Don't fail reading policy_urls as non-superuser

Have to access the value directly for internal purposes, as
GetConfigOption will honor the GUC_SUPERUSER_ONLY on it.

Add tests as non-superuser to the Travis and AppVeyor configs.
Not having any was an oversight.

In passing, try adding PG 13 and Java 15 to the Travis and AppVeyor
builds. I have not otherwise checked whether those are available
yet in those services. This should be a way to find out.

Author: jcflack

.travis.yml

@@ -6,6 +6,10 @@ arch:
   - ppc64le
 dist: bionic
 env:
+  - POSTGRESQL_VERSION: 13
+    JAVA_VERSION: 15
+    JVM_IMPL: hotspot
+    MVN_VERSION: 3.5.2
   - POSTGRESQL_VERSION: 12
     JAVA_VERSION: 14
     JVM_IMPL: hotspot
@@ -153,6 +157,7 @@ script: |
 
   import static java.nio.file.Paths.get
   import java.sql.Connection
+  import java.sql.ResultSet
   import org.postgresql.pljava.packaging.Node
   import static org.postgresql.pljava.packaging.Node.q
   import static org.postgresql.pljava.packaging.Node.stateMachine
@@ -267,6 +272,41 @@ script: |
         (o,p,q) -> null == o
       );
     }
+
+    /*
+     * Get another new connection and make sure the extension can be loaded
+     * in a non-superuser session.
+     */
+    try ( Connection c = n1.connect() )
+    {
+      succeeding &= stateMachine(
+        "become non-superuser",
+        null,
+
+        q(c,
+          "CREATE ROLE alice;" +
+          "GRANT USAGE ON SCHEMA sqlj TO alice;" +
+          "SET SESSION AUTHORIZATION alice")
+        .flatMap(Node::semiFlattenDiagnostics)
+        .peek(Node::peek),
+
+        (o,p,q) -> isDiagnostic(o, Set.of("error")) ? 1 : -2,
+        (o,p,q) -> null == o
+      );
+
+      succeeding &= stateMachine(
+        "load as non-superuser",
+        null,
+
+        q(c, "SELECT null::pg_catalog.void FROM sqlj.get_classpath('public')")
+        .flatMap(Node::semiFlattenDiagnostics)
+        .peek(Node::peek),
+
+        (o,p,q) -> isDiagnostic(o, Set.of("error")) ? 1 : -2,
+        (o,p,q) -> isVoidResultSet(o, 1, 1) ? 3 : false,
+        (o,p,q) -> null == o
+      );
+    }
   } catch ( Throwable t )
   {
     succeeding = false;

appveyor.yml

@@ -10,17 +10,23 @@ environment:
       JDK: 10
       PG: 12
     - SYS: MINGW
-      JDK: 14
-      PG: 12
-    - SYS: MINGW
-      JDK: 13
+      JDK: 11
       PG: 12
     - SYS: MINGW
       JDK: 12
       PG: 12
     - SYS: MINGW
-      JDK: 11
+      JDK: 13
       PG: 12
+    - SYS: MINGW
+      JDK: 14
+      PG: 13
+    - SYS: MINGW
+      JDK: 15
+      PG: 13
+    - SYS: MSVC
+      JDK: 15
+      PG: 13
     - SYS: MSVC
       JDK: 14
       PG: 12
@@ -84,6 +90,7 @@ test_script:
 
       import static java.nio.file.Paths.get
       import java.sql.Connection
+      import java.sql.ResultSet
       import org.postgresql.pljava.packaging.Node
       import static org.postgresql.pljava.packaging.Node.q
       import static org.postgresql.pljava.packaging.Node.stateMachine
@@ -205,6 +212,42 @@ test_script:
             (o,p,q) -> null == o
           );
         }
+
+        /*
+         * Get another new connection and make sure the extension can be loaded
+         * in a non-superuser session.
+         */
+        try ( Connection c = n1.connect() )
+        {
+          succeeding &= stateMachine(
+            "become non-superuser",
+            null,
+
+            q(c,
+              "CREATE ROLE alice;" +
+              "GRANT USAGE ON SCHEMA sqlj TO alice;" +
+              "SET SESSION AUTHORIZATION alice")
+            .flatMap(Node::semiFlattenDiagnostics)
+            .peek(Node::peek),
+
+            (o,p,q) -> isDiagnostic(o, Set.of("error")) ? 1 : -2,
+            (o,p,q) -> null == o
+          );
+
+          succeeding &= stateMachine(
+            "load as non-superuser",
+            null,
+
+            q(c,
+              "SELECT null::pg_catalog.void FROM sqlj.get_classpath('public')")
+            .flatMap(Node::semiFlattenDiagnostics)
+            .peek(Node::peek),
+
+            (o,p,q) -> isDiagnostic(o, Set.of("error")) ? 1 : -2,
+            (o,p,q) -> isVoidResultSet(o, 1, 1) ? 3 : false,
+            (o,p,q) -> null == o
+          );
+        }
       } catch ( Throwable t )
       {
         succeeding = false;

pljava-so/src/main/c/Backend.c

@@ -208,6 +208,7 @@ static bool seenVisualVMName;
 static bool seenModuleMain;
 static char const visualVMprefix[] = "-Dvisualvm.display.name=";
 static char const moduleMainPrefix[] = "-Djdk.module.main=";
+static char const policyUrlsGUC[] = "pljava.policy_urls";
 
 /*
  * In a background worker, _PG_init may be called very early, before much of
@@ -1648,7 +1649,7 @@ static void registerGUCOptions(void)
 		NULL); /* show hook */
 
 	STRING_GUC(
-		"pljava.policy_urls",
+		policyUrlsGUC,
 		"URLs to Java security policy file(s) for PL/Java's use",
 		"Quote each URL and separate with commas. Any URL may begin (inside "
 		"the quotes) with n= where n is the index of the Java "
@@ -1923,7 +1924,11 @@ JNICALL Java_org_postgresql_pljava_internal_Backend__1getConfigOption(JNIEnv* en
 	{
 		PG_TRY();
 		{
-			const char *value = PG_GETCONFIGOPTION(key);
+			const char *value;
+			if ( 0 == strcmp(policyUrlsGUC, key) )
+				value = policy_urls;
+			else
+				value = PG_GETCONFIGOPTION(key);
 			pfree(key);
 			if(value != 0)
 				result = String_createJavaStringFromNTS(value);