 | | -(1 row) - -ALTER ROLE test_role_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_role_canlogin | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_role_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_role_canlogin | f | t | f | f | t | f | f | -1 | | -(1 row) - --- default for can login is true for user -CREATE USER test_def_user_canlogin; -SELECT * FROM pg_authid WHERE rolname = 'test_def_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_user_canlogin | f | t | f | f | t | f | f | -1 | | -(1 row) - -CREATE USER test_user_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_user_canlogin | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER USER test_user_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_user_canlogin | f | t | f | f | t | f | f | -1 | | -(1 row) - -ALTER USER test_user_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_user_canlogin | f | t | f | f | f | f | f | -1 | | -(1 row) - --- default for replication is false -CREATE ROLE test_def_replication; -SELECT * FROM pg_authid WHERE rolname = 'test_def_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_replication | f | t | f | f | f | f | f | -1 | | -(1 row) - -CREATE ROLE test_replication WITH REPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_replication | f | t | f | f | f | t | f | -1 | | -(1 row) - -ALTER ROLE test_replication WITH NOREPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_replication | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_replication WITH REPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_replication | f | t | f | f | f | t | f | -1 | | -(1 row) - --- default for bypassrls is false -CREATE ROLE test_def_bypassrls; -SELECT * FROM pg_authid WHERE rolname = 'test_def_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_bypassrls | f | t | f | f | f | f | f | -1 | | -(1 row) - -CREATE ROLE test_bypassrls WITH BYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_bypassrls | f | t | f | f | f | f | t | -1 | | -(1 row) - -ALTER ROLE test_bypassrls WITH NOBYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_bypassrls | f | t | f | f | f | f | f | -1 | | -(1 row) - -ALTER ROLE test_bypassrls WITH BYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_bypassrls | f | t | f | f | f | f | t | -1 | | -(1 row) - --- remove the one role with LOGIN rights -DROP ROLE test_role_canlogin; --- other roles not removed to test pg_dumpall role dump through --- pg_upgrade CREATE ROLE regress_test_def_superuser; SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_superuser'; rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil diff --git a/src/test/regress/expected/rolenames.out b/src/test/regress/expected/rolenames.out index 40295b2ecc..d973647e10 100644 --- a/src/test/regress/expected/rolenames.out +++ b/src/test/regress/expected/rolenames.out @@ -665,7 +665,7 @@ DETAIL: The feature is not currently supported CREATE USER MAPPING FOR "Public" SERVER sv7 OPTIONS (user '"Public"'); ERROR: Postgres-XL does not support USER MAPPING yet DETAIL: The feature is not currently supported -CREATE USER MAPPING FOR testrolx SERVER sv8 OPTIONS (user 'testrolx'); +CREATE USER MAPPING FOR regress_testrolx SERVER sv8 OPTIONS (user 'regress_testrolx'); ERROR: Postgres-XL does not support USER MAPPING yet DETAIL: The feature is not currently supported CREATE USER MAPPING FOR CURRENT_ROLE SERVER sv9 @@ -704,8 +704,8 @@ ERROR: server "sv6" does not exist ALTER USER MAPPING FOR "Public" SERVER sv7 OPTIONS (SET user '"Public"_alt'); ERROR: server "sv7" does not exist -ALTER USER MAPPING FOR testrolx SERVER sv8 - OPTIONS (SET user 'testrolx_alt'); +ALTER USER MAPPING FOR regress_testrolx SERVER sv8 + OPTIONS (SET user 'regress_testrolx_alt'); ERROR: server "sv8" does not exist ALTER USER MAPPING FOR CURRENT_ROLE SERVER sv9 OPTIONS (SET user 'CURRENT_ROLE_alt'); @@ -735,7 +735,7 @@ DROP USER MAPPING FOR PUBLIC SERVER sv6; ERROR: server "sv6" does not exist DROP USER MAPPING FOR "Public" SERVER sv7; ERROR: server "sv7" does not exist -DROP USER MAPPING FOR testrolx SERVER sv8; +DROP USER MAPPING FOR regress_testrolx SERVER sv8; ERROR: server "sv8" does not exist DROP USER MAPPING FOR CURRENT_ROLE SERVER sv9; -- error ERROR: syntax error at or near "CURRENT_ROLE" @@ -769,7 +769,7 @@ DETAIL: The feature is not currently supported CREATE USER MAPPING FOR "Public" SERVER sv7 OPTIONS (user '"Public"'); ERROR: Postgres-XL does not support USER MAPPING yet DETAIL: The feature is not currently supported -CREATE USER MAPPING FOR testrolx SERVER sv8 OPTIONS (user 'testrolx'); +CREATE USER MAPPING FOR regress_testrolx SERVER sv8 OPTIONS (user 'regress_testrolx'); ERROR: Postgres-XL does not support USER MAPPING yet DETAIL: The feature is not currently supported SELECT * FROM chkumapping(); @@ -827,7 +827,7 @@ SELECT * FROM chkumapping(); --------+----------+----------- (0 rows) -DROP USER MAPPING IF EXISTS FOR testrolx SERVER sv8; +DROP USER MAPPING IF EXISTS FOR regress_testrolx SERVER sv8; NOTICE: server does not exist, skipping SELECT * FROM chkumapping(); umname | umserver | umoptions diff --git a/src/test/regress/expected/rowsecurity.out b/src/test/regress/expected/rowsecurity.out index 16a2eda3c9..d8b5609fc4 100644 --- a/src/test/regress/expected/rowsecurity.out +++ b/src/test/regress/expected/rowsecurity.out @@ -41,6 +41,10 @@ INSERT INTO uaccount VALUES ('regress_rls_bob', 1), ('regress_rls_carol', 2), ('regress_rls_dave', 3); +-- PGXL +-- Distribute by replication so that "document" table below can reference "cid" +-- column +-- CREATE TABLE category ( cid int primary key, cname text @@ -2071,8 +2075,8 @@ GRANT SELECT ON t1 TO regress_rls_bob, regress_rls_carol; CREATE POLICY p1 ON t1 TO regress_rls_bob USING ((a % 2) = 0); CREATE POLICY p2 ON t1 TO regress_rls_carol USING ((a % 4) = 0); ALTER TABLE t1 ENABLE ROW LEVEL SECURITY; --- Prepare as rls_regress_user1 -SET ROLE rls_regress_user1; +-- Prepare as regress_rls_bob +SET ROLE regress_rls_bob; PREPARE role_inval AS SELECT * FROM t1; -- Check plan EXPLAIN (COSTS OFF) EXECUTE role_inval; @@ -2084,8 +2088,8 @@ EXPLAIN (COSTS OFF) EXECUTE role_inval; Filter: ((a % 2) = 0) (4 rows) --- Change to rls_regress_user2 -SET ROLE rls_regress_user2; +-- Change to regress_rls_carol +SET ROLE regress_rls_carol; -- Check plan- should be different EXPLAIN (COSTS OFF) EXECUTE role_inval; QUERY PLAN @@ -2096,8 +2100,8 @@ EXPLAIN (COSTS OFF) EXECUTE role_inval; Filter: ((a % 4) = 0) (4 rows) --- Change back to rls_regress_user1 -SET ROLE rls_regress_user1; +-- Change back to regress_rls_bob +SET ROLE regress_rls_bob; -- Check plan- should be back to original EXPLAIN (COSTS OFF) EXECUTE role_inval; QUERY PLAN @@ -2108,16 +2112,6 @@ EXPLAIN (COSTS OFF) EXECUTE role_inval; Filter: ((a % 2) = 0) (4 rows) --- Change back to regress_rls_bob -SET ROLE regress_rls_bob; --- Check plan- should be back to original -EXPLAIN (COSTS OFF) EXECUTE role_inval; - QUERY PLAN -------------------------- - Seq Scan on t1 - Filter: ((a % 2) = 0) -(2 rows) - -- -- CTE and RLS -- @@ -2571,16 +2565,12 @@ COPY copy_t FROM STDIN; --fail - would be affected by RLS. ERROR: query would be affected by row-level security policy for table "copy_t" SET row_security TO ON; COPY copy_t FROM STDIN; --fail - COPY FROM not supported by RLS. -ERROR: COPY FROM not supported with row level security. -HINT: Use direct INSERT statements instead. --- Check COPY TO as user with permissions and BYPASSRLS -SET SESSION AUTHORIZATION rls_regress_exempt_user; -SET row_security TO OFF; -COPY copy_t FROM STDIN; --ok +ERROR: COPY FROM not supported with row-level security +HINT: Use INSERT statements instead. +-- Check COPY FROM as user with permissions and BYPASSRLS +SET SESSION AUTHORIZATION regress_rls_exempt_user; SET row_security TO ON; -COPY copy_t FROM STDIN; --fail - COPY FROM not supported by RLS. -ERROR: COPY FROM not supported with row level security. -HINT: Use direct INSERT statements instead. +COPY copy_t FROM STDIN; --ok -- Check COPY FROM as user without permissions. SET SESSION AUTHORIZATION regress_rls_carol; SET row_security TO OFF; @@ -2593,25 +2583,25 @@ RESET SESSION AUTHORIZATION; DROP TABLE copy_t; DROP TABLE copy_rel_to CASCADE; -- Check WHERE CURRENT OF -SET SESSION AUTHORIZATION rls_regress_user0; +SET SESSION AUTHORIZATION regress_rls_alice; CREATE TABLE current_check (currentid int, payload text, rlsuser text); GRANT ALL ON current_check TO PUBLIC; INSERT INTO current_check VALUES - (1, 'abc', 'rls_regress_user1'), - (2, 'bcd', 'rls_regress_user1'), - (3, 'cde', 'rls_regress_user1'), - (4, 'def', 'rls_regress_user1'); + (1, 'abc', 'regress_rls_bob'), + (2, 'bcd', 'regress_rls_bob'), + (3, 'cde', 'regress_rls_bob'), + (4, 'def', 'regress_rls_bob'); CREATE POLICY p1 ON current_check FOR SELECT USING (currentid % 2 = 0); CREATE POLICY p2 ON current_check FOR DELETE USING (currentid = 4 AND rlsuser = current_user); CREATE POLICY p3 ON current_check FOR UPDATE USING (currentid = 4) WITH CHECK (rlsuser = current_user); ALTER TABLE current_check ENABLE ROW LEVEL SECURITY; -SET SESSION AUTHORIZATION rls_regress_user1; +SET SESSION AUTHORIZATION regress_rls_bob; -- Can SELECT even rows SELECT * FROM current_check; - currentid | payload | rlsuser ------------+---------+------------------- - 2 | bcd | rls_regress_user1 - 4 | def | rls_regress_user1 + currentid | payload | rlsuser +-----------+---------+----------------- + 2 | bcd | regress_rls_bob + 4 | def | regress_rls_bob (2 rows) -- Cannot UPDATE row 2 @@ -2659,40 +2649,39 @@ COMMIT; -- check pg_stats view filtering -- SET row_security TO ON; -SET SESSION AUTHORIZATION rls_regress_user0; +SET SESSION AUTHORIZATION regress_rls_alice; ANALYZE current_check; -- Stats visible SELECT row_security_active('current_check'); -ERROR: function row_security_active(unknown) does not exist -LINE 1: SELECT row_security_active('current_check'); - ^ -HINT: No function matches the given name and argument types. You might need to add explicit type casts. + row_security_active +--------------------- + f +(1 row) + SELECT attname, most_common_vals FROM pg_stats WHERE tablename = 'current_check' ORDER BY 1; - attname | most_common_vals ------------+-------------------------------------- + attname | most_common_vals +-----------+------------------------------------ currentid | payload | - rlsuser | (pg_catalog.text){rls_regress_user1} + rlsuser | (pg_catalog.text){regress_rls_bob} (3 rows) -SET SESSION AUTHORIZATION rls_regress_user1; +SET SESSION AUTHORIZATION regress_rls_bob; -- Stats not visible SELECT row_security_active('current_check'); -ERROR: function row_security_active(unknown) does not exist -LINE 1: SELECT row_security_active('current_check'); - ^ -HINT: No function matches the given name and argument types. You might need to add explicit type casts. + row_security_active +--------------------- + t +(1 row) + SELECT attname, most_common_vals FROM pg_stats WHERE tablename = 'current_check' ORDER BY 1; - attname | most_common_vals ------------+-------------------------------------- - currentid | - payload | - rlsuser | (pg_catalog.text){rls_regress_user1} -(3 rows) + attname | most_common_vals +---------+------------------ +(0 rows) -- -- Collation support @@ -2701,28 +2690,31 @@ BEGIN; CREATE TABLE coll_t (c) AS VALUES ('bar'::text); CREATE POLICY coll_p ON coll_t USING (c < ('foo'::text COLLATE "C")); ALTER TABLE coll_t ENABLE ROW LEVEL SECURITY; -GRANT SELECT ON coll_t TO rls_regress_user0; +GRANT SELECT ON coll_t TO regress_rls_alice; SELECT (string_to_array(polqual, ':'))[7] AS inputcollid FROM pg_policy WHERE polrelid = 'coll_t'::regclass; - inputcollid ----------------- - inputcollid 0 + inputcollid +------------------ + inputcollid 950 (1 row) -SET SESSION AUTHORIZATION rls_regress_user0; +SET SESSION AUTHORIZATION regress_rls_alice; SELECT * FROM coll_t; -ERROR: could not determine which collation to use for string comparison -HINT: Use the COLLATE clause to set the collation explicitly. + c +----- + bar +(1 row) + ROLLBACK; -- -- Shared Object Dependencies -- RESET SESSION AUTHORIZATION; BEGIN; -CREATE ROLE alice; -CREATE ROLE bob; +CREATE ROLE regress_rls_eve; +CREATE ROLE regress_rls_frank; CREATE TABLE tbl1 (c) AS VALUES ('bar'::text); -GRANT SELECT ON TABLE tbl1 TO alice; -CREATE POLICY P ON tbl1 TO alice, bob USING (true); +GRANT SELECT ON TABLE tbl1 TO regress_rls_eve; +CREATE POLICY P ON tbl1 TO regress_rls_eve, regress_rls_frank USING (true); SELECT refclassid::regclass, deptype FROM pg_depend WHERE classid = 'pg_policy'::regclass @@ -2735,10 +2727,12 @@ SELECT refclassid::regclass, deptype SELECT refclassid::regclass, deptype FROM pg_shdepend WHERE classid = 'pg_policy'::regclass - AND refobjid IN ('alice'::regrole, 'bob'::regrole); + AND refobjid IN ('regress_rls_eve'::regrole, 'regress_rls_frank'::regrole); refclassid | deptype ------------+--------- -(0 rows) + pg_authid | r + pg_authid | r +(2 rows) SAVEPOINT q; ERROR: SAVEPOINT is not yet supported. @@ -2812,17 +2806,17 @@ ROLLBACK; BEGIN; CREATE TABLE t (c) AS VALUES ('bar'::text); CREATE POLICY p ON t USING (max(c)); -- fails: aggregate functions are not allowed in policy expressions -ERROR: aggregate functions are not allowed in WHERE +ERROR: aggregate functions are not allowed in policy expressions ROLLBACK; -- -- Non-target relations are only subject to SELECT policies -- -SET SESSION AUTHORIZATION rls_regress_user0; +SET SESSION AUTHORIZATION regress_rls_alice; CREATE TABLE r1 (a int); CREATE TABLE r2 (a int); INSERT INTO r1 VALUES (10), (20); INSERT INTO r2 VALUES (10), (20); -GRANT ALL ON r1, r2 TO rls_regress_user1; +GRANT ALL ON r1, r2 TO regress_rls_bob; CREATE POLICY p1 ON r1 USING (true); ALTER TABLE r1 ENABLE ROW LEVEL SECURITY; CREATE POLICY p1 ON r2 FOR SELECT USING (true); @@ -2830,7 +2824,7 @@ CREATE POLICY p2 ON r2 FOR INSERT WITH CHECK (false); CREATE POLICY p3 ON r2 FOR UPDATE USING (false); CREATE POLICY p4 ON r2 FOR DELETE USING (false); ALTER TABLE r2 ENABLE ROW LEVEL SECURITY; -SET SESSION AUTHORIZATION rls_regress_user1; +SET SESSION AUTHORIZATION regress_rls_bob; SELECT * FROM r1; a ---- @@ -2847,7 +2841,7 @@ SELECT * FROM r2; -- r2 is read-only INSERT INTO r2 VALUES (2); -- Not allowed -ERROR: new row violates row level security policy for "r2" +ERROR: new row violates row-level security policy for table "r2" UPDATE r2 SET a = 2 RETURNING *; -- Updates nothing ERROR: could not plan this distributed update DETAIL: correlated UPDATE or updating distribution column currently not supported in Postgres-XL. @@ -2888,7 +2882,7 @@ SELECT * FROM r2; 20 (2 rows) -SET SESSION AUTHORIZATION rls_regress_user0; +SET SESSION AUTHORIZATION regress_rls_alice; DROP TABLE r1; DROP TABLE r2; -- @@ -3155,15 +3149,15 @@ RESET SESSION AUTHORIZATION; SET client_min_messages TO 'warning'; DROP SCHEMA regress_rls_schema CASCADE; RESET client_min_messages; -DROP USER rls_regress_user0; -DROP USER rls_regress_user1; -DROP USER rls_regress_user2; -DROP USER rls_regress_exempt_user; -DROP ROLE rls_regress_group1; -DROP ROLE rls_regress_group2; +DROP USER regress_rls_alice; +DROP USER regress_rls_bob; +DROP USER regress_rls_carol; +DROP USER regress_rls_exempt_user; +DROP ROLE regress_rls_group1; +DROP ROLE regress_rls_group2; -- Arrange to have a few policies left over, for testing -- pg_dump/pg_restore -CREATE SCHEMA rls_regress_schema; +CREATE SCHEMA regress_rls_schema; CREATE TABLE rls_tbl (c1 int); ALTER TABLE rls_tbl ENABLE ROW LEVEL SECURITY; CREATE POLICY p1 ON rls_tbl USING (c1 > 5);