diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2016-07-17 18:42:31 -0400 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2016-07-17 18:42:43 -0400 |
| commit | 18555b1323bd225c7882e80723c52f25ce60afed (patch) | |
| tree | 6913712a47c4bd2de14b86b2366c6eb728a109c0 /src/test | |
| parent | 7482fc4600ee97f8b2570e87b8c216a83b918065 (diff) | |
| download | postgresql-18555b1323bd225c7882e80723c52f25ce60afed.tar.gz postgresql-18555b1323bd225c7882e80723c52f25ce60afed.zip | |
Establish conventions about global object names used in regression tests.
To ensure that "make installcheck" can be used safely against an existing
installation, we need to be careful about what global object names
(database, role, and tablespace names) we use; otherwise we might
accidentally clobber important objects. There's been a weak consensus that
test databases should have names including "regression", and that test role
names should start with "regress_", but we didn't have any particular rule
about tablespace names; and neither of the other rules was followed with
any consistency either.
This commit moves us a long way towards having a hard-and-fast rule that
regression test databases must have names including "regression", and that
test role and tablespace names must start with "regress_". It's not
completely there because I did not touch some test cases in rolenames.sql
that test creation of special role names like "session_user". That will
require some rethinking of exactly what we want to test, whereas the intent
of this patch is just to hit all the cases in which the needed renamings
are cosmetic.
There is no enforcement mechanism in this patch either, but if we don't
add one we can expect that the tests will soon be violating the convention
again. Again, that's not such a cosmetic change and it will require
discussion. (But I did use a quick-hack enforcement patch to find these
cases.)
Discussion: <16638.1468620817@sss.pgh.pa.us>
Diffstat (limited to 'src/test')
55 files changed, 2372 insertions, 2370 deletions
diff --git a/src/test/isolation/isolation_main.c b/src/test/isolation/isolation_main.c index 7a51cc1656c..a0bd92f3747 100644 --- a/src/test/isolation/isolation_main.c +++ b/src/test/isolation/isolation_main.c @@ -118,7 +118,7 @@ isolation_init(int argc, char **argv) } /* set default regression database name */ - add_stringlist_item(&dblist, "isolationtest"); + add_stringlist_item(&dblist, "isolation_regression"); } int diff --git a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out index 26911729d26..9c0c9cd815b 100644 --- a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out +++ b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out @@ -4,25 +4,22 @@ CREATE EXTENSION dummy_seclabel; -- initial setups SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS dummy_seclabel_user1; -DROP ROLE IF EXISTS dummy_seclabel_user2; -DROP TABLE IF EXISTS dummy_seclabel_tbl1; -DROP TABLE IF EXISTS dummy_seclabel_tbl2; -DROP TABLE IF EXISTS dummy_seclabel_tbl3; -CREATE USER dummy_seclabel_user1 WITH CREATEROLE; -CREATE USER dummy_seclabel_user2; +DROP ROLE IF EXISTS regress_dummy_seclabel_user1; +DROP ROLE IF EXISTS regress_dummy_seclabel_user2; +RESET client_min_messages; +CREATE USER regress_dummy_seclabel_user1 WITH CREATEROLE; +CREATE USER regress_dummy_seclabel_user2; CREATE TABLE dummy_seclabel_tbl1 (a int, b text); CREATE TABLE dummy_seclabel_tbl2 (x int, y text); CREATE VIEW dummy_seclabel_view1 AS SELECT * FROM dummy_seclabel_tbl2; CREATE FUNCTION dummy_seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql; CREATE DOMAIN dummy_seclabel_domain AS text; -ALTER TABLE dummy_seclabel_tbl1 OWNER TO dummy_seclabel_user1; -ALTER TABLE dummy_seclabel_tbl2 OWNER TO dummy_seclabel_user2; -RESET client_min_messages; +ALTER TABLE dummy_seclabel_tbl1 OWNER TO regress_dummy_seclabel_user1; +ALTER TABLE dummy_seclabel_tbl2 OWNER TO regress_dummy_seclabel_user2; -- -- Test of SECURITY LABEL statement with a plugin -- -SET SESSION AUTHORIZATION dummy_seclabel_user1; +SET SESSION AUTHORIZATION regress_dummy_seclabel_user1; SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN dummy_seclabel_tbl1.a IS 'unclassified'; -- OK SECURITY LABEL ON COLUMN dummy_seclabel_tbl1 IS 'unclassified'; -- fail @@ -38,26 +35,26 @@ SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret'; -- fail (not superuser ERROR: only superuser can set 'secret' label SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified'; -- fail (not found) ERROR: relation "dummy_seclabel_tbl3" does not exist -SET SESSION AUTHORIZATION dummy_seclabel_user2; +SET SESSION AUTHORIZATION regress_dummy_seclabel_user2; SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified'; -- fail ERROR: must be owner of relation dummy_seclabel_tbl1 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified'; -- OK -- -- Test for shared database object -- -SET SESSION AUTHORIZATION dummy_seclabel_user1; -SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'classified'; -- OK -SECURITY LABEL ON ROLE dummy_seclabel_user1 IS '...invalid label...'; -- fail +SET SESSION AUTHORIZATION regress_dummy_seclabel_user1; +SECURITY LABEL ON ROLE regress_dummy_seclabel_user1 IS 'classified'; -- OK +SECURITY LABEL ON ROLE regress_dummy_seclabel_user1 IS '...invalid label...'; -- fail ERROR: '...invalid label...' is not a valid security label -SECURITY LABEL FOR 'dummy' ON ROLE dummy_seclabel_user2 IS 'unclassified'; -- OK -SECURITY LABEL FOR 'unknown_seclabel' ON ROLE dummy_seclabel_user1 IS 'unclassified'; -- fail +SECURITY LABEL FOR 'dummy' ON ROLE regress_dummy_seclabel_user2 IS 'unclassified'; -- OK +SECURITY LABEL FOR 'unknown_seclabel' ON ROLE regress_dummy_seclabel_user1 IS 'unclassified'; -- fail ERROR: security label provider "unknown_seclabel" is not loaded -SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'secret'; -- fail (not superuser) +SECURITY LABEL ON ROLE regress_dummy_seclabel_user1 IS 'secret'; -- fail (not superuser) ERROR: only superuser can set 'secret' label -SECURITY LABEL ON ROLE dummy_seclabel_user3 IS 'unclassified'; -- fail (not found) -ERROR: role "dummy_seclabel_user3" does not exist -SET SESSION AUTHORIZATION dummy_seclabel_user2; -SECURITY LABEL ON ROLE dummy_seclabel_user2 IS 'unclassified'; -- fail (not privileged) +SECURITY LABEL ON ROLE regress_dummy_seclabel_user3 IS 'unclassified'; -- fail (not found) +ERROR: role "regress_dummy_seclabel_user3" does not exist +SET SESSION AUTHORIZATION regress_dummy_seclabel_user2; +SECURITY LABEL ON ROLE regress_dummy_seclabel_user2 IS 'unclassified'; -- fail (not privileged) ERROR: must have CREATEROLE privilege RESET SESSION AUTHORIZATION; -- @@ -72,17 +69,17 @@ CREATE SCHEMA dummy_seclabel_test; SECURITY LABEL ON SCHEMA dummy_seclabel_test IS 'unclassified'; -- OK SELECT objtype, objname, provider, label FROM pg_seclabels ORDER BY objtype, objname; - objtype | objname | provider | label -----------+-----------------------+----------+-------------- - column | dummy_seclabel_tbl1.a | dummy | unclassified - domain | dummy_seclabel_domain | dummy | classified - function | dummy_seclabel_four() | dummy | classified - role | dummy_seclabel_user1 | dummy | classified - role | dummy_seclabel_user2 | dummy | unclassified - schema | dummy_seclabel_test | dummy | unclassified - table | dummy_seclabel_tbl1 | dummy | top secret - table | dummy_seclabel_tbl2 | dummy | classified - view | dummy_seclabel_view1 | dummy | classified + objtype | objname | provider | label +----------+------------------------------+----------+-------------- + column | dummy_seclabel_tbl1.a | dummy | unclassified + domain | dummy_seclabel_domain | dummy | classified + function | dummy_seclabel_four() | dummy | classified + role | regress_dummy_seclabel_user1 | dummy | classified + role | regress_dummy_seclabel_user2 | dummy | unclassified + schema | dummy_seclabel_test | dummy | unclassified + table | dummy_seclabel_tbl1 | dummy | top secret + table | dummy_seclabel_tbl2 | dummy | classified + view | dummy_seclabel_view1 | dummy | classified (9 rows) -- check for event trigger @@ -102,4 +99,9 @@ EXECUTE PROCEDURE event_trigger_test(); SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'classified'; NOTICE: event ddl_command_start: SECURITY LABEL NOTICE: event ddl_command_end: SECURITY LABEL +-- clean up DROP EVENT TRIGGER always_start, always_end, always_drop, always_rewrite; +DROP VIEW dummy_seclabel_view1; +DROP TABLE dummy_seclabel_tbl1, dummy_seclabel_tbl2; +DROP ROLE regress_dummy_seclabel_user1; +DROP ROLE regress_dummy_seclabel_user2; diff --git a/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql b/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql index f1135b6da5f..854906f3ed9 100644 --- a/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql +++ b/src/test/modules/dummy_seclabel/sql/dummy_seclabel.sql @@ -6,15 +6,13 @@ CREATE EXTENSION dummy_seclabel; -- initial setups SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS dummy_seclabel_user1; -DROP ROLE IF EXISTS dummy_seclabel_user2; +DROP ROLE IF EXISTS regress_dummy_seclabel_user1; +DROP ROLE IF EXISTS regress_dummy_seclabel_user2; -DROP TABLE IF EXISTS dummy_seclabel_tbl1; -DROP TABLE IF EXISTS dummy_seclabel_tbl2; -DROP TABLE IF EXISTS dummy_seclabel_tbl3; +RESET client_min_messages; -CREATE USER dummy_seclabel_user1 WITH CREATEROLE; -CREATE USER dummy_seclabel_user2; +CREATE USER regress_dummy_seclabel_user1 WITH CREATEROLE; +CREATE USER regress_dummy_seclabel_user2; CREATE TABLE dummy_seclabel_tbl1 (a int, b text); CREATE TABLE dummy_seclabel_tbl2 (x int, y text); @@ -22,15 +20,13 @@ CREATE VIEW dummy_seclabel_view1 AS SELECT * FROM dummy_seclabel_tbl2; CREATE FUNCTION dummy_seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql; CREATE DOMAIN dummy_seclabel_domain AS text; -ALTER TABLE dummy_seclabel_tbl1 OWNER TO dummy_seclabel_user1; -ALTER TABLE dummy_seclabel_tbl2 OWNER TO dummy_seclabel_user2; - -RESET client_min_messages; +ALTER TABLE dummy_seclabel_tbl1 OWNER TO regress_dummy_seclabel_user1; +ALTER TABLE dummy_seclabel_tbl2 OWNER TO regress_dummy_seclabel_user2; -- -- Test of SECURITY LABEL statement with a plugin -- -SET SESSION AUTHORIZATION dummy_seclabel_user1; +SET SESSION AUTHORIZATION regress_dummy_seclabel_user1; SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'classified'; -- OK SECURITY LABEL ON COLUMN dummy_seclabel_tbl1.a IS 'unclassified'; -- OK @@ -42,24 +38,24 @@ SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified'; -- fail (not owne SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret'; -- fail (not superuser) SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified'; -- fail (not found) -SET SESSION AUTHORIZATION dummy_seclabel_user2; +SET SESSION AUTHORIZATION regress_dummy_seclabel_user2; SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified'; -- fail SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified'; -- OK -- -- Test for shared database object -- -SET SESSION AUTHORIZATION dummy_seclabel_user1; +SET SESSION AUTHORIZATION regress_dummy_seclabel_user1; -SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'classified'; -- OK -SECURITY LABEL ON ROLE dummy_seclabel_user1 IS '...invalid label...'; -- fail -SECURITY LABEL FOR 'dummy' ON ROLE dummy_seclabel_user2 IS 'unclassified'; -- OK -SECURITY LABEL FOR 'unknown_seclabel' ON ROLE dummy_seclabel_user1 IS 'unclassified'; -- fail -SECURITY LABEL ON ROLE dummy_seclabel_user1 IS 'secret'; -- fail (not superuser) -SECURITY LABEL ON ROLE dummy_seclabel_user3 IS 'unclassified'; -- fail (not found) +SECURITY LABEL ON ROLE regress_dummy_seclabel_user1 IS 'classified'; -- OK +SECURITY LABEL ON ROLE regress_dummy_seclabel_user1 IS '...invalid label...'; -- fail +SECURITY LABEL FOR 'dummy' ON ROLE regress_dummy_seclabel_user2 IS 'unclassified'; -- OK +SECURITY LABEL FOR 'unknown_seclabel' ON ROLE regress_dummy_seclabel_user1 IS 'unclassified'; -- fail +SECURITY LABEL ON ROLE regress_dummy_seclabel_user1 IS 'secret'; -- fail (not superuser) +SECURITY LABEL ON ROLE regress_dummy_seclabel_user3 IS 'unclassified'; -- fail (not found) -SET SESSION AUTHORIZATION dummy_seclabel_user2; -SECURITY LABEL ON ROLE dummy_seclabel_user2 IS 'unclassified'; -- fail (not privileged) +SET SESSION AUTHORIZATION regress_dummy_seclabel_user2; +SECURITY LABEL ON ROLE regress_dummy_seclabel_user2 IS 'unclassified'; -- fail (not privileged) RESET SESSION AUTHORIZATION; @@ -99,4 +95,11 @@ EXECUTE PROCEDURE event_trigger_test(); -- should trigger ddl_command_{start,end} SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'classified'; +-- clean up DROP EVENT TRIGGER always_start, always_end, always_drop, always_rewrite; + +DROP VIEW dummy_seclabel_view1; +DROP TABLE dummy_seclabel_tbl1, dummy_seclabel_tbl2; + +DROP ROLE regress_dummy_seclabel_user1; +DROP ROLE regress_dummy_seclabel_user2; diff --git a/src/test/modules/test_ddl_deparse/expected/alter_function.out b/src/test/modules/test_ddl_deparse/expected/alter_function.out index 3694f96723e..69a3742e764 100644 --- a/src/test/modules/test_ddl_deparse/expected/alter_function.out +++ b/src/test/modules/test_ddl_deparse/expected/alter_function.out @@ -7,9 +7,9 @@ NOTICE: DDL test: type simple, tag ALTER FUNCTION ALTER FUNCTION foo.plpgsql_function_trigger_1() COST 10; NOTICE: DDL test: type simple, tag ALTER FUNCTION -CREATE ROLE tmprole; +CREATE ROLE regress_alter_function_role; ALTER FUNCTION plpgsql_function_trigger_2() - OWNER TO tmprole; + OWNER TO regress_alter_function_role; ERROR: function plpgsql_function_trigger_2() does not exist -DROP OWNED BY tmprole; -DROP ROLE tmprole; +DROP OWNED BY regress_alter_function_role; +DROP ROLE regress_alter_function_role; diff --git a/src/test/modules/test_ddl_deparse/sql/alter_function.sql b/src/test/modules/test_ddl_deparse/sql/alter_function.sql index 8f13950902f..45c8d1eae89 100644 --- a/src/test/modules/test_ddl_deparse/sql/alter_function.sql +++ b/src/test/modules/test_ddl_deparse/sql/alter_function.sql @@ -8,10 +8,10 @@ ALTER FUNCTION plpgsql_function_trigger_1 () ALTER FUNCTION foo.plpgsql_function_trigger_1() COST 10; -CREATE ROLE tmprole; +CREATE ROLE regress_alter_function_role; ALTER FUNCTION plpgsql_function_trigger_2() - OWNER TO tmprole; + OWNER TO regress_alter_function_role; -DROP OWNED BY tmprole; -DROP ROLE tmprole; +DROP OWNED BY regress_alter_function_role; +DROP ROLE regress_alter_function_role; diff --git a/src/test/modules/test_pg_dump/t/001_base.pl b/src/test/modules/test_pg_dump/t/001_base.pl index fd00e4bd321..fd9c37faafe 100644 --- a/src/test/modules/test_pg_dump/t/001_base.pl +++ b/src/test/modules/test_pg_dump/t/001_base.pl @@ -207,10 +207,10 @@ my %tests = ( binary_upgrade => 1, pg_dumpall_globals => 1, section_post_data => 1, }, }, - 'CREATE ROLE dump_test' => { + 'CREATE ROLE regress_dump_test_role' => { create_order => 1, - create_sql => 'CREATE ROLE dump_test;', - regexp => qr/^CREATE ROLE dump_test;$/m, + create_sql => 'CREATE ROLE regress_dump_test_role;', + regexp => qr/^CREATE ROLE regress_dump_test_role;$/m, like => { pg_dumpall_globals => 1, }, unlike => { binary_upgrade => 1, @@ -278,7 +278,7 @@ my %tests = ( 'GRANT SELECT ON TABLE regress_pg_dump_table' => { regexp => qr/^ \QSELECT pg_catalog.binary_upgrade_set_record_init_privs(true);\E\n - \QGRANT SELECT ON TABLE regress_pg_dump_table TO dump_test;\E\n + \QGRANT SELECT ON TABLE regress_pg_dump_table TO regress_dump_test_role;\E\n \QSELECT pg_catalog.binary_upgrade_set_record_init_privs(false);\E $/xms, like => { binary_upgrade => 1, }, @@ -311,12 +311,12 @@ my %tests = ( no_privs => 1, pg_dumpall_globals => 1, section_post_data => 1, }, }, - 'GRANT SELECT(col2) ON regress_pg_dump_table TO dump_test' => { + 'GRANT SELECT(col2) ON regress_pg_dump_table TO regress_dump_test_role' => { create_order => 4, create_sql => 'GRANT SELECT(col2) ON regress_pg_dump_table - TO dump_test;', + TO regress_dump_test_role;', regexp => qr/^ - \QGRANT SELECT(col2) ON TABLE regress_pg_dump_table TO dump_test;\E + \QGRANT SELECT(col2) ON TABLE regress_pg_dump_table TO regress_dump_test_role;\E $/xm, like => { binary_upgrade => 1, diff --git a/src/test/modules/test_pg_dump/test_pg_dump--1.0.sql b/src/test/modules/test_pg_dump/test_pg_dump--1.0.sql index e2bcd480e08..5fe606365e5 100644 --- a/src/test/modules/test_pg_dump/test_pg_dump--1.0.sql +++ b/src/test/modules/test_pg_dump/test_pg_dump--1.0.sql @@ -8,10 +8,10 @@ CREATE TABLE regress_pg_dump_table ( col2 int ); -GRANT SELECT ON regress_pg_dump_table TO dump_test; +GRANT SELECT ON regress_pg_dump_table TO regress_dump_test_role; GRANT SELECT(col1) ON regress_pg_dump_table TO public; -GRANT SELECT(col2) ON regress_pg_dump_table TO dump_test; -REVOKE SELECT(col2) ON regress_pg_dump_table FROM dump_test; +GRANT SELECT(col2) ON regress_pg_dump_table TO regress_dump_test_role; +REVOKE SELECT(col2) ON regress_pg_dump_table FROM regress_dump_test_role; CREATE ACCESS METHOD regress_test_am TYPE INDEX HANDLER bthandler; diff --git a/src/test/modules/test_rls_hooks/expected/test_rls_hooks.out b/src/test/modules/test_rls_hooks/expected/test_rls_hooks.out index 159b6043f0a..19284c18d48 100644 --- a/src/test/modules/test_rls_hooks/expected/test_rls_hooks.out +++ b/src/test/modules/test_rls_hooks/expected/test_rls_hooks.out @@ -5,9 +5,9 @@ CREATE TABLE rls_test_permissive ( data integer ); -- initial test data -INSERT INTO rls_test_permissive VALUES ('r1','s1',4); -INSERT INTO rls_test_permissive VALUES ('r2','s2',5); -INSERT INTO rls_test_permissive VALUES ('r3','s3',6); +INSERT INTO rls_test_permissive VALUES ('regress_r1','regress_s1',4); +INSERT INTO rls_test_permissive VALUES ('regress_r2','regress_s2',5); +INSERT INTO rls_test_permissive VALUES ('regress_r3','regress_s3',6); CREATE TABLE rls_test_restrictive ( username name, supervisor name, @@ -19,30 +19,30 @@ CREATE TABLE rls_test_restrictive ( -- create a simple 'allow all' policy. CREATE POLICY p1 ON rls_test_restrictive USING (true); -- initial test data -INSERT INTO rls_test_restrictive VALUES ('r1','s1',1); -INSERT INTO rls_test_restrictive VALUES ('r2','s2',2); -INSERT INTO rls_test_restrictive VALUES ('r3','s3',3); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',1); +INSERT INTO rls_test_restrictive VALUES ('regress_r2','regress_s2',2); +INSERT INTO rls_test_restrictive VALUES ('regress_r3','regress_s3',3); CREATE TABLE rls_test_both ( username name, supervisor name, data integer ); -- initial test data -INSERT INTO rls_test_both VALUES ('r1','s1',7); -INSERT INTO rls_test_both VALUES ('r2','s2',8); -INSERT INTO rls_test_both VALUES ('r3','s3',9); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',7); +INSERT INTO rls_test_both VALUES ('regress_r2','regress_s2',8); +INSERT INTO rls_test_both VALUES ('regress_r3','regress_s3',9); ALTER TABLE rls_test_permissive ENABLE ROW LEVEL SECURITY; ALTER TABLE rls_test_restrictive ENABLE ROW LEVEL SECURITY; ALTER TABLE rls_test_both ENABLE ROW LEVEL SECURITY; -CREATE ROLE r1; -CREATE ROLE s1; -GRANT SELECT,INSERT ON rls_test_permissive TO r1; -GRANT SELECT,INSERT ON rls_test_restrictive TO r1; -GRANT SELECT,INSERT ON rls_test_both TO r1; -GRANT SELECT,INSERT ON rls_test_permissive TO s1; -GRANT SELECT,INSERT ON rls_test_restrictive TO s1; -GRANT SELECT,INSERT ON rls_test_both TO s1; -SET ROLE r1; +CREATE ROLE regress_r1; +CREATE ROLE regress_s1; +GRANT SELECT,INSERT ON rls_test_permissive TO regress_r1; +GRANT SELECT,INSERT ON rls_test_restrictive TO regress_r1; +GRANT SELECT,INSERT ON rls_test_both TO regress_r1; +GRANT SELECT,INSERT ON rls_test_permissive TO regress_s1; +GRANT SELECT,INSERT ON rls_test_restrictive TO regress_s1; +GRANT SELECT,INSERT ON rls_test_both TO regress_s1; +SET ROLE regress_r1; -- With only the hook's policies, permissive -- hook's policy is current_user = username EXPLAIN (costs off) SELECT * FROM rls_test_permissive; @@ -53,17 +53,17 @@ EXPLAIN (costs off) SELECT * FROM rls_test_permissive; (2 rows) SELECT * FROM rls_test_permissive; - username | supervisor | data -----------+------------+------ - r1 | s1 | 4 + username | supervisor | data +------------+------------+------ + regress_r1 | regress_s1 | 4 (1 row) -- success -INSERT INTO rls_test_permissive VALUES ('r1','s1',10); +INSERT INTO rls_test_permissive VALUES ('regress_r1','regress_s1',10); -- failure -INSERT INTO rls_test_permissive VALUES ('r4','s4',10); +INSERT INTO rls_test_permissive VALUES ('regress_r4','regress_s4',10); ERROR: new row violates row-level security policy for table "rls_test_permissive" -SET ROLE s1; +SET ROLE regress_s1; -- With only the hook's policies, restrictive -- hook's policy is current_user = supervisor EXPLAIN (costs off) SELECT * FROM rls_test_restrictive; @@ -74,17 +74,17 @@ EXPLAIN (costs off) SELECT * FROM rls_test_restrictive; (2 rows) SELECT * FROM rls_test_restrictive; - username | supervisor | data -----------+------------+------ - r1 | s1 | 1 + username | supervisor | data +------------+------------+------ + regress_r1 | regress_s1 | 1 (1 row) -- success -INSERT INTO rls_test_restrictive VALUES ('r1','s1',10); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',10); -- failure -INSERT INTO rls_test_restrictive VALUES ('r4','s4',10); +INSERT INTO rls_test_restrictive VALUES ('regress_r4','regress_s4',10); ERROR: new row violates row-level security policy "extension policy" for table "rls_test_restrictive" -SET ROLE s1; +SET ROLE regress_s1; -- With only the hook's policies, both -- permissive hook's policy is current_user = username -- restrictive hook's policy is current_user = superuser @@ -102,13 +102,13 @@ SELECT * FROM rls_test_both; (0 rows) -- failure -INSERT INTO rls_test_both VALUES ('r1','s1',10); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',10); ERROR: new row violates row-level security policy for table "rls_test_both" -- failure -INSERT INTO rls_test_both VALUES ('r4','s1',10); +INSERT INTO rls_test_both VALUES ('regress_r4','regress_s1',10); ERROR: new row violates row-level security policy for table "rls_test_both" -- failure -INSERT INTO rls_test_both VALUES ('r4','s4',10); +INSERT INTO rls_test_both VALUES ('regress_r4','regress_s4',10); ERROR: new row violates row-level security policy for table "rls_test_both" RESET ROLE; -- Create "internal" policies, to check that the policies from @@ -118,7 +118,7 @@ CREATE POLICY p1 ON rls_test_permissive USING (data % 2 = 0); DROP POLICY p1 ON rls_test_restrictive; CREATE POLICY p1 ON rls_test_restrictive USING (data % 2 = 0); CREATE POLICY p1 ON rls_test_both USING (data % 2 = 0); -SET ROLE r1; +SET ROLE regress_r1; -- With both internal and hook policies, permissive EXPLAIN (costs off) SELECT * FROM rls_test_permissive; QUERY PLAN @@ -128,21 +128,21 @@ EXPLAIN (costs off) SELECT * FROM rls_test_permissive; (2 rows) SELECT * FROM rls_test_permissive; - username | supervisor | data -----------+------------+------ - r1 | s1 | 4 - r3 | s3 | 6 - r1 | s1 | 10 + username | supervisor | data +------------+------------+------ + regress_r1 | regress_s1 | 4 + regress_r3 | regress_s3 | 6 + regress_r1 | regress_s1 | 10 (3 rows) -- success -INSERT INTO rls_test_permissive VALUES ('r1','s1',7); +INSERT INTO rls_test_permissive VALUES ('regress_r1','regress_s1',7); -- success -INSERT INTO rls_test_permissive VALUES ('r3','s3',10); +INSERT INTO rls_test_permissive VALUES ('regress_r3','regress_s3',10); -- failure -INSERT INTO rls_test_permissive VALUES ('r4','s4',7); +INSERT INTO rls_test_permissive VALUES ('regress_r4','regress_s4',7); ERROR: new row violates row-level security policy for table "rls_test_permissive" -SET ROLE s1; +SET ROLE regress_s1; -- With both internal and hook policies, restrictive EXPLAIN (costs off) SELECT * FROM rls_test_restrictive; QUERY PLAN @@ -154,21 +154,21 @@ EXPLAIN (costs off) SELECT * FROM rls_test_restrictive; (4 rows) SELECT * FROM rls_test_restrictive; - username | supervisor | data -----------+------------+------ - r1 | s1 | 10 + username | supervisor | data +------------+------------+------ + regress_r1 | regress_s1 | 10 (1 row) -- success -INSERT INTO rls_test_restrictive VALUES ('r1','s1',8); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',8); -- failure -INSERT INTO rls_test_restrictive VALUES ('r3','s3',10); +INSERT INTO rls_test_restrictive VALUES ('regress_r3','regress_s3',10); ERROR: new row violates row-level security policy "extension policy" for table "rls_test_restrictive" -- failure -INSERT INTO rls_test_restrictive VALUES ('r1','s1',7); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',7); ERROR: new row violates row-level security policy for table "rls_test_restrictive" -- failure -INSERT INTO rls_test_restrictive VALUES ('r4','s4',7); +INSERT INTO rls_test_restrictive VALUES ('regress_r4','regress_s4',7); ERROR: new row violates row-level security policy for table "rls_test_restrictive" -- With both internal and hook policies, both permissive -- and restrictive hook policies @@ -187,19 +187,19 @@ SELECT * FROM rls_test_both; (0 rows) -- success -INSERT INTO rls_test_both VALUES ('r1','s1',8); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',8); -- failure -INSERT INTO rls_test_both VALUES ('r3','s3',10); +INSERT INTO rls_test_both VALUES ('regress_r3','regress_s3',10); ERROR: new row violates row-level security policy "extension policy" for table "rls_test_both" -- failure -INSERT INTO rls_test_both VALUES ('r1','s1',7); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',7); ERROR: new row violates row-level security policy for table "rls_test_both" -- failure -INSERT INTO rls_test_both VALUES ('r4','s4',7); +INSERT INTO rls_test_both VALUES ('regress_r4','regress_s4',7); ERROR: new row violates row-level security policy for table "rls_test_both" RESET ROLE; DROP TABLE rls_test_restrictive; DROP TABLE rls_test_permissive; DROP TABLE rls_test_both; -DROP ROLE r1; -DROP ROLE s1; +DROP ROLE regress_r1; +DROP ROLE regress_s1; diff --git a/src/test/modules/test_rls_hooks/sql/test_rls_hooks.sql b/src/test/modules/test_rls_hooks/sql/test_rls_hooks.sql index 3071213732f..746f6dd8b09 100644 --- a/src/test/modules/test_rls_hooks/sql/test_rls_hooks.sql +++ b/src/test/modules/test_rls_hooks/sql/test_rls_hooks.sql @@ -7,9 +7,9 @@ CREATE TABLE rls_test_permissive ( ); -- initial test data -INSERT INTO rls_test_permissive VALUES ('r1','s1',4); -INSERT INTO rls_test_permissive VALUES ('r2','s2',5); -INSERT INTO rls_test_permissive VALUES ('r3','s3',6); +INSERT INTO rls_test_permissive VALUES ('regress_r1','regress_s1',4); +INSERT INTO rls_test_permissive VALUES ('regress_r2','regress_s2',5); +INSERT INTO rls_test_permissive VALUES ('regress_r3','regress_s3',6); CREATE TABLE rls_test_restrictive ( username name, @@ -24,9 +24,9 @@ CREATE TABLE rls_test_restrictive ( CREATE POLICY p1 ON rls_test_restrictive USING (true); -- initial test data -INSERT INTO rls_test_restrictive VALUES ('r1','s1',1); -INSERT INTO rls_test_restrictive VALUES ('r2','s2',2); -INSERT INTO rls_test_restrictive VALUES ('r3','s3',3); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',1); +INSERT INTO rls_test_restrictive VALUES ('regress_r2','regress_s2',2); +INSERT INTO rls_test_restrictive VALUES ('regress_r3','regress_s3',3); CREATE TABLE rls_test_both ( username name, @@ -35,26 +35,26 @@ CREATE TABLE rls_test_both ( ); -- initial test data -INSERT INTO rls_test_both VALUES ('r1','s1',7); -INSERT INTO rls_test_both VALUES ('r2','s2',8); -INSERT INTO rls_test_both VALUES ('r3','s3',9); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',7); +INSERT INTO rls_test_both VALUES ('regress_r2','regress_s2',8); +INSERT INTO rls_test_both VALUES ('regress_r3','regress_s3',9); ALTER TABLE rls_test_permissive ENABLE ROW LEVEL SECURITY; ALTER TABLE rls_test_restrictive ENABLE ROW LEVEL SECURITY; ALTER TABLE rls_test_both ENABLE ROW LEVEL SECURITY; -CREATE ROLE r1; -CREATE ROLE s1; +CREATE ROLE regress_r1; +CREATE ROLE regress_s1; -GRANT SELECT,INSERT ON rls_test_permissive TO r1; -GRANT SELECT,INSERT ON rls_test_restrictive TO r1; -GRANT SELECT,INSERT ON rls_test_both TO r1; +GRANT SELECT,INSERT ON rls_test_permissive TO regress_r1; +GRANT SELECT,INSERT ON rls_test_restrictive TO regress_r1; +GRANT SELECT,INSERT ON rls_test_both TO regress_r1; -GRANT SELECT,INSERT ON rls_test_permissive TO s1; -GRANT SELECT,INSERT ON rls_test_restrictive TO s1; -GRANT SELECT,INSERT ON rls_test_both TO s1; +GRANT SELECT,INSERT ON rls_test_permissive TO regress_s1; +GRANT SELECT,INSERT ON rls_test_restrictive TO regress_s1; +GRANT SELECT,INSERT ON rls_test_both TO regress_s1; -SET ROLE r1; +SET ROLE regress_r1; -- With only the hook's policies, permissive -- hook's policy is current_user = username @@ -63,12 +63,12 @@ EXPLAIN (costs off) SELECT * FROM rls_test_permissive; SELECT * FROM rls_test_permissive; -- success -INSERT INTO rls_test_permissive VALUES ('r1','s1',10); +INSERT INTO rls_test_permissive VALUES ('regress_r1','regress_s1',10); -- failure -INSERT INTO rls_test_permissive VALUES ('r4','s4',10); +INSERT INTO rls_test_permissive VALUES ('regress_r4','regress_s4',10); -SET ROLE s1; +SET ROLE regress_s1; -- With only the hook's policies, restrictive -- hook's policy is current_user = supervisor @@ -77,12 +77,12 @@ EXPLAIN (costs off) SELECT * FROM rls_test_restrictive; SELECT * FROM rls_test_restrictive; -- success -INSERT INTO rls_test_restrictive VALUES ('r1','s1',10); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',10); -- failure -INSERT INTO rls_test_restrictive VALUES ('r4','s4',10); +INSERT INTO rls_test_restrictive VALUES ('regress_r4','regress_s4',10); -SET ROLE s1; +SET ROLE regress_s1; -- With only the hook's policies, both -- permissive hook's policy is current_user = username @@ -93,13 +93,13 @@ EXPLAIN (costs off) SELECT * FROM rls_test_both; SELECT * FROM rls_test_both; -- failure -INSERT INTO rls_test_both VALUES ('r1','s1',10); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',10); -- failure -INSERT INTO rls_test_both VALUES ('r4','s1',10); +INSERT INTO rls_test_both VALUES ('regress_r4','regress_s1',10); -- failure -INSERT INTO rls_test_both VALUES ('r4','s4',10); +INSERT INTO rls_test_both VALUES ('regress_r4','regress_s4',10); RESET ROLE; @@ -113,7 +113,7 @@ CREATE POLICY p1 ON rls_test_restrictive USING (data % 2 = 0); CREATE POLICY p1 ON rls_test_both USING (data % 2 = 0); -SET ROLE r1; +SET ROLE regress_r1; -- With both internal and hook policies, permissive EXPLAIN (costs off) SELECT * FROM rls_test_permissive; @@ -121,15 +121,15 @@ EXPLAIN (costs off) SELECT * FROM rls_test_permissive; SELECT * FROM rls_test_permissive; -- success -INSERT INTO rls_test_permissive VALUES ('r1','s1',7); +INSERT INTO rls_test_permissive VALUES ('regress_r1','regress_s1',7); -- success -INSERT INTO rls_test_permissive VALUES ('r3','s3',10); +INSERT INTO rls_test_permissive VALUES ('regress_r3','regress_s3',10); -- failure -INSERT INTO rls_test_permissive VALUES ('r4','s4',7); +INSERT INTO rls_test_permissive VALUES ('regress_r4','regress_s4',7); -SET ROLE s1; +SET ROLE regress_s1; -- With both internal and hook policies, restrictive EXPLAIN (costs off) SELECT * FROM rls_test_restrictive; @@ -137,16 +137,16 @@ EXPLAIN (costs off) SELECT * FROM rls_test_restrictive; SELECT * FROM rls_test_restrictive; -- success -INSERT INTO rls_test_restrictive VALUES ('r1','s1',8); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',8); -- failure -INSERT INTO rls_test_restrictive VALUES ('r3','s3',10); +INSERT INTO rls_test_restrictive VALUES ('regress_r3','regress_s3',10); -- failure -INSERT INTO rls_test_restrictive VALUES ('r1','s1',7); +INSERT INTO rls_test_restrictive VALUES ('regress_r1','regress_s1',7); -- failure -INSERT INTO rls_test_restrictive VALUES ('r4','s4',7); +INSERT INTO rls_test_restrictive VALUES ('regress_r4','regress_s4',7); -- With both internal and hook policies, both permissive -- and restrictive hook policies @@ -155,16 +155,16 @@ EXPLAIN (costs off) SELECT * FROM rls_test_both; SELECT * FROM rls_test_both; -- success -INSERT INTO rls_test_both VALUES ('r1','s1',8); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',8); -- failure -INSERT INTO rls_test_both VALUES ('r3','s3',10); +INSERT INTO rls_test_both VALUES ('regress_r3','regress_s3',10); -- failure -INSERT INTO rls_test_both VALUES ('r1','s1',7); +INSERT INTO rls_test_both VALUES ('regress_r1','regress_s1',7); -- failure -INSERT INTO rls_test_both VALUES ('r4','s4',7); +INSERT INTO rls_test_both VALUES ('regress_r4','regress_s4',7); RESET ROLE; @@ -172,5 +172,5 @@ DROP TABLE rls_test_restrictive; DROP TABLE rls_test_permissive; DROP TABLE rls_test_both; -DROP ROLE r1; -DROP ROLE s1; +DROP ROLE regress_r1; +DROP ROLE regress_s1; diff --git a/src/test/regress/expected/alter_generic.out b/src/test/regress/expected/alter_generic.out index 43376eeafdd..b01be59bbbd 100644 --- a/src/test/regress/expected/alter_generic.out +++ b/src/test/regress/expected/alter_generic.out @@ -3,13 +3,13 @@ -- -- Clean up in case a prior regression run failed SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS regtest_alter_user1; -DROP ROLE IF EXISTS regtest_alter_user2; -DROP ROLE IF EXISTS regtest_alter_user3; +DROP ROLE IF EXISTS regress_alter_user1; +DROP ROLE IF EXISTS regress_alter_user2; +DROP ROLE IF EXISTS regress_alter_user3; RESET client_min_messages; -CREATE USER regtest_alter_user3; -CREATE USER regtest_alter_user2; -CREATE USER regtest_alter_user1 IN ROLE regtest_alter_user3; +CREATE USER regress_alter_user3; +CREATE USER regress_alter_user2; +CREATE USER regress_alter_user1 IN ROLE regress_alter_user3; CREATE SCHEMA alt_nsp1; CREATE SCHEMA alt_nsp2; GRANT ALL ON SCHEMA alt_nsp1, alt_nsp2 TO public; @@ -17,7 +17,7 @@ SET search_path = alt_nsp1, public; -- -- Function and Aggregate -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE FUNCTION alt_func1(int) RETURNS int LANGUAGE sql AS 'SELECT $1 + 1'; CREATE FUNCTION alt_func2(int) RETURNS int LANGUAGE sql @@ -30,26 +30,26 @@ CREATE AGGREGATE alt_agg2 ( ); ALTER AGGREGATE alt_func1(int) RENAME TO alt_func3; -- failed (not aggregate) ERROR: function alt_func1(integer) is not an aggregate -ALTER AGGREGATE alt_func1(int) OWNER TO regtest_alter_user3; -- failed (not aggregate) +ALTER AGGREGATE alt_func1(int) OWNER TO regress_alter_user3; -- failed (not aggregate) ERROR: function alt_func1(integer) is not an aggregate ALTER AGGREGATE alt_func1(int) SET SCHEMA alt_nsp2; -- failed (not aggregate) ERROR: function alt_func1(integer) is not an aggregate ALTER FUNCTION alt_func1(int) RENAME TO alt_func2; -- failed (name conflict) ERROR: function alt_func2(integer) already exists in schema "alt_nsp1" ALTER FUNCTION alt_func1(int) RENAME TO alt_func3; -- OK -ALTER FUNCTION alt_func2(int) OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER FUNCTION alt_func2(int) OWNER TO regtest_alter_user3; -- OK +ALTER FUNCTION alt_func2(int) OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER FUNCTION alt_func2(int) OWNER TO regress_alter_user3; -- OK ALTER FUNCTION alt_func2(int) SET SCHEMA alt_nsp1; -- OK, already there ALTER FUNCTION alt_func2(int) SET SCHEMA alt_nsp2; -- OK ALTER AGGREGATE alt_agg1(int) RENAME TO alt_agg2; -- failed (name conflict) ERROR: function alt_agg2(integer) already exists in schema "alt_nsp1" ALTER AGGREGATE alt_agg1(int) RENAME TO alt_agg3; -- OK -ALTER AGGREGATE alt_agg2(int) OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER AGGREGATE alt_agg2(int) OWNER TO regtest_alter_user3; -- OK +ALTER AGGREGATE alt_agg2(int) OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER AGGREGATE alt_agg2(int) OWNER TO regress_alter_user3; -- OK ALTER AGGREGATE alt_agg2(int) SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE FUNCTION alt_func1(int) RETURNS int LANGUAGE sql AS 'SELECT $1 + 2'; CREATE FUNCTION alt_func2(int) RETURNS int LANGUAGE sql @@ -63,10 +63,10 @@ CREATE AGGREGATE alt_agg2 ( ALTER FUNCTION alt_func3(int) RENAME TO alt_func4; -- failed (not owner) ERROR: must be owner of function alt_func3 ALTER FUNCTION alt_func1(int) RENAME TO alt_func4; -- OK -ALTER FUNCTION alt_func3(int) OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER FUNCTION alt_func3(int) OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of function alt_func3 -ALTER FUNCTION alt_func2(int) OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER FUNCTION alt_func2(int) OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER FUNCTION alt_func3(int) SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of function alt_func3 ALTER FUNCTION alt_func2(int) SET SCHEMA alt_nsp2; -- failed (name conflicts) @@ -74,10 +74,10 @@ ERROR: function alt_func2(integer) already exists in schema "alt_nsp2" ALTER AGGREGATE alt_agg3(int) RENAME TO alt_agg4; -- failed (not owner) ERROR: must be owner of function alt_agg3 ALTER AGGREGATE alt_agg1(int) RENAME TO alt_agg4; -- OK -ALTER AGGREGATE alt_agg3(int) OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER AGGREGATE alt_agg3(int) OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of function alt_agg3 -ALTER AGGREGATE alt_agg2(int) OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER AGGREGATE alt_agg2(int) OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER AGGREGATE alt_agg3(int) SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of function alt_agg3 ALTER AGGREGATE alt_agg2(int) SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -90,14 +90,14 @@ SELECT n.nspname, proname, prorettype::regtype, proisagg, a.rolname ORDER BY nspname, proname; nspname | proname | prorettype | proisagg | rolname ----------+-----------+------------+----------+--------------------- - alt_nsp1 | alt_agg2 | integer | t | regtest_alter_user2 - alt_nsp1 | alt_agg3 | integer | t | regtest_alter_user1 - alt_nsp1 | alt_agg4 | integer | t | regtest_alter_user2 - alt_nsp1 | alt_func2 | integer | f | regtest_alter_user2 - alt_nsp1 | alt_func3 | integer | f | regtest_alter_user1 - alt_nsp1 | alt_func4 | integer | f | regtest_alter_user2 - alt_nsp2 | alt_agg2 | integer | t | regtest_alter_user3 - alt_nsp2 | alt_func2 | integer | f | regtest_alter_user3 + alt_nsp1 | alt_agg2 | integer | t | regress_alter_user2 + alt_nsp1 | alt_agg3 | integer | t | regress_alter_user1 + alt_nsp1 | alt_agg4 | integer | t | regress_alter_user2 + alt_nsp1 | alt_func2 | integer | f | regress_alter_user2 + alt_nsp1 | alt_func3 | integer | f | regress_alter_user1 + alt_nsp1 | alt_func4 | integer | f | regress_alter_user2 + alt_nsp2 | alt_agg2 | integer | t | regress_alter_user3 + alt_nsp2 | alt_func2 | integer | f | regress_alter_user3 (8 rows) -- @@ -107,26 +107,26 @@ SELECT n.nspname, proname, prorettype::regtype, proisagg, a.rolname -- -- Conversion -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE CONVERSION alt_conv1 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; CREATE CONVERSION alt_conv2 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; ALTER CONVERSION alt_conv1 RENAME TO alt_conv2; -- failed (name conflict) ERROR: conversion "alt_conv2" already exists in schema "alt_nsp1" ALTER CONVERSION alt_conv1 RENAME TO alt_conv3; -- OK -ALTER CONVERSION alt_conv2 OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER CONVERSION alt_conv2 OWNER TO regtest_alter_user3; -- OK +ALTER CONVERSION alt_conv2 OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER CONVERSION alt_conv2 OWNER TO regress_alter_user3; -- OK ALTER CONVERSION alt_conv2 SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE CONVERSION alt_conv1 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; CREATE CONVERSION alt_conv2 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; ALTER CONVERSION alt_conv3 RENAME TO alt_conv4; -- failed (not owner) ERROR: must be owner of conversion alt_conv3 ALTER CONVERSION alt_conv1 RENAME TO alt_conv4; -- OK -ALTER CONVERSION alt_conv3 OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER CONVERSION alt_conv3 OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of conversion alt_conv3 -ALTER CONVERSION alt_conv2 OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER CONVERSION alt_conv2 OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER CONVERSION alt_conv3 SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of conversion alt_conv3 ALTER CONVERSION alt_conv2 SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -139,10 +139,10 @@ SELECT n.nspname, c.conname, a.rolname ORDER BY nspname, conname; nspname | conname | rolname ----------+-----------+--------------------- - alt_nsp1 | alt_conv2 | regtest_alter_user2 - alt_nsp1 | alt_conv3 | regtest_alter_user1 - alt_nsp1 | alt_conv4 | regtest_alter_user2 - alt_nsp2 | alt_conv2 | regtest_alter_user3 + alt_nsp1 | alt_conv2 | regress_alter_user2 + alt_nsp1 | alt_conv3 | regress_alter_user1 + alt_nsp1 | alt_conv4 | regress_alter_user2 + alt_nsp2 | alt_conv2 | regress_alter_user3 (4 rows) -- @@ -177,19 +177,19 @@ SELECT srvname FROM pg_foreign_server WHERE srvname like 'alt_fserv%'; -- CREATE LANGUAGE alt_lang1 HANDLER plpgsql_call_handler; CREATE LANGUAGE alt_lang2 HANDLER plpgsql_call_handler; -ALTER LANGUAGE alt_lang1 OWNER TO regtest_alter_user1; -- OK -ALTER LANGUAGE alt_lang2 OWNER TO regtest_alter_user2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user1; +ALTER LANGUAGE alt_lang1 OWNER TO regress_alter_user1; -- OK +ALTER LANGUAGE alt_lang2 OWNER TO regress_alter_user2; -- OK +SET SESSION AUTHORIZATION regress_alter_user1; ALTER LANGUAGE alt_lang1 RENAME TO alt_lang2; -- failed (name conflict) ERROR: language "alt_lang2" already exists ALTER LANGUAGE alt_lang2 RENAME TO alt_lang3; -- failed (not owner) ERROR: must be owner of language alt_lang2 ALTER LANGUAGE alt_lang1 RENAME TO alt_lang3; -- OK -ALTER LANGUAGE alt_lang2 OWNER TO regtest_alter_user3; -- failed (not owner) +ALTER LANGUAGE alt_lang2 OWNER TO regress_alter_user3; -- failed (not owner) ERROR: must be owner of language alt_lang2 -ALTER LANGUAGE alt_lang3 OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER LANGUAGE alt_lang3 OWNER TO regtest_alter_user3; -- OK +ALTER LANGUAGE alt_lang3 OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER LANGUAGE alt_lang3 OWNER TO regress_alter_user3; -- OK RESET SESSION AUTHORIZATION; SELECT lanname, a.rolname FROM pg_language l, pg_authid a @@ -197,26 +197,26 @@ SELECT lanname, a.rolname ORDER BY lanname; lanname | rolname -----------+--------------------- - alt_lang2 | regtest_alter_user2 - alt_lang3 | regtest_alter_user3 + alt_lang2 | regress_alter_user2 + alt_lang3 | regress_alter_user3 (2 rows) -- -- Operator -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE OPERATOR @-@ ( leftarg = int4, rightarg = int4, procedure = int4mi ); CREATE OPERATOR @+@ ( leftarg = int4, rightarg = int4, procedure = int4pl ); -ALTER OPERATOR @+@(int4, int4) OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER OPERATOR @+@(int4, int4) OWNER TO regtest_alter_user3; -- OK +ALTER OPERATOR @+@(int4, int4) OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER OPERATOR @+@(int4, int4) OWNER TO regress_alter_user3; -- OK ALTER OPERATOR @-@(int4, int4) SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE OPERATOR @-@ ( leftarg = int4, rightarg = int4, procedure = int4mi ); -ALTER OPERATOR @+@(int4, int4) OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER OPERATOR @+@(int4, int4) OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of operator @+@ -ALTER OPERATOR @-@(int4, int4) OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER OPERATOR @-@(int4, int4) OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER OPERATOR @+@(int4, int4) SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of operator @+@ -- can't test this: the error message includes the raw oid of namespace @@ -230,9 +230,9 @@ SELECT n.nspname, oprname, a.rolname, ORDER BY nspname, oprname; nspname | oprname | rolname | oprleft | oprright | oprcode ----------+---------+---------------------+---------+----------+--------- - alt_nsp1 | @+@ | regtest_alter_user3 | integer | integer | int4pl - alt_nsp1 | @-@ | regtest_alter_user2 | integer | integer | int4mi - alt_nsp2 | @-@ | regtest_alter_user1 | integer | integer | int4mi + alt_nsp1 | @+@ | regress_alter_user3 | integer | integer | int4pl + alt_nsp1 | @-@ | regress_alter_user2 | integer | integer | int4mi + alt_nsp2 | @-@ | regress_alter_user1 | integer | integer | int4mi (3 rows) -- @@ -240,44 +240,44 @@ SELECT n.nspname, oprname, a.rolname, -- CREATE OPERATOR FAMILY alt_opf1 USING hash; CREATE OPERATOR FAMILY alt_opf2 USING hash; -ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regtest_alter_user1; -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user1; +ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regress_alter_user1; +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user1; CREATE OPERATOR CLASS alt_opc1 FOR TYPE uuid USING hash AS STORAGE uuid; CREATE OPERATOR CLASS alt_opc2 FOR TYPE uuid USING hash AS STORAGE uuid; -ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regtest_alter_user1; -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user1; -SET SESSION AUTHORIZATION regtest_alter_user1; +ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regress_alter_user1; +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; ALTER OPERATOR FAMILY alt_opf1 USING hash RENAME TO alt_opf2; -- failed (name conflict) ERROR: operator family "alt_opf2" for access method "hash" already exists in schema "alt_nsp1" ALTER OPERATOR FAMILY alt_opf1 USING hash RENAME TO alt_opf3; -- OK -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user3; -- OK +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user3; -- OK ALTER OPERATOR FAMILY alt_opf2 USING hash SET SCHEMA alt_nsp2; -- OK ALTER OPERATOR CLASS alt_opc1 USING hash RENAME TO alt_opc2; -- failed (name conflict) ERROR: operator class "alt_opc2" for access method "hash" already exists in schema "alt_nsp1" ALTER OPERATOR CLASS alt_opc1 USING hash RENAME TO alt_opc3; -- OK -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user3; -- OK +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user3; -- OK ALTER OPERATOR CLASS alt_opc2 USING hash SET SCHEMA alt_nsp2; -- OK RESET SESSION AUTHORIZATION; CREATE OPERATOR FAMILY alt_opf1 USING hash; CREATE OPERATOR FAMILY alt_opf2 USING hash; -ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regtest_alter_user2; -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user2; +ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regress_alter_user2; +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user2; CREATE OPERATOR CLASS alt_opc1 FOR TYPE macaddr USING hash AS STORAGE macaddr; CREATE OPERATOR CLASS alt_opc2 FOR TYPE macaddr USING hash AS STORAGE macaddr; -ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regtest_alter_user2; -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user2; -SET SESSION AUTHORIZATION regtest_alter_user2; +ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regress_alter_user2; +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; ALTER OPERATOR FAMILY alt_opf3 USING hash RENAME TO alt_opf4; -- failed (not owner) ERROR: must be owner of operator family alt_opf3 ALTER OPERATOR FAMILY alt_opf1 USING hash RENAME TO alt_opf4; -- OK -ALTER OPERATOR FAMILY alt_opf3 USING hash OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER OPERATOR FAMILY alt_opf3 USING hash OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of operator family alt_opf3 -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER OPERATOR FAMILY alt_opf3 USING hash SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of operator family alt_opf3 ALTER OPERATOR FAMILY alt_opf2 USING hash SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -285,10 +285,10 @@ ERROR: operator family "alt_opf2" for access method "hash" already exists in sc ALTER OPERATOR CLASS alt_opc3 USING hash RENAME TO alt_opc4; -- failed (not owner) ERROR: must be owner of operator class alt_opc3 ALTER OPERATOR CLASS alt_opc1 USING hash RENAME TO alt_opc4; -- OK -ALTER OPERATOR CLASS alt_opc3 USING hash OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER OPERATOR CLASS alt_opc3 USING hash OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of operator class alt_opc3 -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER OPERATOR CLASS alt_opc3 USING hash SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of operator class alt_opc3 ALTER OPERATOR CLASS alt_opc2 USING hash SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -302,10 +302,10 @@ SELECT nspname, opfname, amname, rolname ORDER BY nspname, opfname; nspname | opfname | amname | rolname ----------+----------+--------+--------------------- - alt_nsp1 | alt_opf2 | hash | regtest_alter_user2 - alt_nsp1 | alt_opf3 | hash | regtest_alter_user1 - alt_nsp1 | alt_opf4 | hash | regtest_alter_user2 - alt_nsp2 | alt_opf2 | hash | regtest_alter_user3 + alt_nsp1 | alt_opf2 | hash | regress_alter_user2 + alt_nsp1 | alt_opf3 | hash | regress_alter_user1 + alt_nsp1 | alt_opf4 | hash | regress_alter_user2 + alt_nsp2 | alt_opf2 | hash | regress_alter_user3 (4 rows) SELECT nspname, opcname, amname, rolname @@ -315,10 +315,10 @@ SELECT nspname, opcname, amname, rolname ORDER BY nspname, opcname; nspname | opcname | amname | rolname ----------+----------+--------+--------------------- - alt_nsp1 | alt_opc2 | hash | regtest_alter_user2 - alt_nsp1 | alt_opc3 | hash | regtest_alter_user1 - alt_nsp1 | alt_opc4 | hash | regtest_alter_user2 - alt_nsp2 | alt_opc2 | hash | regtest_alter_user3 + alt_nsp1 | alt_opc2 | hash | regress_alter_user2 + alt_nsp1 | alt_opc3 | hash | regress_alter_user1 + alt_nsp1 | alt_opc4 | hash | regress_alter_user2 + alt_nsp2 | alt_opc2 | hash | regress_alter_user3 (4 rows) -- ALTER OPERATOR FAMILY ... ADD/DROP @@ -362,9 +362,9 @@ ERROR: STORAGE cannot be specified in ALTER OPERATOR FAMILY DROP OPERATOR FAMILY alt_opf4 USING btree; -- Should fail. Need to be SUPERUSER to do ALTER OPERATOR FAMILY .. ADD / DROP BEGIN TRANSACTION; -CREATE ROLE regtest_alter_user5 NOSUPERUSER; +CREATE ROLE regress_alter_user5 NOSUPERUSER; CREATE OPERATOR FAMILY alt_opf5 USING btree; -SET ROLE regtest_alter_user5; +SET ROLE regress_alter_user5; ALTER OPERATOR FAMILY alt_opf5 USING btree ADD OPERATOR 1 < (int4, int2), FUNCTION 1 btint42cmp(int4, int2); ERROR: must be superuser to alter an operator family RESET ROLE; @@ -374,11 +374,11 @@ ERROR: current transaction is aborted, commands ignored until end of transactio ROLLBACK; -- Should fail. Need rights to namespace for ALTER OPERATOR FAMILY .. ADD / DROP BEGIN TRANSACTION; -CREATE ROLE regtest_alter_user6; +CREATE ROLE regress_alter_user6; CREATE SCHEMA alt_nsp6; -REVOKE ALL ON SCHEMA alt_nsp6 FROM regtest_alter_user6; +REVOKE ALL ON SCHEMA alt_nsp6 FROM regress_alter_user6; CREATE OPERATOR FAMILY alt_nsp6.alt_opf6 USING btree; -SET ROLE regtest_alter_user6; +SET ROLE regress_alter_user6; ALTER OPERATOR FAMILY alt_nsp6.alt_opf6 USING btree ADD OPERATOR 1 < (int4, int2); ERROR: permission denied for schema alt_nsp6 ROLLBACK; @@ -499,26 +499,26 @@ DROP OPERATOR FAMILY alt_opf18 USING btree; -- -- Text Search Dictionary -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE TEXT SEARCH DICTIONARY alt_ts_dict1 (template=simple); CREATE TEXT SEARCH DICTIONARY alt_ts_dict2 (template=simple); ALTER TEXT SEARCH DICTIONARY alt_ts_dict1 RENAME TO alt_ts_dict2; -- failed (name conflict) ERROR: text search dictionary "alt_ts_dict2" already exists in schema "alt_nsp1" ALTER TEXT SEARCH DICTIONARY alt_ts_dict1 RENAME TO alt_ts_dict3; -- OK -ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regtest_alter_user3; -- OK +ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regress_alter_user3; -- OK ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE TEXT SEARCH DICTIONARY alt_ts_dict1 (template=simple); CREATE TEXT SEARCH DICTIONARY alt_ts_dict2 (template=simple); ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 RENAME TO alt_ts_dict4; -- failed (not owner) ERROR: must be owner of text search dictionary alt_ts_dict3 ALTER TEXT SEARCH DICTIONARY alt_ts_dict1 RENAME TO alt_ts_dict4; -- OK -ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of text search dictionary alt_ts_dict3 -ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of text search dictionary alt_ts_dict3 ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -531,35 +531,35 @@ SELECT nspname, dictname, rolname ORDER BY nspname, dictname; nspname | dictname | rolname ----------+--------------+--------------------- - alt_nsp1 | alt_ts_dict2 | regtest_alter_user2 - alt_nsp1 | alt_ts_dict3 | regtest_alter_user1 - alt_nsp1 | alt_ts_dict4 | regtest_alter_user2 - alt_nsp2 | alt_ts_dict2 | regtest_alter_user3 + alt_nsp1 | alt_ts_dict2 | regress_alter_user2 + alt_nsp1 | alt_ts_dict3 | regress_alter_user1 + alt_nsp1 | alt_ts_dict4 | regress_alter_user2 + alt_nsp2 | alt_ts_dict2 | regress_alter_user3 (4 rows) -- -- Text Search Configuration -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE TEXT SEARCH CONFIGURATION alt_ts_conf1 (copy=english); CREATE TEXT SEARCH CONFIGURATION alt_ts_conf2 (copy=english); ALTER TEXT SEARCH CONFIGURATION alt_ts_conf1 RENAME TO alt_ts_conf2; -- failed (name conflict) ERROR: text search configuration "alt_ts_conf2" already exists in schema "alt_nsp1" ALTER TEXT SEARCH CONFIGURATION alt_ts_conf1 RENAME TO alt_ts_conf3; -- OK -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regtest_alter_user2; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user2" -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regtest_alter_user3; -- OK +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regress_alter_user2; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user2" +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regress_alter_user3; -- OK ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE TEXT SEARCH CONFIGURATION alt_ts_conf1 (copy=english); CREATE TEXT SEARCH CONFIGURATION alt_ts_conf2 (copy=english); ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 RENAME TO alt_ts_conf4; -- failed (not owner) ERROR: must be owner of text search configuration alt_ts_conf3 ALTER TEXT SEARCH CONFIGURATION alt_ts_conf1 RENAME TO alt_ts_conf4; -- OK -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 OWNER TO regtest_alter_user2; -- failed (not owner) +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 OWNER TO regress_alter_user2; -- failed (not owner) ERROR: must be owner of text search configuration alt_ts_conf3 -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regtest_alter_user3; -- failed (no role membership) -ERROR: must be member of role "regtest_alter_user3" +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regress_alter_user3; -- failed (no role membership) +ERROR: must be member of role "regress_alter_user3" ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 SET SCHEMA alt_nsp2; -- failed (not owner) ERROR: must be owner of text search configuration alt_ts_conf3 ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -572,10 +572,10 @@ SELECT nspname, cfgname, rolname ORDER BY nspname, cfgname; nspname | cfgname | rolname ----------+--------------+--------------------- - alt_nsp1 | alt_ts_conf2 | regtest_alter_user2 - alt_nsp1 | alt_ts_conf3 | regtest_alter_user1 - alt_nsp1 | alt_ts_conf4 | regtest_alter_user2 - alt_nsp2 | alt_ts_conf2 | regtest_alter_user3 + alt_nsp1 | alt_ts_conf2 | regress_alter_user2 + alt_nsp1 | alt_ts_conf3 | regress_alter_user1 + alt_nsp1 | alt_ts_conf4 | regress_alter_user2 + alt_nsp2 | alt_ts_conf2 | regress_alter_user3 (4 rows) -- @@ -677,6 +677,6 @@ drop cascades to text search dictionary alt_ts_dict2 drop cascades to text search configuration alt_ts_conf2 drop cascades to text search template alt_ts_temp2 drop cascades to text search parser alt_ts_prs2 -DROP USER regtest_alter_user1; -DROP USER regtest_alter_user2; -DROP USER regtest_alter_user3; +DROP USER regress_alter_user1; +DROP USER regress_alter_user2; +DROP USER regress_alter_user3; diff --git a/src/test/regress/expected/alter_operator.out b/src/test/regress/expected/alter_operator.out index 9fb688d3aae..ef47affd7b6 100644 --- a/src/test/regress/expected/alter_operator.out +++ b/src/test/regress/expected/alter_operator.out @@ -124,13 +124,13 @@ ERROR: operator attribute "negator" cannot be changed -- -- Test permission check. Must be owner to ALTER OPERATOR. -- -CREATE USER regtest_alter_user; -SET SESSION AUTHORIZATION regtest_alter_user; +CREATE USER regress_alter_op_user; +SET SESSION AUTHORIZATION regress_alter_op_user; ALTER OPERATOR === (boolean, boolean) SET (RESTRICT = NONE); ERROR: must be owner of operator === -- Clean up RESET SESSION AUTHORIZATION; -DROP USER regtest_alter_user; +DROP USER regress_alter_op_user; DROP OPERATOR === (boolean, boolean); DROP FUNCTION customcontsel(internal, oid, internal, integer); DROP FUNCTION alter_op_test_fn(boolean, boolean); diff --git a/src/test/regress/expected/cluster.out b/src/test/regress/expected/cluster.out index 2a57cdeb510..097ac2b0060 100644 --- a/src/test/regress/expected/cluster.out +++ b/src/test/regress/expected/cluster.out @@ -306,13 +306,13 @@ WHERE pg_class.oid=indexrelid (0 rows) -- Verify that clustering all tables does in fact cluster the right ones -CREATE USER clstr_user; +CREATE USER regress_clstr_user; CREATE TABLE clstr_1 (a INT PRIMARY KEY); CREATE TABLE clstr_2 (a INT PRIMARY KEY); CREATE TABLE clstr_3 (a INT PRIMARY KEY); -ALTER TABLE clstr_1 OWNER TO clstr_user; -ALTER TABLE clstr_3 OWNER TO clstr_user; -GRANT SELECT ON clstr_2 TO clstr_user; +ALTER TABLE clstr_1 OWNER TO regress_clstr_user; +ALTER TABLE clstr_3 OWNER TO regress_clstr_user; +GRANT SELECT ON clstr_2 TO regress_clstr_user; INSERT INTO clstr_1 VALUES (2); INSERT INTO clstr_1 VALUES (1); INSERT INTO clstr_2 VALUES (2); @@ -349,7 +349,7 @@ INSERT INTO clstr_3 VALUES (2); INSERT INTO clstr_3 VALUES (1); -- this user can only cluster clstr_1 and clstr_3, but the latter -- has not been clustered -SET SESSION AUTHORIZATION clstr_user; +SET SESSION AUTHORIZATION regress_clstr_user; CLUSTER; SELECT * FROM clstr_1 UNION ALL SELECT * FROM clstr_2 UNION ALL @@ -479,4 +479,4 @@ DROP TABLE clstr_1; DROP TABLE clstr_2; DROP TABLE clstr_3; DROP TABLE clstr_4; -DROP USER clstr_user; +DROP USER regress_clstr_user; diff --git a/src/test/regress/expected/conversion.out b/src/test/regress/expected/conversion.out index 37965ae3aba..62c10671685 100644 --- a/src/test/regress/expected/conversion.out +++ b/src/test/regress/expected/conversion.out @@ -1,8 +1,8 @@ -- -- create user defined conversion -- -CREATE USER conversion_test_user WITH NOCREATEDB NOCREATEROLE; -SET SESSION AUTHORIZATION conversion_test_user; +CREATE USER regress_conversion_user WITH NOCREATEDB NOCREATEROLE; +SET SESSION AUTHORIZATION regress_conversion_user; CREATE CONVERSION myconv FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; -- -- cannot make same name conversion in same schema @@ -36,4 +36,4 @@ DROP CONVERSION mydef; -- return to the super user -- RESET SESSION AUTHORIZATION; -DROP USER conversion_test_user; +DROP USER regress_conversion_user; diff --git a/src/test/regress/expected/create_function_3.out b/src/test/regress/expected/create_function_3.out index 6a4352c57cc..7bb957b51b4 100644 --- a/src/test/regress/expected/create_function_3.out +++ b/src/test/regress/expected/create_function_3.out @@ -3,7 +3,7 @@ -- -- sanity check of pg_proc catalog to the given parameters -- -CREATE USER regtest_unpriv_user; +CREATE USER regress_unpriv_user; CREATE SCHEMA temp_func_test; GRANT ALL ON SCHEMA temp_func_test TO public; SET search_path TO temp_func_test, public; @@ -138,9 +138,9 @@ SELECT proname, proleakproof FROM pg_proc (2 rows) -- it takes superuser privilege to turn on leakproof, but not for turn off -ALTER FUNCTION functext_E_1(int) OWNER TO regtest_unpriv_user; -ALTER FUNCTION functext_E_2(int) OWNER TO regtest_unpriv_user; -SET SESSION AUTHORIZATION regtest_unpriv_user; +ALTER FUNCTION functext_E_1(int) OWNER TO regress_unpriv_user; +ALTER FUNCTION functext_E_2(int) OWNER TO regress_unpriv_user; +SET SESSION AUTHORIZATION regress_unpriv_user; SET search_path TO temp_func_test, public; ALTER FUNCTION functext_E_1(int) NOT LEAKPROOF; ALTER FUNCTION functext_E_2(int) LEAKPROOF; @@ -239,5 +239,5 @@ drop cascades to function functext_f_4(integer) drop cascades to function functest_is_1(integer,integer,text) drop cascades to function functest_is_2(integer) drop cascades to function functest_is_3(integer) -DROP USER regtest_unpriv_user; +DROP USER regress_unpriv_user; RESET search_path; diff --git a/src/test/regress/expected/create_index.out b/src/test/regress/expected/create_index.out index 989ebe523c7..76593e1e06e 100644 --- a/src/test/regress/expected/create_index.out +++ b/src/test/regress/expected/create_index.out @@ -3020,13 +3020,13 @@ REINDEX SCHEMA schema_to_reindex; -- failure, cannot run in a transaction ERROR: REINDEX SCHEMA cannot run inside a transaction block END; -- Failure for unauthorized user -CREATE ROLE regression_reindexuser NOLOGIN; -SET SESSION ROLE regression_reindexuser; +CREATE ROLE regress_reindexuser NOLOGIN; +SET SESSION ROLE regress_reindexuser; REINDEX SCHEMA schema_to_reindex; ERROR: must be owner of schema schema_to_reindex -- Clean up RESET ROLE; -DROP ROLE regression_reindexuser; +DROP ROLE regress_reindexuser; SET client_min_messages TO 'warning'; DROP SCHEMA schema_to_reindex CASCADE; RESET client_min_messages; diff --git a/src/test/regress/expected/dependency.out b/src/test/regress/expected/dependency.out index caba88f89b3..8e50f8ffbb0 100644 --- a/src/test/regress/expected/dependency.out +++ b/src/test/regress/expected/dependency.out @@ -1,95 +1,95 @@ -- -- DEPENDENCIES -- -CREATE USER regression_user; -CREATE USER regression_user2; -CREATE USER regression_user3; -CREATE GROUP regression_group; +CREATE USER regress_dep_user; +CREATE USER regress_dep_user2; +CREATE USER regress_dep_user3; +CREATE GROUP regress_dep_group; CREATE TABLE deptest (f1 serial primary key, f2 text); -GRANT SELECT ON TABLE deptest TO GROUP regression_group; -GRANT ALL ON TABLE deptest TO regression_user, regression_user2; +GRANT SELECT ON TABLE deptest TO GROUP regress_dep_group; +GRANT ALL ON TABLE deptest TO regress_dep_user, regress_dep_user2; -- can't drop neither because they have privileges somewhere -DROP USER regression_user; -ERROR: role "regression_user" cannot be dropped because some objects depend on it +DROP USER regress_dep_user; +ERROR: role "regress_dep_user" cannot be dropped because some objects depend on it DETAIL: privileges for table deptest -DROP GROUP regression_group; -ERROR: role "regression_group" cannot be dropped because some objects depend on it +DROP GROUP regress_dep_group; +ERROR: role "regress_dep_group" cannot be dropped because some objects depend on it DETAIL: privileges for table deptest -- if we revoke the privileges we can drop the group -REVOKE SELECT ON deptest FROM GROUP regression_group; -DROP GROUP regression_group; +REVOKE SELECT ON deptest FROM GROUP regress_dep_group; +DROP GROUP regress_dep_group; -- can't drop the user if we revoke the privileges partially -REVOKE SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES ON deptest FROM regression_user; -DROP USER regression_user; -ERROR: role "regression_user" cannot be dropped because some objects depend on it +REVOKE SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES ON deptest FROM regress_dep_user; +DROP USER regress_dep_user; +ERROR: role "regress_dep_user" cannot be dropped because some objects depend on it DETAIL: privileges for table deptest -- now we are OK to drop him -REVOKE TRIGGER ON deptest FROM regression_user; -DROP USER regression_user; +REVOKE TRIGGER ON deptest FROM regress_dep_user; +DROP USER regress_dep_user; -- we are OK too if we drop the privileges all at once -REVOKE ALL ON deptest FROM regression_user2; -DROP USER regression_user2; +REVOKE ALL ON deptest FROM regress_dep_user2; +DROP USER regress_dep_user2; -- can't drop the owner of an object -- the error message detail here would include a pg_toast_nnn name that -- is not constant, so suppress it \set VERBOSITY terse -ALTER TABLE deptest OWNER TO regression_user3; -DROP USER regression_user3; -ERROR: role "regression_user3" cannot be dropped because some objects depend on it +ALTER TABLE deptest OWNER TO regress_dep_user3; +DROP USER regress_dep_user3; +ERROR: role "regress_dep_user3" cannot be dropped because some objects depend on it \set VERBOSITY default -- if we drop the object, we can drop the user too DROP TABLE deptest; -DROP USER regression_user3; +DROP USER regress_dep_user3; -- Test DROP OWNED -CREATE USER regression_user0; -CREATE USER regression_user1; -CREATE USER regression_user2; -SET SESSION AUTHORIZATION regression_user0; +CREATE USER regress_dep_user0; +CREATE USER regress_dep_user1; +CREATE USER regress_dep_user2; +SET SESSION AUTHORIZATION regress_dep_user0; -- permission denied -DROP OWNED BY regression_user1; +DROP OWNED BY regress_dep_user1; ERROR: permission denied to drop objects -DROP OWNED BY regression_user0, regression_user2; +DROP OWNED BY regress_dep_user0, regress_dep_user2; ERROR: permission denied to drop objects -REASSIGN OWNED BY regression_user0 TO regression_user1; +REASSIGN OWNED BY regress_dep_user0 TO regress_dep_user1; ERROR: permission denied to reassign objects -REASSIGN OWNED BY regression_user1 TO regression_user0; +REASSIGN OWNED BY regress_dep_user1 TO regress_dep_user0; ERROR: permission denied to reassign objects -- this one is allowed -DROP OWNED BY regression_user0; +DROP OWNED BY regress_dep_user0; CREATE TABLE deptest1 (f1 int unique); -GRANT ALL ON deptest1 TO regression_user1 WITH GRANT OPTION; -SET SESSION AUTHORIZATION regression_user1; +GRANT ALL ON deptest1 TO regress_dep_user1 WITH GRANT OPTION; +SET SESSION AUTHORIZATION regress_dep_user1; CREATE TABLE deptest (a serial primary key, b text); -GRANT ALL ON deptest1 TO regression_user2; +GRANT ALL ON deptest1 TO regress_dep_user2; RESET SESSION AUTHORIZATION; \z deptest1 - Access privileges - Schema | Name | Type | Access privileges | Column privileges | Policies ---------+----------+-------+--------------------------------------------------+-------------------+---------- - public | deptest1 | table | regression_user0=arwdDxt/regression_user0 +| | - | | | regression_user1=a*r*w*d*D*x*t*/regression_user0+| | - | | | regression_user2=arwdDxt/regression_user1 | | + Access privileges + Schema | Name | Type | Access privileges | Column privileges | Policies +--------+----------+-------+----------------------------------------------------+-------------------+---------- + public | deptest1 | table | regress_dep_user0=arwdDxt/regress_dep_user0 +| | + | | | regress_dep_user1=a*r*w*d*D*x*t*/regress_dep_user0+| | + | | | regress_dep_user2=arwdDxt/regress_dep_user1 | | (1 row) -DROP OWNED BY regression_user1; +DROP OWNED BY regress_dep_user1; -- all grants revoked \z deptest1 - Access privileges - Schema | Name | Type | Access privileges | Column privileges | Policies ---------+----------+-------+-------------------------------------------+-------------------+---------- - public | deptest1 | table | regression_user0=arwdDxt/regression_user0 | | + Access privileges + Schema | Name | Type | Access privileges | Column privileges | Policies +--------+----------+-------+---------------------------------------------+-------------------+---------- + public | deptest1 | table | regress_dep_user0=arwdDxt/regress_dep_user0 | | (1 row) -- table was dropped \d deptest -- Test REASSIGN OWNED -GRANT ALL ON deptest1 TO regression_user1; -GRANT CREATE ON DATABASE regression TO regression_user1; -SET SESSION AUTHORIZATION regression_user1; +GRANT ALL ON deptest1 TO regress_dep_user1; +GRANT CREATE ON DATABASE regression TO regress_dep_user1; +SET SESSION AUTHORIZATION regress_dep_user1; CREATE SCHEMA deptest; CREATE TABLE deptest (a serial primary key, b text); -ALTER DEFAULT PRIVILEGES FOR ROLE regression_user1 IN SCHEMA deptest - GRANT ALL ON TABLES TO regression_user2; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_dep_user1 IN SCHEMA deptest + GRANT ALL ON TABLES TO regress_dep_user2; CREATE FUNCTION deptest_func() RETURNS void LANGUAGE plpgsql AS $$ BEGIN END; $$; CREATE TYPE deptest_enum AS ENUM ('red'); @@ -110,12 +110,12 @@ FROM pg_type JOIN pg_class c ON typrelid = c.oid WHERE typname = 'deptest_t'; (1 row) RESET SESSION AUTHORIZATION; -REASSIGN OWNED BY regression_user1 TO regression_user2; +REASSIGN OWNED BY regress_dep_user1 TO regress_dep_user2; \dt deptest List of relations - Schema | Name | Type | Owner ---------+---------+-------+------------------ - public | deptest | table | regression_user2 + Schema | Name | Type | Owner +--------+---------+-------+------------------- + public | deptest | table | regress_dep_user2 (1 row) SELECT typowner = relowner @@ -126,16 +126,16 @@ FROM pg_type JOIN pg_class c ON typrelid = c.oid WHERE typname = 'deptest_t'; (1 row) -- doesn't work: grant still exists -DROP USER regression_user1; -ERROR: role "regression_user1" cannot be dropped because some objects depend on it -DETAIL: owner of default privileges on new relations belonging to role regression_user1 in schema deptest +DROP USER regress_dep_user1; +ERROR: role "regress_dep_user1" cannot be dropped because some objects depend on it +DETAIL: owner of default privileges on new relations belonging to role regress_dep_user1 in schema deptest privileges for database regression privileges for table deptest1 -DROP OWNED BY regression_user1; -DROP USER regression_user1; +DROP OWNED BY regress_dep_user1; +DROP USER regress_dep_user1; \set VERBOSITY terse -DROP USER regression_user2; -ERROR: role "regression_user2" cannot be dropped because some objects depend on it -DROP OWNED BY regression_user2, regression_user0; -DROP USER regression_user2; -DROP USER regression_user0; +DROP USER regress_dep_user2; +ERROR: role "regress_dep_user2" cannot be dropped because some objects depend on it +DROP OWNED BY regress_dep_user2, regress_dep_user0; +DROP USER regress_dep_user2; +DROP USER regress_dep_user0; diff --git a/src/test/regress/expected/drop_if_exists.out b/src/test/regress/expected/drop_if_exists.out index 9cda96b6dea..b80c5ed2d87 100644 --- a/src/test/regress/expected/drop_if_exists.out +++ b/src/test/regress/expected/drop_if_exists.out @@ -64,27 +64,27 @@ ERROR: type "test_domain_exists" does not exist --- --- role/user/group --- -CREATE USER tu1; -CREATE ROLE tr1; -CREATE GROUP tg1; -DROP USER tu2; -ERROR: role "tu2" does not exist -DROP USER IF EXISTS tu1, tu2; -NOTICE: role "tu2" does not exist, skipping -DROP USER tu1; -ERROR: role "tu1" does not exist -DROP ROLE tr2; -ERROR: role "tr2" does not exist -DROP ROLE IF EXISTS tr1, tr2; -NOTICE: role "tr2" does not exist, skipping -DROP ROLE tr1; -ERROR: role "tr1" does not exist -DROP GROUP tg2; -ERROR: role "tg2" does not exist -DROP GROUP IF EXISTS tg1, tg2; -NOTICE: role "tg2" does not exist, skipping -DROP GROUP tg1; -ERROR: role "tg1" does not exist +CREATE USER regress_test_u1; +CREATE ROLE regress_test_r1; +CREATE GROUP regress_test_g1; +DROP USER regress_test_u2; +ERROR: role "regress_test_u2" does not exist +DROP USER IF EXISTS regress_test_u1, regress_test_u2; +NOTICE: role "regress_test_u2" does not exist, skipping +DROP USER regress_test_u1; +ERROR: role "regress_test_u1" does not exist +DROP ROLE regress_test_r2; +ERROR: role "regress_test_r2" does not exist +DROP ROLE IF EXISTS regress_test_r1, regress_test_r2; +NOTICE: role "regress_test_r2" does not exist, skipping +DROP ROLE regress_test_r1; +ERROR: role "regress_test_r1" does not exist +DROP GROUP regress_test_g2; +ERROR: role "regress_test_g2" does not exist +DROP GROUP IF EXISTS regress_test_g1, regress_test_g2; +NOTICE: role "regress_test_g2" does not exist, skipping +DROP GROUP regress_test_g1; +ERROR: role "regress_test_g1" does not exist -- collation DROP COLLATION IF EXISTS test_collation_exists; NOTICE: collation "test_collation_exists" does not exist, skipping diff --git a/src/test/regress/expected/event_trigger.out b/src/test/regress/expected/event_trigger.out index bdc2dba25ba..e12455201e9 100644 --- a/src/test/regress/expected/event_trigger.out +++ b/src/test/regress/expected/event_trigger.out @@ -84,8 +84,8 @@ comment on event trigger regress_event_trigger is 'test comment'; comment on event trigger wrong.regress_event_trigger is 'test comment'; ERROR: event trigger name cannot be qualified -- drop as non-superuser should fail -create role regression_bob; -set role regression_bob; +create role regress_evt_user; +set role regress_evt_user; create event trigger regress_event_trigger_noperms on ddl_command_start execute procedure test_event_trigger(); ERROR: permission denied to create event trigger "regress_event_trigger_noperms" @@ -114,18 +114,18 @@ create foreign data wrapper useless; NOTICE: test_event_trigger: ddl_command_end CREATE FOREIGN DATA WRAPPER create server useless_server foreign data wrapper useless; NOTICE: test_event_trigger: ddl_command_end CREATE SERVER -create user mapping for regression_bob server useless_server; +create user mapping for regress_evt_user server useless_server; NOTICE: test_event_trigger: ddl_command_end CREATE USER MAPPING -alter default privileges for role regression_bob - revoke delete on tables from regression_bob; +alter default privileges for role regress_evt_user + revoke delete on tables from regress_evt_user; NOTICE: test_event_trigger: ddl_command_end ALTER DEFAULT PRIVILEGES -- alter owner to non-superuser should fail -alter event trigger regress_event_trigger owner to regression_bob; +alter event trigger regress_event_trigger owner to regress_evt_user; ERROR: permission denied to change owner of event trigger "regress_event_trigger" HINT: The owner of an event trigger must be a superuser. -- alter owner to superuser should work -alter role regression_bob superuser; -alter event trigger regress_event_trigger owner to regression_bob; +alter role regress_evt_user superuser; +alter event trigger regress_event_trigger owner to regress_evt_user; -- should fail, name collision alter event trigger regress_event_trigger rename to regress_event_trigger2; ERROR: event trigger "regress_event_trigger2" already exists @@ -134,12 +134,12 @@ alter event trigger regress_event_trigger rename to regress_event_trigger3; -- should fail, doesn't exist any more drop event trigger regress_event_trigger; ERROR: event trigger "regress_event_trigger" does not exist --- should fail, regression_bob owns some objects -drop role regression_bob; -ERROR: role "regression_bob" cannot be dropped because some objects depend on it +-- should fail, regress_evt_user owns some objects +drop role regress_evt_user; +ERROR: role "regress_evt_user" cannot be dropped because some objects depend on it DETAIL: owner of event trigger regress_event_trigger3 -owner of default privileges on new relations belonging to role regression_bob -owner of user mapping for regression_bob on server useless_server +owner of default privileges on new relations belonging to role regress_evt_user +owner of user mapping for regress_evt_user on server useless_server -- cleanup before next test -- these are all OK; the second one should emit a NOTICE drop event trigger if exists regress_event_trigger2; @@ -148,11 +148,11 @@ NOTICE: event trigger "regress_event_trigger2" does not exist, skipping drop event trigger regress_event_trigger3; drop event trigger regress_event_trigger_end; -- test support for dropped objects -CREATE SCHEMA schema_one authorization regression_bob; -CREATE SCHEMA schema_two authorization regression_bob; -CREATE SCHEMA audit_tbls authorization regression_bob; +CREATE SCHEMA schema_one authorization regress_evt_user; +CREATE SCHEMA schema_two authorization regress_evt_user; +CREATE SCHEMA audit_tbls authorization regress_evt_user; CREATE TEMP TABLE a_temp_tbl (); -SET SESSION AUTHORIZATION regression_bob; +SET SESSION AUTHORIZATION regress_evt_user; CREATE TABLE schema_one.table_one(a int); CREATE TABLE schema_one."table two"(a int); CREATE TABLE schema_one.table_three(a int); @@ -299,7 +299,7 @@ SELECT * FROM dropped_objects WHERE schema IS NULL OR schema <> 'pg_toast'; type | schema_one | schema_one.table_three[] (23 rows) -DROP OWNED BY regression_bob; +DROP OWNED BY regress_evt_user; NOTICE: schema "audit_tbls" does not exist, skipping SELECT * FROM dropped_objects WHERE type = 'schema'; type | schema | object @@ -309,7 +309,7 @@ SELECT * FROM dropped_objects WHERE type = 'schema'; schema | | audit_tbls (3 rows) -DROP ROLE regression_bob; +DROP ROLE regress_evt_user; DROP EVENT TRIGGER regress_event_trigger_drop_objects; DROP EVENT TRIGGER undroppable; CREATE OR REPLACE FUNCTION event_trigger_report_dropped() diff --git a/src/test/regress/expected/foreign_data.out b/src/test/regress/expected/foreign_data.out index 660840cd903..d6c1900c32a 100644 --- a/src/test/regress/expected/foreign_data.out +++ b/src/test/regress/expected/foreign_data.out @@ -3,16 +3,16 @@ -- -- Clean up in case a prior regression run failed -- Suppress NOTICE messages when roles don't exist -SET client_min_messages TO 'error'; -DROP ROLE IF EXISTS foreign_data_user, regress_test_role, regress_test_role2, regress_test_role_super, regress_test_indirect, unpriviled_role; +SET client_min_messages TO 'warning'; +DROP ROLE IF EXISTS regress_foreign_data_user, regress_test_role, regress_test_role2, regress_test_role_super, regress_test_indirect, regress_unprivileged_role; RESET client_min_messages; -CREATE ROLE foreign_data_user LOGIN SUPERUSER; -SET SESSION AUTHORIZATION 'foreign_data_user'; +CREATE ROLE regress_foreign_data_user LOGIN SUPERUSER; +SET SESSION AUTHORIZATION 'regress_foreign_data_user'; CREATE ROLE regress_test_role; CREATE ROLE regress_test_role2; CREATE ROLE regress_test_role_super SUPERUSER; CREATE ROLE regress_test_indirect; -CREATE ROLE unprivileged_role; +CREATE ROLE regress_unprivileged_role; CREATE FOREIGN DATA WRAPPER dummy; COMMENT ON FOREIGN DATA WRAPPER dummy IS 'useless'; CREATE FOREIGN DATA WRAPPER postgresql VALIDATOR postgresql_fdw_validator; @@ -39,12 +39,12 @@ CREATE FOREIGN DATA WRAPPER foo VALIDATOR bar; -- ERROR ERROR: function bar(text[], oid) does not exist CREATE FOREIGN DATA WRAPPER foo; \dew - List of foreign-data wrappers - Name | Owner | Handler | Validator -------------+-------------------+---------+-------------------------- - dummy | foreign_data_user | - | - - foo | foreign_data_user | - | - - postgresql | foreign_data_user | - | postgresql_fdw_validator + List of foreign-data wrappers + Name | Owner | Handler | Validator +------------+---------------------------+---------+-------------------------- + dummy | regress_foreign_data_user | - | - + foo | regress_foreign_data_user | - | - + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator (3 rows) CREATE FOREIGN DATA WRAPPER foo; -- duplicate @@ -52,12 +52,12 @@ ERROR: foreign-data wrapper "foo" already exists DROP FOREIGN DATA WRAPPER foo; CREATE FOREIGN DATA WRAPPER foo OPTIONS (testing '1'); \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+---------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | (testing '1') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+---------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | (testing '1') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) DROP FOREIGN DATA WRAPPER foo; @@ -65,12 +65,12 @@ CREATE FOREIGN DATA WRAPPER foo OPTIONS (testing '1', testing '2'); -- ERROR ERROR: option "testing" provided more than once CREATE FOREIGN DATA WRAPPER foo OPTIONS (testing '1', another '2'); \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+----------------------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | (testing '1', another '2') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+----------------------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | (testing '1', another '2') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) DROP FOREIGN DATA WRAPPER foo; @@ -81,12 +81,12 @@ HINT: Must be superuser to create a foreign-data wrapper. RESET ROLE; CREATE FOREIGN DATA WRAPPER foo VALIDATOR postgresql_fdw_validator; \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+-------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | postgresql_fdw_validator | | | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+-------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | postgresql_fdw_validator | | | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) -- ALTER FOREIGN DATA WRAPPER @@ -98,12 +98,12 @@ ALTER FOREIGN DATA WRAPPER foo VALIDATOR bar; -- ERROR ERROR: function bar(text[], oid) does not exist ALTER FOREIGN DATA WRAPPER foo NO VALIDATOR; \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+-------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+-------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) ALTER FOREIGN DATA WRAPPER foo OPTIONS (a '1', b '2'); @@ -113,34 +113,34 @@ ALTER FOREIGN DATA WRAPPER foo OPTIONS (DROP c); -- ERROR ERROR: option "c" not found ALTER FOREIGN DATA WRAPPER foo OPTIONS (ADD x '1', DROP x); \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+----------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | (a '1', b '2') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+----------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | (a '1', b '2') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) ALTER FOREIGN DATA WRAPPER foo OPTIONS (DROP a, SET b '3', ADD c '4'); \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+----------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | (b '3', c '4') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+----------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | (b '3', c '4') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) ALTER FOREIGN DATA WRAPPER foo OPTIONS (a '2'); ALTER FOREIGN DATA WRAPPER foo OPTIONS (b '4'); -- ERROR ERROR: option "b" provided more than once \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+-----------------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | (b '3', c '4', a '2') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+-----------------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | (b '3', c '4', a '2') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) SET ROLE regress_test_role; @@ -150,12 +150,12 @@ HINT: Must be superuser to alter a foreign-data wrapper. SET ROLE regress_test_role_super; ALTER FOREIGN DATA WRAPPER foo OPTIONS (ADD d '5'); \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+------------------------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | (b '3', c '4', a '2', d '5') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+------------------------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | (b '3', c '4', a '2', d '5') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) ALTER FOREIGN DATA WRAPPER foo OWNER TO regress_test_role; -- ERROR @@ -169,22 +169,22 @@ ERROR: permission denied to alter foreign-data wrapper "foo" HINT: Must be superuser to alter a foreign-data wrapper. RESET ROLE; \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------------+---------+--------------------------+-------------------+------------------------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | regress_test_role_super | - | - | | (b '3', c '4', a '2', d '5') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+------------------------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_test_role_super | - | - | | (b '3', c '4', a '2', d '5') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) ALTER FOREIGN DATA WRAPPER foo RENAME TO foo1; \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------------+---------+--------------------------+-------------------+------------------------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo1 | regress_test_role_super | - | - | | (b '3', c '4', a '2', d '5') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+------------------------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo1 | regress_test_role_super | - | - | | (b '3', c '4', a '2', d '5') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) ALTER FOREIGN DATA WRAPPER foo1 RENAME TO foo; @@ -194,12 +194,12 @@ ERROR: foreign-data wrapper "nonexistent" does not exist DROP FOREIGN DATA WRAPPER IF EXISTS nonexistent; NOTICE: foreign-data wrapper "nonexistent" does not exist, skipping \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------------+---------+--------------------------+-------------------+------------------------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | regress_test_role_super | - | - | | (b '3', c '4', a '2', d '5') | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+------------------------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_test_role_super | - | - | | (b '3', c '4', a '2', d '5') | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) DROP ROLE regress_test_role_super; -- ERROR @@ -210,11 +210,11 @@ DROP FOREIGN DATA WRAPPER foo; RESET ROLE; DROP ROLE regress_test_role_super; \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+-------------+------------- - dummy | foreign_data_user | - | - | | | useless - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+-------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (2 rows) CREATE FOREIGN DATA WRAPPER foo; @@ -222,32 +222,32 @@ CREATE SERVER s1 FOREIGN DATA WRAPPER foo; COMMENT ON SERVER s1 IS 'foreign server'; CREATE USER MAPPING FOR current_user SERVER s1; \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+-------------+------------- - dummy | foreign_data_user | - | - | | | useless - foo | foreign_data_user | - | - | | | - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+-------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + foo | regress_foreign_data_user | - | - | | | + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (3 rows) \des+ - List of foreign servers - Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description -------+-------------------+----------------------+-------------------+------+---------+-------------+---------------- - s1 | foreign_data_user | foo | | | | | foreign server + List of foreign servers + Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description +------+---------------------------+----------------------+-------------------+------+---------+-------------+---------------- + s1 | regress_foreign_data_user | foo | | | | | foreign server (1 row) \deu+ - List of user mappings - Server | User name | FDW Options ---------+-------------------+------------- - s1 | foreign_data_user | + List of user mappings + Server | User name | FDW Options +--------+---------------------------+------------- + s1 | regress_foreign_data_user | (1 row) DROP FOREIGN DATA WRAPPER foo; -- ERROR ERROR: cannot drop foreign-data wrapper foo because other objects depend on it DETAIL: server s1 depends on foreign-data wrapper foo -user mapping for foreign_data_user on server s1 depends on server s1 +user mapping for regress_foreign_data_user on server s1 depends on server s1 HINT: Use DROP ... CASCADE to drop the dependent objects too. SET ROLE regress_test_role; DROP FOREIGN DATA WRAPPER foo CASCADE; -- ERROR @@ -256,13 +256,13 @@ RESET ROLE; DROP FOREIGN DATA WRAPPER foo CASCADE; NOTICE: drop cascades to 2 other objects DETAIL: drop cascades to server s1 -drop cascades to user mapping for foreign_data_user on server s1 +drop cascades to user mapping for regress_foreign_data_user on server s1 \dew+ - List of foreign-data wrappers - Name | Owner | Handler | Validator | Access privileges | FDW Options | Description -------------+-------------------+---------+--------------------------+-------------------+-------------+------------- - dummy | foreign_data_user | - | - | | | useless - postgresql | foreign_data_user | - | postgresql_fdw_validator | | | + List of foreign-data wrappers + Name | Owner | Handler | Validator | Access privileges | FDW Options | Description +------------+---------------------------+---------+--------------------------+-------------------+-------------+------------- + dummy | regress_foreign_data_user | - | - | | | useless + postgresql | regress_foreign_data_user | - | postgresql_fdw_validator | | | (2 rows) \des+ @@ -295,17 +295,17 @@ ERROR: invalid option "foo" HINT: Valid options in this context are: authtype, service, connect_timeout, dbname, host, hostaddr, port, tty, options, requiressl, sslmode, gsslib CREATE SERVER s8 FOREIGN DATA WRAPPER postgresql OPTIONS (host 'localhost', dbname 's8db'); \des+ - List of foreign servers - Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description -------+-------------------+----------------------+-------------------+--------+---------+-----------------------------------+------------- - s1 | foreign_data_user | foo | | | | | - s2 | foreign_data_user | foo | | | | (host 'a', dbname 'b') | - s3 | foreign_data_user | foo | | oracle | | | - s4 | foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | - s5 | foreign_data_user | foo | | | 15.0 | | - s6 | foreign_data_user | foo | | | 16.0 | (host 'a', dbname 'b') | - s7 | foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | - s8 | foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | + List of foreign servers + Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description +------+---------------------------+----------------------+-------------------+--------+---------+-----------------------------------+------------- + s1 | regress_foreign_data_user | foo | | | | | + s2 | regress_foreign_data_user | foo | | | | (host 'a', dbname 'b') | + s3 | regress_foreign_data_user | foo | | oracle | | | + s4 | regress_foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | + s5 | regress_foreign_data_user | foo | | | 15.0 | | + s6 | regress_foreign_data_user | foo | | | 16.0 | (host 'a', dbname 'b') | + s7 | regress_foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | + s8 | regress_foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | (8 rows) SET ROLE regress_test_role; @@ -317,18 +317,18 @@ SET ROLE regress_test_role; CREATE SERVER t1 FOREIGN DATA WRAPPER foo; RESET ROLE; \des+ - List of foreign servers - Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description -------+-------------------+----------------------+-------------------+--------+---------+-----------------------------------+------------- - s1 | foreign_data_user | foo | | | | | - s2 | foreign_data_user | foo | | | | (host 'a', dbname 'b') | - s3 | foreign_data_user | foo | | oracle | | | - s4 | foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | - s5 | foreign_data_user | foo | | | 15.0 | | - s6 | foreign_data_user | foo | | | 16.0 | (host 'a', dbname 'b') | - s7 | foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | - s8 | foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | - t1 | regress_test_role | foo | | | | | + List of foreign servers + Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description +------+---------------------------+----------------------+-------------------+--------+---------+-----------------------------------+------------- + s1 | regress_foreign_data_user | foo | | | | | + s2 | regress_foreign_data_user | foo | | | | (host 'a', dbname 'b') | + s3 | regress_foreign_data_user | foo | | oracle | | | + s4 | regress_foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | + s5 | regress_foreign_data_user | foo | | | 15.0 | | + s6 | regress_foreign_data_user | foo | | | 16.0 | (host 'a', dbname 'b') | + s7 | regress_foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | + s8 | regress_foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | + t1 | regress_test_role | foo | | | | | (9 rows) REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM regress_test_role; @@ -341,19 +341,19 @@ GRANT regress_test_indirect TO regress_test_role; SET ROLE regress_test_role; CREATE SERVER t2 FOREIGN DATA WRAPPER foo; \des+ - List of foreign servers - Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description -------+-------------------+----------------------+-------------------+--------+---------+-----------------------------------+------------- - s1 | foreign_data_user | foo | | | | | - s2 | foreign_data_user | foo | | | | (host 'a', dbname 'b') | - s3 | foreign_data_user | foo | | oracle | | | - s4 | foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | - s5 | foreign_data_user | foo | | | 15.0 | | - s6 | foreign_data_user | foo | | | 16.0 | (host 'a', dbname 'b') | - s7 | foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | - s8 | foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | - t1 | regress_test_role | foo | | | | | - t2 | regress_test_role | foo | | | | | + List of foreign servers + Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description +------+---------------------------+----------------------+-------------------+--------+---------+-----------------------------------+------------- + s1 | regress_foreign_data_user | foo | | | | | + s2 | regress_foreign_data_user | foo | | | | (host 'a', dbname 'b') | + s3 | regress_foreign_data_user | foo | | oracle | | | + s4 | regress_foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | + s5 | regress_foreign_data_user | foo | | | 15.0 | | + s6 | regress_foreign_data_user | foo | | | 16.0 | (host 'a', dbname 'b') | + s7 | regress_foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | + s8 | regress_foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | + t1 | regress_test_role | foo | | | | | + t2 | regress_test_role | foo | | | | | (10 rows) RESET ROLE; @@ -371,21 +371,21 @@ ALTER SERVER s3 OPTIONS ("tns name" 'orcl', port '1521'); GRANT USAGE ON FOREIGN SERVER s1 TO regress_test_role; GRANT USAGE ON FOREIGN SERVER s6 TO regress_test_role2 WITH GRANT OPTION; \des+ - List of foreign servers - Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description -------+-------------------+----------------------+-----------------------------------------+--------+---------+-----------------------------------+------------- - s1 | foreign_data_user | foo | foreign_data_user=U/foreign_data_user +| | 1.0 | (servername 's1') | - | | | regress_test_role=U/foreign_data_user | | | | - s2 | foreign_data_user | foo | | | 1.1 | (host 'a', dbname 'b') | - s3 | foreign_data_user | foo | | oracle | | ("tns name" 'orcl', port '1521') | - s4 | foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | - s5 | foreign_data_user | foo | | | 15.0 | | - s6 | foreign_data_user | foo | foreign_data_user=U/foreign_data_user +| | 16.0 | (host 'a', dbname 'b') | - | | | regress_test_role2=U*/foreign_data_user | | | | - s7 | foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | - s8 | foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | - t1 | regress_test_role | foo | | | | | - t2 | regress_test_role | foo | | | | | + List of foreign servers + Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description +------+---------------------------+----------------------+-------------------------------------------------------+--------+---------+-----------------------------------+------------- + s1 | regress_foreign_data_user | foo | regress_foreign_data_user=U/regress_foreign_data_user+| | 1.0 | (servername 's1') | + | | | regress_test_role=U/regress_foreign_data_user | | | | + s2 | regress_foreign_data_user | foo | | | 1.1 | (host 'a', dbname 'b') | + s3 | regress_foreign_data_user | foo | | oracle | | ("tns name" 'orcl', port '1521') | + s4 | regress_foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | + s5 | regress_foreign_data_user | foo | | | 15.0 | | + s6 | regress_foreign_data_user | foo | regress_foreign_data_user=U/regress_foreign_data_user+| | 16.0 | (host 'a', dbname 'b') | + | | | regress_test_role2=U*/regress_foreign_data_user | | | | + s7 | regress_foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | + s8 | regress_foreign_data_user | postgresql | | | | (host 'localhost', dbname 's8db') | + t1 | regress_test_role | foo | | | | | + t2 | regress_test_role | foo | | | | | (10 rows) SET ROLE regress_test_role; @@ -422,38 +422,38 @@ ERROR: role "regress_test_indirect" cannot be dropped because some objects depe DETAIL: owner of server s1 privileges for foreign-data wrapper foo \des+ - List of foreign servers - Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description -------+-----------------------+----------------------+-----------------------------------------------+--------+---------+--------------------------------------+------------- - s1 | regress_test_indirect | foo | regress_test_indirect=U/regress_test_indirect | | 1.1 | (servername 's1') | - s2 | foreign_data_user | foo | | | 1.1 | (host 'a', dbname 'b') | - s3 | foreign_data_user | foo | | oracle | | ("tns name" 'orcl', port '1521') | - s4 | foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | - s5 | foreign_data_user | foo | | | 15.0 | | - s6 | foreign_data_user | foo | foreign_data_user=U/foreign_data_user +| | 16.0 | (host 'a', dbname 'b') | - | | | regress_test_role2=U*/foreign_data_user | | | | - s7 | foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | - s8 | foreign_data_user | postgresql | | | | (dbname 'db1', connect_timeout '30') | - t1 | regress_test_role | foo | | | | | - t2 | regress_test_role | foo | | | | | + List of foreign servers + Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description +------+---------------------------+----------------------+-------------------------------------------------------+--------+---------+--------------------------------------+------------- + s1 | regress_test_indirect | foo | regress_test_indirect=U/regress_test_indirect | | 1.1 | (servername 's1') | + s2 | regress_foreign_data_user | foo | | | 1.1 | (host 'a', dbname 'b') | + s3 | regress_foreign_data_user | foo | | oracle | | ("tns name" 'orcl', port '1521') | + s4 | regress_foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | + s5 | regress_foreign_data_user | foo | | | 15.0 | | + s6 | regress_foreign_data_user | foo | regress_foreign_data_user=U/regress_foreign_data_user+| | 16.0 | (host 'a', dbname 'b') | + | | | regress_test_role2=U*/regress_foreign_data_user | | | | + s7 | regress_foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | + s8 | regress_foreign_data_user | postgresql | | | | (dbname 'db1', connect_timeout '30') | + t1 | regress_test_role | foo | | | | | + t2 | regress_test_role | foo | | | | | (10 rows) ALTER SERVER s8 RENAME to s8new; \des+ - List of foreign servers - Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description --------+-----------------------+----------------------+-----------------------------------------------+--------+---------+--------------------------------------+------------- - s1 | regress_test_indirect | foo | regress_test_indirect=U/regress_test_indirect | | 1.1 | (servername 's1') | - s2 | foreign_data_user | foo | | | 1.1 | (host 'a', dbname 'b') | - s3 | foreign_data_user | foo | | oracle | | ("tns name" 'orcl', port '1521') | - s4 | foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | - s5 | foreign_data_user | foo | | | 15.0 | | - s6 | foreign_data_user | foo | foreign_data_user=U/foreign_data_user +| | 16.0 | (host 'a', dbname 'b') | - | | | regress_test_role2=U*/foreign_data_user | | | | - s7 | foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | - s8new | foreign_data_user | postgresql | | | | (dbname 'db1', connect_timeout '30') | - t1 | regress_test_role | foo | | | | | - t2 | regress_test_role | foo | | | | | + List of foreign servers + Name | Owner | Foreign-data wrapper | Access privileges | Type | Version | FDW Options | Description +-------+---------------------------+----------------------+-------------------------------------------------------+--------+---------+--------------------------------------+------------- + s1 | regress_test_indirect | foo | regress_test_indirect=U/regress_test_indirect | | 1.1 | (servername 's1') | + s2 | regress_foreign_data_user | foo | | | 1.1 | (host 'a', dbname 'b') | + s3 | regress_foreign_data_user | foo | | oracle | | ("tns name" 'orcl', port '1521') | + s4 | regress_foreign_data_user | foo | | oracle | | (host 'a', dbname 'b') | + s5 | regress_foreign_data_user | foo | | | 15.0 | | + s6 | regress_foreign_data_user | foo | regress_foreign_data_user=U/regress_foreign_data_user+| | 16.0 | (host 'a', dbname 'b') | + | | | regress_test_role2=U*/regress_foreign_data_user | | | | + s7 | regress_foreign_data_user | foo | | oracle | 17.0 | (host 'a', dbname 'b') | + s8new | regress_foreign_data_user | postgresql | | | | (dbname 'db1', connect_timeout '30') | + t1 | regress_test_role | foo | | | | | + t2 | regress_test_role | foo | | | | | (10 rows) ALTER SERVER s8new RENAME to s8; @@ -463,19 +463,19 @@ ERROR: server "nonexistent" does not exist DROP SERVER IF EXISTS nonexistent; NOTICE: server "nonexistent" does not exist, skipping \des - List of foreign servers - Name | Owner | Foreign-data wrapper -------+-----------------------+---------------------- - s1 | regress_test_indirect | foo - s2 | foreign_data_user | foo - s3 | foreign_data_user | foo - s4 | foreign_data_user | foo - s5 | foreign_data_user | foo - s6 | foreign_data_user | foo - s7 | foreign_data_user | foo - s8 | foreign_data_user | postgresql - t1 | regress_test_role | foo - t2 | regress_test_role | foo + List of foreign servers + Name | Owner | Foreign-data wrapper +------+---------------------------+---------------------- + s1 | regress_test_indirect | foo + s2 | regress_foreign_data_user | foo + s3 | regress_foreign_data_user | foo + s4 | regress_foreign_data_user | foo + s5 | regress_foreign_data_user | foo + s6 | regress_foreign_data_user | foo + s7 | regress_foreign_data_user | foo + s8 | regress_foreign_data_user | postgresql + t1 | regress_test_role | foo + t2 | regress_test_role | foo (10 rows) SET ROLE regress_test_role; @@ -484,18 +484,18 @@ ERROR: must be owner of foreign server s2 DROP SERVER s1; RESET ROLE; \des - List of foreign servers - Name | Owner | Foreign-data wrapper -------+-------------------+---------------------- - s2 | foreign_data_user | foo - s3 | foreign_data_user | foo - s4 | foreign_data_user | foo - s5 | foreign_data_user | foo - s6 | foreign_data_user | foo - s7 | foreign_data_user | foo - s8 | foreign_data_user | postgresql - t1 | regress_test_role | foo - t2 | regress_test_role | foo + List of foreign servers + Name | Owner | Foreign-data wrapper +------+---------------------------+---------------------- + s2 | regress_foreign_data_user | foo + s3 | regress_foreign_data_user | foo + s4 | regress_foreign_data_user | foo + s5 | regress_foreign_data_user | foo + s6 | regress_foreign_data_user | foo + s7 | regress_foreign_data_user | foo + s8 | regress_foreign_data_user | postgresql + t1 | regress_test_role | foo + t2 | regress_test_role | foo (9 rows) ALTER SERVER s2 OWNER TO regress_test_role; @@ -503,44 +503,44 @@ SET ROLE regress_test_role; DROP SERVER s2; RESET ROLE; \des - List of foreign servers - Name | Owner | Foreign-data wrapper -------+-------------------+---------------------- - s3 | foreign_data_user | foo - s4 | foreign_data_user | foo - s5 | foreign_data_user | foo - s6 | foreign_data_user | foo - s7 | foreign_data_user | foo - s8 | foreign_data_user | postgresql - t1 | regress_test_role | foo - t2 | regress_test_role | foo + List of foreign servers + Name | Owner | Foreign-data wrapper +------+---------------------------+---------------------- + s3 | regress_foreign_data_user | foo + s4 | regress_foreign_data_user | foo + s5 | regress_foreign_data_user | foo + s6 | regress_foreign_data_user | foo + s7 | regress_foreign_data_user | foo + s8 | regress_foreign_data_user | postgresql + t1 | regress_test_role | foo + t2 | regress_test_role | foo (8 rows) CREATE USER MAPPING FOR current_user SERVER s3; \deu - List of user mappings - Server | User name ---------+------------------- - s3 | foreign_data_user + List of user mappings + Server | User name +--------+--------------------------- + s3 | regress_foreign_data_user (1 row) DROP SERVER s3; -- ERROR ERROR: cannot drop server s3 because other objects depend on it -DETAIL: user mapping for foreign_data_user on server s3 depends on server s3 +DETAIL: user mapping for regress_foreign_data_user on server s3 depends on server s3 HINT: Use DROP ... CASCADE to drop the dependent objects too. DROP SERVER s3 CASCADE; -NOTICE: drop cascades to user mapping for foreign_data_user on server s3 +NOTICE: drop cascades to user mapping for regress_foreign_data_user on server s3 \des - List of foreign servers - Name | Owner | Foreign-data wrapper -------+-------------------+---------------------- - s4 | foreign_data_user | foo - s5 | foreign_data_user | foo - s6 | foreign_data_user | foo - s7 | foreign_data_user | foo - s8 | foreign_data_user | postgresql - t1 | regress_test_role | foo - t2 | regress_test_role | foo + List of foreign servers + Name | Owner | Foreign-data wrapper +------+---------------------------+---------------------- + s4 | regress_foreign_data_user | foo + s5 | regress_foreign_data_user | foo + s6 | regress_foreign_data_user | foo + s7 | regress_foreign_data_user | foo + s8 | regress_foreign_data_user | postgresql + t1 | regress_test_role | foo + t2 | regress_test_role | foo (7 rows) \deu @@ -556,7 +556,7 @@ CREATE USER MAPPING FOR current_user SERVER s1; -- ERROR ERROR: server "s1" does not exist CREATE USER MAPPING FOR current_user SERVER s4; CREATE USER MAPPING FOR user SERVER s4; -- ERROR duplicate -ERROR: user mapping "foreign_data_user" already exists for server s4 +ERROR: user mapping "regress_foreign_data_user" already exists for server s4 CREATE USER MAPPING FOR public SERVER s4 OPTIONS ("this mapping" 'is public'); CREATE USER MAPPING FOR user SERVER s8 OPTIONS (username 'test', password 'secret'); -- ERROR ERROR: invalid option "username" @@ -578,14 +578,14 @@ CREATE USER MAPPING FOR current_user SERVER t1 OPTIONS (username 'bob', password CREATE USER MAPPING FOR public SERVER t1; RESET ROLE; \deu - List of user mappings - Server | User name ---------+------------------- - s4 | foreign_data_user + List of user mappings + Server | User name +--------+--------------------------- s4 | public + s4 | regress_foreign_data_user s5 | regress_test_role s6 | regress_test_role - s8 | foreign_data_user + s8 | regress_foreign_data_user t1 | public t1 | regress_test_role (7 rows) @@ -608,16 +608,16 @@ ERROR: must be owner of foreign server s4 ALTER USER MAPPING FOR public SERVER t1 OPTIONS (ADD modified '1'); RESET ROLE; \deu+ - List of user mappings - Server | User name | FDW Options ---------+-------------------+---------------------------------- - s4 | foreign_data_user | - s4 | public | ("this mapping" 'is public') - s5 | regress_test_role | (modified '1') - s6 | regress_test_role | (username 'test') - s8 | foreign_data_user | (password 'public') - t1 | public | (modified '1') - t1 | regress_test_role | (username 'bob', password 'boo') + List of user mappings + Server | User name | FDW Options +--------+---------------------------+---------------------------------- + s4 | public | ("this mapping" 'is public') + s4 | regress_foreign_data_user | + s5 | regress_test_role | (modified '1') + s6 | regress_test_role | (username 'test') + s8 | regress_foreign_data_user | (password 'public') + t1 | public | (modified '1') + t1 | regress_test_role | (username 'bob', password 'boo') (7 rows) -- DROP USER MAPPING @@ -640,15 +640,15 @@ ERROR: must be owner of foreign server s8 RESET ROLE; DROP SERVER s7; \deu - List of user mappings - Server | User name ---------+------------------- - s4 | foreign_data_user + List of user mappings + Server | User name +--------+--------------------------- s4 | public + s4 | regress_foreign_data_user s5 | regress_test_role s6 | regress_test_role - s8 | foreign_data_user s8 | public + s8 | regress_foreign_data_user t1 | public t1 | regress_test_role (8 rows) @@ -871,11 +871,11 @@ ALTER FOREIGN TABLE IF EXISTS doesnt_exist_ft1 RENAME TO foreign_table_1; NOTICE: relation "doesnt_exist_ft1" does not exist, skipping -- Information schema SELECT * FROM information_schema.foreign_data_wrappers ORDER BY 1, 2; - foreign_data_wrapper_catalog | foreign_data_wrapper_name | authorization_identifier | library_name | foreign_data_wrapper_language -------------------------------+---------------------------+--------------------------+--------------+------------------------------- - regression | dummy | foreign_data_user | | c - regression | foo | foreign_data_user | | c - regression | postgresql | foreign_data_user | | c + foreign_data_wrapper_catalog | foreign_data_wrapper_name | authorization_identifier | library_name | foreign_data_wrapper_language +------------------------------+---------------------------+---------------------------+--------------+------------------------------- + regression | dummy | regress_foreign_data_user | | c + regression | foo | regress_foreign_data_user | | c + regression | postgresql | regress_foreign_data_user | | c (3 rows) SELECT * FROM information_schema.foreign_data_wrapper_options ORDER BY 1, 2, 3; @@ -885,13 +885,13 @@ SELECT * FROM information_schema.foreign_data_wrapper_options ORDER BY 1, 2, 3; (1 row) SELECT * FROM information_schema.foreign_servers ORDER BY 1, 2; - foreign_server_catalog | foreign_server_name | foreign_data_wrapper_catalog | foreign_data_wrapper_name | foreign_server_type | foreign_server_version | authorization_identifier -------------------------+---------------------+------------------------------+---------------------------+---------------------+------------------------+-------------------------- - regression | s0 | regression | dummy | | | foreign_data_user - regression | s4 | regression | foo | oracle | | foreign_data_user + foreign_server_catalog | foreign_server_name | foreign_data_wrapper_catalog | foreign_data_wrapper_name | foreign_server_type | foreign_server_version | authorization_identifier +------------------------+---------------------+------------------------------+---------------------------+---------------------+------------------------+--------------------------- + regression | s0 | regression | dummy | | | regress_foreign_data_user + regression | s4 | regression | foo | oracle | | regress_foreign_data_user regression | s5 | regression | foo | | 15.0 | regress_test_role regression | s6 | regression | foo | | 16.0 | regress_test_indirect - regression | s8 | regression | postgresql | | | foreign_data_user + regression | s8 | regression | postgresql | | | regress_foreign_data_user regression | t1 | regression | foo | | | regress_test_indirect regression | t2 | regression | foo | | | regress_test_role (7 rows) @@ -908,46 +908,46 @@ SELECT * FROM information_schema.foreign_server_options ORDER BY 1, 2, 3; (6 rows) SELECT * FROM information_schema.user_mappings ORDER BY lower(authorization_identifier), 2, 3; - authorization_identifier | foreign_server_catalog | foreign_server_name ---------------------------+------------------------+--------------------- - foreign_data_user | regression | s4 - foreign_data_user | regression | s8 - PUBLIC | regression | s4 - PUBLIC | regression | s8 - PUBLIC | regression | t1 - regress_test_role | regression | s5 - regress_test_role | regression | s6 - regress_test_role | regression | t1 + authorization_identifier | foreign_server_catalog | foreign_server_name +---------------------------+------------------------+--------------------- + PUBLIC | regression | s4 + PUBLIC | regression | s8 + PUBLIC | regression | t1 + regress_foreign_data_user | regression | s4 + regress_foreign_data_user | regression | s8 + regress_test_role | regression | s5 + regress_test_role | regression | s6 + regress_test_role | regression | t1 (8 rows) SELECT * FROM information_schema.user_mapping_options ORDER BY lower(authorization_identifier), 2, 3, 4; - authorization_identifier | foreign_server_catalog | foreign_server_name | option_name | option_value ---------------------------+------------------------+---------------------+--------------+-------------- - foreign_data_user | regression | s8 | password | public - PUBLIC | regression | s4 | this mapping | is public - PUBLIC | regression | t1 | modified | 1 - regress_test_role | regression | s5 | modified | 1 - regress_test_role | regression | s6 | username | test - regress_test_role | regression | t1 | password | boo - regress_test_role | regression | t1 | username | bob + authorization_identifier | foreign_server_catalog | foreign_server_name | option_name | option_value +---------------------------+------------------------+---------------------+--------------+-------------- + PUBLIC | regression | s4 | this mapping | is public + PUBLIC | regression | t1 | modified | 1 + regress_foreign_data_user | regression | s8 | password | public + regress_test_role | regression | s5 | modified | 1 + regress_test_role | regression | s6 | username | test + regress_test_role | regression | t1 | password | boo + regress_test_role | regression | t1 | username | bob (7 rows) SELECT * FROM information_schema.usage_privileges WHERE object_type LIKE 'FOREIGN%' AND object_name IN ('s6', 'foo') ORDER BY 1, 2, 3, 4, 5; - grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable ------------------------+-----------------------+----------------+---------------+-------------+----------------------+----------------+-------------- - foreign_data_user | foreign_data_user | regression | | foo | FOREIGN DATA WRAPPER | USAGE | YES - foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO - regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES - regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES + grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable +---------------------------+---------------------------+----------------+---------------+-------------+----------------------+----------------+-------------- + regress_foreign_data_user | regress_foreign_data_user | regression | | foo | FOREIGN DATA WRAPPER | USAGE | YES + regress_foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO + regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES + regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES (4 rows) SELECT * FROM information_schema.role_usage_grants WHERE object_type LIKE 'FOREIGN%' AND object_name IN ('s6', 'foo') ORDER BY 1, 2, 3, 4, 5; - grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable ------------------------+-----------------------+----------------+---------------+-------------+----------------------+----------------+-------------- - foreign_data_user | foreign_data_user | regression | | foo | FOREIGN DATA WRAPPER | USAGE | YES - foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO - regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES - regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES + grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable +---------------------------+---------------------------+----------------+---------------+-------------+----------------------+----------------+-------------- + regress_foreign_data_user | regress_foreign_data_user | regression | | foo | FOREIGN DATA WRAPPER | USAGE | YES + regress_foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO + regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES + regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES (4 rows) SELECT * FROM information_schema.foreign_tables ORDER BY 1, 2, 3; @@ -976,19 +976,19 @@ SELECT * FROM information_schema.user_mapping_options ORDER BY 1, 2, 3, 4; (5 rows) SELECT * FROM information_schema.usage_privileges WHERE object_type LIKE 'FOREIGN%' AND object_name IN ('s6', 'foo') ORDER BY 1, 2, 3, 4, 5; - grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable ------------------------+-----------------------+----------------+---------------+-------------+----------------------+----------------+-------------- - foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO - regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES - regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES + grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable +---------------------------+-----------------------+----------------+---------------+-------------+----------------------+----------------+-------------- + regress_foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO + regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES + regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES (3 rows) SELECT * FROM information_schema.role_usage_grants WHERE object_type LIKE 'FOREIGN%' AND object_name IN ('s6', 'foo') ORDER BY 1, 2, 3, 4, 5; - grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable ------------------------+-----------------------+----------------+---------------+-------------+----------------------+----------------+-------------- - foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO - regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES - regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES + grantor | grantee | object_catalog | object_schema | object_name | object_type | privilege_type | is_grantable +---------------------------+-----------------------+----------------+---------------+-------------+----------------------+----------------+-------------- + regress_foreign_data_user | regress_test_indirect | regression | | foo | FOREIGN DATA WRAPPER | USAGE | NO + regress_test_indirect | regress_test_indirect | regression | | s6 | FOREIGN SERVER | USAGE | YES + regress_test_indirect | regress_test_role2 | regression | | s6 | FOREIGN SERVER | USAGE | YES (3 rows) DROP USER MAPPING FOR current_user SERVER t1; @@ -1106,14 +1106,14 @@ ALTER USER MAPPING FOR regress_test_role SERVER s6 OPTIONS (DROP username); ALTER FOREIGN DATA WRAPPER foo VALIDATOR postgresql_fdw_validator; WARNING: changing the foreign-data wrapper validator can cause the options for dependent objects to become invalid -- Privileges -SET ROLE unprivileged_role; +SET ROLE regress_unprivileged_role; CREATE FOREIGN DATA WRAPPER foobar; -- ERROR ERROR: permission denied to create foreign-data wrapper "foobar" HINT: Must be superuser to create a foreign-data wrapper. ALTER FOREIGN DATA WRAPPER foo OPTIONS (gotcha 'true'); -- ERROR ERROR: permission denied to alter foreign-data wrapper "foo" HINT: Must be superuser to alter a foreign-data wrapper. -ALTER FOREIGN DATA WRAPPER foo OWNER TO unprivileged_role; -- ERROR +ALTER FOREIGN DATA WRAPPER foo OWNER TO regress_unprivileged_role; -- ERROR ERROR: permission denied to change owner of foreign-data wrapper "foo" HINT: Must be superuser to change owner of a foreign-data wrapper. DROP FOREIGN DATA WRAPPER foo; -- ERROR @@ -1124,7 +1124,7 @@ CREATE SERVER s9 FOREIGN DATA WRAPPER foo; -- ERROR ERROR: permission denied for foreign-data wrapper foo ALTER SERVER s4 VERSION '0.5'; -- ERROR ERROR: must be owner of foreign server s4 -ALTER SERVER s4 OWNER TO unprivileged_role; -- ERROR +ALTER SERVER s4 OWNER TO regress_unprivileged_role; -- ERROR ERROR: must be owner of foreign server s4 DROP SERVER s4; -- ERROR ERROR: must be owner of foreign server s4 @@ -1137,9 +1137,9 @@ ERROR: must be owner of foreign server s6 DROP USER MAPPING FOR regress_test_role SERVER s6; -- ERROR ERROR: must be owner of foreign server s6 RESET ROLE; -GRANT USAGE ON FOREIGN DATA WRAPPER postgresql TO unprivileged_role; -GRANT USAGE ON FOREIGN DATA WRAPPER foo TO unprivileged_role WITH GRANT OPTION; -SET ROLE unprivileged_role; +GRANT USAGE ON FOREIGN DATA WRAPPER postgresql TO regress_unprivileged_role; +GRANT USAGE ON FOREIGN DATA WRAPPER foo TO regress_unprivileged_role WITH GRANT OPTION; +SET ROLE regress_unprivileged_role; CREATE FOREIGN DATA WRAPPER foobar; -- ERROR ERROR: permission denied to create foreign-data wrapper "foobar" HINT: Must be superuser to create a foreign-data wrapper. @@ -1167,11 +1167,11 @@ ERROR: must be owner of foreign server s6 DROP USER MAPPING FOR regress_test_role SERVER s6; -- ERROR ERROR: must be owner of foreign server s6 RESET ROLE; -REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM unprivileged_role; -- ERROR +REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM regress_unprivileged_role; -- ERROR ERROR: dependent privileges exist HINT: Use CASCADE to revoke them too. -REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM unprivileged_role CASCADE; -SET ROLE unprivileged_role; +REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM regress_unprivileged_role CASCADE; +SET ROLE regress_unprivileged_role; GRANT USAGE ON FOREIGN DATA WRAPPER foo TO regress_test_role; -- ERROR ERROR: permission denied for foreign-data wrapper foo CREATE SERVER s10 FOREIGN DATA WRAPPER foo; -- ERROR @@ -1182,11 +1182,11 @@ CREATE USER MAPPING FOR current_user SERVER s9; DROP SERVER s9 CASCADE; NOTICE: drop cascades to 2 other objects DETAIL: drop cascades to user mapping for public on server s9 -drop cascades to user mapping for unprivileged_role on server s9 +drop cascades to user mapping for regress_unprivileged_role on server s9 RESET ROLE; CREATE SERVER s9 FOREIGN DATA WRAPPER foo; -GRANT USAGE ON FOREIGN SERVER s9 TO unprivileged_role; -SET ROLE unprivileged_role; +GRANT USAGE ON FOREIGN SERVER s9 TO regress_unprivileged_role; +SET ROLE regress_unprivileged_role; ALTER SERVER s9 VERSION '1.2'; -- ERROR ERROR: must be owner of foreign server s9 GRANT USAGE ON FOREIGN SERVER s9 TO regress_test_role; -- WARNING @@ -1769,21 +1769,21 @@ NOTICE: drop cascades to 5 other objects \set VERBOSITY default DROP SERVER s8 CASCADE; NOTICE: drop cascades to 2 other objects -DETAIL: drop cascades to user mapping for foreign_data_user on server s8 +DETAIL: drop cascades to user mapping for regress_foreign_data_user on server s8 drop cascades to user mapping for public on server s8 DROP ROLE regress_test_indirect; DROP ROLE regress_test_role; -DROP ROLE unprivileged_role; -- ERROR -ERROR: role "unprivileged_role" cannot be dropped because some objects depend on it +DROP ROLE regress_unprivileged_role; -- ERROR +ERROR: role "regress_unprivileged_role" cannot be dropped because some objects depend on it DETAIL: privileges for foreign-data wrapper postgresql -REVOKE ALL ON FOREIGN DATA WRAPPER postgresql FROM unprivileged_role; -DROP ROLE unprivileged_role; +REVOKE ALL ON FOREIGN DATA WRAPPER postgresql FROM regress_unprivileged_role; +DROP ROLE regress_unprivileged_role; DROP ROLE regress_test_role2; DROP FOREIGN DATA WRAPPER postgresql CASCADE; DROP FOREIGN DATA WRAPPER dummy CASCADE; NOTICE: drop cascades to server s0 \c -DROP ROLE foreign_data_user; +DROP ROLE regress_foreign_data_user; -- At this point we should have no wrappers, no servers, and no mappings. SELECT fdwname, fdwhandler, fdwvalidator, fdwoptions FROM pg_foreign_data_wrapper; fdwname | fdwhandler | fdwvalidator | fdwoptions diff --git a/src/test/regress/expected/guc.out b/src/test/regress/expected/guc.out index fdb9b5cddaf..43ac5f5f11c 100644 --- a/src/test/regress/expected/guc.out +++ b/src/test/regress/expected/guc.out @@ -531,8 +531,8 @@ PREPARE foo AS SELECT 1; LISTEN foo_event; SET vacuum_cost_delay = 13; CREATE TEMP TABLE tmp_foo (data text) ON COMMIT DELETE ROWS; -CREATE ROLE temp_reset_user; -SET SESSION AUTHORIZATION temp_reset_user; +CREATE ROLE regress_guc_user; +SET SESSION AUTHORIZATION regress_guc_user; -- look changes SELECT pg_listening_channels(); pg_listening_channels @@ -564,7 +564,7 @@ SELECT relname from pg_class where relname = 'tmp_foo'; tmp_foo (1 row) -SELECT current_user = 'temp_reset_user'; +SELECT current_user = 'regress_guc_user'; ?column? ---------- t @@ -599,13 +599,13 @@ SELECT relname from pg_class where relname = 'tmp_foo'; --------- (0 rows) -SELECT current_user = 'temp_reset_user'; +SELECT current_user = 'regress_guc_user'; ?column? ---------- f (1 row) -DROP ROLE temp_reset_user; +DROP ROLE regress_guc_user; -- -- search_path should react to changes in pg_namespace -- diff --git a/src/test/regress/expected/object_address.out b/src/test/regress/expected/object_address.out index 5310c956feb..7e81cdd087f 100644 --- a/src/test/regress/expected/object_address.out +++ b/src/test/regress/expected/object_address.out @@ -3,8 +3,9 @@ -- -- Clean up in case a prior regression run failed SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS regtest_addr_user; -CREATE USER regtest_addr_user; +DROP ROLE IF EXISTS regress_addr_user; +RESET client_min_messages; +CREATE USER regress_addr_user; -- Test generic object addressing/identification functions CREATE SCHEMA addr_nsp; SET search_path TO 'addr_nsp'; @@ -29,9 +30,9 @@ CREATE FUNCTION addr_nsp.trig() RETURNS TRIGGER LANGUAGE plpgsql AS $$ BEGIN END CREATE TRIGGER t BEFORE INSERT ON addr_nsp.gentable FOR EACH ROW EXECUTE PROCEDURE addr_nsp.trig(); CREATE POLICY genpol ON addr_nsp.gentable; CREATE SERVER "integer" FOREIGN DATA WRAPPER addr_fdw; -CREATE USER MAPPING FOR regtest_addr_user SERVER "integer"; -ALTER DEFAULT PRIVILEGES FOR ROLE regtest_addr_user IN SCHEMA public GRANT ALL ON TABLES TO regtest_addr_user; -ALTER DEFAULT PRIVILEGES FOR ROLE regtest_addr_user REVOKE DELETE ON TABLES FROM regtest_addr_user; +CREATE USER MAPPING FOR regress_addr_user SERVER "integer"; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_addr_user IN SCHEMA public GRANT ALL ON TABLES TO regress_addr_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_addr_user REVOKE DELETE ON TABLES FROM regress_addr_user; CREATE TRANSFORM FOR int LANGUAGE SQL ( FROM SQL WITH FUNCTION varchar_transform(internal), TO SQL WITH FUNCTION int4recv(internal)); @@ -366,14 +367,14 @@ WITH objects (type, name, args) AS (VALUES ('text search dictionary', '{addr_ts_dict}', '{}'), ('text search template', '{addr_ts_temp}', '{}'), ('text search configuration', '{addr_ts_conf}', '{}'), - ('role', '{regtest_addr_user}', '{}'), + ('role', '{regress_addr_user}', '{}'), -- database -- tablespace ('foreign-data wrapper', '{addr_fdw}', '{}'), ('server', '{addr_fserv}', '{}'), - ('user mapping', '{regtest_addr_user}', '{integer}'), - ('default acl', '{regtest_addr_user,public}', '{r}'), - ('default acl', '{regtest_addr_user}', '{r}'), + ('user mapping', '{regress_addr_user}', '{integer}'), + ('default acl', '{regress_addr_user,public}', '{r}'), + ('default acl', '{regress_addr_user}', '{r}'), -- extension -- event trigger ('policy', '{addr_nsp, gentable, genpol}', '{}'), @@ -390,8 +391,8 @@ SELECT (pg_identify_object(addr1.classid, addr1.objid, addr1.subobjid)).*, ORDER BY addr1.classid, addr1.objid, addr1.subobjid; type | schema | name | identity | ?column? ---------------------------+------------+-------------------+----------------------------------------------------------------------+---------- - default acl | | | for role regtest_addr_user in schema public on tables | t - default acl | | | for role regtest_addr_user on tables | t + default acl | | | for role regress_addr_user in schema public on tables | t + default acl | | | for role regress_addr_user on tables | t type | pg_catalog | _int4 | integer[] | t type | addr_nsp | gencomptype | addr_nsp.gencomptype | t type | addr_nsp | genenum | addr_nsp.genenum | t @@ -406,9 +407,9 @@ SELECT (pg_identify_object(addr1.classid, addr1.objid, addr1.subobjid)).*, materialized view | addr_nsp | genmatview | addr_nsp.genmatview | t foreign table | addr_nsp | genftable | addr_nsp.genftable | t foreign table column | addr_nsp | genftable | addr_nsp.genftable.a | t - role | | regtest_addr_user | regtest_addr_user | t + role | | regress_addr_user | regress_addr_user | t server | | addr_fserv | addr_fserv | t - user mapping | | | regtest_addr_user on server integer | t + user mapping | | | regress_addr_user on server integer | t foreign-data wrapper | | addr_fdw | addr_fdw | t access method | | btree | btree | t operator of access method | | | operator 1 (integer, integer) of pg_catalog.integer_ops USING btree | t @@ -437,7 +438,8 @@ SELECT (pg_identify_object(addr1.classid, addr1.objid, addr1.subobjid)).*, --- --- Cleanup resources --- +SET client_min_messages TO 'warning'; DROP FOREIGN DATA WRAPPER addr_fdw CASCADE; DROP SCHEMA addr_nsp CASCADE; -DROP OWNED BY regtest_addr_user; -DROP USER regtest_addr_user; +DROP OWNED BY regress_addr_user; +DROP USER regress_addr_user; diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out index 2c5dce47460..996ebcdca22 100644 --- a/src/test/regress/expected/privileges.out +++ b/src/test/regress/expected/privileges.out @@ -4,14 +4,14 @@ -- Clean up in case a prior regression run failed -- Suppress NOTICE messages when users/groups don't exist SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS regressgroup1; -DROP ROLE IF EXISTS regressgroup2; -DROP ROLE IF EXISTS regressuser1; -DROP ROLE IF EXISTS regressuser2; -DROP ROLE IF EXISTS regressuser3; -DROP ROLE IF EXISTS regressuser4; -DROP ROLE IF EXISTS regressuser5; -DROP ROLE IF EXISTS regressuser6; +DROP ROLE IF EXISTS regress_group1; +DROP ROLE IF EXISTS regress_group2; +DROP ROLE IF EXISTS regress_user1; +DROP ROLE IF EXISTS regress_user2; +DROP ROLE IF EXISTS regress_user3; +DROP ROLE IF EXISTS regress_user4; +DROP ROLE IF EXISTS regress_user5; +DROP ROLE IF EXISTS regress_user6; SELECT lo_unlink(oid) FROM pg_largeobject_metadata; lo_unlink ----------- @@ -19,26 +19,26 @@ SELECT lo_unlink(oid) FROM pg_largeobject_metadata; RESET client_min_messages; -- test proper begins here -CREATE USER regressuser1; -CREATE USER regressuser2; -CREATE USER regressuser3; -CREATE USER regressuser4; -CREATE USER regressuser5; -CREATE USER regressuser5; -- duplicate -ERROR: role "regressuser5" already exists -CREATE GROUP regressgroup1; -CREATE GROUP regressgroup2 WITH USER regressuser1, regressuser2; -ALTER GROUP regressgroup1 ADD USER regressuser4; -ALTER GROUP regressgroup2 ADD USER regressuser2; -- duplicate -NOTICE: role "regressuser2" is already a member of role "regressgroup2" -ALTER GROUP regressgroup2 DROP USER regressuser2; -GRANT regressgroup2 TO regressuser4 WITH ADMIN OPTION; +CREATE USER regress_user1; +CREATE USER regress_user2; +CREATE USER regress_user3; +CREATE USER regress_user4; +CREATE USER regress_user5; +CREATE USER regress_user5; -- duplicate +ERROR: role "regress_user5" already exists +CREATE GROUP regress_group1; +CREATE GROUP regress_group2 WITH USER regress_user1, regress_user2; +ALTER GROUP regress_group1 ADD USER regress_user4; +ALTER GROUP regress_group2 ADD USER regress_user2; -- duplicate +NOTICE: role "regress_user2" is already a member of role "regress_group2" +ALTER GROUP regress_group2 DROP USER regress_user2; +GRANT regress_group2 TO regress_user4 WITH ADMIN OPTION; -- test owner privileges -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; SELECT session_user, current_user; - session_user | current_user ---------------+-------------- - regressuser1 | regressuser1 + session_user | current_user +---------------+--------------- + regress_user1 | regress_user1 (1 row) CREATE TABLE atest1 ( a int, b text ); @@ -60,23 +60,23 @@ SELECT * FROM atest1; ---+--- (0 rows) -GRANT ALL ON atest1 TO regressuser2; -GRANT SELECT ON atest1 TO regressuser3, regressuser4; +GRANT ALL ON atest1 TO regress_user2; +GRANT SELECT ON atest1 TO regress_user3, regress_user4; SELECT * FROM atest1; a | b ---+--- (0 rows) CREATE TABLE atest2 (col1 varchar(10), col2 boolean); -GRANT SELECT ON atest2 TO regressuser2; -GRANT UPDATE ON atest2 TO regressuser3; -GRANT INSERT ON atest2 TO regressuser4; -GRANT TRUNCATE ON atest2 TO regressuser5; -SET SESSION AUTHORIZATION regressuser2; +GRANT SELECT ON atest2 TO regress_user2; +GRANT UPDATE ON atest2 TO regress_user3; +GRANT INSERT ON atest2 TO regress_user4; +GRANT TRUNCATE ON atest2 TO regress_user5; +SET SESSION AUTHORIZATION regress_user2; SELECT session_user, current_user; - session_user | current_user ---------------+-------------- - regressuser2 | regressuser2 + session_user | current_user +---------------+--------------- + regress_user2 | regress_user2 (1 row) -- try various combinations of queries on atest1 and atest2 @@ -129,11 +129,11 @@ SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) ); ------+------ (0 rows) -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; SELECT session_user, current_user; - session_user | current_user ---------------+-------------- - regressuser3 | regressuser3 + session_user | current_user +---------------+--------------- + regress_user3 | regress_user3 (1 row) SELECT * FROM atest1; -- ok @@ -175,7 +175,7 @@ SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) ); ERROR: permission denied for relation atest2 SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) ); ERROR: permission denied for relation atest2 -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; COPY atest2 FROM stdin; -- ok SELECT * FROM atest1; -- ok a | b @@ -185,15 +185,15 @@ SELECT * FROM atest1; -- ok (2 rows) -- groups -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; CREATE TABLE atest3 (one int, two int, three int); -GRANT DELETE ON atest3 TO GROUP regressgroup2; -SET SESSION AUTHORIZATION regressuser1; +GRANT DELETE ON atest3 TO GROUP regress_group2; +SET SESSION AUTHORIZATION regress_user1; SELECT * FROM atest3; -- fail ERROR: permission denied for relation atest3 DELETE FROM atest3; -- ok -- views -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; CREATE VIEW atestv1 AS SELECT * FROM atest1; -- ok /* The next *should* fail, but it's not implemented that way yet. */ CREATE VIEW atestv2 AS SELECT * FROM atest2; @@ -209,9 +209,9 @@ SELECT * FROM atestv1; -- ok SELECT * FROM atestv2; -- fail ERROR: permission denied for relation atest2 -GRANT SELECT ON atestv1, atestv3 TO regressuser4; -GRANT SELECT ON atestv2 TO regressuser2; -SET SESSION AUTHORIZATION regressuser4; +GRANT SELECT ON atestv1, atestv3 TO regress_user4; +GRANT SELECT ON atestv2 TO regress_user2; +SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atestv1; -- ok a | b ---+----- @@ -249,12 +249,12 @@ SELECT * FROM atestv4; -- ok -----+-----+------- (0 rows) -GRANT SELECT ON atestv4 TO regressuser2; -SET SESSION AUTHORIZATION regressuser2; +GRANT SELECT ON atestv4 TO regress_user2; +SET SESSION AUTHORIZATION regress_user2; -- Two complex cases: SELECT * FROM atestv3; -- fail ERROR: permission denied for relation atestv3 -SELECT * FROM atestv4; -- ok (even though regressuser2 cannot access underlying atestv3) +SELECT * FROM atestv4; -- ok (even though regress_user2 cannot access underlying atestv3) one | two | three -----+-----+------- (0 rows) @@ -265,16 +265,16 @@ SELECT * FROM atest2; -- ok bar | t (1 row) -SELECT * FROM atestv2; -- fail (even though regressuser2 can access underlying atest2) +SELECT * FROM atestv2; -- fail (even though regress_user2 can access underlying atest2) ERROR: permission denied for relation atest2 -- Test column level permissions -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE atest5 (one int, two int unique, three int, four int unique); CREATE TABLE atest6 (one int, two int, blue int); -GRANT SELECT (one), INSERT (two), UPDATE (three) ON atest5 TO regressuser4; -GRANT ALL (one) ON atest5 TO regressuser3; +GRANT SELECT (one), INSERT (two), UPDATE (three) ON atest5 TO regress_user4; +GRANT ALL (one) ON atest5 TO regress_user3; INSERT INTO atest5 VALUES (1,2,3); -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atest5; -- fail ERROR: permission denied for relation atest5 SELECT one FROM atest5; -- ok @@ -340,14 +340,14 @@ SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); - SELECT one, two FROM atest5; -- fail ERROR: permission denied for relation atest5 -SET SESSION AUTHORIZATION regressuser1; -GRANT SELECT (one,two) ON atest6 TO regressuser4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user1; +GRANT SELECT (one,two) ON atest6 TO regress_user4; +SET SESSION AUTHORIZATION regress_user4; SELECT one, two FROM atest5 NATURAL JOIN atest6; -- fail still ERROR: permission denied for relation atest5 -SET SESSION AUTHORIZATION regressuser1; -GRANT SELECT (two) ON atest5 TO regressuser4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user1; +GRANT SELECT (two) ON atest5 TO regress_user4; +SET SESSION AUTHORIZATION regress_user4; SELECT one, two FROM atest5 NATURAL JOIN atest6; -- ok now one | two -----+----- @@ -394,10 +394,10 @@ ERROR: permission denied for relation atest5 -- Error. No privs on four INSERT INTO atest5(three) VALUES (4) ON CONFLICT (four) DO UPDATE set three = 10; ERROR: permission denied for relation atest5 -SET SESSION AUTHORIZATION regressuser1; -REVOKE ALL (one) ON atest5 FROM regressuser4; -GRANT SELECT (one,two,blue) ON atest6 TO regressuser4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user1; +REVOKE ALL (one) ON atest5 FROM regress_user4; +GRANT SELECT (one,two,blue) ON atest6 TO regress_user4; +SET SESSION AUTHORIZATION regress_user4; SELECT one FROM atest5; -- fail ERROR: permission denied for relation atest5 UPDATE atest5 SET one = 1; -- fail @@ -409,18 +409,18 @@ SELECT atest6 FROM atest6; -- ok COPY atest6 TO stdout; -- ok -- check error reporting with column privs -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE t1 (c1 int, c2 int, c3 int check (c3 < 5), primary key (c1, c2)); -GRANT SELECT (c1) ON t1 TO regressuser2; -GRANT INSERT (c1, c2, c3) ON t1 TO regressuser2; -GRANT UPDATE (c1, c2, c3) ON t1 TO regressuser2; +GRANT SELECT (c1) ON t1 TO regress_user2; +GRANT INSERT (c1, c2, c3) ON t1 TO regress_user2; +GRANT UPDATE (c1, c2, c3) ON t1 TO regress_user2; -- seed data INSERT INTO t1 VALUES (1, 1, 1); INSERT INTO t1 VALUES (1, 2, 1); INSERT INTO t1 VALUES (2, 1, 2); INSERT INTO t1 VALUES (2, 2, 2); INSERT INTO t1 VALUES (3, 1, 3); -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; INSERT INTO t1 (c1, c2) VALUES (1, 1); -- fail, but row not shown ERROR: duplicate key value violates unique constraint "t1_pkey" UPDATE t1 SET c2 = 1; -- fail, but row not shown @@ -437,23 +437,23 @@ DETAIL: Failing row contains (c1) = (5). UPDATE t1 SET c3 = 10; -- fail, but see columns with SELECT rights, or being modified ERROR: new row for relation "t1" violates check constraint "t1_c3_check" DETAIL: Failing row contains (c1, c3) = (1, 10). -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; DROP TABLE t1; -- test column-level privileges when involved with DELETE -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; ALTER TABLE atest6 ADD COLUMN three integer; -GRANT DELETE ON atest5 TO regressuser3; -GRANT SELECT (two) ON atest5 TO regressuser3; -REVOKE ALL (one) ON atest5 FROM regressuser3; -GRANT SELECT (one) ON atest5 TO regressuser4; -SET SESSION AUTHORIZATION regressuser4; +GRANT DELETE ON atest5 TO regress_user3; +GRANT SELECT (two) ON atest5 TO regress_user3; +REVOKE ALL (one) ON atest5 FROM regress_user3; +GRANT SELECT (one) ON atest5 TO regress_user4; +SET SESSION AUTHORIZATION regress_user4; SELECT atest6 FROM atest6; -- fail ERROR: permission denied for relation atest6 SELECT one FROM atest5 NATURAL JOIN atest6; -- fail ERROR: permission denied for relation atest5 -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; ALTER TABLE atest6 DROP COLUMN three; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT atest6 FROM atest6; -- ok atest6 -------- @@ -464,26 +464,26 @@ SELECT one FROM atest5 NATURAL JOIN atest6; -- ok ----- (0 rows) -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; ALTER TABLE atest6 DROP COLUMN two; -REVOKE SELECT (one,blue) ON atest6 FROM regressuser4; -SET SESSION AUTHORIZATION regressuser4; +REVOKE SELECT (one,blue) ON atest6 FROM regress_user4; +SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atest6; -- fail ERROR: permission denied for relation atest6 SELECT 1 FROM atest6; -- fail ERROR: permission denied for relation atest6 -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; DELETE FROM atest5 WHERE one = 1; -- fail ERROR: permission denied for relation atest5 DELETE FROM atest5 WHERE two = 2; -- ok -- check inheritance cases -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE atestp1 (f1 int, f2 int) WITH OIDS; CREATE TABLE atestp2 (fx int, fy int) WITH OIDS; CREATE TABLE atestc (fz int) INHERITS (atestp1, atestp2); -GRANT SELECT(fx,fy,oid) ON atestp2 TO regressuser2; -GRANT SELECT(fx) ON atestc TO regressuser2; -SET SESSION AUTHORIZATION regressuser2; +GRANT SELECT(fx,fy,oid) ON atestp2 TO regress_user2; +GRANT SELECT(fx) ON atestc TO regress_user2; +SET SESSION AUTHORIZATION regress_user2; SELECT fx FROM atestp2; -- ok fx ---- @@ -506,9 +506,9 @@ SELECT oid FROM atestp2; -- ok SELECT fy FROM atestc; -- fail ERROR: permission denied for relation atestc -SET SESSION AUTHORIZATION regressuser1; -GRANT SELECT(fy,oid) ON atestc TO regressuser2; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user1; +GRANT SELECT(fy,oid) ON atestc TO regress_user2; +SET SESSION AUTHORIZATION regress_user2; SELECT fx FROM atestp2; -- still ok fx ---- @@ -533,27 +533,27 @@ SELECT oid FROM atestp2; -- ok -- switch to superuser \c - REVOKE ALL PRIVILEGES ON LANGUAGE sql FROM PUBLIC; -GRANT USAGE ON LANGUAGE sql TO regressuser1; -- ok +GRANT USAGE ON LANGUAGE sql TO regress_user1; -- ok GRANT USAGE ON LANGUAGE c TO PUBLIC; -- fail ERROR: language "c" is not trusted DETAIL: GRANT and REVOKE are not allowed on untrusted languages, because only superusers can use untrusted languages. -SET SESSION AUTHORIZATION regressuser1; -GRANT USAGE ON LANGUAGE sql TO regressuser2; -- fail +SET SESSION AUTHORIZATION regress_user1; +GRANT USAGE ON LANGUAGE sql TO regress_user2; -- fail WARNING: no privileges were granted for "sql" CREATE FUNCTION testfunc1(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; CREATE FUNCTION testfunc2(int) RETURNS int AS 'select 3 * $1;' LANGUAGE sql; REVOKE ALL ON FUNCTION testfunc1(int), testfunc2(int) FROM PUBLIC; -GRANT EXECUTE ON FUNCTION testfunc1(int), testfunc2(int) TO regressuser2; -GRANT USAGE ON FUNCTION testfunc1(int) TO regressuser3; -- semantic error +GRANT EXECUTE ON FUNCTION testfunc1(int), testfunc2(int) TO regress_user2; +GRANT USAGE ON FUNCTION testfunc1(int) TO regress_user3; -- semantic error ERROR: invalid privilege type USAGE for function -GRANT ALL PRIVILEGES ON FUNCTION testfunc1(int) TO regressuser4; -GRANT ALL PRIVILEGES ON FUNCTION testfunc_nosuch(int) TO regressuser4; +GRANT ALL PRIVILEGES ON FUNCTION testfunc1(int) TO regress_user4; +GRANT ALL PRIVILEGES ON FUNCTION testfunc_nosuch(int) TO regress_user4; ERROR: function testfunc_nosuch(integer) does not exist CREATE FUNCTION testfunc4(boolean) RETURNS text AS 'select col1 from atest2 where col2 = $1;' LANGUAGE sql SECURITY DEFINER; -GRANT EXECUTE ON FUNCTION testfunc4(boolean) TO regressuser3; -SET SESSION AUTHORIZATION regressuser2; +GRANT EXECUTE ON FUNCTION testfunc4(boolean) TO regress_user3; +SET SESSION AUTHORIZATION regress_user2; SELECT testfunc1(5), testfunc2(5); -- ok testfunc1 | testfunc2 -----------+----------- @@ -562,7 +562,7 @@ SELECT testfunc1(5), testfunc2(5); -- ok CREATE FUNCTION testfunc3(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; -- fail ERROR: permission denied for language sql -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; SELECT testfunc1(5); -- fail ERROR: permission denied for function testfunc1 SELECT col1 FROM atest2 WHERE col2 = true; -- fail @@ -573,7 +573,7 @@ SELECT testfunc4(true); -- ok bar (1 row) -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT testfunc1(5); -- ok testfunc1 ----------- @@ -591,17 +591,17 @@ GRANT ALL PRIVILEGES ON LANGUAGE sql TO PUBLIC; \c - CREATE TYPE testtype1 AS (a int, b text); REVOKE USAGE ON TYPE testtype1 FROM PUBLIC; -GRANT USAGE ON TYPE testtype1 TO regressuser2; -GRANT USAGE ON TYPE _testtype1 TO regressuser2; -- fail +GRANT USAGE ON TYPE testtype1 TO regress_user2; +GRANT USAGE ON TYPE _testtype1 TO regress_user2; -- fail ERROR: cannot set privileges of array types HINT: Set the privileges of the element type instead. -GRANT USAGE ON DOMAIN testtype1 TO regressuser2; -- fail +GRANT USAGE ON DOMAIN testtype1 TO regress_user2; -- fail ERROR: "testtype1" is not a domain CREATE DOMAIN testdomain1 AS int; REVOKE USAGE on DOMAIN testdomain1 FROM PUBLIC; -GRANT USAGE ON DOMAIN testdomain1 TO regressuser2; -GRANT USAGE ON TYPE testdomain1 TO regressuser2; -- ok -SET SESSION AUTHORIZATION regressuser1; +GRANT USAGE ON DOMAIN testdomain1 TO regress_user2; +GRANT USAGE ON TYPE testdomain1 TO regress_user2; -- ok +SET SESSION AUTHORIZATION regress_user1; -- commands that should fail CREATE AGGREGATE testagg1a(testdomain1) (sfunc = int4_sum, stype = bigint); ERROR: permission denied for type testdomain1 @@ -641,7 +641,7 @@ CREATE TABLE test11a AS (SELECT 1::testdomain1 AS a); ERROR: permission denied for type testdomain1 REVOKE ALL ON TYPE testtype1 FROM PUBLIC; ERROR: permission denied for type testtype1 -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; -- commands that should succeed CREATE AGGREGATE testagg1b(testdomain1) (sfunc = int4_sum, stype = bigint); CREATE DOMAIN testdomain2b AS testdomain1; @@ -684,7 +684,7 @@ DROP TABLE test11b; DROP TYPE testtype1; -- ok DROP DOMAIN testdomain1; -- ok -- truncate -SET SESSION AUTHORIZATION regressuser5; +SET SESSION AUTHORIZATION regress_user5; TRUNCATE atest2; -- ok TRUNCATE atest3; -- fail ERROR: permission denied for relation atest3 @@ -807,7 +807,7 @@ from (select oid from pg_class where relname = 'pg_authid') as t1; (1 row) -- non-superuser -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; select has_table_privilege(current_user,'pg_class','select'); has_table_privilege --------------------- @@ -971,93 +971,93 @@ from (select oid from pg_class where relname = 'atest1') as t1; (1 row) -- Grant options -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE atest4 (a int); -GRANT SELECT ON atest4 TO regressuser2 WITH GRANT OPTION; -GRANT UPDATE ON atest4 TO regressuser2; -GRANT SELECT ON atest4 TO GROUP regressgroup1 WITH GRANT OPTION; -SET SESSION AUTHORIZATION regressuser2; -GRANT SELECT ON atest4 TO regressuser3; -GRANT UPDATE ON atest4 TO regressuser3; -- fail +GRANT SELECT ON atest4 TO regress_user2 WITH GRANT OPTION; +GRANT UPDATE ON atest4 TO regress_user2; +GRANT SELECT ON atest4 TO GROUP regress_group1 WITH GRANT OPTION; +SET SESSION AUTHORIZATION regress_user2; +GRANT SELECT ON atest4 TO regress_user3; +GRANT UPDATE ON atest4 TO regress_user3; -- fail WARNING: no privileges were granted for "atest4" -SET SESSION AUTHORIZATION regressuser1; -REVOKE SELECT ON atest4 FROM regressuser3; -- does nothing -SELECT has_table_privilege('regressuser3', 'atest4', 'SELECT'); -- true +SET SESSION AUTHORIZATION regress_user1; +REVOKE SELECT ON atest4 FROM regress_user3; -- does nothing +SELECT has_table_privilege('regress_user3', 'atest4', 'SELECT'); -- true has_table_privilege --------------------- t (1 row) -REVOKE SELECT ON atest4 FROM regressuser2; -- fail +REVOKE SELECT ON atest4 FROM regress_user2; -- fail ERROR: dependent privileges exist HINT: Use CASCADE to revoke them too. -REVOKE GRANT OPTION FOR SELECT ON atest4 FROM regressuser2 CASCADE; -- ok -SELECT has_table_privilege('regressuser2', 'atest4', 'SELECT'); -- true +REVOKE GRANT OPTION FOR SELECT ON atest4 FROM regress_user2 CASCADE; -- ok +SELECT has_table_privilege('regress_user2', 'atest4', 'SELECT'); -- true has_table_privilege --------------------- t (1 row) -SELECT has_table_privilege('regressuser3', 'atest4', 'SELECT'); -- false +SELECT has_table_privilege('regress_user3', 'atest4', 'SELECT'); -- false has_table_privilege --------------------- f (1 row) -SELECT has_table_privilege('regressuser1', 'atest4', 'SELECT WITH GRANT OPTION'); -- true +SELECT has_table_privilege('regress_user1', 'atest4', 'SELECT WITH GRANT OPTION'); -- true has_table_privilege --------------------- t (1 row) -- Admin options -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; CREATE FUNCTION dogrant_ok() RETURNS void LANGUAGE sql SECURITY DEFINER AS - 'GRANT regressgroup2 TO regressuser5'; -GRANT regressgroup2 TO regressuser5; -- ok: had ADMIN OPTION -SET ROLE regressgroup2; -GRANT regressgroup2 TO regressuser5; -- fails: SET ROLE suspended privilege -ERROR: must have admin option on role "regressgroup2" -SET SESSION AUTHORIZATION regressuser1; -GRANT regressgroup2 TO regressuser5; -- fails: no ADMIN OPTION -ERROR: must have admin option on role "regressgroup2" + 'GRANT regress_group2 TO regress_user5'; +GRANT regress_group2 TO regress_user5; -- ok: had ADMIN OPTION +SET ROLE regress_group2; +GRANT regress_group2 TO regress_user5; -- fails: SET ROLE suspended privilege +ERROR: must have admin option on role "regress_group2" +SET SESSION AUTHORIZATION regress_user1; +GRANT regress_group2 TO regress_user5; -- fails: no ADMIN OPTION +ERROR: must have admin option on role "regress_group2" SELECT dogrant_ok(); -- ok: SECURITY DEFINER conveys ADMIN -NOTICE: role "regressuser5" is already a member of role "regressgroup2" +NOTICE: role "regress_user5" is already a member of role "regress_group2" dogrant_ok ------------ (1 row) -SET ROLE regressgroup2; -GRANT regressgroup2 TO regressuser5; -- fails: SET ROLE did not help -ERROR: must have admin option on role "regressgroup2" -SET SESSION AUTHORIZATION regressgroup2; -GRANT regressgroup2 TO regressuser5; -- ok: a role can self-admin -NOTICE: role "regressuser5" is already a member of role "regressgroup2" +SET ROLE regress_group2; +GRANT regress_group2 TO regress_user5; -- fails: SET ROLE did not help +ERROR: must have admin option on role "regress_group2" +SET SESSION AUTHORIZATION regress_group2; +GRANT regress_group2 TO regress_user5; -- ok: a role can self-admin +NOTICE: role "regress_user5" is already a member of role "regress_group2" CREATE FUNCTION dogrant_fails() RETURNS void LANGUAGE sql SECURITY DEFINER AS - 'GRANT regressgroup2 TO regressuser5'; + 'GRANT regress_group2 TO regress_user5'; SELECT dogrant_fails(); -- fails: no self-admin in SECURITY DEFINER -ERROR: must have admin option on role "regressgroup2" +ERROR: must have admin option on role "regress_group2" CONTEXT: SQL function "dogrant_fails" statement 1 DROP FUNCTION dogrant_fails(); -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; DROP FUNCTION dogrant_ok(); -REVOKE regressgroup2 FROM regressuser5; +REVOKE regress_group2 FROM regress_user5; -- has_sequence_privilege tests \c - CREATE SEQUENCE x_seq; -GRANT USAGE on x_seq to regressuser2; -SELECT has_sequence_privilege('regressuser1', 'atest1', 'SELECT'); +GRANT USAGE on x_seq to regress_user2; +SELECT has_sequence_privilege('regress_user1', 'atest1', 'SELECT'); ERROR: "atest1" is not a sequence -SELECT has_sequence_privilege('regressuser1', 'x_seq', 'INSERT'); +SELECT has_sequence_privilege('regress_user1', 'x_seq', 'INSERT'); ERROR: unrecognized privilege type: "INSERT" -SELECT has_sequence_privilege('regressuser1', 'x_seq', 'SELECT'); +SELECT has_sequence_privilege('regress_user1', 'x_seq', 'SELECT'); has_sequence_privilege ------------------------ f (1 row) -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT has_sequence_privilege('x_seq', 'USAGE'); has_sequence_privilege ------------------------ @@ -1066,7 +1066,7 @@ SELECT has_sequence_privilege('x_seq', 'USAGE'); -- largeobject privilege tests \c - -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; SELECT lo_create(1001); lo_create ----------- @@ -1098,10 +1098,10 @@ SELECT lo_create(1005); (1 row) GRANT ALL ON LARGE OBJECT 1001 TO PUBLIC; -GRANT SELECT ON LARGE OBJECT 1003 TO regressuser2; -GRANT SELECT,UPDATE ON LARGE OBJECT 1004 TO regressuser2; -GRANT ALL ON LARGE OBJECT 1005 TO regressuser2; -GRANT SELECT ON LARGE OBJECT 1005 TO regressuser2 WITH GRANT OPTION; +GRANT SELECT ON LARGE OBJECT 1003 TO regress_user2; +GRANT SELECT,UPDATE ON LARGE OBJECT 1004 TO regress_user2; +GRANT ALL ON LARGE OBJECT 1005 TO regress_user2; +GRANT SELECT ON LARGE OBJECT 1005 TO regress_user2 WITH GRANT OPTION; GRANT SELECT, INSERT ON LARGE OBJECT 1001 TO PUBLIC; -- to be failed ERROR: invalid privilege type INSERT for large object GRANT SELECT, UPDATE ON LARGE OBJECT 1001 TO nosuchuser; -- to be failed @@ -1109,7 +1109,7 @@ ERROR: role "nosuchuser" does not exist GRANT SELECT, UPDATE ON LARGE OBJECT 999 TO PUBLIC; -- to be failed ERROR: large object 999 does not exist \c - -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT lo_create(2001); lo_create ----------- @@ -1158,11 +1158,11 @@ SELECT lowrite(lo_open(1004, x'20000'::int), 'abcd'); 4 (1 row) -GRANT SELECT ON LARGE OBJECT 1005 TO regressuser3; -GRANT UPDATE ON LARGE OBJECT 1006 TO regressuser3; -- to be denied +GRANT SELECT ON LARGE OBJECT 1005 TO regress_user3; +GRANT UPDATE ON LARGE OBJECT 1006 TO regress_user3; -- to be denied ERROR: large object 1006 does not exist REVOKE ALL ON LARGE OBJECT 2001, 2002 FROM PUBLIC; -GRANT ALL ON LARGE OBJECT 2001 TO regressuser3; +GRANT ALL ON LARGE OBJECT 2001 TO regress_user3; SELECT lo_unlink(1001); -- to be denied ERROR: must be owner of large object 1001 SELECT lo_unlink(2002); @@ -1174,17 +1174,17 @@ SELECT lo_unlink(2002); \c - -- confirm ACL setting SELECT oid, pg_get_userbyid(lomowner) ownername, lomacl FROM pg_largeobject_metadata; - oid | ownername | lomacl -------+--------------+------------------------------------------------------------------------------------------ - 1002 | regressuser1 | - 1001 | regressuser1 | {regressuser1=rw/regressuser1,=rw/regressuser1} - 1003 | regressuser1 | {regressuser1=rw/regressuser1,regressuser2=r/regressuser1} - 1004 | regressuser1 | {regressuser1=rw/regressuser1,regressuser2=rw/regressuser1} - 1005 | regressuser1 | {regressuser1=rw/regressuser1,regressuser2=r*w/regressuser1,regressuser3=r/regressuser2} - 2001 | regressuser2 | {regressuser2=rw/regressuser2,regressuser3=rw/regressuser2} + oid | ownername | lomacl +------+---------------+------------------------------------------------------------------------------------------------ + 1002 | regress_user1 | + 1001 | regress_user1 | {regress_user1=rw/regress_user1,=rw/regress_user1} + 1003 | regress_user1 | {regress_user1=rw/regress_user1,regress_user2=r/regress_user1} + 1004 | regress_user1 | {regress_user1=rw/regress_user1,regress_user2=rw/regress_user1} + 1005 | regress_user1 | {regress_user1=rw/regress_user1,regress_user2=r*w/regress_user1,regress_user3=r/regress_user2} + 2001 | regress_user2 | {regress_user2=rw/regress_user2,regress_user3=rw/regress_user2} (6 rows) -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; SELECT loread(lo_open(1001, x'40000'::int), 32); loread ------------ @@ -1210,7 +1210,7 @@ SELECT lo_truncate(lo_open(2001, x'20000'::int), 10); -- compatibility mode in largeobject permission \c - SET lo_compat_privileges = false; -- default setting -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT loread(lo_open(1002, x'40000'::int), 32); -- to be denied ERROR: permission denied for large object 1002 SELECT lowrite(lo_open(1002, x'20000'::int), 'abcd'); -- to be denied @@ -1224,7 +1224,7 @@ ERROR: must be superuser to use server-side lo_export() HINT: Anyone can use the client-side lo_export() provided by libpq. \c - SET lo_compat_privileges = true; -- compatibility mode -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT loread(lo_open(1002, x'40000'::int), 32); loread -------- @@ -1259,34 +1259,34 @@ SELECT * FROM pg_largeobject LIMIT 0; ------+--------+------ (0 rows) -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; SELECT * FROM pg_largeobject LIMIT 0; -- to be denied ERROR: permission denied for relation pg_largeobject -- test default ACLs \c - CREATE SCHEMA testns; -GRANT ALL ON SCHEMA testns TO regressuser1; +GRANT ALL ON SCHEMA testns TO regress_user1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- no has_table_privilege --------------------- f (1 row) -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no has_table_privilege --------------------- f (1 row) ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT SELECT ON TABLES TO public; -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- no has_table_privilege --------------------- f (1 row) -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no has_table_privilege --------------------- f @@ -1294,52 +1294,52 @@ SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no DROP TABLE testns.acltest1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- yes has_table_privilege --------------------- t (1 row) -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no has_table_privilege --------------------- f (1 row) -ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT INSERT ON TABLES TO regressuser1; +ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT INSERT ON TABLES TO regress_user1; DROP TABLE testns.acltest1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- yes has_table_privilege --------------------- t (1 row) -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- yes has_table_privilege --------------------- t (1 row) -ALTER DEFAULT PRIVILEGES IN SCHEMA testns REVOKE INSERT ON TABLES FROM regressuser1; +ALTER DEFAULT PRIVILEGES IN SCHEMA testns REVOKE INSERT ON TABLES FROM regress_user1; DROP TABLE testns.acltest1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- yes has_table_privilege --------------------- t (1 row) -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no has_table_privilege --------------------- f (1 row) -ALTER DEFAULT PRIVILEGES FOR ROLE regressuser1 REVOKE EXECUTE ON FUNCTIONS FROM public; -SET ROLE regressuser1; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_user1 REVOKE EXECUTE ON FUNCTIONS FROM public; +SET ROLE regress_user1; CREATE FUNCTION testns.foo() RETURNS int AS 'select 1' LANGUAGE sql; -SELECT has_function_privilege('regressuser2', 'testns.foo()', 'EXECUTE'); -- no +SELECT has_function_privilege('regress_user2', 'testns.foo()', 'EXECUTE'); -- no has_function_privilege ------------------------ f @@ -1348,16 +1348,16 @@ SELECT has_function_privilege('regressuser2', 'testns.foo()', 'EXECUTE'); -- no ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT EXECUTE ON FUNCTIONS to public; DROP FUNCTION testns.foo(); CREATE FUNCTION testns.foo() RETURNS int AS 'select 1' LANGUAGE sql; -SELECT has_function_privilege('regressuser2', 'testns.foo()', 'EXECUTE'); -- yes +SELECT has_function_privilege('regress_user2', 'testns.foo()', 'EXECUTE'); -- yes has_function_privilege ------------------------ t (1 row) DROP FUNCTION testns.foo(); -ALTER DEFAULT PRIVILEGES FOR ROLE regressuser1 REVOKE USAGE ON TYPES FROM public; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_user1 REVOKE USAGE ON TYPES FROM public; CREATE DOMAIN testns.testdomain1 AS int; -SELECT has_type_privilege('regressuser2', 'testns.testdomain1', 'USAGE'); -- no +SELECT has_type_privilege('regress_user2', 'testns.testdomain1', 'USAGE'); -- no has_type_privilege -------------------- f @@ -1366,7 +1366,7 @@ SELECT has_type_privilege('regressuser2', 'testns.testdomain1', 'USAGE'); -- no ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT USAGE ON TYPES to public; DROP DOMAIN testns.testdomain1; CREATE DOMAIN testns.testdomain1 AS int; -SELECT has_type_privilege('regressuser2', 'testns.testdomain1', 'USAGE'); -- yes +SELECT has_type_privilege('regress_user2', 'testns.testdomain1', 'USAGE'); -- yes has_type_privilege -------------------- t @@ -1396,47 +1396,47 @@ SELECT d.* -- check that entries went away CREATE SCHEMA testns; CREATE TABLE testns.t1 (f1 int); CREATE TABLE testns.t2 (f1 int); -SELECT has_table_privilege('regressuser1', 'testns.t1', 'SELECT'); -- false +SELECT has_table_privilege('regress_user1', 'testns.t1', 'SELECT'); -- false has_table_privilege --------------------- f (1 row) -GRANT ALL ON ALL TABLES IN SCHEMA testns TO regressuser1; -SELECT has_table_privilege('regressuser1', 'testns.t1', 'SELECT'); -- true +GRANT ALL ON ALL TABLES IN SCHEMA testns TO regress_user1; +SELECT has_table_privilege('regress_user1', 'testns.t1', 'SELECT'); -- true has_table_privilege --------------------- t (1 row) -SELECT has_table_privilege('regressuser1', 'testns.t2', 'SELECT'); -- true +SELECT has_table_privilege('regress_user1', 'testns.t2', 'SELECT'); -- true has_table_privilege --------------------- t (1 row) -REVOKE ALL ON ALL TABLES IN SCHEMA testns FROM regressuser1; -SELECT has_table_privilege('regressuser1', 'testns.t1', 'SELECT'); -- false +REVOKE ALL ON ALL TABLES IN SCHEMA testns FROM regress_user1; +SELECT has_table_privilege('regress_user1', 'testns.t1', 'SELECT'); -- false has_table_privilege --------------------- f (1 row) -SELECT has_table_privilege('regressuser1', 'testns.t2', 'SELECT'); -- false +SELECT has_table_privilege('regress_user1', 'testns.t2', 'SELECT'); -- false has_table_privilege --------------------- f (1 row) CREATE FUNCTION testns.testfunc(int) RETURNS int AS 'select 3 * $1;' LANGUAGE sql; -SELECT has_function_privilege('regressuser1', 'testns.testfunc(int)', 'EXECUTE'); -- true by default +SELECT has_function_privilege('regress_user1', 'testns.testfunc(int)', 'EXECUTE'); -- true by default has_function_privilege ------------------------ t (1 row) REVOKE ALL ON ALL FUNCTIONS IN SCHEMA testns FROM PUBLIC; -SELECT has_function_privilege('regressuser1', 'testns.testfunc(int)', 'EXECUTE'); -- false +SELECT has_function_privilege('regress_user1', 'testns.testfunc(int)', 'EXECUTE'); -- false has_function_privilege ------------------------ f @@ -1447,81 +1447,81 @@ DROP SCHEMA testns CASCADE; RESET client_min_messages; -- Change owner of the schema & and rename of new schema owner \c - -CREATE ROLE schemauser1 superuser login; -CREATE ROLE schemauser2 superuser login; -SET SESSION ROLE schemauser1; +CREATE ROLE regress_schemauser1 superuser login; +CREATE ROLE regress_schemauser2 superuser login; +SET SESSION ROLE regress_schemauser1; CREATE SCHEMA testns; SELECT nspname, rolname FROM pg_namespace, pg_roles WHERE pg_namespace.nspname = 'testns' AND pg_namespace.nspowner = pg_roles.oid; - nspname | rolname ----------+------------- - testns | schemauser1 + nspname | rolname +---------+--------------------- + testns | regress_schemauser1 (1 row) -ALTER SCHEMA testns OWNER TO schemauser2; -ALTER ROLE schemauser2 RENAME TO schemauser_renamed; +ALTER SCHEMA testns OWNER TO regress_schemauser2; +ALTER ROLE regress_schemauser2 RENAME TO regress_schemauser_renamed; SELECT nspname, rolname FROM pg_namespace, pg_roles WHERE pg_namespace.nspname = 'testns' AND pg_namespace.nspowner = pg_roles.oid; - nspname | rolname ----------+-------------------- - testns | schemauser_renamed + nspname | rolname +---------+---------------------------- + testns | regress_schemauser_renamed (1 row) -set session role schemauser_renamed; +set session role regress_schemauser_renamed; SET client_min_messages TO 'warning'; DROP SCHEMA testns CASCADE; RESET client_min_messages; -- clean up \c - -DROP ROLE schemauser1; -DROP ROLE schemauser_renamed; +DROP ROLE regress_schemauser1; +DROP ROLE regress_schemauser_renamed; -- test that dependent privileges are revoked (or not) properly \c - -set session role regressuser1; +set session role regress_user1; create table dep_priv_test (a int); -grant select on dep_priv_test to regressuser2 with grant option; -grant select on dep_priv_test to regressuser3 with grant option; -set session role regressuser2; -grant select on dep_priv_test to regressuser4 with grant option; -set session role regressuser3; -grant select on dep_priv_test to regressuser4 with grant option; -set session role regressuser4; -grant select on dep_priv_test to regressuser5; +grant select on dep_priv_test to regress_user2 with grant option; +grant select on dep_priv_test to regress_user3 with grant option; +set session role regress_user2; +grant select on dep_priv_test to regress_user4 with grant option; +set session role regress_user3; +grant select on dep_priv_test to regress_user4 with grant option; +set session role regress_user4; +grant select on dep_priv_test to regress_user5; \dp dep_priv_test - Access privileges - Schema | Name | Type | Access privileges | Column privileges | Policies ---------+---------------+-------+-----------------------------------+-------------------+---------- - public | dep_priv_test | table | regressuser1=arwdDxt/regressuser1+| | - | | | regressuser2=r*/regressuser1 +| | - | | | regressuser3=r*/regressuser1 +| | - | | | regressuser4=r*/regressuser2 +| | - | | | regressuser4=r*/regressuser3 +| | - | | | regressuser5=r/regressuser4 | | -(1 row) - -set session role regressuser2; -revoke select on dep_priv_test from regressuser4 cascade; + Access privileges + Schema | Name | Type | Access privileges | Column privileges | Policies +--------+---------------+-------+-------------------------------------+-------------------+---------- + public | dep_priv_test | table | regress_user1=arwdDxt/regress_user1+| | + | | | regress_user2=r*/regress_user1 +| | + | | | regress_user3=r*/regress_user1 +| | + | | | regress_user4=r*/regress_user2 +| | + | | | regress_user4=r*/regress_user3 +| | + | | | regress_user5=r/regress_user4 | | +(1 row) + +set session role regress_user2; +revoke select on dep_priv_test from regress_user4 cascade; \dp dep_priv_test - Access privileges - Schema | Name | Type | Access privileges | Column privileges | Policies ---------+---------------+-------+-----------------------------------+-------------------+---------- - public | dep_priv_test | table | regressuser1=arwdDxt/regressuser1+| | - | | | regressuser2=r*/regressuser1 +| | - | | | regressuser3=r*/regressuser1 +| | - | | | regressuser4=r*/regressuser3 +| | - | | | regressuser5=r/regressuser4 | | -(1 row) - -set session role regressuser3; -revoke select on dep_priv_test from regressuser4 cascade; + Access privileges + Schema | Name | Type | Access privileges | Column privileges | Policies +--------+---------------+-------+-------------------------------------+-------------------+---------- + public | dep_priv_test | table | regress_user1=arwdDxt/regress_user1+| | + | | | regress_user2=r*/regress_user1 +| | + | | | regress_user3=r*/regress_user1 +| | + | | | regress_user4=r*/regress_user3 +| | + | | | regress_user5=r/regress_user4 | | +(1 row) + +set session role regress_user3; +revoke select on dep_priv_test from regress_user4 cascade; \dp dep_priv_test - Access privileges - Schema | Name | Type | Access privileges | Column privileges | Policies ---------+---------------+-------+-----------------------------------+-------------------+---------- - public | dep_priv_test | table | regressuser1=arwdDxt/regressuser1+| | - | | | regressuser2=r*/regressuser1 +| | - | | | regressuser3=r*/regressuser1 | | + Access privileges + Schema | Name | Type | Access privileges | Column privileges | Policies +--------+---------------+-------+-------------------------------------+-------------------+---------- + public | dep_priv_test | table | regress_user1=arwdDxt/regress_user1+| | + | | | regress_user2=r*/regress_user1 +| | + | | | regress_user3=r*/regress_user1 | | (1 row) -set session role regressuser1; +set session role regress_user1; drop table dep_priv_test; -- clean up \c @@ -1556,24 +1556,24 @@ SELECT lo_unlink(oid) FROM pg_largeobject_metadata; 1 (5 rows) -DROP GROUP regressgroup1; -DROP GROUP regressgroup2; +DROP GROUP regress_group1; +DROP GROUP regress_group2; -- these are needed to clean up permissions -REVOKE USAGE ON LANGUAGE sql FROM regressuser1; -DROP OWNED BY regressuser1; -DROP USER regressuser1; -DROP USER regressuser2; -DROP USER regressuser3; -DROP USER regressuser4; -DROP USER regressuser5; -DROP USER regressuser6; -ERROR: role "regressuser6" does not exist +REVOKE USAGE ON LANGUAGE sql FROM regress_user1; +DROP OWNED BY regress_user1; +DROP USER regress_user1; +DROP USER regress_user2; +DROP USER regress_user3; +DROP USER regress_user4; +DROP USER regress_user5; +DROP USER regress_user6; +ERROR: role "regress_user6" does not exist -- permissions with LOCK TABLE -CREATE USER locktable_user; +CREATE USER regress_locktable_user; CREATE TABLE lock_table (a int); -- LOCK TABLE and SELECT permission -GRANT SELECT ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT SELECT ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should fail ERROR: permission denied for relation lock_table @@ -1586,10 +1586,10 @@ LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail ERROR: permission denied for relation lock_table ROLLBACK; \c -REVOKE SELECT ON lock_table FROM locktable_user; +REVOKE SELECT ON lock_table FROM regress_locktable_user; -- LOCK TABLE and INSERT permission -GRANT INSERT ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT INSERT ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1602,10 +1602,10 @@ LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail ERROR: permission denied for relation lock_table ROLLBACK; \c -REVOKE INSERT ON lock_table FROM locktable_user; +REVOKE INSERT ON lock_table FROM regress_locktable_user; -- LOCK TABLE and UPDATE permission -GRANT UPDATE ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT UPDATE ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1617,10 +1617,10 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass COMMIT; \c -REVOKE UPDATE ON lock_table FROM locktable_user; +REVOKE UPDATE ON lock_table FROM regress_locktable_user; -- LOCK TABLE and DELETE permission -GRANT DELETE ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT DELETE ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1632,10 +1632,10 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass COMMIT; \c -REVOKE DELETE ON lock_table FROM locktable_user; +REVOKE DELETE ON lock_table FROM regress_locktable_user; -- LOCK TABLE and TRUNCATE permission -GRANT TRUNCATE ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT TRUNCATE ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1647,7 +1647,7 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass COMMIT; \c -REVOKE TRUNCATE ON lock_table FROM locktable_user; +REVOKE TRUNCATE ON lock_table FROM regress_locktable_user; -- clean up DROP TABLE lock_table; -DROP USER locktable_user; +DROP USER regress_locktable_user; diff --git a/src/test/regress/expected/regproc.out b/src/test/regress/expected/regproc.out index 91ea94e20f8..ee4fcda8666 100644 --- a/src/test/regress/expected/regproc.out +++ b/src/test/regress/expected/regproc.out @@ -2,7 +2,7 @@ -- regproc -- /* If objects exist, return oids */ -CREATE ROLE regtestrole; +CREATE ROLE regress_regrole_test; -- without schemaname SELECT regoper('||/'); regoper @@ -144,16 +144,16 @@ SELECT to_regtype('pg_catalog.int4'); (1 row) -- schemaname not applicable -SELECT regrole('regtestrole'); - regrole -------------- - regtestrole +SELECT regrole('regress_regrole_test'); + regrole +---------------------- + regress_regrole_test (1 row) -SELECT regrole('"regtestrole"'); - regrole -------------- - regtestrole +SELECT regrole('"regress_regrole_test"'); + regrole +---------------------- + regress_regrole_test (1 row) SELECT regnamespace('pg_catalog'); @@ -168,16 +168,16 @@ SELECT regnamespace('"pg_catalog"'); pg_catalog (1 row) -SELECT to_regrole('regtestrole'); - to_regrole -------------- - regtestrole +SELECT to_regrole('regress_regrole_test'); + to_regrole +---------------------- + regress_regrole_test (1 row) -SELECT to_regrole('"regtestrole"'); - to_regrole -------------- - regtestrole +SELECT to_regrole('"regress_regrole_test"'); + to_regrole +---------------------- + regress_regrole_test (1 row) SELECT to_regnamespace('pg_catalog'); @@ -193,7 +193,7 @@ SELECT to_regnamespace('"pg_catalog"'); (1 row) /* If objects don't exist, raise errors. */ -DROP ROLE regtestrole; +DROP ROLE regress_regrole_test; -- without schemaname SELECT regoper('||//'); ERROR: operator does not exist: ||// @@ -245,13 +245,13 @@ ERROR: schema "ng_catalog" does not exist LINE 1: SELECT regtype('ng_catalog.int4'); ^ -- schemaname not applicable -SELECT regrole('regtestrole'); -ERROR: role "regtestrole" does not exist -LINE 1: SELECT regrole('regtestrole'); +SELECT regrole('regress_regrole_test'); +ERROR: role "regress_regrole_test" does not exist +LINE 1: SELECT regrole('regress_regrole_test'); ^ -SELECT regrole('"regtestrole"'); -ERROR: role "regtestrole" does not exist -LINE 1: SELECT regrole('"regtestrole"'); +SELECT regrole('"regress_regrole_test"'); +ERROR: role "regress_regrole_test" does not exist +LINE 1: SELECT regrole('"regress_regrole_test"'); ^ SELECT regrole('Nonexistent'); ERROR: role "nonexistent" does not exist @@ -353,13 +353,13 @@ SELECT to_regtype('ng_catalog.int4'); (1 row) -- schemaname not applicable -SELECT to_regrole('regtestrole'); +SELECT to_regrole('regress_regrole_test'); to_regrole ------------ (1 row) -SELECT to_regrole('"regtestrole"'); +SELECT to_regrole('"regress_regrole_test"'); to_regrole ------------ diff --git a/src/test/regress/expected/roleattributes.out b/src/test/regress/expected/roleattributes.out index aa5f42abf43..570aa5f8343 100644 --- a/src/test/regress/expected/roleattributes.out +++ b/src/test/regress/expected/roleattributes.out @@ -1,249 +1,249 @@ -- default for superuser is false -CREATE ROLE test_def_superuser; -SELECT * FROM pg_authid WHERE rolname = 'test_def_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_superuser | f | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_def_superuser; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_superuser'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_superuser | f | t | f | f | f | f | f | -1 | | (1 row) -CREATE ROLE test_superuser WITH SUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_superuser | t | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_superuser WITH SUPERUSER; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_superuser'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_superuser | t | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_superuser WITH NOSUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_superuser | f | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_superuser WITH NOSUPERUSER; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_superuser'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_superuser | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_superuser WITH SUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_superuser | t | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_superuser WITH SUPERUSER; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_superuser'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_superuser | t | t | f | f | f | f | f | -1 | | (1 row) -- default for inherit is true -CREATE ROLE test_def_inherit; -SELECT * FROM pg_authid WHERE rolname = 'test_def_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_inherit | f | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_def_inherit; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_inherit'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +--------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_inherit | f | t | f | f | f | f | f | -1 | | (1 row) -CREATE ROLE test_inherit WITH NOINHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_inherit | f | f | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_inherit WITH NOINHERIT; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_inherit'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_inherit | f | f | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_inherit WITH INHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_inherit | f | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_inherit WITH INHERIT; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_inherit'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_inherit | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_inherit WITH NOINHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_inherit | f | f | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_inherit WITH NOINHERIT; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_inherit'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_inherit | f | f | f | f | f | f | f | -1 | | (1 row) -- default for create role is false -CREATE ROLE test_def_createrole; -SELECT * FROM pg_authid WHERE rolname = 'test_def_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_createrole | f | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_def_createrole; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_createrole'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +-----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_createrole | f | t | f | f | f | f | f | -1 | | (1 row) -CREATE ROLE test_createrole WITH CREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createrole | f | t | t | f | f | f | f | -1 | | +CREATE ROLE regress_test_createrole WITH CREATEROLE; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createrole'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +-------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_createrole | f | t | t | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_createrole WITH NOCREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createrole | f | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_createrole WITH NOCREATEROLE; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createrole'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +-------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_createrole | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_createrole WITH CREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createrole | f | t | t | f | f | f | f | -1 | | +ALTER ROLE regress_test_createrole WITH CREATEROLE; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createrole'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +-------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_createrole | f | t | t | f | f | f | f | -1 | | (1 row) -- default for create database is false -CREATE ROLE test_def_createdb; -SELECT * FROM pg_authid WHERE rolname = 'test_def_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil --------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_createdb | f | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_def_createdb; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_createdb'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +---------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_createdb | f | t | f | f | f | f | f | -1 | | (1 row) -CREATE ROLE test_createdb WITH CREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createdb | f | t | f | t | f | f | f | -1 | | +CREATE ROLE regress_test_createdb WITH CREATEDB; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createdb'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +-----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_createdb | f | t | f | t | f | f | f | -1 | | (1 row) -ALTER ROLE test_createdb WITH NOCREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createdb | f | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_createdb WITH NOCREATEDB; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createdb'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +-----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_createdb | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_createdb WITH CREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_createdb | f | t | f | t | f | f | f | -1 | | +ALTER ROLE regress_test_createdb WITH CREATEDB; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createdb'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +-----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_createdb | f | t | f | t | f | f | f | -1 | | (1 row) -- default for can login is false for role -CREATE ROLE test_def_role_canlogin; -SELECT * FROM pg_authid WHERE rolname = 'test_def_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_role_canlogin | f | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_def_role_canlogin; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_role_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +--------------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_role_canlogin | f | t | f | f | f | f | f | -1 | | (1 row) -CREATE ROLE test_role_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_role_canlogin | f | t | f | f | t | f | f | -1 | | +CREATE ROLE regress_test_role_canlogin WITH LOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_role_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_role_canlogin | f | t | f | f | t | f | f | -1 | | (1 row) -ALTER ROLE test_role_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_role_canlogin | f | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_role_canlogin WITH NOLOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_role_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_role_canlogin | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_role_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_role_canlogin | f | t | f | f | t | f | f | -1 | | +ALTER ROLE regress_test_role_canlogin WITH LOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_role_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_role_canlogin | f | t | f | f | t | f | f | -1 | | (1 row) -- default for can login is true for user -CREATE USER test_def_user_canlogin; -SELECT * FROM pg_authid WHERE rolname = 'test_def_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_user_canlogin | f | t | f | f | t | f | f | -1 | | +CREATE USER regress_test_def_user_canlogin; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_user_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +--------------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_user_canlogin | f | t | f | f | t | f | f | -1 | | (1 row) -CREATE USER test_user_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_user_canlogin | f | t | f | f | f | f | f | -1 | | +CREATE USER regress_test_user_canlogin WITH NOLOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_user_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_user_canlogin | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER USER test_user_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_user_canlogin | f | t | f | f | t | f | f | -1 | | +ALTER USER regress_test_user_canlogin WITH LOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_user_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_user_canlogin | f | t | f | f | t | f | f | -1 | | (1 row) -ALTER USER test_user_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_user_canlogin | f | t | f | f | f | f | f | -1 | | +ALTER USER regress_test_user_canlogin WITH NOLOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_user_canlogin'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_user_canlogin | f | t | f | f | f | f | f | -1 | | (1 row) -- default for replication is false -CREATE ROLE test_def_replication; -SELECT * FROM pg_authid WHERE rolname = 'test_def_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_replication | f | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_def_replication; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_replication'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +------------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_replication | f | t | f | f | f | f | f | -1 | | (1 row) -CREATE ROLE test_replication WITH REPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_replication | f | t | f | f | f | t | f | -1 | | +CREATE ROLE regress_test_replication WITH REPLICATION; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_replication'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +--------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_replication | f | t | f | f | f | t | f | -1 | | (1 row) -ALTER ROLE test_replication WITH NOREPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_replication | f | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_replication WITH NOREPLICATION; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_replication'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +--------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_replication | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_replication WITH REPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_replication | f | t | f | f | f | t | f | -1 | | +ALTER ROLE regress_test_replication WITH REPLICATION; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_replication'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +--------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_replication | f | t | f | f | f | t | f | -1 | | (1 row) -- default for bypassrls is false -CREATE ROLE test_def_bypassrls; -SELECT * FROM pg_authid WHERE rolname = 'test_def_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil ---------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_def_bypassrls | f | t | f | f | f | f | f | -1 | | +CREATE ROLE regress_test_def_bypassrls; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_bypassrls'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +----------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_def_bypassrls | f | t | f | f | f | f | f | -1 | | (1 row) -CREATE ROLE test_bypassrls WITH BYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_bypassrls | f | t | f | f | f | f | t | -1 | | +CREATE ROLE regress_test_bypassrls WITH BYPASSRLS; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_bypassrls'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_bypassrls | f | t | f | f | f | f | t | -1 | | (1 row) -ALTER ROLE test_bypassrls WITH NOBYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_bypassrls | f | t | f | f | f | f | f | -1 | | +ALTER ROLE regress_test_bypassrls WITH NOBYPASSRLS; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_bypassrls'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_bypassrls | f | t | f | f | f | f | f | -1 | | (1 row) -ALTER ROLE test_bypassrls WITH BYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; - rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil -----------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- - test_bypassrls | f | t | f | f | f | f | t | -1 | | +ALTER ROLE regress_test_bypassrls WITH BYPASSRLS; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_bypassrls'; + rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolbypassrls | rolconnlimit | rolpassword | rolvaliduntil +------------------------+----------+------------+---------------+-------------+-------------+----------------+--------------+--------------+-------------+--------------- + regress_test_bypassrls | f | t | f | f | f | f | t | -1 | | (1 row) -- clean up roles -DROP ROLE test_def_superuser; -DROP ROLE test_superuser; -DROP ROLE test_def_inherit; -DROP ROLE test_inherit; -DROP ROLE test_def_createrole; -DROP ROLE test_createrole; -DROP ROLE test_def_createdb; -DROP ROLE test_createdb; -DROP ROLE test_def_role_canlogin; -DROP ROLE test_role_canlogin; -DROP USER test_def_user_canlogin; -DROP USER test_user_canlogin; -DROP ROLE test_def_replication; -DROP ROLE test_replication; -DROP ROLE test_def_bypassrls; -DROP ROLE test_bypassrls; +DROP ROLE regress_test_def_superuser; +DROP ROLE regress_test_superuser; +DROP ROLE regress_test_def_inherit; +DROP ROLE regress_test_inherit; +DROP ROLE regress_test_def_createrole; +DROP ROLE regress_test_createrole; +DROP ROLE regress_test_def_createdb; +DROP ROLE regress_test_createdb; +DROP ROLE regress_test_def_role_canlogin; +DROP ROLE regress_test_role_canlogin; +DROP USER regress_test_def_user_canlogin; +DROP USER regress_test_user_canlogin; +DROP ROLE regress_test_def_replication; +DROP ROLE regress_test_replication; +DROP ROLE regress_test_def_bypassrls; +DROP ROLE regress_test_bypassrls; diff --git a/src/test/regress/expected/rolenames.out b/src/test/regress/expected/rolenames.out index 6676a565eb3..b8bf0cf8778 100644 --- a/src/test/regress/expected/rolenames.out +++ b/src/test/regress/expected/rolenames.out @@ -25,7 +25,7 @@ SELECT COALESCE(d.datname, 'ALL'), COALESCE(r.rolname, 'ALL'), (SESSION_USER, 'session_user')) AS v(uname, keyword) ON (r.rolname = v.uname) - WHERE (r.rolname) IN ('Public', 'current_user', 'testrol1', 'testrol2') + WHERE (r.rolname) IN ('Public', 'current_user', 'regress_testrol1', 'regress_testrol2') ORDER BY 1, 2; $$ LANGUAGE SQL; CREATE OR REPLACE FUNCTION chkumapping() @@ -90,98 +90,98 @@ DETAIL: Role names starting with "pg_" are reserved. CREATE ROLE "pg_abcdef"; -- error ERROR: role name "pg_abcdef" is reserved DETAIL: Role names starting with "pg_" are reserved. -CREATE ROLE testrol0 SUPERUSER LOGIN; -CREATE ROLE testrolx SUPERUSER LOGIN; -CREATE ROLE testrol2 SUPERUSER; -CREATE ROLE testrol1 SUPERUSER LOGIN IN ROLE testrol2; +CREATE ROLE regress_testrol0 SUPERUSER LOGIN; +CREATE ROLE regress_testrolx SUPERUSER LOGIN; +CREATE ROLE regress_testrol2 SUPERUSER; +CREATE ROLE regress_testrol1 SUPERUSER LOGIN IN ROLE regress_testrol2; \c - -SET SESSION AUTHORIZATION testrol1; -SET ROLE testrol2; +SET SESSION AUTHORIZATION regress_testrol1; +SET ROLE regress_testrol2; -- ALTER ROLE BEGIN; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | f - session_user | - | f | f - testrol1 | session_user | t | f - testrol2 | current_user | f | f + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | f + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | f + session_user | - | f | f (6 rows) ALTER ROLE CURRENT_USER WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | f - session_user | - | f | f - testrol1 | session_user | t | f - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | f + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | t + session_user | - | f | f (6 rows) ALTER ROLE "current_user" WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | t - session_user | - | f | f - testrol1 | session_user | t | f - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | t + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | t + session_user | - | f | f (6 rows) ALTER ROLE SESSION_USER WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | t - session_user | - | f | f - testrol1 | session_user | t | t - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | t + regress_testrol1 | session_user | t | t + regress_testrol2 | current_user | f | t + session_user | - | f | f (6 rows) ALTER ROLE "session_user" WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | t - session_user | - | f | t - testrol1 | session_user | t | t - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | t + regress_testrol1 | session_user | t | t + regress_testrol2 | current_user | f | t + session_user | - | f | t (6 rows) ALTER USER "Public" WITH REPLICATION; ALTER USER "None" WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | t - Public | - | f | t - current_user | - | f | t - session_user | - | f | t - testrol1 | session_user | t | t - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | t + Public | - | f | t + current_user | - | f | t + regress_testrol1 | session_user | t | t + regress_testrol2 | current_user | f | t + session_user | - | f | t (6 rows) -ALTER USER testrol1 WITH NOREPLICATION; -ALTER USER testrol2 WITH NOREPLICATION; +ALTER USER regress_testrol1 WITH NOREPLICATION; +ALTER USER regress_testrol2 WITH NOREPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | t - Public | - | f | t - current_user | - | f | t - session_user | - | f | t - testrol1 | session_user | t | f - testrol2 | current_user | f | f + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | t + Public | - | f | t + current_user | - | f | t + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | f + session_user | - | f | t (6 rows) ROLLBACK; @@ -216,88 +216,88 @@ ERROR: role "nonexistent" does not exist -- ALTER USER BEGIN; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | f - session_user | - | f | f - testrol1 | session_user | t | f - testrol2 | current_user | f | f + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | f + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | f + session_user | - | f | f (6 rows) ALTER USER CURRENT_USER WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | f - session_user | - | f | f - testrol1 | session_user | t | f - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | f + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | t + session_user | - | f | f (6 rows) ALTER USER "current_user" WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | t - session_user | - | f | f - testrol1 | session_user | t | f - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | t + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | t + session_user | - | f | f (6 rows) ALTER USER SESSION_USER WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | t - session_user | - | f | f - testrol1 | session_user | t | t - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | t + regress_testrol1 | session_user | t | t + regress_testrol2 | current_user | f | t + session_user | - | f | f (6 rows) ALTER USER "session_user" WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | f - Public | - | f | f - current_user | - | f | t - session_user | - | f | t - testrol1 | session_user | t | t - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | f + Public | - | f | f + current_user | - | f | t + regress_testrol1 | session_user | t | t + regress_testrol2 | current_user | f | t + session_user | - | f | t (6 rows) ALTER USER "Public" WITH REPLICATION; ALTER USER "None" WITH REPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | t - Public | - | f | t - current_user | - | f | t - session_user | - | f | t - testrol1 | session_user | t | t - testrol2 | current_user | f | t + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | t + Public | - | f | t + current_user | - | f | t + regress_testrol1 | session_user | t | t + regress_testrol2 | current_user | f | t + session_user | - | f | t (6 rows) -ALTER USER testrol1 WITH NOREPLICATION; -ALTER USER testrol2 WITH NOREPLICATION; +ALTER USER regress_testrol1 WITH NOREPLICATION; +ALTER USER regress_testrol2 WITH NOREPLICATION; SELECT * FROM chkrolattr(); - role | rolekeyword | canlogin | replication ---------------+--------------+----------+------------- - None | - | f | t - Public | - | f | t - current_user | - | f | t - session_user | - | f | t - testrol1 | session_user | t | f - testrol2 | current_user | f | f + role | rolekeyword | canlogin | replication +------------------+--------------+----------+------------- + None | - | f | t + Public | - | f | t + current_user | - | f | t + regress_testrol1 | session_user | t | f + regress_testrol2 | current_user | f | f + session_user | - | f | t (6 rows) ROLLBACK; @@ -341,22 +341,22 @@ ALTER ROLE "current_user" SET application_name to 'FOOFOO'; ALTER ROLE "Public" SET application_name to 'BARBAR'; ALTER ROLE ALL SET application_name to 'SLAP'; SELECT * FROM chksetconfig(); - db | role | rolkeyword | setconfig ------+--------------+--------------+--------------------------- - ALL | Public | - | {application_name=BARBAR} - ALL | current_user | - | {application_name=FOOFOO} - ALL | testrol1 | session_user | {application_name=BAR} - ALL | testrol2 | current_user | {application_name=FOO} + db | role | rolkeyword | setconfig +-----+------------------+--------------+--------------------------- + ALL | Public | - | {application_name=BARBAR} + ALL | current_user | - | {application_name=FOOFOO} + ALL | regress_testrol1 | session_user | {application_name=BAR} + ALL | regress_testrol2 | current_user | {application_name=FOO} (4 rows) -ALTER ROLE testrol1 SET application_name to 'SLAM'; +ALTER ROLE regress_testrol1 SET application_name to 'SLAM'; SELECT * FROM chksetconfig(); - db | role | rolkeyword | setconfig ------+--------------+--------------+--------------------------- - ALL | Public | - | {application_name=BARBAR} - ALL | current_user | - | {application_name=FOOFOO} - ALL | testrol1 | session_user | {application_name=SLAM} - ALL | testrol2 | current_user | {application_name=FOO} + db | role | rolkeyword | setconfig +-----+------------------+--------------+--------------------------- + ALL | Public | - | {application_name=BARBAR} + ALL | current_user | - | {application_name=FOOFOO} + ALL | regress_testrol1 | session_user | {application_name=SLAM} + ALL | regress_testrol2 | current_user | {application_name=FOO} (4 rows) ALTER ROLE CURRENT_USER RESET application_name; @@ -396,22 +396,22 @@ ERROR: syntax error at or near "ALL" LINE 1: ALTER USER ALL SET application_name to 'SLAP'; ^ SELECT * FROM chksetconfig(); - db | role | rolkeyword | setconfig ------+--------------+--------------+--------------------------- - ALL | Public | - | {application_name=BARBAR} - ALL | current_user | - | {application_name=FOOFOO} - ALL | testrol1 | session_user | {application_name=BAR} - ALL | testrol2 | current_user | {application_name=FOO} + db | role | rolkeyword | setconfig +-----+------------------+--------------+--------------------------- + ALL | Public | - | {application_name=BARBAR} + ALL | current_user | - | {application_name=FOOFOO} + ALL | regress_testrol1 | session_user | {application_name=BAR} + ALL | regress_testrol2 | current_user | {application_name=FOO} (4 rows) -ALTER USER testrol1 SET application_name to 'SLAM'; +ALTER USER regress_testrol1 SET application_name to 'SLAM'; SELECT * FROM chksetconfig(); - db | role | rolkeyword | setconfig ------+--------------+--------------+--------------------------- - ALL | Public | - | {application_name=BARBAR} - ALL | current_user | - | {application_name=FOOFOO} - ALL | testrol1 | session_user | {application_name=SLAM} - ALL | testrol2 | current_user | {application_name=FOO} + db | role | rolkeyword | setconfig +-----+------------------+--------------+--------------------------- + ALL | Public | - | {application_name=BARBAR} + ALL | current_user | - | {application_name=FOOFOO} + ALL | regress_testrol1 | session_user | {application_name=SLAM} + ALL | regress_testrol2 | current_user | {application_name=FOO} (4 rows) ALTER USER CURRENT_USER RESET application_name; @@ -445,7 +445,7 @@ set client_min_messages to error; CREATE SCHEMA newschema1 AUTHORIZATION CURRENT_USER; CREATE SCHEMA newschema2 AUTHORIZATION "current_user"; CREATE SCHEMA newschema3 AUTHORIZATION SESSION_USER; -CREATE SCHEMA newschema4 AUTHORIZATION testrolx; +CREATE SCHEMA newschema4 AUTHORIZATION regress_testrolx; CREATE SCHEMA newschema5 AUTHORIZATION "Public"; CREATE SCHEMA newschema6 AUTHORIZATION USER; -- error ERROR: syntax error at or near "USER" @@ -468,19 +468,19 @@ ERROR: role "nonexistent" does not exist SELECT n.nspname, r.rolname FROM pg_namespace n JOIN pg_roles r ON (r.oid = n.nspowner) WHERE n.nspname LIKE 'newschema_' ORDER BY 1; - nspname | rolname -------------+-------------- - newschema1 | testrol2 + nspname | rolname +------------+------------------ + newschema1 | regress_testrol2 newschema2 | current_user - newschema3 | testrol1 - newschema4 | testrolx + newschema3 | regress_testrol1 + newschema4 | regress_testrolx newschema5 | Public (5 rows) CREATE SCHEMA IF NOT EXISTS newschema1 AUTHORIZATION CURRENT_USER; CREATE SCHEMA IF NOT EXISTS newschema2 AUTHORIZATION "current_user"; CREATE SCHEMA IF NOT EXISTS newschema3 AUTHORIZATION SESSION_USER; -CREATE SCHEMA IF NOT EXISTS newschema4 AUTHORIZATION testrolx; +CREATE SCHEMA IF NOT EXISTS newschema4 AUTHORIZATION regress_testrolx; CREATE SCHEMA IF NOT EXISTS newschema5 AUTHORIZATION "Public"; CREATE SCHEMA IF NOT EXISTS newschema6 AUTHORIZATION USER; -- error ERROR: syntax error at or near "USER" @@ -503,18 +503,18 @@ ERROR: role "nonexistent" does not exist SELECT n.nspname, r.rolname FROM pg_namespace n JOIN pg_roles r ON (r.oid = n.nspowner) WHERE n.nspname LIKE 'newschema_' ORDER BY 1; - nspname | rolname -------------+-------------- - newschema1 | testrol2 + nspname | rolname +------------+------------------ + newschema1 | regress_testrol2 newschema2 | current_user - newschema3 | testrol1 - newschema4 | testrolx + newschema3 | regress_testrol1 + newschema4 | regress_testrolx newschema5 | Public (5 rows) -- ALTER TABLE OWNER TO \c - -SET SESSION AUTHORIZATION testrol0; +SET SESSION AUTHORIZATION regress_testrol0; set client_min_messages to error; CREATE TABLE testtab1 (a int); CREATE TABLE testtab2 (a int); @@ -523,12 +523,12 @@ CREATE TABLE testtab4 (a int); CREATE TABLE testtab5 (a int); CREATE TABLE testtab6 (a int); \c - -SET SESSION AUTHORIZATION testrol1; -SET ROLE testrol2; +SET SESSION AUTHORIZATION regress_testrol1; +SET ROLE regress_testrol2; ALTER TABLE testtab1 OWNER TO CURRENT_USER; ALTER TABLE testtab2 OWNER TO "current_user"; ALTER TABLE testtab3 OWNER TO SESSION_USER; -ALTER TABLE testtab4 OWNER TO testrolx; +ALTER TABLE testtab4 OWNER TO regress_testrolx; ALTER TABLE testtab5 OWNER TO "Public"; ALTER TABLE testtab6 OWNER TO CURRENT_ROLE; -- error ERROR: syntax error at or near "CURRENT_ROLE" @@ -548,21 +548,21 @@ SELECT c.relname, r.rolname FROM pg_class c JOIN pg_roles r ON (r.oid = c.relowner) WHERE relname LIKE 'testtab_' ORDER BY 1; - relname | rolname -----------+-------------- - testtab1 | testrol2 + relname | rolname +----------+------------------ + testtab1 | regress_testrol2 testtab2 | current_user - testtab3 | testrol1 - testtab4 | testrolx + testtab3 | regress_testrol1 + testtab4 | regress_testrolx testtab5 | Public - testtab6 | testrol0 + testtab6 | regress_testrol0 (6 rows) -- ALTER TABLE, VIEW, MATERIALIZED VIEW, FOREIGN TABLE, SEQUENCE are -- changed their owner in the same way. -- ALTER AGGREGATE \c - -SET SESSION AUTHORIZATION testrol0; +SET SESSION AUTHORIZATION regress_testrol0; CREATE AGGREGATE testagg1(int2) (SFUNC = int2_sum, STYPE = int8); CREATE AGGREGATE testagg2(int2) (SFUNC = int2_sum, STYPE = int8); CREATE AGGREGATE testagg3(int2) (SFUNC = int2_sum, STYPE = int8); @@ -575,12 +575,12 @@ CREATE AGGREGATE testagg7(int2) (SFUNC = int2_sum, STYPE = int8); CREATE AGGREGATE testagg8(int2) (SFUNC = int2_sum, STYPE = int8); CREATE AGGREGATE testagg9(int2) (SFUNC = int2_sum, STYPE = int8); \c - -SET SESSION AUTHORIZATION testrol1; -SET ROLE testrol2; +SET SESSION AUTHORIZATION regress_testrol1; +SET ROLE regress_testrol2; ALTER AGGREGATE testagg1(int2) OWNER TO CURRENT_USER; ALTER AGGREGATE testagg2(int2) OWNER TO "current_user"; ALTER AGGREGATE testagg3(int2) OWNER TO SESSION_USER; -ALTER AGGREGATE testagg4(int2) OWNER TO testrolx; +ALTER AGGREGATE testagg4(int2) OWNER TO regress_testrolx; ALTER AGGREGATE testagg5(int2) OWNER TO "Public"; ALTER AGGREGATE testagg5(int2) OWNER TO CURRENT_ROLE; -- error ERROR: syntax error at or near "CURRENT_ROLE" @@ -600,17 +600,17 @@ SELECT p.proname, r.rolname FROM pg_proc p JOIN pg_roles r ON (r.oid = p.proowner) WHERE proname LIKE 'testagg_' ORDER BY 1; - proname | rolname -----------+-------------- - testagg1 | testrol2 + proname | rolname +----------+------------------ + testagg1 | regress_testrol2 testagg2 | current_user - testagg3 | testrol1 - testagg4 | testrolx + testagg3 | regress_testrol1 + testagg4 | regress_testrolx testagg5 | Public - testagg6 | testrol0 - testagg7 | testrol0 - testagg8 | testrol0 - testagg9 | testrol0 + testagg6 | regress_testrol0 + testagg7 | regress_testrol0 + testagg8 | regress_testrol0 + testagg9 | regress_testrol0 (9 rows) -- CREATE USER MAPPING @@ -631,7 +631,7 @@ CREATE USER MAPPING FOR "user" SERVER sv4 OPTIONS (user '"USER"'); CREATE USER MAPPING FOR SESSION_USER SERVER sv5 OPTIONS (user 'SESSION_USER'); CREATE USER MAPPING FOR PUBLIC SERVER sv6 OPTIONS (user 'PUBLIC'); CREATE USER MAPPING FOR "Public" SERVER sv7 OPTIONS (user '"Public"'); -CREATE USER MAPPING FOR testrolx SERVER sv8 OPTIONS (user 'testrolx'); +CREATE USER MAPPING FOR regress_testrolx SERVER sv8 OPTIONS (user 'regress_testrolx'); CREATE USER MAPPING FOR CURRENT_ROLE SERVER sv9 OPTIONS (user 'CURRENT_ROLE'); -- error ERROR: syntax error at or near "CURRENT_ROLE" @@ -641,16 +641,16 @@ CREATE USER MAPPING FOR nonexistent SERVER sv9 OPTIONS (user 'nonexistent'); -- error; ERROR: role "nonexistent" does not exist SELECT * FROM chkumapping(); - umname | umserver | umoptions ---------------+----------+--------------------------- - testrol2 | sv1 | {user=CURRENT_USER} - current_user | sv2 | {"user=\"current_user\""} - testrol2 | sv3 | {user=USER} - user | sv4 | {"user=\"USER\""} - testrol1 | sv5 | {user=SESSION_USER} - | sv6 | {user=PUBLIC} - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+--------------------------- + regress_testrol2 | sv1 | {user=CURRENT_USER} + current_user | sv2 | {"user=\"current_user\""} + regress_testrol2 | sv3 | {user=USER} + user | sv4 | {"user=\"USER\""} + regress_testrol1 | sv5 | {user=SESSION_USER} + | sv6 | {user=PUBLIC} + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (8 rows) -- ALTER USER MAPPING @@ -668,8 +668,8 @@ ALTER USER MAPPING FOR PUBLIC SERVER sv6 OPTIONS (SET user 'public_alt'); ALTER USER MAPPING FOR "Public" SERVER sv7 OPTIONS (SET user '"Public"_alt'); -ALTER USER MAPPING FOR testrolx SERVER sv8 - OPTIONS (SET user 'testrolx_alt'); +ALTER USER MAPPING FOR regress_testrolx SERVER sv8 + OPTIONS (SET user 'regress_testrolx_alt'); ALTER USER MAPPING FOR CURRENT_ROLE SERVER sv9 OPTIONS (SET user 'CURRENT_ROLE_alt'); ERROR: syntax error at or near "CURRENT_ROLE" @@ -679,16 +679,16 @@ ALTER USER MAPPING FOR nonexistent SERVER sv9 OPTIONS (SET user 'nonexistent_alt'); -- error ERROR: role "nonexistent" does not exist SELECT * FROM chkumapping(); - umname | umserver | umoptions ---------------+----------+------------------------------- - testrol2 | sv1 | {user=CURRENT_USER_alt} - current_user | sv2 | {"user=\"current_user\"_alt"} - testrol2 | sv3 | {user=USER_alt} - user | sv4 | {"user=\"user\"_alt"} - testrol1 | sv5 | {user=SESSION_USER_alt} - | sv6 | {user=public_alt} - Public | sv7 | {"user=\"Public\"_alt"} - testrolx | sv8 | {user=testrolx_alt} + umname | umserver | umoptions +------------------+----------+------------------------------- + regress_testrol2 | sv1 | {user=CURRENT_USER_alt} + current_user | sv2 | {"user=\"current_user\"_alt"} + regress_testrol2 | sv3 | {user=USER_alt} + user | sv4 | {"user=\"user\"_alt"} + regress_testrol1 | sv5 | {user=SESSION_USER_alt} + | sv6 | {user=public_alt} + Public | sv7 | {"user=\"Public\"_alt"} + regress_testrolx | sv8 | {user=regress_testrolx_alt} (8 rows) -- DROP USER MAPPING @@ -699,7 +699,7 @@ DROP USER MAPPING FOR "user" SERVER sv4; DROP USER MAPPING FOR SESSION_USER SERVER sv5; DROP USER MAPPING FOR PUBLIC SERVER sv6; DROP USER MAPPING FOR "Public" SERVER sv7; -DROP USER MAPPING FOR testrolx SERVER sv8; +DROP USER MAPPING FOR regress_testrolx SERVER sv8; DROP USER MAPPING FOR CURRENT_ROLE SERVER sv9; -- error ERROR: syntax error at or near "CURRENT_ROLE" LINE 1: DROP USER MAPPING FOR CURRENT_ROLE SERVER sv9; @@ -718,92 +718,92 @@ CREATE USER MAPPING FOR "user" SERVER sv4 OPTIONS (user '"USER"'); CREATE USER MAPPING FOR SESSION_USER SERVER sv5 OPTIONS (user 'SESSION_USER'); CREATE USER MAPPING FOR PUBLIC SERVER sv6 OPTIONS (user 'PUBLIC'); CREATE USER MAPPING FOR "Public" SERVER sv7 OPTIONS (user '"Public"'); -CREATE USER MAPPING FOR testrolx SERVER sv8 OPTIONS (user 'testrolx'); +CREATE USER MAPPING FOR regress_testrolx SERVER sv8 OPTIONS (user 'regress_testrolx'); SELECT * FROM chkumapping(); - umname | umserver | umoptions ---------------+----------+--------------------------- - testrol2 | sv1 | {user=CURRENT_USER} - current_user | sv2 | {"user=\"current_user\""} - testrol2 | sv3 | {user=USER} - user | sv4 | {"user=\"USER\""} - testrol1 | sv5 | {user=SESSION_USER} - | sv6 | {user=PUBLIC} - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+--------------------------- + regress_testrol2 | sv1 | {user=CURRENT_USER} + current_user | sv2 | {"user=\"current_user\""} + regress_testrol2 | sv3 | {user=USER} + user | sv4 | {"user=\"USER\""} + regress_testrol1 | sv5 | {user=SESSION_USER} + | sv6 | {user=PUBLIC} + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (8 rows) -- DROP USER MAPPING IF EXISTS DROP USER MAPPING IF EXISTS FOR CURRENT_USER SERVER sv1; SELECT * FROM chkumapping(); - umname | umserver | umoptions ---------------+----------+--------------------------- - current_user | sv2 | {"user=\"current_user\""} - testrol2 | sv3 | {user=USER} - user | sv4 | {"user=\"USER\""} - testrol1 | sv5 | {user=SESSION_USER} - | sv6 | {user=PUBLIC} - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+--------------------------- + current_user | sv2 | {"user=\"current_user\""} + regress_testrol2 | sv3 | {user=USER} + user | sv4 | {"user=\"USER\""} + regress_testrol1 | sv5 | {user=SESSION_USER} + | sv6 | {user=PUBLIC} + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (7 rows) DROP USER MAPPING IF EXISTS FOR "current_user" SERVER sv2; SELECT * FROM chkumapping(); - umname | umserver | umoptions -----------+----------+--------------------- - testrol2 | sv3 | {user=USER} - user | sv4 | {"user=\"USER\""} - testrol1 | sv5 | {user=SESSION_USER} - | sv6 | {user=PUBLIC} - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+------------------------- + regress_testrol2 | sv3 | {user=USER} + user | sv4 | {"user=\"USER\""} + regress_testrol1 | sv5 | {user=SESSION_USER} + | sv6 | {user=PUBLIC} + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (6 rows) DROP USER MAPPING IF EXISTS FOR USER SERVER sv3; SELECT * FROM chkumapping(); - umname | umserver | umoptions -----------+----------+--------------------- - user | sv4 | {"user=\"USER\""} - testrol1 | sv5 | {user=SESSION_USER} - | sv6 | {user=PUBLIC} - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+------------------------- + user | sv4 | {"user=\"USER\""} + regress_testrol1 | sv5 | {user=SESSION_USER} + | sv6 | {user=PUBLIC} + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (5 rows) DROP USER MAPPING IF EXISTS FOR "user" SERVER sv4; SELECT * FROM chkumapping(); - umname | umserver | umoptions -----------+----------+--------------------- - testrol1 | sv5 | {user=SESSION_USER} - | sv6 | {user=PUBLIC} - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+------------------------- + regress_testrol1 | sv5 | {user=SESSION_USER} + | sv6 | {user=PUBLIC} + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (4 rows) DROP USER MAPPING IF EXISTS FOR SESSION_USER SERVER sv5; SELECT * FROM chkumapping(); - umname | umserver | umoptions -----------+----------+--------------------- - | sv6 | {user=PUBLIC} - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+------------------------- + | sv6 | {user=PUBLIC} + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (3 rows) DROP USER MAPPING IF EXISTS FOR PUBLIC SERVER sv6; SELECT * FROM chkumapping(); - umname | umserver | umoptions -----------+----------+--------------------- - Public | sv7 | {"user=\"Public\""} - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+------------------------- + Public | sv7 | {"user=\"Public\""} + regress_testrolx | sv8 | {user=regress_testrolx} (2 rows) DROP USER MAPPING IF EXISTS FOR "Public" SERVER sv7; SELECT * FROM chkumapping(); - umname | umserver | umoptions -----------+----------+----------------- - testrolx | sv8 | {user=testrolx} + umname | umserver | umoptions +------------------+----------+------------------------- + regress_testrolx | sv8 | {user=regress_testrolx} (1 row) -DROP USER MAPPING IF EXISTS FOR testrolx SERVER sv8; +DROP USER MAPPING IF EXISTS FOR regress_testrolx SERVER sv8; SELECT * FROM chkumapping(); umname | umserver | umoptions --------+----------+----------- @@ -816,11 +816,11 @@ LINE 1: DROP USER MAPPING IF EXISTS FOR CURRENT_ROLE SERVER sv9; DROP USER MAPPING IF EXISTS FOR nonexistent SERVER sv9; -- error NOTICE: role "nonexistent" does not exist, skipping -- GRANT/REVOKE -GRANT testrol0 TO pg_signal_backend; -- success +GRANT regress_testrol0 TO pg_signal_backend; -- success SET ROLE pg_signal_backend; --success RESET ROLE; CREATE SCHEMA test_schema AUTHORIZATION pg_signal_backend; --success -SET ROLE testrol2; +SET ROLE regress_testrol2; UPDATE pg_proc SET proacl = null WHERE proname LIKE 'testagg_'; SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; proname | proacl @@ -849,21 +849,21 @@ GRANT ALL PRIVILEGES ON FUNCTION testagg2(int2) TO CURRENT_USER; GRANT ALL PRIVILEGES ON FUNCTION testagg3(int2) TO "current_user"; GRANT ALL PRIVILEGES ON FUNCTION testagg4(int2) TO SESSION_USER; GRANT ALL PRIVILEGES ON FUNCTION testagg5(int2) TO "Public"; -GRANT ALL PRIVILEGES ON FUNCTION testagg6(int2) TO testrolx; +GRANT ALL PRIVILEGES ON FUNCTION testagg6(int2) TO regress_testrolx; GRANT ALL PRIVILEGES ON FUNCTION testagg7(int2) TO "public"; GRANT ALL PRIVILEGES ON FUNCTION testagg8(int2) - TO current_user, public, testrolx; + TO current_user, public, regress_testrolx; SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; - proname | proacl -----------+--------------------------------------------------------------------------- - testagg1 | {testrol2=X/testrol2,=X/testrol2} - testagg2 | {current_user=X/current_user,testrol2=X/current_user} - testagg3 | {testrol1=X/testrol1,current_user=X/testrol1} - testagg4 | {testrolx=X/testrolx,testrol1=X/testrolx} + proname | proacl +----------+----------------------------------------------------------------------------------------------------------------------------------- + testagg1 | {regress_testrol2=X/regress_testrol2,=X/regress_testrol2} + testagg2 | {current_user=X/current_user,regress_testrol2=X/current_user} + testagg3 | {regress_testrol1=X/regress_testrol1,current_user=X/regress_testrol1} + testagg4 | {regress_testrolx=X/regress_testrolx,regress_testrol1=X/regress_testrolx} testagg5 | {Public=X/Public} - testagg6 | {testrol0=X/testrol0,testrolx=X/testrol0} - testagg7 | {testrol0=X/testrol0,=X/testrol0} - testagg8 | {testrol0=X/testrol0,testrol2=X/testrol0,=X/testrol0,testrolx=X/testrol0} + testagg6 | {regress_testrol0=X/regress_testrol0,regress_testrolx=X/regress_testrol0} + testagg7 | {regress_testrol0=X/regress_testrol0,=X/regress_testrol0} + testagg8 | {regress_testrol0=X/regress_testrol0,regress_testrol2=X/regress_testrol0,=X/regress_testrol0,regress_testrolx=X/regress_testrol0} testagg9 | (9 rows) @@ -884,16 +884,16 @@ ERROR: role name "none" is reserved LINE 1: GRANT ALL PRIVILEGES ON FUNCTION testagg9(int2) TO "none"; ^ SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; - proname | proacl -----------+--------------------------------------------------------------------------- - testagg1 | {testrol2=X/testrol2,=X/testrol2} - testagg2 | {current_user=X/current_user,testrol2=X/current_user} - testagg3 | {testrol1=X/testrol1,current_user=X/testrol1} - testagg4 | {testrolx=X/testrolx,testrol1=X/testrolx} + proname | proacl +----------+----------------------------------------------------------------------------------------------------------------------------------- + testagg1 | {regress_testrol2=X/regress_testrol2,=X/regress_testrol2} + testagg2 | {current_user=X/current_user,regress_testrol2=X/current_user} + testagg3 | {regress_testrol1=X/regress_testrol1,current_user=X/regress_testrol1} + testagg4 | {regress_testrolx=X/regress_testrolx,regress_testrol1=X/regress_testrolx} testagg5 | {Public=X/Public} - testagg6 | {testrol0=X/testrol0,testrolx=X/testrol0} - testagg7 | {testrol0=X/testrol0,=X/testrol0} - testagg8 | {testrol0=X/testrol0,testrol2=X/testrol0,=X/testrol0,testrolx=X/testrol0} + testagg6 | {regress_testrol0=X/regress_testrol0,regress_testrolx=X/regress_testrol0} + testagg7 | {regress_testrol0=X/regress_testrol0,=X/regress_testrol0} + testagg8 | {regress_testrol0=X/regress_testrol0,regress_testrol2=X/regress_testrol0,=X/regress_testrol0,regress_testrolx=X/regress_testrol0} testagg9 | (9 rows) @@ -902,21 +902,21 @@ REVOKE ALL PRIVILEGES ON FUNCTION testagg2(int2) FROM CURRENT_USER; REVOKE ALL PRIVILEGES ON FUNCTION testagg3(int2) FROM "current_user"; REVOKE ALL PRIVILEGES ON FUNCTION testagg4(int2) FROM SESSION_USER; REVOKE ALL PRIVILEGES ON FUNCTION testagg5(int2) FROM "Public"; -REVOKE ALL PRIVILEGES ON FUNCTION testagg6(int2) FROM testrolx; +REVOKE ALL PRIVILEGES ON FUNCTION testagg6(int2) FROM regress_testrolx; REVOKE ALL PRIVILEGES ON FUNCTION testagg7(int2) FROM "public"; REVOKE ALL PRIVILEGES ON FUNCTION testagg8(int2) - FROM current_user, public, testrolx; + FROM current_user, public, regress_testrolx; SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; - proname | proacl -----------+------------------------------- - testagg1 | {testrol2=X/testrol2} + proname | proacl +----------+--------------------------------------- + testagg1 | {regress_testrol2=X/regress_testrol2} testagg2 | {current_user=X/current_user} - testagg3 | {testrol1=X/testrol1} - testagg4 | {testrolx=X/testrolx} + testagg3 | {regress_testrol1=X/regress_testrol1} + testagg4 | {regress_testrolx=X/regress_testrolx} testagg5 | {} - testagg6 | {testrol0=X/testrol0} - testagg7 | {testrol0=X/testrol0} - testagg8 | {testrol0=X/testrol0} + testagg6 | {regress_testrol0=X/regress_testrol0} + testagg7 | {regress_testrol0=X/regress_testrol0} + testagg8 | {regress_testrol0=X/regress_testrol0} testagg9 | (9 rows) @@ -937,22 +937,22 @@ ERROR: role name "none" is reserved LINE 1: ...EVOKE ALL PRIVILEGES ON FUNCTION testagg9(int2) FROM "none"; ^ SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; - proname | proacl -----------+------------------------------- - testagg1 | {testrol2=X/testrol2} + proname | proacl +----------+--------------------------------------- + testagg1 | {regress_testrol2=X/regress_testrol2} testagg2 | {current_user=X/current_user} - testagg3 | {testrol1=X/testrol1} - testagg4 | {testrolx=X/testrolx} + testagg3 | {regress_testrol1=X/regress_testrol1} + testagg4 | {regress_testrolx=X/regress_testrolx} testagg5 | {} - testagg6 | {testrol0=X/testrol0} - testagg7 | {testrol0=X/testrol0} - testagg8 | {testrol0=X/testrol0} + testagg6 | {regress_testrol0=X/regress_testrol0} + testagg7 | {regress_testrol0=X/regress_testrol0} + testagg8 | {regress_testrol0=X/regress_testrol0} testagg9 | (9 rows) -- clean up \c DROP SCHEMA test_schema; -DROP OWNED BY testrol0, "Public", "current_user", testrol1, testrol2, testrolx CASCADE; -DROP ROLE testrol0, testrol1, testrol2, testrolx; +DROP OWNED BY regress_testrol0, "Public", "current_user", regress_testrol1, regress_testrol2, regress_testrolx CASCADE; +DROP ROLE regress_testrol0, regress_testrol1, regress_testrol2, regress_testrolx; DROP ROLE "Public", "None", "current_user", "session_user", "user"; diff --git a/src/test/regress/expected/security_label.out b/src/test/regress/expected/security_label.out index 10b062a355e..a8e01a6220a 100644 --- a/src/test/regress/expected/security_label.out +++ b/src/test/regress/expected/security_label.out @@ -3,21 +3,18 @@ -- -- initial setups SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS seclabel_user1; -DROP ROLE IF EXISTS seclabel_user2; -DROP TABLE IF EXISTS seclabel_tbl1; -DROP TABLE IF EXISTS seclabel_tbl2; -DROP TABLE IF EXISTS seclabel_tbl3; -CREATE USER seclabel_user1 WITH CREATEROLE; -CREATE USER seclabel_user2; +DROP ROLE IF EXISTS regress_seclabel_user1; +DROP ROLE IF EXISTS regress_seclabel_user2; +RESET client_min_messages; +CREATE USER regress_seclabel_user1 WITH CREATEROLE; +CREATE USER regress_seclabel_user2; CREATE TABLE seclabel_tbl1 (a int, b text); CREATE TABLE seclabel_tbl2 (x int, y text); CREATE VIEW seclabel_view1 AS SELECT * FROM seclabel_tbl2; CREATE FUNCTION seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql; CREATE DOMAIN seclabel_domain AS text; -ALTER TABLE seclabel_tbl1 OWNER TO seclabel_user1; -ALTER TABLE seclabel_tbl2 OWNER TO seclabel_user2; -RESET client_min_messages; +ALTER TABLE seclabel_tbl1 OWNER TO regress_seclabel_user1; +ALTER TABLE seclabel_tbl2 OWNER TO regress_seclabel_user2; -- -- Test of SECURITY LABEL statement without a plugin -- @@ -29,13 +26,13 @@ SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail ERROR: no security label providers have been loaded SECURITY LABEL ON TABLE seclabel_tbl3 IS 'unclassified'; -- fail ERROR: no security label providers have been loaded -SECURITY LABEL ON ROLE seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user1 IS 'classified'; -- fail ERROR: no security label providers have been loaded -SECURITY LABEL FOR 'dummy' ON ROLE seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL FOR 'dummy' ON ROLE regress_seclabel_user1 IS 'classified'; -- fail ERROR: security label provider "dummy" is not loaded -SECURITY LABEL ON ROLE seclabel_user1 IS '...invalid label...'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user1 IS '...invalid label...'; -- fail ERROR: no security label providers have been loaded -SECURITY LABEL ON ROLE seclabel_user3 IS 'unclassified'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user3 IS 'unclassified'; -- fail ERROR: no security label providers have been loaded -- clean up objects DROP FUNCTION seclabel_four(); @@ -43,5 +40,5 @@ DROP DOMAIN seclabel_domain; DROP VIEW seclabel_view1; DROP TABLE seclabel_tbl1; DROP TABLE seclabel_tbl2; -DROP USER seclabel_user1; -DROP USER seclabel_user2; +DROP USER regress_seclabel_user1; +DROP USER regress_seclabel_user2; diff --git a/src/test/regress/expected/select_into.out b/src/test/regress/expected/select_into.out index cee77e7f197..5d54bbf3b0f 100644 --- a/src/test/regress/expected/select_into.out +++ b/src/test/regress/expected/select_into.out @@ -15,11 +15,11 @@ DROP TABLE tmp1; -- SELECT INTO and INSERT permission, if owner is not allowed to insert. -- CREATE SCHEMA selinto_schema; -CREATE USER selinto_user; -ALTER DEFAULT PRIVILEGES FOR ROLE selinto_user - REVOKE INSERT ON TABLES FROM selinto_user; +CREATE USER regress_selinto_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user + REVOKE INSERT ON TABLES FROM regress_selinto_user; GRANT ALL ON SCHEMA selinto_schema TO public; -SET SESSION AUTHORIZATION selinto_user; +SET SESSION AUTHORIZATION regress_selinto_user; SELECT * INTO TABLE selinto_schema.tmp1 FROM pg_class WHERE relname like '%a%'; -- Error ERROR: permission denied for relation tmp1 @@ -32,9 +32,9 @@ CREATE TABLE selinto_schema.tmp3 (a,b,c) WHERE relname like '%c%'; -- Error ERROR: permission denied for relation tmp3 RESET SESSION AUTHORIZATION; -ALTER DEFAULT PRIVILEGES FOR ROLE selinto_user - GRANT INSERT ON TABLES TO selinto_user; -SET SESSION AUTHORIZATION selinto_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user + GRANT INSERT ON TABLES TO regress_selinto_user; +SET SESSION AUTHORIZATION regress_selinto_user; SELECT * INTO TABLE selinto_schema.tmp1 FROM pg_class WHERE relname like '%a%'; -- OK SELECT oid AS clsoid, relname, relnatts + 10 AS x @@ -49,7 +49,7 @@ NOTICE: drop cascades to 3 other objects DETAIL: drop cascades to table selinto_schema.tmp1 drop cascades to table selinto_schema.tmp2 drop cascades to table selinto_schema.tmp3 -DROP USER selinto_user; +DROP USER regress_selinto_user; -- Tests for WITH NO DATA and column name consistency CREATE TABLE ctas_base (i int, j int); INSERT INTO ctas_base VALUES (1, 2); diff --git a/src/test/regress/expected/sequence.out b/src/test/regress/expected/sequence.out index 8783ca62a6f..4ffbe92ab37 100644 --- a/src/test/regress/expected/sequence.out +++ b/src/test/regress/expected/sequence.out @@ -366,22 +366,22 @@ DROP SEQUENCE seq2; -- should fail SELECT lastval(); ERROR: lastval is not yet defined in this session -CREATE USER seq_user; +CREATE USER regress_seq_user; -- privileges tests -- nextval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT nextval('seq3'); ERROR: permission denied for sequence seq3 ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT nextval('seq3'); nextval --------- @@ -390,10 +390,10 @@ SELECT nextval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT nextval('seq3'); nextval --------- @@ -403,7 +403,7 @@ SELECT nextval('seq3'); ROLLBACK; -- currval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -411,8 +411,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT currval('seq3'); currval --------- @@ -421,7 +421,7 @@ SELECT currval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -429,13 +429,13 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT currval('seq3'); ERROR: permission denied for sequence seq3 ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -443,8 +443,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT currval('seq3'); currval --------- @@ -454,7 +454,7 @@ SELECT currval('seq3'); ROLLBACK; -- lastval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -462,8 +462,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT lastval(); lastval --------- @@ -472,7 +472,7 @@ SELECT lastval(); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -480,13 +480,13 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT lastval(); ERROR: permission denied for sequence seq3 ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -494,8 +494,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT lastval(); lastval --------- @@ -515,5 +515,5 @@ SELECT * FROM information_schema.sequences WHERE sequence_name IN regression | public | sequence_test2 | bigint | 64 | 2 | 0 | 32 | 5 | 36 | 4 | YES (1 row) -DROP USER seq_user; +DROP USER regress_seq_user; DROP SEQUENCE seq; diff --git a/src/test/regress/expected/sequence_1.out b/src/test/regress/expected/sequence_1.out index 951fc9e791d..05da2bf1ade 100644 --- a/src/test/regress/expected/sequence_1.out +++ b/src/test/regress/expected/sequence_1.out @@ -366,22 +366,22 @@ DROP SEQUENCE seq2; -- should fail SELECT lastval(); ERROR: lastval is not yet defined in this session -CREATE USER seq_user; +CREATE USER regress_seq_user; -- privileges tests -- nextval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT nextval('seq3'); ERROR: permission denied for sequence seq3 ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT nextval('seq3'); nextval --------- @@ -390,10 +390,10 @@ SELECT nextval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT nextval('seq3'); nextval --------- @@ -403,7 +403,7 @@ SELECT nextval('seq3'); ROLLBACK; -- currval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -411,8 +411,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT currval('seq3'); currval --------- @@ -421,7 +421,7 @@ SELECT currval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -429,13 +429,13 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT currval('seq3'); ERROR: permission denied for sequence seq3 ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -443,8 +443,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT currval('seq3'); currval --------- @@ -454,7 +454,7 @@ SELECT currval('seq3'); ROLLBACK; -- lastval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -462,8 +462,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT lastval(); lastval --------- @@ -472,7 +472,7 @@ SELECT lastval(); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -480,13 +480,13 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT lastval(); ERROR: permission denied for sequence seq3 ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); nextval @@ -494,8 +494,8 @@ SELECT nextval('seq3'); 1 (1 row) -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT lastval(); lastval --------- @@ -515,5 +515,5 @@ SELECT * FROM information_schema.sequences WHERE sequence_name IN regression | public | sequence_test2 | bigint | 64 | 2 | 0 | 32 | 5 | 36 | 4 | YES (1 row) -DROP USER seq_user; +DROP USER regress_seq_user; DROP SEQUENCE seq; diff --git a/src/test/regress/expected/updatable_views.out b/src/test/regress/expected/updatable_views.out index c5dfbb5dee8..f60991eed0c 100644 --- a/src/test/regress/expected/updatable_views.out +++ b/src/test/regress/expected/updatable_views.out @@ -961,19 +961,19 @@ NOTICE: drop cascades to 2 other objects DETAIL: drop cascades to view rw_view1 drop cascades to function rw_view1_aa(rw_view1) -- permissions checks -CREATE USER view_user1; -CREATE USER view_user2; -SET SESSION AUTHORIZATION view_user1; +CREATE USER regress_view_user1; +CREATE USER regress_view_user2; +SET SESSION AUTHORIZATION regress_view_user1; CREATE TABLE base_tbl(a int, b text, c float); INSERT INTO base_tbl VALUES (1, 'Row 1', 1.0); CREATE VIEW rw_view1 AS SELECT b AS bb, c AS cc, a AS aa FROM base_tbl; INSERT INTO rw_view1 VALUES ('Row 2', 2.0, 2); -GRANT SELECT ON base_tbl TO view_user2; -GRANT SELECT ON rw_view1 TO view_user2; -GRANT UPDATE (a,c) ON base_tbl TO view_user2; -GRANT UPDATE (bb,cc) ON rw_view1 TO view_user2; +GRANT SELECT ON base_tbl TO regress_view_user2; +GRANT SELECT ON rw_view1 TO regress_view_user2; +GRANT UPDATE (a,c) ON base_tbl TO regress_view_user2; +GRANT UPDATE (bb,cc) ON rw_view1 TO regress_view_user2; RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user2; +SET SESSION AUTHORIZATION regress_view_user2; CREATE VIEW rw_view2 AS SELECT b AS bb, c AS cc, a AS aa FROM base_tbl; SELECT * FROM base_tbl; -- ok a | b | c @@ -1018,10 +1018,10 @@ ERROR: permission denied for relation rw_view1 DELETE FROM rw_view2; -- not allowed ERROR: permission denied for relation base_tbl RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user1; -GRANT INSERT, DELETE ON base_tbl TO view_user2; +SET SESSION AUTHORIZATION regress_view_user1; +GRANT INSERT, DELETE ON base_tbl TO regress_view_user2; RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user2; +SET SESSION AUTHORIZATION regress_view_user2; INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- ok INSERT INTO rw_view1 VALUES ('Row 4', 4.0, 4); -- not allowed ERROR: permission denied for relation rw_view1 @@ -1038,11 +1038,11 @@ SELECT * FROM base_tbl; (2 rows) RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user1; -REVOKE INSERT, DELETE ON base_tbl FROM view_user2; -GRANT INSERT, DELETE ON rw_view1 TO view_user2; +SET SESSION AUTHORIZATION regress_view_user1; +REVOKE INSERT, DELETE ON base_tbl FROM regress_view_user2; +GRANT INSERT, DELETE ON rw_view1 TO regress_view_user2; RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user2; +SET SESSION AUTHORIZATION regress_view_user2; INSERT INTO base_tbl VALUES (5, 'Row 5', 5.0); -- not allowed ERROR: permission denied for relation base_tbl INSERT INTO rw_view1 VALUES ('Row 5', 5.0, 5); -- ok @@ -1065,8 +1065,8 @@ DROP TABLE base_tbl CASCADE; NOTICE: drop cascades to 2 other objects DETAIL: drop cascades to view rw_view1 drop cascades to view rw_view2 -DROP USER view_user1; -DROP USER view_user2; +DROP USER regress_view_user1; +DROP USER regress_view_user2; -- column defaults CREATE TABLE base_tbl (a int PRIMARY KEY, b text DEFAULT 'Unspecified', c serial); INSERT INTO base_tbl VALUES (1, 'Row 1'); diff --git a/src/test/regress/input/largeobject.source b/src/test/regress/input/largeobject.source index a19959a1b87..96d75bccfbb 100644 --- a/src/test/regress/input/largeobject.source +++ b/src/test/regress/input/largeobject.source @@ -13,11 +13,11 @@ CREATE TABLE lotest_stash_values (loid oid, fd integer); INSERT INTO lotest_stash_values (loid) SELECT lo_creat(42); -- Test ALTER LARGE OBJECT -CREATE ROLE regresslo; +CREATE ROLE regress_lo_user; DO $$ BEGIN EXECUTE 'ALTER LARGE OBJECT ' || (select loid from lotest_stash_values) - || ' OWNER TO regresslo'; + || ' OWNER TO regress_lo_user'; END $$; SELECT @@ -255,4 +255,4 @@ SELECT lo_get(:newloid); DROP TABLE lotest_stash_values; -DROP ROLE regresslo; +DROP ROLE regress_lo_user; diff --git a/src/test/regress/input/tablespace.source b/src/test/regress/input/tablespace.source index 75ec689498f..041ec974008 100644 --- a/src/test/regress/input/tablespace.source +++ b/src/test/regress/input/tablespace.source @@ -1,27 +1,27 @@ -- create a tablespace using WITH clause -CREATE TABLESPACE testspacewith LOCATION '@testtablespace@' WITH (some_nonexistent_parameter = true); -- fail -CREATE TABLESPACE testspacewith LOCATION '@testtablespace@' WITH (random_page_cost = 3.0); -- ok +CREATE TABLESPACE regress_tblspacewith LOCATION '@testtablespace@' WITH (some_nonexistent_parameter = true); -- fail +CREATE TABLESPACE regress_tblspacewith LOCATION '@testtablespace@' WITH (random_page_cost = 3.0); -- ok -- check to see the parameter was used -SELECT spcoptions FROM pg_tablespace WHERE spcname = 'testspacewith'; +SELECT spcoptions FROM pg_tablespace WHERE spcname = 'regress_tblspacewith'; -- drop the tablespace so we can re-use the location -DROP TABLESPACE testspacewith; +DROP TABLESPACE regress_tblspacewith; -- create a tablespace we can use -CREATE TABLESPACE testspace LOCATION '@testtablespace@'; +CREATE TABLESPACE regress_tblspace LOCATION '@testtablespace@'; -- try setting and resetting some properties for the new tablespace -ALTER TABLESPACE testspace SET (random_page_cost = 1.0); -ALTER TABLESPACE testspace SET (some_nonexistent_parameter = true); -- fail -ALTER TABLESPACE testspace RESET (random_page_cost = 2.0); -- fail -ALTER TABLESPACE testspace RESET (random_page_cost, seq_page_cost); -- ok +ALTER TABLESPACE regress_tblspace SET (random_page_cost = 1.0); +ALTER TABLESPACE regress_tblspace SET (some_nonexistent_parameter = true); -- fail +ALTER TABLESPACE regress_tblspace RESET (random_page_cost = 2.0); -- fail +ALTER TABLESPACE regress_tblspace RESET (random_page_cost, seq_page_cost); -- ok -- create a schema we can use CREATE SCHEMA testschema; -- try a table -CREATE TABLE testschema.foo (i int) TABLESPACE testspace; +CREATE TABLE testschema.foo (i int) TABLESPACE regress_tblspace; SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'foo'; @@ -29,18 +29,18 @@ INSERT INTO testschema.foo VALUES(1); INSERT INTO testschema.foo VALUES(2); -- tables from dynamic sources -CREATE TABLE testschema.asselect TABLESPACE testspace AS SELECT 1; +CREATE TABLE testschema.asselect TABLESPACE regress_tblspace AS SELECT 1; SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'asselect'; PREPARE selectsource(int) AS SELECT $1; -CREATE TABLE testschema.asexecute TABLESPACE testspace +CREATE TABLE testschema.asexecute TABLESPACE regress_tblspace AS EXECUTE selectsource(2); SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'asexecute'; -- index -CREATE INDEX foo_idx on testschema.foo(i) TABLESPACE testspace; +CREATE INDEX foo_idx on testschema.foo(i) TABLESPACE regress_tblspace; SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'foo_idx'; @@ -48,43 +48,43 @@ SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c CREATE TABLE testschema.atable AS VALUES (1), (2); CREATE UNIQUE INDEX anindex ON testschema.atable(column1); -ALTER TABLE testschema.atable SET TABLESPACE testspace; -ALTER INDEX testschema.anindex SET TABLESPACE testspace; +ALTER TABLE testschema.atable SET TABLESPACE regress_tblspace; +ALTER INDEX testschema.anindex SET TABLESPACE regress_tblspace; INSERT INTO testschema.atable VALUES(3); -- ok INSERT INTO testschema.atable VALUES(1); -- fail (checks index) SELECT COUNT(*) FROM testschema.atable; -- checks heap -- Will fail with bad path -CREATE TABLESPACE badspace LOCATION '/no/such/location'; +CREATE TABLESPACE regress_badspace LOCATION '/no/such/location'; -- No such tablespace -CREATE TABLE bar (i int) TABLESPACE nosuchspace; +CREATE TABLE bar (i int) TABLESPACE regress_nosuchspace; -- Fail, not empty -DROP TABLESPACE testspace; +DROP TABLESPACE regress_tblspace; -CREATE ROLE tablespace_testuser1 login; -CREATE ROLE tablespace_testuser2 login; +CREATE ROLE regress_tablespace_user1 login; +CREATE ROLE regress_tablespace_user2 login; -ALTER TABLESPACE testspace OWNER TO tablespace_testuser1; +ALTER TABLESPACE regress_tblspace OWNER TO regress_tablespace_user1; -SET SESSION ROLE tablespace_testuser2; -CREATE TABLE tablespace_table (i int) TABLESPACE testspace; -- fail +SET SESSION ROLE regress_tablespace_user2; +CREATE TABLE tablespace_table (i int) TABLESPACE regress_tblspace; -- fail RESET ROLE; -ALTER TABLESPACE testspace RENAME TO testspace_renamed; +ALTER TABLESPACE regress_tblspace RENAME TO regress_tblspace_renamed; -ALTER TABLE ALL IN TABLESPACE testspace_renamed SET TABLESPACE pg_default; -ALTER INDEX ALL IN TABLESPACE testspace_renamed SET TABLESPACE pg_default; +ALTER TABLE ALL IN TABLESPACE regress_tblspace_renamed SET TABLESPACE pg_default; +ALTER INDEX ALL IN TABLESPACE regress_tblspace_renamed SET TABLESPACE pg_default; -- Should show notice that nothing was done -ALTER TABLE ALL IN TABLESPACE testspace_renamed SET TABLESPACE pg_default; +ALTER TABLE ALL IN TABLESPACE regress_tblspace_renamed SET TABLESPACE pg_default; -- Should succeed -DROP TABLESPACE testspace_renamed; +DROP TABLESPACE regress_tblspace_renamed; DROP SCHEMA testschema CASCADE; -DROP ROLE tablespace_testuser1; -DROP ROLE tablespace_testuser2; +DROP ROLE regress_tablespace_user1; +DROP ROLE regress_tablespace_user2; diff --git a/src/test/regress/output/largeobject.source b/src/test/regress/output/largeobject.source index 8b34ac491b4..906a24eac42 100644 --- a/src/test/regress/output/largeobject.source +++ b/src/test/regress/output/largeobject.source @@ -10,11 +10,11 @@ CREATE TABLE lotest_stash_values (loid oid, fd integer); -- returns the large object id INSERT INTO lotest_stash_values (loid) SELECT lo_creat(42); -- Test ALTER LARGE OBJECT -CREATE ROLE regresslo; +CREATE ROLE regress_lo_user; DO $$ BEGIN EXECUTE 'ALTER LARGE OBJECT ' || (select loid from lotest_stash_values) - || ' OWNER TO regresslo'; + || ' OWNER TO regress_lo_user'; END $$; SELECT @@ -23,9 +23,9 @@ FROM lotest_stash_values s JOIN pg_largeobject_metadata lo ON s.loid = lo.oid JOIN pg_authid rol ON lo.lomowner = rol.oid; - rolname ------------ - regresslo + rolname +----------------- + regress_lo_user (1 row) -- NOTE: large objects require transactions @@ -470,4 +470,4 @@ SELECT lo_get(:newloid); (1 row) DROP TABLE lotest_stash_values; -DROP ROLE regresslo; +DROP ROLE regress_lo_user; diff --git a/src/test/regress/output/largeobject_1.source b/src/test/regress/output/largeobject_1.source index 5167a014183..cec35d70d59 100644 --- a/src/test/regress/output/largeobject_1.source +++ b/src/test/regress/output/largeobject_1.source @@ -10,11 +10,11 @@ CREATE TABLE lotest_stash_values (loid oid, fd integer); -- returns the large object id INSERT INTO lotest_stash_values (loid) SELECT lo_creat(42); -- Test ALTER LARGE OBJECT -CREATE ROLE regresslo; +CREATE ROLE regress_lo_user; DO $$ BEGIN EXECUTE 'ALTER LARGE OBJECT ' || (select loid from lotest_stash_values) - || ' OWNER TO regresslo'; + || ' OWNER TO regress_lo_user'; END $$; SELECT @@ -23,9 +23,9 @@ FROM lotest_stash_values s JOIN pg_largeobject_metadata lo ON s.loid = lo.oid JOIN pg_authid rol ON lo.lomowner = rol.oid; - rolname ------------ - regresslo + rolname +----------------- + regress_lo_user (1 row) -- NOTE: large objects require transactions @@ -470,4 +470,4 @@ SELECT lo_get(:newloid); (1 row) DROP TABLE lotest_stash_values; -DROP ROLE regresslo; +DROP ROLE regress_lo_user; diff --git a/src/test/regress/output/tablespace.source b/src/test/regress/output/tablespace.source index ca606508f81..384f689ac10 100644 --- a/src/test/regress/output/tablespace.source +++ b/src/test/regress/output/tablespace.source @@ -1,71 +1,71 @@ -- create a tablespace using WITH clause -CREATE TABLESPACE testspacewith LOCATION '@testtablespace@' WITH (some_nonexistent_parameter = true); -- fail +CREATE TABLESPACE regress_tblspacewith LOCATION '@testtablespace@' WITH (some_nonexistent_parameter = true); -- fail ERROR: unrecognized parameter "some_nonexistent_parameter" -CREATE TABLESPACE testspacewith LOCATION '@testtablespace@' WITH (random_page_cost = 3.0); -- ok +CREATE TABLESPACE regress_tblspacewith LOCATION '@testtablespace@' WITH (random_page_cost = 3.0); -- ok -- check to see the parameter was used -SELECT spcoptions FROM pg_tablespace WHERE spcname = 'testspacewith'; +SELECT spcoptions FROM pg_tablespace WHERE spcname = 'regress_tblspacewith'; spcoptions ------------------------ {random_page_cost=3.0} (1 row) -- drop the tablespace so we can re-use the location -DROP TABLESPACE testspacewith; +DROP TABLESPACE regress_tblspacewith; -- create a tablespace we can use -CREATE TABLESPACE testspace LOCATION '@testtablespace@'; +CREATE TABLESPACE regress_tblspace LOCATION '@testtablespace@'; -- try setting and resetting some properties for the new tablespace -ALTER TABLESPACE testspace SET (random_page_cost = 1.0); -ALTER TABLESPACE testspace SET (some_nonexistent_parameter = true); -- fail +ALTER TABLESPACE regress_tblspace SET (random_page_cost = 1.0); +ALTER TABLESPACE regress_tblspace SET (some_nonexistent_parameter = true); -- fail ERROR: unrecognized parameter "some_nonexistent_parameter" -ALTER TABLESPACE testspace RESET (random_page_cost = 2.0); -- fail +ALTER TABLESPACE regress_tblspace RESET (random_page_cost = 2.0); -- fail ERROR: RESET must not include values for parameters -ALTER TABLESPACE testspace RESET (random_page_cost, seq_page_cost); -- ok +ALTER TABLESPACE regress_tblspace RESET (random_page_cost, seq_page_cost); -- ok -- create a schema we can use CREATE SCHEMA testschema; -- try a table -CREATE TABLE testschema.foo (i int) TABLESPACE testspace; +CREATE TABLE testschema.foo (i int) TABLESPACE regress_tblspace; SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'foo'; - relname | spcname ----------+----------- - foo | testspace + relname | spcname +---------+------------------ + foo | regress_tblspace (1 row) INSERT INTO testschema.foo VALUES(1); INSERT INTO testschema.foo VALUES(2); -- tables from dynamic sources -CREATE TABLE testschema.asselect TABLESPACE testspace AS SELECT 1; +CREATE TABLE testschema.asselect TABLESPACE regress_tblspace AS SELECT 1; SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'asselect'; - relname | spcname -----------+----------- - asselect | testspace + relname | spcname +----------+------------------ + asselect | regress_tblspace (1 row) PREPARE selectsource(int) AS SELECT $1; -CREATE TABLE testschema.asexecute TABLESPACE testspace +CREATE TABLE testschema.asexecute TABLESPACE regress_tblspace AS EXECUTE selectsource(2); SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'asexecute'; - relname | spcname ------------+----------- - asexecute | testspace + relname | spcname +-----------+------------------ + asexecute | regress_tblspace (1 row) -- index -CREATE INDEX foo_idx on testschema.foo(i) TABLESPACE testspace; +CREATE INDEX foo_idx on testschema.foo(i) TABLESPACE regress_tblspace; SELECT relname, spcname FROM pg_catalog.pg_tablespace t, pg_catalog.pg_class c where c.reltablespace = t.oid AND c.relname = 'foo_idx'; - relname | spcname ----------+----------- - foo_idx | testspace + relname | spcname +---------+------------------ + foo_idx | regress_tblspace (1 row) -- let's try moving a table from one place to another CREATE TABLE testschema.atable AS VALUES (1), (2); CREATE UNIQUE INDEX anindex ON testschema.atable(column1); -ALTER TABLE testschema.atable SET TABLESPACE testspace; -ALTER INDEX testschema.anindex SET TABLESPACE testspace; +ALTER TABLE testschema.atable SET TABLESPACE regress_tblspace; +ALTER INDEX testschema.anindex SET TABLESPACE regress_tblspace; INSERT INTO testschema.atable VALUES(3); -- ok INSERT INTO testschema.atable VALUES(1); -- fail (checks index) ERROR: duplicate key value violates unique constraint "anindex" @@ -77,34 +77,34 @@ SELECT COUNT(*) FROM testschema.atable; -- checks heap (1 row) -- Will fail with bad path -CREATE TABLESPACE badspace LOCATION '/no/such/location'; +CREATE TABLESPACE regress_badspace LOCATION '/no/such/location'; ERROR: directory "/no/such/location" does not exist -- No such tablespace -CREATE TABLE bar (i int) TABLESPACE nosuchspace; -ERROR: tablespace "nosuchspace" does not exist +CREATE TABLE bar (i int) TABLESPACE regress_nosuchspace; +ERROR: tablespace "regress_nosuchspace" does not exist -- Fail, not empty -DROP TABLESPACE testspace; -ERROR: tablespace "testspace" is not empty -CREATE ROLE tablespace_testuser1 login; -CREATE ROLE tablespace_testuser2 login; -ALTER TABLESPACE testspace OWNER TO tablespace_testuser1; -SET SESSION ROLE tablespace_testuser2; -CREATE TABLE tablespace_table (i int) TABLESPACE testspace; -- fail -ERROR: permission denied for tablespace testspace +DROP TABLESPACE regress_tblspace; +ERROR: tablespace "regress_tblspace" is not empty +CREATE ROLE regress_tablespace_user1 login; +CREATE ROLE regress_tablespace_user2 login; +ALTER TABLESPACE regress_tblspace OWNER TO regress_tablespace_user1; +SET SESSION ROLE regress_tablespace_user2; +CREATE TABLE tablespace_table (i int) TABLESPACE regress_tblspace; -- fail +ERROR: permission denied for tablespace regress_tblspace RESET ROLE; -ALTER TABLESPACE testspace RENAME TO testspace_renamed; -ALTER TABLE ALL IN TABLESPACE testspace_renamed SET TABLESPACE pg_default; -ALTER INDEX ALL IN TABLESPACE testspace_renamed SET TABLESPACE pg_default; +ALTER TABLESPACE regress_tblspace RENAME TO regress_tblspace_renamed; +ALTER TABLE ALL IN TABLESPACE regress_tblspace_renamed SET TABLESPACE pg_default; +ALTER INDEX ALL IN TABLESPACE regress_tblspace_renamed SET TABLESPACE pg_default; -- Should show notice that nothing was done -ALTER TABLE ALL IN TABLESPACE testspace_renamed SET TABLESPACE pg_default; -NOTICE: no matching relations in tablespace "testspace_renamed" found +ALTER TABLE ALL IN TABLESPACE regress_tblspace_renamed SET TABLESPACE pg_default; +NOTICE: no matching relations in tablespace "regress_tblspace_renamed" found -- Should succeed -DROP TABLESPACE testspace_renamed; +DROP TABLESPACE regress_tblspace_renamed; DROP SCHEMA testschema CASCADE; NOTICE: drop cascades to 4 other objects DETAIL: drop cascades to table testschema.foo drop cascades to table testschema.asselect drop cascades to table testschema.asexecute drop cascades to table testschema.atable -DROP ROLE tablespace_testuser1; -DROP ROLE tablespace_testuser2; +DROP ROLE regress_tablespace_user1; +DROP ROLE regress_tablespace_user2; diff --git a/src/test/regress/sql/alter_generic.sql b/src/test/regress/sql/alter_generic.sql index 8a811d47b33..c9ea4799672 100644 --- a/src/test/regress/sql/alter_generic.sql +++ b/src/test/regress/sql/alter_generic.sql @@ -5,15 +5,15 @@ -- Clean up in case a prior regression run failed SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS regtest_alter_user1; -DROP ROLE IF EXISTS regtest_alter_user2; -DROP ROLE IF EXISTS regtest_alter_user3; +DROP ROLE IF EXISTS regress_alter_user1; +DROP ROLE IF EXISTS regress_alter_user2; +DROP ROLE IF EXISTS regress_alter_user3; RESET client_min_messages; -CREATE USER regtest_alter_user3; -CREATE USER regtest_alter_user2; -CREATE USER regtest_alter_user1 IN ROLE regtest_alter_user3; +CREATE USER regress_alter_user3; +CREATE USER regress_alter_user2; +CREATE USER regress_alter_user1 IN ROLE regress_alter_user3; CREATE SCHEMA alt_nsp1; CREATE SCHEMA alt_nsp2; @@ -25,7 +25,7 @@ SET search_path = alt_nsp1, public; -- -- Function and Aggregate -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE FUNCTION alt_func1(int) RETURNS int LANGUAGE sql AS 'SELECT $1 + 1'; CREATE FUNCTION alt_func2(int) RETURNS int LANGUAGE sql @@ -37,23 +37,23 @@ CREATE AGGREGATE alt_agg2 ( sfunc1 = int4mi, basetype = int4, stype1 = int4, initcond = 0 ); ALTER AGGREGATE alt_func1(int) RENAME TO alt_func3; -- failed (not aggregate) -ALTER AGGREGATE alt_func1(int) OWNER TO regtest_alter_user3; -- failed (not aggregate) +ALTER AGGREGATE alt_func1(int) OWNER TO regress_alter_user3; -- failed (not aggregate) ALTER AGGREGATE alt_func1(int) SET SCHEMA alt_nsp2; -- failed (not aggregate) ALTER FUNCTION alt_func1(int) RENAME TO alt_func2; -- failed (name conflict) ALTER FUNCTION alt_func1(int) RENAME TO alt_func3; -- OK -ALTER FUNCTION alt_func2(int) OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER FUNCTION alt_func2(int) OWNER TO regtest_alter_user3; -- OK +ALTER FUNCTION alt_func2(int) OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER FUNCTION alt_func2(int) OWNER TO regress_alter_user3; -- OK ALTER FUNCTION alt_func2(int) SET SCHEMA alt_nsp1; -- OK, already there ALTER FUNCTION alt_func2(int) SET SCHEMA alt_nsp2; -- OK ALTER AGGREGATE alt_agg1(int) RENAME TO alt_agg2; -- failed (name conflict) ALTER AGGREGATE alt_agg1(int) RENAME TO alt_agg3; -- OK -ALTER AGGREGATE alt_agg2(int) OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER AGGREGATE alt_agg2(int) OWNER TO regtest_alter_user3; -- OK +ALTER AGGREGATE alt_agg2(int) OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER AGGREGATE alt_agg2(int) OWNER TO regress_alter_user3; -- OK ALTER AGGREGATE alt_agg2(int) SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE FUNCTION alt_func1(int) RETURNS int LANGUAGE sql AS 'SELECT $1 + 2'; CREATE FUNCTION alt_func2(int) RETURNS int LANGUAGE sql @@ -67,15 +67,15 @@ CREATE AGGREGATE alt_agg2 ( ALTER FUNCTION alt_func3(int) RENAME TO alt_func4; -- failed (not owner) ALTER FUNCTION alt_func1(int) RENAME TO alt_func4; -- OK -ALTER FUNCTION alt_func3(int) OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER FUNCTION alt_func2(int) OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER FUNCTION alt_func3(int) OWNER TO regress_alter_user2; -- failed (not owner) +ALTER FUNCTION alt_func2(int) OWNER TO regress_alter_user3; -- failed (no role membership) ALTER FUNCTION alt_func3(int) SET SCHEMA alt_nsp2; -- failed (not owner) ALTER FUNCTION alt_func2(int) SET SCHEMA alt_nsp2; -- failed (name conflicts) ALTER AGGREGATE alt_agg3(int) RENAME TO alt_agg4; -- failed (not owner) ALTER AGGREGATE alt_agg1(int) RENAME TO alt_agg4; -- OK -ALTER AGGREGATE alt_agg3(int) OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER AGGREGATE alt_agg2(int) OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER AGGREGATE alt_agg3(int) OWNER TO regress_alter_user2; -- failed (not owner) +ALTER AGGREGATE alt_agg2(int) OWNER TO regress_alter_user3; -- failed (no role membership) ALTER AGGREGATE alt_agg3(int) SET SCHEMA alt_nsp2; -- failed (not owner) ALTER AGGREGATE alt_agg2(int) SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -95,24 +95,24 @@ SELECT n.nspname, proname, prorettype::regtype, proisagg, a.rolname -- -- Conversion -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE CONVERSION alt_conv1 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; CREATE CONVERSION alt_conv2 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; ALTER CONVERSION alt_conv1 RENAME TO alt_conv2; -- failed (name conflict) ALTER CONVERSION alt_conv1 RENAME TO alt_conv3; -- OK -ALTER CONVERSION alt_conv2 OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER CONVERSION alt_conv2 OWNER TO regtest_alter_user3; -- OK +ALTER CONVERSION alt_conv2 OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER CONVERSION alt_conv2 OWNER TO regress_alter_user3; -- OK ALTER CONVERSION alt_conv2 SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE CONVERSION alt_conv1 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; CREATE CONVERSION alt_conv2 FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; ALTER CONVERSION alt_conv3 RENAME TO alt_conv4; -- failed (not owner) ALTER CONVERSION alt_conv1 RENAME TO alt_conv4; -- OK -ALTER CONVERSION alt_conv3 OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER CONVERSION alt_conv2 OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER CONVERSION alt_conv3 OWNER TO regress_alter_user2; -- failed (not owner) +ALTER CONVERSION alt_conv2 OWNER TO regress_alter_user3; -- failed (no role membership) ALTER CONVERSION alt_conv3 SET SCHEMA alt_nsp2; -- failed (not owner) ALTER CONVERSION alt_conv2 SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -148,17 +148,17 @@ SELECT srvname FROM pg_foreign_server WHERE srvname like 'alt_fserv%'; CREATE LANGUAGE alt_lang1 HANDLER plpgsql_call_handler; CREATE LANGUAGE alt_lang2 HANDLER plpgsql_call_handler; -ALTER LANGUAGE alt_lang1 OWNER TO regtest_alter_user1; -- OK -ALTER LANGUAGE alt_lang2 OWNER TO regtest_alter_user2; -- OK +ALTER LANGUAGE alt_lang1 OWNER TO regress_alter_user1; -- OK +ALTER LANGUAGE alt_lang2 OWNER TO regress_alter_user2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; ALTER LANGUAGE alt_lang1 RENAME TO alt_lang2; -- failed (name conflict) ALTER LANGUAGE alt_lang2 RENAME TO alt_lang3; -- failed (not owner) ALTER LANGUAGE alt_lang1 RENAME TO alt_lang3; -- OK -ALTER LANGUAGE alt_lang2 OWNER TO regtest_alter_user3; -- failed (not owner) -ALTER LANGUAGE alt_lang3 OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER LANGUAGE alt_lang3 OWNER TO regtest_alter_user3; -- OK +ALTER LANGUAGE alt_lang2 OWNER TO regress_alter_user3; -- failed (not owner) +ALTER LANGUAGE alt_lang3 OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER LANGUAGE alt_lang3 OWNER TO regress_alter_user3; -- OK RESET SESSION AUTHORIZATION; SELECT lanname, a.rolname @@ -169,21 +169,21 @@ SELECT lanname, a.rolname -- -- Operator -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE OPERATOR @-@ ( leftarg = int4, rightarg = int4, procedure = int4mi ); CREATE OPERATOR @+@ ( leftarg = int4, rightarg = int4, procedure = int4pl ); -ALTER OPERATOR @+@(int4, int4) OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER OPERATOR @+@(int4, int4) OWNER TO regtest_alter_user3; -- OK +ALTER OPERATOR @+@(int4, int4) OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER OPERATOR @+@(int4, int4) OWNER TO regress_alter_user3; -- OK ALTER OPERATOR @-@(int4, int4) SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE OPERATOR @-@ ( leftarg = int4, rightarg = int4, procedure = int4mi ); -ALTER OPERATOR @+@(int4, int4) OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER OPERATOR @-@(int4, int4) OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER OPERATOR @+@(int4, int4) OWNER TO regress_alter_user2; -- failed (not owner) +ALTER OPERATOR @-@(int4, int4) OWNER TO regress_alter_user3; -- failed (no role membership) ALTER OPERATOR @+@(int4, int4) SET SCHEMA alt_nsp2; -- failed (not owner) -- can't test this: the error message includes the raw oid of namespace -- ALTER OPERATOR @-@(int4, int4) SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -202,53 +202,53 @@ SELECT n.nspname, oprname, a.rolname, -- CREATE OPERATOR FAMILY alt_opf1 USING hash; CREATE OPERATOR FAMILY alt_opf2 USING hash; -ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regtest_alter_user1; -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user1; +ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regress_alter_user1; +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user1; CREATE OPERATOR CLASS alt_opc1 FOR TYPE uuid USING hash AS STORAGE uuid; CREATE OPERATOR CLASS alt_opc2 FOR TYPE uuid USING hash AS STORAGE uuid; -ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regtest_alter_user1; -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user1; +ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regress_alter_user1; +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user1; -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; ALTER OPERATOR FAMILY alt_opf1 USING hash RENAME TO alt_opf2; -- failed (name conflict) ALTER OPERATOR FAMILY alt_opf1 USING hash RENAME TO alt_opf3; -- OK -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user3; -- OK +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user3; -- OK ALTER OPERATOR FAMILY alt_opf2 USING hash SET SCHEMA alt_nsp2; -- OK ALTER OPERATOR CLASS alt_opc1 USING hash RENAME TO alt_opc2; -- failed (name conflict) ALTER OPERATOR CLASS alt_opc1 USING hash RENAME TO alt_opc3; -- OK -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user3; -- OK +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user3; -- OK ALTER OPERATOR CLASS alt_opc2 USING hash SET SCHEMA alt_nsp2; -- OK RESET SESSION AUTHORIZATION; CREATE OPERATOR FAMILY alt_opf1 USING hash; CREATE OPERATOR FAMILY alt_opf2 USING hash; -ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regtest_alter_user2; -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user2; +ALTER OPERATOR FAMILY alt_opf1 USING hash OWNER TO regress_alter_user2; +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user2; CREATE OPERATOR CLASS alt_opc1 FOR TYPE macaddr USING hash AS STORAGE macaddr; CREATE OPERATOR CLASS alt_opc2 FOR TYPE macaddr USING hash AS STORAGE macaddr; -ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regtest_alter_user2; -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user2; +ALTER OPERATOR CLASS alt_opc1 USING hash OWNER TO regress_alter_user2; +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user2; -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; ALTER OPERATOR FAMILY alt_opf3 USING hash RENAME TO alt_opf4; -- failed (not owner) ALTER OPERATOR FAMILY alt_opf1 USING hash RENAME TO alt_opf4; -- OK -ALTER OPERATOR FAMILY alt_opf3 USING hash OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER OPERATOR FAMILY alt_opf3 USING hash OWNER TO regress_alter_user2; -- failed (not owner) +ALTER OPERATOR FAMILY alt_opf2 USING hash OWNER TO regress_alter_user3; -- failed (no role membership) ALTER OPERATOR FAMILY alt_opf3 USING hash SET SCHEMA alt_nsp2; -- failed (not owner) ALTER OPERATOR FAMILY alt_opf2 USING hash SET SCHEMA alt_nsp2; -- failed (name conflict) ALTER OPERATOR CLASS alt_opc3 USING hash RENAME TO alt_opc4; -- failed (not owner) ALTER OPERATOR CLASS alt_opc1 USING hash RENAME TO alt_opc4; -- OK -ALTER OPERATOR CLASS alt_opc3 USING hash OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER OPERATOR CLASS alt_opc3 USING hash OWNER TO regress_alter_user2; -- failed (not owner) +ALTER OPERATOR CLASS alt_opc2 USING hash OWNER TO regress_alter_user3; -- failed (no role membership) ALTER OPERATOR CLASS alt_opc3 USING hash SET SCHEMA alt_nsp2; -- failed (not owner) ALTER OPERATOR CLASS alt_opc2 USING hash SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -305,9 +305,9 @@ DROP OPERATOR FAMILY alt_opf4 USING btree; -- Should fail. Need to be SUPERUSER to do ALTER OPERATOR FAMILY .. ADD / DROP BEGIN TRANSACTION; -CREATE ROLE regtest_alter_user5 NOSUPERUSER; +CREATE ROLE regress_alter_user5 NOSUPERUSER; CREATE OPERATOR FAMILY alt_opf5 USING btree; -SET ROLE regtest_alter_user5; +SET ROLE regress_alter_user5; ALTER OPERATOR FAMILY alt_opf5 USING btree ADD OPERATOR 1 < (int4, int2), FUNCTION 1 btint42cmp(int4, int2); RESET ROLE; DROP OPERATOR FAMILY alt_opf5 USING btree; @@ -315,11 +315,11 @@ ROLLBACK; -- Should fail. Need rights to namespace for ALTER OPERATOR FAMILY .. ADD / DROP BEGIN TRANSACTION; -CREATE ROLE regtest_alter_user6; +CREATE ROLE regress_alter_user6; CREATE SCHEMA alt_nsp6; -REVOKE ALL ON SCHEMA alt_nsp6 FROM regtest_alter_user6; +REVOKE ALL ON SCHEMA alt_nsp6 FROM regress_alter_user6; CREATE OPERATOR FAMILY alt_nsp6.alt_opf6 USING btree; -SET ROLE regtest_alter_user6; +SET ROLE regress_alter_user6; ALTER OPERATOR FAMILY alt_nsp6.alt_opf6 USING btree ADD OPERATOR 1 < (int4, int2); ROLLBACK; @@ -437,24 +437,24 @@ DROP OPERATOR FAMILY alt_opf18 USING btree; -- -- Text Search Dictionary -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE TEXT SEARCH DICTIONARY alt_ts_dict1 (template=simple); CREATE TEXT SEARCH DICTIONARY alt_ts_dict2 (template=simple); ALTER TEXT SEARCH DICTIONARY alt_ts_dict1 RENAME TO alt_ts_dict2; -- failed (name conflict) ALTER TEXT SEARCH DICTIONARY alt_ts_dict1 RENAME TO alt_ts_dict3; -- OK -ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regtest_alter_user3; -- OK +ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regress_alter_user3; -- OK ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE TEXT SEARCH DICTIONARY alt_ts_dict1 (template=simple); CREATE TEXT SEARCH DICTIONARY alt_ts_dict2 (template=simple); ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 RENAME TO alt_ts_dict4; -- failed (not owner) ALTER TEXT SEARCH DICTIONARY alt_ts_dict1 RENAME TO alt_ts_dict4; -- OK -ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 OWNER TO regress_alter_user2; -- failed (not owner) +ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 OWNER TO regress_alter_user3; -- failed (no role membership) ALTER TEXT SEARCH DICTIONARY alt_ts_dict3 SET SCHEMA alt_nsp2; -- failed (not owner) ALTER TEXT SEARCH DICTIONARY alt_ts_dict2 SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -469,24 +469,24 @@ SELECT nspname, dictname, rolname -- -- Text Search Configuration -- -SET SESSION AUTHORIZATION regtest_alter_user1; +SET SESSION AUTHORIZATION regress_alter_user1; CREATE TEXT SEARCH CONFIGURATION alt_ts_conf1 (copy=english); CREATE TEXT SEARCH CONFIGURATION alt_ts_conf2 (copy=english); ALTER TEXT SEARCH CONFIGURATION alt_ts_conf1 RENAME TO alt_ts_conf2; -- failed (name conflict) ALTER TEXT SEARCH CONFIGURATION alt_ts_conf1 RENAME TO alt_ts_conf3; -- OK -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regtest_alter_user2; -- failed (no role membership) -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regtest_alter_user3; -- OK +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regress_alter_user2; -- failed (no role membership) +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regress_alter_user3; -- OK ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 SET SCHEMA alt_nsp2; -- OK -SET SESSION AUTHORIZATION regtest_alter_user2; +SET SESSION AUTHORIZATION regress_alter_user2; CREATE TEXT SEARCH CONFIGURATION alt_ts_conf1 (copy=english); CREATE TEXT SEARCH CONFIGURATION alt_ts_conf2 (copy=english); ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 RENAME TO alt_ts_conf4; -- failed (not owner) ALTER TEXT SEARCH CONFIGURATION alt_ts_conf1 RENAME TO alt_ts_conf4; -- OK -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 OWNER TO regtest_alter_user2; -- failed (not owner) -ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regtest_alter_user3; -- failed (no role membership) +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 OWNER TO regress_alter_user2; -- failed (not owner) +ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 OWNER TO regress_alter_user3; -- failed (no role membership) ALTER TEXT SEARCH CONFIGURATION alt_ts_conf3 SET SCHEMA alt_nsp2; -- failed (not owner) ALTER TEXT SEARCH CONFIGURATION alt_ts_conf2 SET SCHEMA alt_nsp2; -- failed (name conflict) @@ -551,6 +551,6 @@ DROP LANGUAGE alt_lang4 CASCADE; DROP SCHEMA alt_nsp1 CASCADE; DROP SCHEMA alt_nsp2 CASCADE; -DROP USER regtest_alter_user1; -DROP USER regtest_alter_user2; -DROP USER regtest_alter_user3; +DROP USER regress_alter_user1; +DROP USER regress_alter_user2; +DROP USER regress_alter_user3; diff --git a/src/test/regress/sql/alter_operator.sql b/src/test/regress/sql/alter_operator.sql index dfabec61752..51ffd7e0e0d 100644 --- a/src/test/regress/sql/alter_operator.sql +++ b/src/test/regress/sql/alter_operator.sql @@ -84,14 +84,14 @@ ALTER OPERATOR === (boolean, boolean) SET (NEGATOR = !==); -- -- Test permission check. Must be owner to ALTER OPERATOR. -- -CREATE USER regtest_alter_user; -SET SESSION AUTHORIZATION regtest_alter_user; +CREATE USER regress_alter_op_user; +SET SESSION AUTHORIZATION regress_alter_op_user; ALTER OPERATOR === (boolean, boolean) SET (RESTRICT = NONE); -- Clean up RESET SESSION AUTHORIZATION; -DROP USER regtest_alter_user; +DROP USER regress_alter_op_user; DROP OPERATOR === (boolean, boolean); DROP FUNCTION customcontsel(internal, oid, internal, integer); DROP FUNCTION alter_op_test_fn(boolean, boolean); diff --git a/src/test/regress/sql/cluster.sql b/src/test/regress/sql/cluster.sql index d4d5556c6be..8dd9459bda0 100644 --- a/src/test/regress/sql/cluster.sql +++ b/src/test/regress/sql/cluster.sql @@ -105,13 +105,13 @@ WHERE pg_class.oid=indexrelid AND indisclustered; -- Verify that clustering all tables does in fact cluster the right ones -CREATE USER clstr_user; +CREATE USER regress_clstr_user; CREATE TABLE clstr_1 (a INT PRIMARY KEY); CREATE TABLE clstr_2 (a INT PRIMARY KEY); CREATE TABLE clstr_3 (a INT PRIMARY KEY); -ALTER TABLE clstr_1 OWNER TO clstr_user; -ALTER TABLE clstr_3 OWNER TO clstr_user; -GRANT SELECT ON clstr_2 TO clstr_user; +ALTER TABLE clstr_1 OWNER TO regress_clstr_user; +ALTER TABLE clstr_3 OWNER TO regress_clstr_user; +GRANT SELECT ON clstr_2 TO regress_clstr_user; INSERT INTO clstr_1 VALUES (2); INSERT INTO clstr_1 VALUES (1); INSERT INTO clstr_2 VALUES (2); @@ -141,7 +141,7 @@ INSERT INTO clstr_3 VALUES (1); -- this user can only cluster clstr_1 and clstr_3, but the latter -- has not been clustered -SET SESSION AUTHORIZATION clstr_user; +SET SESSION AUTHORIZATION regress_clstr_user; CLUSTER; SELECT * FROM clstr_1 UNION ALL SELECT * FROM clstr_2 UNION ALL @@ -233,4 +233,4 @@ DROP TABLE clstr_1; DROP TABLE clstr_2; DROP TABLE clstr_3; DROP TABLE clstr_4; -DROP USER clstr_user; +DROP USER regress_clstr_user; diff --git a/src/test/regress/sql/conversion.sql b/src/test/regress/sql/conversion.sql index e31876be4a5..02cf39f1ce9 100644 --- a/src/test/regress/sql/conversion.sql +++ b/src/test/regress/sql/conversion.sql @@ -1,8 +1,8 @@ -- -- create user defined conversion -- -CREATE USER conversion_test_user WITH NOCREATEDB NOCREATEROLE; -SET SESSION AUTHORIZATION conversion_test_user; +CREATE USER regress_conversion_user WITH NOCREATEDB NOCREATEROLE; +SET SESSION AUTHORIZATION regress_conversion_user; CREATE CONVERSION myconv FOR 'LATIN1' TO 'UTF8' FROM iso8859_1_to_utf8; -- -- cannot make same name conversion in same schema @@ -33,4 +33,4 @@ DROP CONVERSION mydef; -- return to the super user -- RESET SESSION AUTHORIZATION; -DROP USER conversion_test_user; +DROP USER regress_conversion_user; diff --git a/src/test/regress/sql/create_function_3.sql b/src/test/regress/sql/create_function_3.sql index 86d69baec9b..43454ef2f7b 100644 --- a/src/test/regress/sql/create_function_3.sql +++ b/src/test/regress/sql/create_function_3.sql @@ -3,7 +3,7 @@ -- -- sanity check of pg_proc catalog to the given parameters -- -CREATE USER regtest_unpriv_user; +CREATE USER regress_unpriv_user; CREATE SCHEMA temp_func_test; GRANT ALL ON SCHEMA temp_func_test TO public; @@ -94,10 +94,10 @@ SELECT proname, proleakproof FROM pg_proc 'functext_E_2'::regproc) ORDER BY proname; -- it takes superuser privilege to turn on leakproof, but not for turn off -ALTER FUNCTION functext_E_1(int) OWNER TO regtest_unpriv_user; -ALTER FUNCTION functext_E_2(int) OWNER TO regtest_unpriv_user; +ALTER FUNCTION functext_E_1(int) OWNER TO regress_unpriv_user; +ALTER FUNCTION functext_E_2(int) OWNER TO regress_unpriv_user; -SET SESSION AUTHORIZATION regtest_unpriv_user; +SET SESSION AUTHORIZATION regress_unpriv_user; SET search_path TO temp_func_test, public; ALTER FUNCTION functext_E_1(int) NOT LEAKPROOF; ALTER FUNCTION functext_E_2(int) LEAKPROOF; @@ -159,5 +159,5 @@ SELECT routine_name, ordinal_position, parameter_name, parameter_default -- Cleanups DROP SCHEMA temp_func_test CASCADE; -DROP USER regtest_unpriv_user; +DROP USER regress_unpriv_user; RESET search_path; diff --git a/src/test/regress/sql/create_index.sql b/src/test/regress/sql/create_index.sql index b0ba4e62a81..71f4f54cada 100644 --- a/src/test/regress/sql/create_index.sql +++ b/src/test/regress/sql/create_index.sql @@ -1061,13 +1061,13 @@ REINDEX SCHEMA schema_to_reindex; -- failure, cannot run in a transaction END; -- Failure for unauthorized user -CREATE ROLE regression_reindexuser NOLOGIN; -SET SESSION ROLE regression_reindexuser; +CREATE ROLE regress_reindexuser NOLOGIN; +SET SESSION ROLE regress_reindexuser; REINDEX SCHEMA schema_to_reindex; -- Clean up RESET ROLE; -DROP ROLE regression_reindexuser; +DROP ROLE regress_reindexuser; SET client_min_messages TO 'warning'; DROP SCHEMA schema_to_reindex CASCADE; RESET client_min_messages; diff --git a/src/test/regress/sql/dependency.sql b/src/test/regress/sql/dependency.sql index 599a359b4fe..f5c45e4666a 100644 --- a/src/test/regress/sql/dependency.sql +++ b/src/test/regress/sql/dependency.sql @@ -2,85 +2,85 @@ -- DEPENDENCIES -- -CREATE USER regression_user; -CREATE USER regression_user2; -CREATE USER regression_user3; -CREATE GROUP regression_group; +CREATE USER regress_dep_user; +CREATE USER regress_dep_user2; +CREATE USER regress_dep_user3; +CREATE GROUP regress_dep_group; CREATE TABLE deptest (f1 serial primary key, f2 text); -GRANT SELECT ON TABLE deptest TO GROUP regression_group; -GRANT ALL ON TABLE deptest TO regression_user, regression_user2; +GRANT SELECT ON TABLE deptest TO GROUP regress_dep_group; +GRANT ALL ON TABLE deptest TO regress_dep_user, regress_dep_user2; -- can't drop neither because they have privileges somewhere -DROP USER regression_user; -DROP GROUP regression_group; +DROP USER regress_dep_user; +DROP GROUP regress_dep_group; -- if we revoke the privileges we can drop the group -REVOKE SELECT ON deptest FROM GROUP regression_group; -DROP GROUP regression_group; +REVOKE SELECT ON deptest FROM GROUP regress_dep_group; +DROP GROUP regress_dep_group; -- can't drop the user if we revoke the privileges partially -REVOKE SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES ON deptest FROM regression_user; -DROP USER regression_user; +REVOKE SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES ON deptest FROM regress_dep_user; +DROP USER regress_dep_user; -- now we are OK to drop him -REVOKE TRIGGER ON deptest FROM regression_user; -DROP USER regression_user; +REVOKE TRIGGER ON deptest FROM regress_dep_user; +DROP USER regress_dep_user; -- we are OK too if we drop the privileges all at once -REVOKE ALL ON deptest FROM regression_user2; -DROP USER regression_user2; +REVOKE ALL ON deptest FROM regress_dep_user2; +DROP USER regress_dep_user2; -- can't drop the owner of an object -- the error message detail here would include a pg_toast_nnn name that -- is not constant, so suppress it \set VERBOSITY terse -ALTER TABLE deptest OWNER TO regression_user3; -DROP USER regression_user3; +ALTER TABLE deptest OWNER TO regress_dep_user3; +DROP USER regress_dep_user3; \set VERBOSITY default -- if we drop the object, we can drop the user too DROP TABLE deptest; -DROP USER regression_user3; +DROP USER regress_dep_user3; -- Test DROP OWNED -CREATE USER regression_user0; -CREATE USER regression_user1; -CREATE USER regression_user2; -SET SESSION AUTHORIZATION regression_user0; +CREATE USER regress_dep_user0; +CREATE USER regress_dep_user1; +CREATE USER regress_dep_user2; +SET SESSION AUTHORIZATION regress_dep_user0; -- permission denied -DROP OWNED BY regression_user1; -DROP OWNED BY regression_user0, regression_user2; -REASSIGN OWNED BY regression_user0 TO regression_user1; -REASSIGN OWNED BY regression_user1 TO regression_user0; +DROP OWNED BY regress_dep_user1; +DROP OWNED BY regress_dep_user0, regress_dep_user2; +REASSIGN OWNED BY regress_dep_user0 TO regress_dep_user1; +REASSIGN OWNED BY regress_dep_user1 TO regress_dep_user0; -- this one is allowed -DROP OWNED BY regression_user0; +DROP OWNED BY regress_dep_user0; CREATE TABLE deptest1 (f1 int unique); -GRANT ALL ON deptest1 TO regression_user1 WITH GRANT OPTION; +GRANT ALL ON deptest1 TO regress_dep_user1 WITH GRANT OPTION; -SET SESSION AUTHORIZATION regression_user1; +SET SESSION AUTHORIZATION regress_dep_user1; CREATE TABLE deptest (a serial primary key, b text); -GRANT ALL ON deptest1 TO regression_user2; +GRANT ALL ON deptest1 TO regress_dep_user2; RESET SESSION AUTHORIZATION; \z deptest1 -DROP OWNED BY regression_user1; +DROP OWNED BY regress_dep_user1; -- all grants revoked \z deptest1 -- table was dropped \d deptest -- Test REASSIGN OWNED -GRANT ALL ON deptest1 TO regression_user1; -GRANT CREATE ON DATABASE regression TO regression_user1; +GRANT ALL ON deptest1 TO regress_dep_user1; +GRANT CREATE ON DATABASE regression TO regress_dep_user1; -SET SESSION AUTHORIZATION regression_user1; +SET SESSION AUTHORIZATION regress_dep_user1; CREATE SCHEMA deptest; CREATE TABLE deptest (a serial primary key, b text); -ALTER DEFAULT PRIVILEGES FOR ROLE regression_user1 IN SCHEMA deptest - GRANT ALL ON TABLES TO regression_user2; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_dep_user1 IN SCHEMA deptest + GRANT ALL ON TABLES TO regress_dep_user2; CREATE FUNCTION deptest_func() RETURNS void LANGUAGE plpgsql AS $$ BEGIN END; $$; CREATE TYPE deptest_enum AS ENUM ('red'); @@ -99,19 +99,19 @@ SELECT typowner = relowner FROM pg_type JOIN pg_class c ON typrelid = c.oid WHERE typname = 'deptest_t'; RESET SESSION AUTHORIZATION; -REASSIGN OWNED BY regression_user1 TO regression_user2; +REASSIGN OWNED BY regress_dep_user1 TO regress_dep_user2; \dt deptest SELECT typowner = relowner FROM pg_type JOIN pg_class c ON typrelid = c.oid WHERE typname = 'deptest_t'; -- doesn't work: grant still exists -DROP USER regression_user1; -DROP OWNED BY regression_user1; -DROP USER regression_user1; +DROP USER regress_dep_user1; +DROP OWNED BY regress_dep_user1; +DROP USER regress_dep_user1; \set VERBOSITY terse -DROP USER regression_user2; -DROP OWNED BY regression_user2, regression_user0; -DROP USER regression_user2; -DROP USER regression_user0; +DROP USER regress_dep_user2; +DROP OWNED BY regress_dep_user2, regress_dep_user0; +DROP USER regress_dep_user2; +DROP USER regress_dep_user0; diff --git a/src/test/regress/sql/drop_if_exists.sql b/src/test/regress/sql/drop_if_exists.sql index 4ff04507311..c1d30bc4a5f 100644 --- a/src/test/regress/sql/drop_if_exists.sql +++ b/src/test/regress/sql/drop_if_exists.sql @@ -86,27 +86,27 @@ DROP DOMAIN test_domain_exists; --- role/user/group --- -CREATE USER tu1; -CREATE ROLE tr1; -CREATE GROUP tg1; +CREATE USER regress_test_u1; +CREATE ROLE regress_test_r1; +CREATE GROUP regress_test_g1; -DROP USER tu2; +DROP USER regress_test_u2; -DROP USER IF EXISTS tu1, tu2; +DROP USER IF EXISTS regress_test_u1, regress_test_u2; -DROP USER tu1; +DROP USER regress_test_u1; -DROP ROLE tr2; +DROP ROLE regress_test_r2; -DROP ROLE IF EXISTS tr1, tr2; +DROP ROLE IF EXISTS regress_test_r1, regress_test_r2; -DROP ROLE tr1; +DROP ROLE regress_test_r1; -DROP GROUP tg2; +DROP GROUP regress_test_g2; -DROP GROUP IF EXISTS tg1, tg2; +DROP GROUP IF EXISTS regress_test_g1, regress_test_g2; -DROP GROUP tg1; +DROP GROUP regress_test_g1; -- collation DROP COLLATION IF EXISTS test_collation_exists; diff --git a/src/test/regress/sql/event_trigger.sql b/src/test/regress/sql/event_trigger.sql index cfe94e7f9cd..534f532a9ef 100644 --- a/src/test/regress/sql/event_trigger.sql +++ b/src/test/regress/sql/event_trigger.sql @@ -86,8 +86,8 @@ comment on event trigger regress_event_trigger is 'test comment'; comment on event trigger wrong.regress_event_trigger is 'test comment'; -- drop as non-superuser should fail -create role regression_bob; -set role regression_bob; +create role regress_evt_user; +set role regress_evt_user; create event trigger regress_event_trigger_noperms on ddl_command_start execute procedure test_event_trigger(); reset role; @@ -109,16 +109,16 @@ revoke all on table event_trigger_fire1 from public; drop table event_trigger_fire1; create foreign data wrapper useless; create server useless_server foreign data wrapper useless; -create user mapping for regression_bob server useless_server; -alter default privileges for role regression_bob - revoke delete on tables from regression_bob; +create user mapping for regress_evt_user server useless_server; +alter default privileges for role regress_evt_user + revoke delete on tables from regress_evt_user; -- alter owner to non-superuser should fail -alter event trigger regress_event_trigger owner to regression_bob; +alter event trigger regress_event_trigger owner to regress_evt_user; -- alter owner to superuser should work -alter role regression_bob superuser; -alter event trigger regress_event_trigger owner to regression_bob; +alter role regress_evt_user superuser; +alter event trigger regress_event_trigger owner to regress_evt_user; -- should fail, name collision alter event trigger regress_event_trigger rename to regress_event_trigger2; @@ -129,8 +129,8 @@ alter event trigger regress_event_trigger rename to regress_event_trigger3; -- should fail, doesn't exist any more drop event trigger regress_event_trigger; --- should fail, regression_bob owns some objects -drop role regression_bob; +-- should fail, regress_evt_user owns some objects +drop role regress_evt_user; -- cleanup before next test -- these are all OK; the second one should emit a NOTICE @@ -140,11 +140,11 @@ drop event trigger regress_event_trigger3; drop event trigger regress_event_trigger_end; -- test support for dropped objects -CREATE SCHEMA schema_one authorization regression_bob; -CREATE SCHEMA schema_two authorization regression_bob; -CREATE SCHEMA audit_tbls authorization regression_bob; +CREATE SCHEMA schema_one authorization regress_evt_user; +CREATE SCHEMA schema_two authorization regress_evt_user; +CREATE SCHEMA audit_tbls authorization regress_evt_user; CREATE TEMP TABLE a_temp_tbl (); -SET SESSION AUTHORIZATION regression_bob; +SET SESSION AUTHORIZATION regress_evt_user; CREATE TABLE schema_one.table_one(a int); CREATE TABLE schema_one."table two"(a int); @@ -235,10 +235,10 @@ DROP SCHEMA schema_one, schema_two CASCADE; SELECT * FROM dropped_objects WHERE schema IS NULL OR schema <> 'pg_toast'; -DROP OWNED BY regression_bob; +DROP OWNED BY regress_evt_user; SELECT * FROM dropped_objects WHERE type = 'schema'; -DROP ROLE regression_bob; +DROP ROLE regress_evt_user; DROP EVENT TRIGGER regress_event_trigger_drop_objects; DROP EVENT TRIGGER undroppable; diff --git a/src/test/regress/sql/foreign_data.sql b/src/test/regress/sql/foreign_data.sql index 384e155fcb0..38e1d41a5f7 100644 --- a/src/test/regress/sql/foreign_data.sql +++ b/src/test/regress/sql/foreign_data.sql @@ -5,20 +5,20 @@ -- Clean up in case a prior regression run failed -- Suppress NOTICE messages when roles don't exist -SET client_min_messages TO 'error'; +SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS foreign_data_user, regress_test_role, regress_test_role2, regress_test_role_super, regress_test_indirect, unpriviled_role; +DROP ROLE IF EXISTS regress_foreign_data_user, regress_test_role, regress_test_role2, regress_test_role_super, regress_test_indirect, regress_unprivileged_role; RESET client_min_messages; -CREATE ROLE foreign_data_user LOGIN SUPERUSER; -SET SESSION AUTHORIZATION 'foreign_data_user'; +CREATE ROLE regress_foreign_data_user LOGIN SUPERUSER; +SET SESSION AUTHORIZATION 'regress_foreign_data_user'; CREATE ROLE regress_test_role; CREATE ROLE regress_test_role2; CREATE ROLE regress_test_role_super SUPERUSER; CREATE ROLE regress_test_indirect; -CREATE ROLE unprivileged_role; +CREATE ROLE regress_unprivileged_role; CREATE FOREIGN DATA WRAPPER dummy; COMMENT ON FOREIGN DATA WRAPPER dummy IS 'useless'; @@ -438,15 +438,15 @@ ALTER USER MAPPING FOR regress_test_role SERVER s6 OPTIONS (DROP username); ALTER FOREIGN DATA WRAPPER foo VALIDATOR postgresql_fdw_validator; -- Privileges -SET ROLE unprivileged_role; +SET ROLE regress_unprivileged_role; CREATE FOREIGN DATA WRAPPER foobar; -- ERROR ALTER FOREIGN DATA WRAPPER foo OPTIONS (gotcha 'true'); -- ERROR -ALTER FOREIGN DATA WRAPPER foo OWNER TO unprivileged_role; -- ERROR +ALTER FOREIGN DATA WRAPPER foo OWNER TO regress_unprivileged_role; -- ERROR DROP FOREIGN DATA WRAPPER foo; -- ERROR GRANT USAGE ON FOREIGN DATA WRAPPER foo TO regress_test_role; -- ERROR CREATE SERVER s9 FOREIGN DATA WRAPPER foo; -- ERROR ALTER SERVER s4 VERSION '0.5'; -- ERROR -ALTER SERVER s4 OWNER TO unprivileged_role; -- ERROR +ALTER SERVER s4 OWNER TO regress_unprivileged_role; -- ERROR DROP SERVER s4; -- ERROR GRANT USAGE ON FOREIGN SERVER s4 TO regress_test_role; -- ERROR CREATE USER MAPPING FOR public SERVER s4; -- ERROR @@ -454,9 +454,9 @@ ALTER USER MAPPING FOR regress_test_role SERVER s6 OPTIONS (gotcha 'true'); -- E DROP USER MAPPING FOR regress_test_role SERVER s6; -- ERROR RESET ROLE; -GRANT USAGE ON FOREIGN DATA WRAPPER postgresql TO unprivileged_role; -GRANT USAGE ON FOREIGN DATA WRAPPER foo TO unprivileged_role WITH GRANT OPTION; -SET ROLE unprivileged_role; +GRANT USAGE ON FOREIGN DATA WRAPPER postgresql TO regress_unprivileged_role; +GRANT USAGE ON FOREIGN DATA WRAPPER foo TO regress_unprivileged_role WITH GRANT OPTION; +SET ROLE regress_unprivileged_role; CREATE FOREIGN DATA WRAPPER foobar; -- ERROR ALTER FOREIGN DATA WRAPPER foo OPTIONS (gotcha 'true'); -- ERROR DROP FOREIGN DATA WRAPPER foo; -- ERROR @@ -473,9 +473,9 @@ ALTER USER MAPPING FOR regress_test_role SERVER s6 OPTIONS (gotcha 'true'); -- E DROP USER MAPPING FOR regress_test_role SERVER s6; -- ERROR RESET ROLE; -REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM unprivileged_role; -- ERROR -REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM unprivileged_role CASCADE; -SET ROLE unprivileged_role; +REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM regress_unprivileged_role; -- ERROR +REVOKE USAGE ON FOREIGN DATA WRAPPER foo FROM regress_unprivileged_role CASCADE; +SET ROLE regress_unprivileged_role; GRANT USAGE ON FOREIGN DATA WRAPPER foo TO regress_test_role; -- ERROR CREATE SERVER s10 FOREIGN DATA WRAPPER foo; -- ERROR ALTER SERVER s9 VERSION '1.1'; @@ -484,8 +484,8 @@ CREATE USER MAPPING FOR current_user SERVER s9; DROP SERVER s9 CASCADE; RESET ROLE; CREATE SERVER s9 FOREIGN DATA WRAPPER foo; -GRANT USAGE ON FOREIGN SERVER s9 TO unprivileged_role; -SET ROLE unprivileged_role; +GRANT USAGE ON FOREIGN SERVER s9 TO regress_unprivileged_role; +SET ROLE regress_unprivileged_role; ALTER SERVER s9 VERSION '1.2'; -- ERROR GRANT USAGE ON FOREIGN SERVER s9 TO regress_test_role; -- WARNING CREATE USER MAPPING FOR current_user SERVER s9; @@ -697,14 +697,14 @@ DROP FOREIGN DATA WRAPPER foo CASCADE; DROP SERVER s8 CASCADE; DROP ROLE regress_test_indirect; DROP ROLE regress_test_role; -DROP ROLE unprivileged_role; -- ERROR -REVOKE ALL ON FOREIGN DATA WRAPPER postgresql FROM unprivileged_role; -DROP ROLE unprivileged_role; +DROP ROLE regress_unprivileged_role; -- ERROR +REVOKE ALL ON FOREIGN DATA WRAPPER postgresql FROM regress_unprivileged_role; +DROP ROLE regress_unprivileged_role; DROP ROLE regress_test_role2; DROP FOREIGN DATA WRAPPER postgresql CASCADE; DROP FOREIGN DATA WRAPPER dummy CASCADE; \c -DROP ROLE foreign_data_user; +DROP ROLE regress_foreign_data_user; -- At this point we should have no wrappers, no servers, and no mappings. SELECT fdwname, fdwhandler, fdwvalidator, fdwoptions FROM pg_foreign_data_wrapper; diff --git a/src/test/regress/sql/guc.sql b/src/test/regress/sql/guc.sql index 6a062a0a5ba..23e50297800 100644 --- a/src/test/regress/sql/guc.sql +++ b/src/test/regress/sql/guc.sql @@ -162,15 +162,15 @@ PREPARE foo AS SELECT 1; LISTEN foo_event; SET vacuum_cost_delay = 13; CREATE TEMP TABLE tmp_foo (data text) ON COMMIT DELETE ROWS; -CREATE ROLE temp_reset_user; -SET SESSION AUTHORIZATION temp_reset_user; +CREATE ROLE regress_guc_user; +SET SESSION AUTHORIZATION regress_guc_user; -- look changes SELECT pg_listening_channels(); SELECT name FROM pg_prepared_statements; SELECT name FROM pg_cursors; SHOW vacuum_cost_delay; SELECT relname from pg_class where relname = 'tmp_foo'; -SELECT current_user = 'temp_reset_user'; +SELECT current_user = 'regress_guc_user'; -- discard everything DISCARD ALL; -- look again @@ -179,8 +179,8 @@ SELECT name FROM pg_prepared_statements; SELECT name FROM pg_cursors; SHOW vacuum_cost_delay; SELECT relname from pg_class where relname = 'tmp_foo'; -SELECT current_user = 'temp_reset_user'; -DROP ROLE temp_reset_user; +SELECT current_user = 'regress_guc_user'; +DROP ROLE regress_guc_user; -- -- search_path should react to changes in pg_namespace diff --git a/src/test/regress/sql/object_address.sql b/src/test/regress/sql/object_address.sql index b5662349bcd..7d1f93f3b2d 100644 --- a/src/test/regress/sql/object_address.sql +++ b/src/test/regress/sql/object_address.sql @@ -4,10 +4,10 @@ -- Clean up in case a prior regression run failed SET client_min_messages TO 'warning'; +DROP ROLE IF EXISTS regress_addr_user; +RESET client_min_messages; -DROP ROLE IF EXISTS regtest_addr_user; - -CREATE USER regtest_addr_user; +CREATE USER regress_addr_user; -- Test generic object addressing/identification functions CREATE SCHEMA addr_nsp; @@ -33,9 +33,9 @@ CREATE FUNCTION addr_nsp.trig() RETURNS TRIGGER LANGUAGE plpgsql AS $$ BEGIN END CREATE TRIGGER t BEFORE INSERT ON addr_nsp.gentable FOR EACH ROW EXECUTE PROCEDURE addr_nsp.trig(); CREATE POLICY genpol ON addr_nsp.gentable; CREATE SERVER "integer" FOREIGN DATA WRAPPER addr_fdw; -CREATE USER MAPPING FOR regtest_addr_user SERVER "integer"; -ALTER DEFAULT PRIVILEGES FOR ROLE regtest_addr_user IN SCHEMA public GRANT ALL ON TABLES TO regtest_addr_user; -ALTER DEFAULT PRIVILEGES FOR ROLE regtest_addr_user REVOKE DELETE ON TABLES FROM regtest_addr_user; +CREATE USER MAPPING FOR regress_addr_user SERVER "integer"; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_addr_user IN SCHEMA public GRANT ALL ON TABLES TO regress_addr_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_addr_user REVOKE DELETE ON TABLES FROM regress_addr_user; CREATE TRANSFORM FOR int LANGUAGE SQL ( FROM SQL WITH FUNCTION varchar_transform(internal), TO SQL WITH FUNCTION int4recv(internal)); @@ -157,14 +157,14 @@ WITH objects (type, name, args) AS (VALUES ('text search dictionary', '{addr_ts_dict}', '{}'), ('text search template', '{addr_ts_temp}', '{}'), ('text search configuration', '{addr_ts_conf}', '{}'), - ('role', '{regtest_addr_user}', '{}'), + ('role', '{regress_addr_user}', '{}'), -- database -- tablespace ('foreign-data wrapper', '{addr_fdw}', '{}'), ('server', '{addr_fserv}', '{}'), - ('user mapping', '{regtest_addr_user}', '{integer}'), - ('default acl', '{regtest_addr_user,public}', '{r}'), - ('default acl', '{regtest_addr_user}', '{r}'), + ('user mapping', '{regress_addr_user}', '{integer}'), + ('default acl', '{regress_addr_user,public}', '{r}'), + ('default acl', '{regress_addr_user}', '{r}'), -- extension -- event trigger ('policy', '{addr_nsp, gentable, genpol}', '{}'), @@ -183,9 +183,11 @@ SELECT (pg_identify_object(addr1.classid, addr1.objid, addr1.subobjid)).*, --- --- Cleanup resources --- +SET client_min_messages TO 'warning'; + DROP FOREIGN DATA WRAPPER addr_fdw CASCADE; DROP SCHEMA addr_nsp CASCADE; -DROP OWNED BY regtest_addr_user; -DROP USER regtest_addr_user; +DROP OWNED BY regress_addr_user; +DROP USER regress_addr_user; diff --git a/src/test/regress/sql/privileges.sql b/src/test/regress/sql/privileges.sql index c1837c497af..0aa9c672d55 100644 --- a/src/test/regress/sql/privileges.sql +++ b/src/test/regress/sql/privileges.sql @@ -7,15 +7,15 @@ -- Suppress NOTICE messages when users/groups don't exist SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS regressgroup1; -DROP ROLE IF EXISTS regressgroup2; +DROP ROLE IF EXISTS regress_group1; +DROP ROLE IF EXISTS regress_group2; -DROP ROLE IF EXISTS regressuser1; -DROP ROLE IF EXISTS regressuser2; -DROP ROLE IF EXISTS regressuser3; -DROP ROLE IF EXISTS regressuser4; -DROP ROLE IF EXISTS regressuser5; -DROP ROLE IF EXISTS regressuser6; +DROP ROLE IF EXISTS regress_user1; +DROP ROLE IF EXISTS regress_user2; +DROP ROLE IF EXISTS regress_user3; +DROP ROLE IF EXISTS regress_user4; +DROP ROLE IF EXISTS regress_user5; +DROP ROLE IF EXISTS regress_user6; SELECT lo_unlink(oid) FROM pg_largeobject_metadata; @@ -23,25 +23,25 @@ RESET client_min_messages; -- test proper begins here -CREATE USER regressuser1; -CREATE USER regressuser2; -CREATE USER regressuser3; -CREATE USER regressuser4; -CREATE USER regressuser5; -CREATE USER regressuser5; -- duplicate +CREATE USER regress_user1; +CREATE USER regress_user2; +CREATE USER regress_user3; +CREATE USER regress_user4; +CREATE USER regress_user5; +CREATE USER regress_user5; -- duplicate -CREATE GROUP regressgroup1; -CREATE GROUP regressgroup2 WITH USER regressuser1, regressuser2; +CREATE GROUP regress_group1; +CREATE GROUP regress_group2 WITH USER regress_user1, regress_user2; -ALTER GROUP regressgroup1 ADD USER regressuser4; +ALTER GROUP regress_group1 ADD USER regress_user4; -ALTER GROUP regressgroup2 ADD USER regressuser2; -- duplicate -ALTER GROUP regressgroup2 DROP USER regressuser2; -GRANT regressgroup2 TO regressuser4 WITH ADMIN OPTION; +ALTER GROUP regress_group2 ADD USER regress_user2; -- duplicate +ALTER GROUP regress_group2 DROP USER regress_user2; +GRANT regress_group2 TO regress_user4 WITH ADMIN OPTION; -- test owner privileges -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; SELECT session_user, current_user; CREATE TABLE atest1 ( a int, b text ); @@ -57,18 +57,18 @@ COMMIT; REVOKE ALL ON atest1 FROM PUBLIC; SELECT * FROM atest1; -GRANT ALL ON atest1 TO regressuser2; -GRANT SELECT ON atest1 TO regressuser3, regressuser4; +GRANT ALL ON atest1 TO regress_user2; +GRANT SELECT ON atest1 TO regress_user3, regress_user4; SELECT * FROM atest1; CREATE TABLE atest2 (col1 varchar(10), col2 boolean); -GRANT SELECT ON atest2 TO regressuser2; -GRANT UPDATE ON atest2 TO regressuser3; -GRANT INSERT ON atest2 TO regressuser4; -GRANT TRUNCATE ON atest2 TO regressuser5; +GRANT SELECT ON atest2 TO regress_user2; +GRANT UPDATE ON atest2 TO regress_user3; +GRANT INSERT ON atest2 TO regress_user4; +GRANT TRUNCATE ON atest2 TO regress_user5; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT session_user, current_user; -- try various combinations of queries on atest1 and atest2 @@ -95,7 +95,7 @@ SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) ); SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) ); -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; SELECT session_user, current_user; SELECT * FROM atest1; -- ok @@ -120,7 +120,7 @@ COPY atest2 FROM stdin; -- fail SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) ); SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) ); -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; COPY atest2 FROM stdin; -- ok bar true \. @@ -129,11 +129,11 @@ SELECT * FROM atest1; -- ok -- groups -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; CREATE TABLE atest3 (one int, two int, three int); -GRANT DELETE ON atest3 TO GROUP regressgroup2; +GRANT DELETE ON atest3 TO GROUP regress_group2; -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; SELECT * FROM atest3; -- fail DELETE FROM atest3; -- ok @@ -141,7 +141,7 @@ DELETE FROM atest3; -- ok -- views -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; CREATE VIEW atestv1 AS SELECT * FROM atest1; -- ok /* The next *should* fail, but it's not implemented that way yet. */ @@ -152,10 +152,10 @@ CREATE VIEW atestv0 AS SELECT 0 as x WHERE false; -- ok SELECT * FROM atestv1; -- ok SELECT * FROM atestv2; -- fail -GRANT SELECT ON atestv1, atestv3 TO regressuser4; -GRANT SELECT ON atestv2 TO regressuser2; +GRANT SELECT ON atestv1, atestv3 TO regress_user4; +GRANT SELECT ON atestv2 TO regress_user2; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atestv1; -- ok SELECT * FROM atestv2; -- fail @@ -179,29 +179,29 @@ reset constraint_exclusion; CREATE VIEW atestv4 AS SELECT * FROM atestv3; -- nested view SELECT * FROM atestv4; -- ok -GRANT SELECT ON atestv4 TO regressuser2; +GRANT SELECT ON atestv4 TO regress_user2; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; -- Two complex cases: SELECT * FROM atestv3; -- fail -SELECT * FROM atestv4; -- ok (even though regressuser2 cannot access underlying atestv3) +SELECT * FROM atestv4; -- ok (even though regress_user2 cannot access underlying atestv3) SELECT * FROM atest2; -- ok -SELECT * FROM atestv2; -- fail (even though regressuser2 can access underlying atest2) +SELECT * FROM atestv2; -- fail (even though regress_user2 can access underlying atest2) -- Test column level permissions -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE atest5 (one int, two int unique, three int, four int unique); CREATE TABLE atest6 (one int, two int, blue int); -GRANT SELECT (one), INSERT (two), UPDATE (three) ON atest5 TO regressuser4; -GRANT ALL (one) ON atest5 TO regressuser3; +GRANT SELECT (one), INSERT (two), UPDATE (three) ON atest5 TO regress_user4; +GRANT ALL (one) ON atest5 TO regress_user3; INSERT INTO atest5 VALUES (1,2,3); -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atest5; -- fail SELECT one FROM atest5; -- ok COPY atest5 (one) TO stdout; -- ok @@ -222,16 +222,16 @@ SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.two); - SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); -- ok SELECT one, two FROM atest5; -- fail -SET SESSION AUTHORIZATION regressuser1; -GRANT SELECT (one,two) ON atest6 TO regressuser4; +SET SESSION AUTHORIZATION regress_user1; +GRANT SELECT (one,two) ON atest6 TO regress_user4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT one, two FROM atest5 NATURAL JOIN atest6; -- fail still -SET SESSION AUTHORIZATION regressuser1; -GRANT SELECT (two) ON atest5 TO regressuser4; +SET SESSION AUTHORIZATION regress_user1; +GRANT SELECT (two) ON atest5 TO regress_user4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT one, two FROM atest5 NATURAL JOIN atest6; -- ok now -- test column-level privileges for INSERT and UPDATE @@ -263,22 +263,22 @@ INSERT INTO atest5(three) VALUES (4) ON CONFLICT (two) DO UPDATE set three = 10; -- Error. No privs on four INSERT INTO atest5(three) VALUES (4) ON CONFLICT (four) DO UPDATE set three = 10; -SET SESSION AUTHORIZATION regressuser1; -REVOKE ALL (one) ON atest5 FROM regressuser4; -GRANT SELECT (one,two,blue) ON atest6 TO regressuser4; +SET SESSION AUTHORIZATION regress_user1; +REVOKE ALL (one) ON atest5 FROM regress_user4; +GRANT SELECT (one,two,blue) ON atest6 TO regress_user4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT one FROM atest5; -- fail UPDATE atest5 SET one = 1; -- fail SELECT atest6 FROM atest6; -- ok COPY atest6 TO stdout; -- ok -- check error reporting with column privs -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE t1 (c1 int, c2 int, c3 int check (c3 < 5), primary key (c1, c2)); -GRANT SELECT (c1) ON t1 TO regressuser2; -GRANT INSERT (c1, c2, c3) ON t1 TO regressuser2; -GRANT UPDATE (c1, c2, c3) ON t1 TO regressuser2; +GRANT SELECT (c1) ON t1 TO regress_user2; +GRANT INSERT (c1, c2, c3) ON t1 TO regress_user2; +GRANT UPDATE (c1, c2, c3) ON t1 TO regress_user2; -- seed data INSERT INTO t1 VALUES (1, 1, 1); @@ -287,7 +287,7 @@ INSERT INTO t1 VALUES (2, 1, 2); INSERT INTO t1 VALUES (2, 2, 2); INSERT INTO t1 VALUES (3, 1, 3); -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; INSERT INTO t1 (c1, c2) VALUES (1, 1); -- fail, but row not shown UPDATE t1 SET c2 = 1; -- fail, but row not shown INSERT INTO t1 (c1, c2) VALUES (null, null); -- fail, but see columns being inserted @@ -295,59 +295,59 @@ INSERT INTO t1 (c3) VALUES (null); -- fail, but see columns being inserted or ha INSERT INTO t1 (c1) VALUES (5); -- fail, but see columns being inserted or have SELECT UPDATE t1 SET c3 = 10; -- fail, but see columns with SELECT rights, or being modified -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; DROP TABLE t1; -- test column-level privileges when involved with DELETE -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; ALTER TABLE atest6 ADD COLUMN three integer; -GRANT DELETE ON atest5 TO regressuser3; -GRANT SELECT (two) ON atest5 TO regressuser3; -REVOKE ALL (one) ON atest5 FROM regressuser3; -GRANT SELECT (one) ON atest5 TO regressuser4; +GRANT DELETE ON atest5 TO regress_user3; +GRANT SELECT (two) ON atest5 TO regress_user3; +REVOKE ALL (one) ON atest5 FROM regress_user3; +GRANT SELECT (one) ON atest5 TO regress_user4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT atest6 FROM atest6; -- fail SELECT one FROM atest5 NATURAL JOIN atest6; -- fail -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; ALTER TABLE atest6 DROP COLUMN three; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT atest6 FROM atest6; -- ok SELECT one FROM atest5 NATURAL JOIN atest6; -- ok -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; ALTER TABLE atest6 DROP COLUMN two; -REVOKE SELECT (one,blue) ON atest6 FROM regressuser4; +REVOKE SELECT (one,blue) ON atest6 FROM regress_user4; -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atest6; -- fail SELECT 1 FROM atest6; -- fail -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; DELETE FROM atest5 WHERE one = 1; -- fail DELETE FROM atest5 WHERE two = 2; -- ok -- check inheritance cases -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE atestp1 (f1 int, f2 int) WITH OIDS; CREATE TABLE atestp2 (fx int, fy int) WITH OIDS; CREATE TABLE atestc (fz int) INHERITS (atestp1, atestp2); -GRANT SELECT(fx,fy,oid) ON atestp2 TO regressuser2; -GRANT SELECT(fx) ON atestc TO regressuser2; +GRANT SELECT(fx,fy,oid) ON atestp2 TO regress_user2; +GRANT SELECT(fx) ON atestc TO regress_user2; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT fx FROM atestp2; -- ok SELECT fy FROM atestp2; -- ok SELECT atestp2 FROM atestp2; -- ok SELECT oid FROM atestp2; -- ok SELECT fy FROM atestc; -- fail -SET SESSION AUTHORIZATION regressuser1; -GRANT SELECT(fy,oid) ON atestc TO regressuser2; +SET SESSION AUTHORIZATION regress_user1; +GRANT SELECT(fy,oid) ON atestc TO regress_user2; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT fx FROM atestp2; -- still ok SELECT fy FROM atestp2; -- ok SELECT atestp2 FROM atestp2; -- ok @@ -359,35 +359,35 @@ SELECT oid FROM atestp2; -- ok \c - REVOKE ALL PRIVILEGES ON LANGUAGE sql FROM PUBLIC; -GRANT USAGE ON LANGUAGE sql TO regressuser1; -- ok +GRANT USAGE ON LANGUAGE sql TO regress_user1; -- ok GRANT USAGE ON LANGUAGE c TO PUBLIC; -- fail -SET SESSION AUTHORIZATION regressuser1; -GRANT USAGE ON LANGUAGE sql TO regressuser2; -- fail +SET SESSION AUTHORIZATION regress_user1; +GRANT USAGE ON LANGUAGE sql TO regress_user2; -- fail CREATE FUNCTION testfunc1(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; CREATE FUNCTION testfunc2(int) RETURNS int AS 'select 3 * $1;' LANGUAGE sql; REVOKE ALL ON FUNCTION testfunc1(int), testfunc2(int) FROM PUBLIC; -GRANT EXECUTE ON FUNCTION testfunc1(int), testfunc2(int) TO regressuser2; -GRANT USAGE ON FUNCTION testfunc1(int) TO regressuser3; -- semantic error -GRANT ALL PRIVILEGES ON FUNCTION testfunc1(int) TO regressuser4; -GRANT ALL PRIVILEGES ON FUNCTION testfunc_nosuch(int) TO regressuser4; +GRANT EXECUTE ON FUNCTION testfunc1(int), testfunc2(int) TO regress_user2; +GRANT USAGE ON FUNCTION testfunc1(int) TO regress_user3; -- semantic error +GRANT ALL PRIVILEGES ON FUNCTION testfunc1(int) TO regress_user4; +GRANT ALL PRIVILEGES ON FUNCTION testfunc_nosuch(int) TO regress_user4; CREATE FUNCTION testfunc4(boolean) RETURNS text AS 'select col1 from atest2 where col2 = $1;' LANGUAGE sql SECURITY DEFINER; -GRANT EXECUTE ON FUNCTION testfunc4(boolean) TO regressuser3; +GRANT EXECUTE ON FUNCTION testfunc4(boolean) TO regress_user3; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT testfunc1(5), testfunc2(5); -- ok CREATE FUNCTION testfunc3(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; -- fail -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; SELECT testfunc1(5); -- fail SELECT col1 FROM atest2 WHERE col2 = true; -- fail SELECT testfunc4(true); -- ok -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT testfunc1(5); -- ok DROP FUNCTION testfunc1(int); -- fail @@ -405,16 +405,16 @@ GRANT ALL PRIVILEGES ON LANGUAGE sql TO PUBLIC; CREATE TYPE testtype1 AS (a int, b text); REVOKE USAGE ON TYPE testtype1 FROM PUBLIC; -GRANT USAGE ON TYPE testtype1 TO regressuser2; -GRANT USAGE ON TYPE _testtype1 TO regressuser2; -- fail -GRANT USAGE ON DOMAIN testtype1 TO regressuser2; -- fail +GRANT USAGE ON TYPE testtype1 TO regress_user2; +GRANT USAGE ON TYPE _testtype1 TO regress_user2; -- fail +GRANT USAGE ON DOMAIN testtype1 TO regress_user2; -- fail CREATE DOMAIN testdomain1 AS int; REVOKE USAGE on DOMAIN testdomain1 FROM PUBLIC; -GRANT USAGE ON DOMAIN testdomain1 TO regressuser2; -GRANT USAGE ON TYPE testdomain1 TO regressuser2; -- ok +GRANT USAGE ON DOMAIN testdomain1 TO regress_user2; +GRANT USAGE ON TYPE testdomain1 TO regress_user2; -- ok -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; -- commands that should fail @@ -451,7 +451,7 @@ CREATE TABLE test11a AS (SELECT 1::testdomain1 AS a); REVOKE ALL ON TYPE testtype1 FROM PUBLIC; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; -- commands that should succeed @@ -508,7 +508,7 @@ DROP DOMAIN testdomain1; -- ok -- truncate -SET SESSION AUTHORIZATION regressuser5; +SET SESSION AUTHORIZATION regress_user5; TRUNCATE atest2; -- ok TRUNCATE atest3; -- fail @@ -557,7 +557,7 @@ select has_table_privilege(t1.oid,'trigger') from (select oid from pg_class where relname = 'pg_authid') as t1; -- non-superuser -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; select has_table_privilege(current_user,'pg_class','select'); select has_table_privilege(current_user,'pg_class','insert'); @@ -616,56 +616,56 @@ from (select oid from pg_class where relname = 'atest1') as t1; -- Grant options -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; CREATE TABLE atest4 (a int); -GRANT SELECT ON atest4 TO regressuser2 WITH GRANT OPTION; -GRANT UPDATE ON atest4 TO regressuser2; -GRANT SELECT ON atest4 TO GROUP regressgroup1 WITH GRANT OPTION; +GRANT SELECT ON atest4 TO regress_user2 WITH GRANT OPTION; +GRANT UPDATE ON atest4 TO regress_user2; +GRANT SELECT ON atest4 TO GROUP regress_group1 WITH GRANT OPTION; -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; -GRANT SELECT ON atest4 TO regressuser3; -GRANT UPDATE ON atest4 TO regressuser3; -- fail +GRANT SELECT ON atest4 TO regress_user3; +GRANT UPDATE ON atest4 TO regress_user3; -- fail -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; -REVOKE SELECT ON atest4 FROM regressuser3; -- does nothing -SELECT has_table_privilege('regressuser3', 'atest4', 'SELECT'); -- true -REVOKE SELECT ON atest4 FROM regressuser2; -- fail -REVOKE GRANT OPTION FOR SELECT ON atest4 FROM regressuser2 CASCADE; -- ok -SELECT has_table_privilege('regressuser2', 'atest4', 'SELECT'); -- true -SELECT has_table_privilege('regressuser3', 'atest4', 'SELECT'); -- false +REVOKE SELECT ON atest4 FROM regress_user3; -- does nothing +SELECT has_table_privilege('regress_user3', 'atest4', 'SELECT'); -- true +REVOKE SELECT ON atest4 FROM regress_user2; -- fail +REVOKE GRANT OPTION FOR SELECT ON atest4 FROM regress_user2 CASCADE; -- ok +SELECT has_table_privilege('regress_user2', 'atest4', 'SELECT'); -- true +SELECT has_table_privilege('regress_user3', 'atest4', 'SELECT'); -- false -SELECT has_table_privilege('regressuser1', 'atest4', 'SELECT WITH GRANT OPTION'); -- true +SELECT has_table_privilege('regress_user1', 'atest4', 'SELECT WITH GRANT OPTION'); -- true -- Admin options -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; CREATE FUNCTION dogrant_ok() RETURNS void LANGUAGE sql SECURITY DEFINER AS - 'GRANT regressgroup2 TO regressuser5'; -GRANT regressgroup2 TO regressuser5; -- ok: had ADMIN OPTION -SET ROLE regressgroup2; -GRANT regressgroup2 TO regressuser5; -- fails: SET ROLE suspended privilege + 'GRANT regress_group2 TO regress_user5'; +GRANT regress_group2 TO regress_user5; -- ok: had ADMIN OPTION +SET ROLE regress_group2; +GRANT regress_group2 TO regress_user5; -- fails: SET ROLE suspended privilege -SET SESSION AUTHORIZATION regressuser1; -GRANT regressgroup2 TO regressuser5; -- fails: no ADMIN OPTION +SET SESSION AUTHORIZATION regress_user1; +GRANT regress_group2 TO regress_user5; -- fails: no ADMIN OPTION SELECT dogrant_ok(); -- ok: SECURITY DEFINER conveys ADMIN -SET ROLE regressgroup2; -GRANT regressgroup2 TO regressuser5; -- fails: SET ROLE did not help +SET ROLE regress_group2; +GRANT regress_group2 TO regress_user5; -- fails: SET ROLE did not help -SET SESSION AUTHORIZATION regressgroup2; -GRANT regressgroup2 TO regressuser5; -- ok: a role can self-admin +SET SESSION AUTHORIZATION regress_group2; +GRANT regress_group2 TO regress_user5; -- ok: a role can self-admin CREATE FUNCTION dogrant_fails() RETURNS void LANGUAGE sql SECURITY DEFINER AS - 'GRANT regressgroup2 TO regressuser5'; + 'GRANT regress_group2 TO regress_user5'; SELECT dogrant_fails(); -- fails: no self-admin in SECURITY DEFINER DROP FUNCTION dogrant_fails(); -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; DROP FUNCTION dogrant_ok(); -REVOKE regressgroup2 FROM regressuser5; +REVOKE regress_group2 FROM regress_user5; -- has_sequence_privilege tests @@ -673,19 +673,19 @@ REVOKE regressgroup2 FROM regressuser5; CREATE SEQUENCE x_seq; -GRANT USAGE on x_seq to regressuser2; +GRANT USAGE on x_seq to regress_user2; -SELECT has_sequence_privilege('regressuser1', 'atest1', 'SELECT'); -SELECT has_sequence_privilege('regressuser1', 'x_seq', 'INSERT'); -SELECT has_sequence_privilege('regressuser1', 'x_seq', 'SELECT'); +SELECT has_sequence_privilege('regress_user1', 'atest1', 'SELECT'); +SELECT has_sequence_privilege('regress_user1', 'x_seq', 'INSERT'); +SELECT has_sequence_privilege('regress_user1', 'x_seq', 'SELECT'); -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT has_sequence_privilege('x_seq', 'USAGE'); -- largeobject privilege tests \c - -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; SELECT lo_create(1001); SELECT lo_create(1002); @@ -694,17 +694,17 @@ SELECT lo_create(1004); SELECT lo_create(1005); GRANT ALL ON LARGE OBJECT 1001 TO PUBLIC; -GRANT SELECT ON LARGE OBJECT 1003 TO regressuser2; -GRANT SELECT,UPDATE ON LARGE OBJECT 1004 TO regressuser2; -GRANT ALL ON LARGE OBJECT 1005 TO regressuser2; -GRANT SELECT ON LARGE OBJECT 1005 TO regressuser2 WITH GRANT OPTION; +GRANT SELECT ON LARGE OBJECT 1003 TO regress_user2; +GRANT SELECT,UPDATE ON LARGE OBJECT 1004 TO regress_user2; +GRANT ALL ON LARGE OBJECT 1005 TO regress_user2; +GRANT SELECT ON LARGE OBJECT 1005 TO regress_user2 WITH GRANT OPTION; GRANT SELECT, INSERT ON LARGE OBJECT 1001 TO PUBLIC; -- to be failed GRANT SELECT, UPDATE ON LARGE OBJECT 1001 TO nosuchuser; -- to be failed GRANT SELECT, UPDATE ON LARGE OBJECT 999 TO PUBLIC; -- to be failed \c - -SET SESSION AUTHORIZATION regressuser2; +SET SESSION AUTHORIZATION regress_user2; SELECT lo_create(2001); SELECT lo_create(2002); @@ -719,10 +719,10 @@ SELECT lowrite(lo_open(1002, x'20000'::int), 'abcd'); -- to be denied SELECT lowrite(lo_open(1003, x'20000'::int), 'abcd'); -- to be denied SELECT lowrite(lo_open(1004, x'20000'::int), 'abcd'); -GRANT SELECT ON LARGE OBJECT 1005 TO regressuser3; -GRANT UPDATE ON LARGE OBJECT 1006 TO regressuser3; -- to be denied +GRANT SELECT ON LARGE OBJECT 1005 TO regress_user3; +GRANT UPDATE ON LARGE OBJECT 1006 TO regress_user3; -- to be denied REVOKE ALL ON LARGE OBJECT 2001, 2002 FROM PUBLIC; -GRANT ALL ON LARGE OBJECT 2001 TO regressuser3; +GRANT ALL ON LARGE OBJECT 2001 TO regress_user3; SELECT lo_unlink(1001); -- to be denied SELECT lo_unlink(2002); @@ -731,7 +731,7 @@ SELECT lo_unlink(2002); -- confirm ACL setting SELECT oid, pg_get_userbyid(lomowner) ownername, lomacl FROM pg_largeobject_metadata; -SET SESSION AUTHORIZATION regressuser3; +SET SESSION AUTHORIZATION regress_user3; SELECT loread(lo_open(1001, x'40000'::int), 32); SELECT loread(lo_open(1003, x'40000'::int), 32); -- to be denied @@ -743,7 +743,7 @@ SELECT lo_truncate(lo_open(2001, x'20000'::int), 10); -- compatibility mode in largeobject permission \c - SET lo_compat_privileges = false; -- default setting -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT loread(lo_open(1002, x'40000'::int), 32); -- to be denied SELECT lowrite(lo_open(1002, x'20000'::int), 'abcd'); -- to be denied @@ -753,7 +753,7 @@ SELECT lo_export(1001, '/dev/null'); -- to be denied \c - SET lo_compat_privileges = true; -- compatibility mode -SET SESSION AUTHORIZATION regressuser4; +SET SESSION AUTHORIZATION regress_user4; SELECT loread(lo_open(1002, x'40000'::int), 32); SELECT lowrite(lo_open(1002, x'20000'::int), 'abcd'); @@ -765,75 +765,75 @@ SELECT lo_export(1001, '/dev/null'); -- to be denied \c - SELECT * FROM pg_largeobject LIMIT 0; -SET SESSION AUTHORIZATION regressuser1; +SET SESSION AUTHORIZATION regress_user1; SELECT * FROM pg_largeobject LIMIT 0; -- to be denied -- test default ACLs \c - CREATE SCHEMA testns; -GRANT ALL ON SCHEMA testns TO regressuser1; +GRANT ALL ON SCHEMA testns TO regress_user1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- no -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT SELECT ON TABLES TO public; -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- no -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no DROP TABLE testns.acltest1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- yes -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no -ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT INSERT ON TABLES TO regressuser1; +ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT INSERT ON TABLES TO regress_user1; DROP TABLE testns.acltest1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- yes -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- yes -ALTER DEFAULT PRIVILEGES IN SCHEMA testns REVOKE INSERT ON TABLES FROM regressuser1; +ALTER DEFAULT PRIVILEGES IN SCHEMA testns REVOKE INSERT ON TABLES FROM regress_user1; DROP TABLE testns.acltest1; CREATE TABLE testns.acltest1 (x int); -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'SELECT'); -- yes -SELECT has_table_privilege('regressuser1', 'testns.acltest1', 'INSERT'); -- no +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- yes +SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no -ALTER DEFAULT PRIVILEGES FOR ROLE regressuser1 REVOKE EXECUTE ON FUNCTIONS FROM public; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_user1 REVOKE EXECUTE ON FUNCTIONS FROM public; -SET ROLE regressuser1; +SET ROLE regress_user1; CREATE FUNCTION testns.foo() RETURNS int AS 'select 1' LANGUAGE sql; -SELECT has_function_privilege('regressuser2', 'testns.foo()', 'EXECUTE'); -- no +SELECT has_function_privilege('regress_user2', 'testns.foo()', 'EXECUTE'); -- no ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT EXECUTE ON FUNCTIONS to public; DROP FUNCTION testns.foo(); CREATE FUNCTION testns.foo() RETURNS int AS 'select 1' LANGUAGE sql; -SELECT has_function_privilege('regressuser2', 'testns.foo()', 'EXECUTE'); -- yes +SELECT has_function_privilege('regress_user2', 'testns.foo()', 'EXECUTE'); -- yes DROP FUNCTION testns.foo(); -ALTER DEFAULT PRIVILEGES FOR ROLE regressuser1 REVOKE USAGE ON TYPES FROM public; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_user1 REVOKE USAGE ON TYPES FROM public; CREATE DOMAIN testns.testdomain1 AS int; -SELECT has_type_privilege('regressuser2', 'testns.testdomain1', 'USAGE'); -- no +SELECT has_type_privilege('regress_user2', 'testns.testdomain1', 'USAGE'); -- no ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT USAGE ON TYPES to public; DROP DOMAIN testns.testdomain1; CREATE DOMAIN testns.testdomain1 AS int; -SELECT has_type_privilege('regressuser2', 'testns.testdomain1', 'USAGE'); -- yes +SELECT has_type_privilege('regress_user2', 'testns.testdomain1', 'USAGE'); -- yes DROP DOMAIN testns.testdomain1; @@ -857,25 +857,25 @@ CREATE SCHEMA testns; CREATE TABLE testns.t1 (f1 int); CREATE TABLE testns.t2 (f1 int); -SELECT has_table_privilege('regressuser1', 'testns.t1', 'SELECT'); -- false +SELECT has_table_privilege('regress_user1', 'testns.t1', 'SELECT'); -- false -GRANT ALL ON ALL TABLES IN SCHEMA testns TO regressuser1; +GRANT ALL ON ALL TABLES IN SCHEMA testns TO regress_user1; -SELECT has_table_privilege('regressuser1', 'testns.t1', 'SELECT'); -- true -SELECT has_table_privilege('regressuser1', 'testns.t2', 'SELECT'); -- true +SELECT has_table_privilege('regress_user1', 'testns.t1', 'SELECT'); -- true +SELECT has_table_privilege('regress_user1', 'testns.t2', 'SELECT'); -- true -REVOKE ALL ON ALL TABLES IN SCHEMA testns FROM regressuser1; +REVOKE ALL ON ALL TABLES IN SCHEMA testns FROM regress_user1; -SELECT has_table_privilege('regressuser1', 'testns.t1', 'SELECT'); -- false -SELECT has_table_privilege('regressuser1', 'testns.t2', 'SELECT'); -- false +SELECT has_table_privilege('regress_user1', 'testns.t1', 'SELECT'); -- false +SELECT has_table_privilege('regress_user1', 'testns.t2', 'SELECT'); -- false CREATE FUNCTION testns.testfunc(int) RETURNS int AS 'select 3 * $1;' LANGUAGE sql; -SELECT has_function_privilege('regressuser1', 'testns.testfunc(int)', 'EXECUTE'); -- true by default +SELECT has_function_privilege('regress_user1', 'testns.testfunc(int)', 'EXECUTE'); -- true by default REVOKE ALL ON ALL FUNCTIONS IN SCHEMA testns FROM PUBLIC; -SELECT has_function_privilege('regressuser1', 'testns.testfunc(int)', 'EXECUTE'); -- false +SELECT has_function_privilege('regress_user1', 'testns.testfunc(int)', 'EXECUTE'); -- false SET client_min_messages TO 'warning'; DROP SCHEMA testns CASCADE; @@ -885,19 +885,19 @@ RESET client_min_messages; -- Change owner of the schema & and rename of new schema owner \c - -CREATE ROLE schemauser1 superuser login; -CREATE ROLE schemauser2 superuser login; +CREATE ROLE regress_schemauser1 superuser login; +CREATE ROLE regress_schemauser2 superuser login; -SET SESSION ROLE schemauser1; +SET SESSION ROLE regress_schemauser1; CREATE SCHEMA testns; SELECT nspname, rolname FROM pg_namespace, pg_roles WHERE pg_namespace.nspname = 'testns' AND pg_namespace.nspowner = pg_roles.oid; -ALTER SCHEMA testns OWNER TO schemauser2; -ALTER ROLE schemauser2 RENAME TO schemauser_renamed; +ALTER SCHEMA testns OWNER TO regress_schemauser2; +ALTER ROLE regress_schemauser2 RENAME TO regress_schemauser_renamed; SELECT nspname, rolname FROM pg_namespace, pg_roles WHERE pg_namespace.nspname = 'testns' AND pg_namespace.nspowner = pg_roles.oid; -set session role schemauser_renamed; +set session role regress_schemauser_renamed; SET client_min_messages TO 'warning'; DROP SCHEMA testns CASCADE; RESET client_min_messages; @@ -905,31 +905,31 @@ RESET client_min_messages; -- clean up \c - -DROP ROLE schemauser1; -DROP ROLE schemauser_renamed; +DROP ROLE regress_schemauser1; +DROP ROLE regress_schemauser_renamed; -- test that dependent privileges are revoked (or not) properly \c - -set session role regressuser1; +set session role regress_user1; create table dep_priv_test (a int); -grant select on dep_priv_test to regressuser2 with grant option; -grant select on dep_priv_test to regressuser3 with grant option; -set session role regressuser2; -grant select on dep_priv_test to regressuser4 with grant option; -set session role regressuser3; -grant select on dep_priv_test to regressuser4 with grant option; -set session role regressuser4; -grant select on dep_priv_test to regressuser5; +grant select on dep_priv_test to regress_user2 with grant option; +grant select on dep_priv_test to regress_user3 with grant option; +set session role regress_user2; +grant select on dep_priv_test to regress_user4 with grant option; +set session role regress_user3; +grant select on dep_priv_test to regress_user4 with grant option; +set session role regress_user4; +grant select on dep_priv_test to regress_user5; \dp dep_priv_test -set session role regressuser2; -revoke select on dep_priv_test from regressuser4 cascade; +set session role regress_user2; +revoke select on dep_priv_test from regress_user4 cascade; \dp dep_priv_test -set session role regressuser3; -revoke select on dep_priv_test from regressuser4 cascade; +set session role regress_user3; +revoke select on dep_priv_test from regress_user4 cascade; \dp dep_priv_test -set session role regressuser1; +set session role regress_user1; drop table dep_priv_test; @@ -962,28 +962,28 @@ DROP TABLE atestp2; SELECT lo_unlink(oid) FROM pg_largeobject_metadata; -DROP GROUP regressgroup1; -DROP GROUP regressgroup2; +DROP GROUP regress_group1; +DROP GROUP regress_group2; -- these are needed to clean up permissions -REVOKE USAGE ON LANGUAGE sql FROM regressuser1; -DROP OWNED BY regressuser1; +REVOKE USAGE ON LANGUAGE sql FROM regress_user1; +DROP OWNED BY regress_user1; -DROP USER regressuser1; -DROP USER regressuser2; -DROP USER regressuser3; -DROP USER regressuser4; -DROP USER regressuser5; -DROP USER regressuser6; +DROP USER regress_user1; +DROP USER regress_user2; +DROP USER regress_user3; +DROP USER regress_user4; +DROP USER regress_user5; +DROP USER regress_user6; -- permissions with LOCK TABLE -CREATE USER locktable_user; +CREATE USER regress_locktable_user; CREATE TABLE lock_table (a int); -- LOCK TABLE and SELECT permission -GRANT SELECT ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT SELECT ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should fail ROLLBACK; @@ -994,11 +994,11 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail ROLLBACK; \c -REVOKE SELECT ON lock_table FROM locktable_user; +REVOKE SELECT ON lock_table FROM regress_locktable_user; -- LOCK TABLE and INSERT permission -GRANT INSERT ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT INSERT ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1009,11 +1009,11 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail ROLLBACK; \c -REVOKE INSERT ON lock_table FROM locktable_user; +REVOKE INSERT ON lock_table FROM regress_locktable_user; -- LOCK TABLE and UPDATE permission -GRANT UPDATE ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT UPDATE ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1024,11 +1024,11 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass COMMIT; \c -REVOKE UPDATE ON lock_table FROM locktable_user; +REVOKE UPDATE ON lock_table FROM regress_locktable_user; -- LOCK TABLE and DELETE permission -GRANT DELETE ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT DELETE ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1039,11 +1039,11 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass COMMIT; \c -REVOKE DELETE ON lock_table FROM locktable_user; +REVOKE DELETE ON lock_table FROM regress_locktable_user; -- LOCK TABLE and TRUNCATE permission -GRANT TRUNCATE ON lock_table TO locktable_user; -SET SESSION AUTHORIZATION locktable_user; +GRANT TRUNCATE ON lock_table TO regress_locktable_user; +SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; @@ -1054,8 +1054,8 @@ BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass COMMIT; \c -REVOKE TRUNCATE ON lock_table FROM locktable_user; +REVOKE TRUNCATE ON lock_table FROM regress_locktable_user; -- clean up DROP TABLE lock_table; -DROP USER locktable_user; +DROP USER regress_locktable_user; diff --git a/src/test/regress/sql/regproc.sql b/src/test/regress/sql/regproc.sql index aa8521475c7..a60bc289010 100644 --- a/src/test/regress/sql/regproc.sql +++ b/src/test/regress/sql/regproc.sql @@ -4,7 +4,7 @@ /* If objects exist, return oids */ -CREATE ROLE regtestrole; +CREATE ROLE regress_regrole_test; -- without schemaname @@ -39,19 +39,19 @@ SELECT to_regtype('pg_catalog.int4'); -- schemaname not applicable -SELECT regrole('regtestrole'); -SELECT regrole('"regtestrole"'); +SELECT regrole('regress_regrole_test'); +SELECT regrole('"regress_regrole_test"'); SELECT regnamespace('pg_catalog'); SELECT regnamespace('"pg_catalog"'); -SELECT to_regrole('regtestrole'); -SELECT to_regrole('"regtestrole"'); +SELECT to_regrole('regress_regrole_test'); +SELECT to_regrole('"regress_regrole_test"'); SELECT to_regnamespace('pg_catalog'); SELECT to_regnamespace('"pg_catalog"'); /* If objects don't exist, raise errors. */ -DROP ROLE regtestrole; +DROP ROLE regress_regrole_test; -- without schemaname @@ -73,8 +73,8 @@ SELECT regtype('ng_catalog.int4'); -- schemaname not applicable -SELECT regrole('regtestrole'); -SELECT regrole('"regtestrole"'); +SELECT regrole('regress_regrole_test'); +SELECT regrole('"regress_regrole_test"'); SELECT regrole('Nonexistent'); SELECT regrole('"Nonexistent"'); SELECT regrole('foo.bar'); @@ -104,8 +104,8 @@ SELECT to_regtype('ng_catalog.int4'); -- schemaname not applicable -SELECT to_regrole('regtestrole'); -SELECT to_regrole('"regtestrole"'); +SELECT to_regrole('regress_regrole_test'); +SELECT to_regrole('"regress_regrole_test"'); SELECT to_regrole('foo.bar'); SELECT to_regrole('Nonexistent'); SELECT to_regrole('"Nonexistent"'); diff --git a/src/test/regress/sql/roleattributes.sql b/src/test/regress/sql/roleattributes.sql index 67c6b0f8351..1b034d752fb 100644 --- a/src/test/regress/sql/roleattributes.sql +++ b/src/test/regress/sql/roleattributes.sql @@ -1,97 +1,97 @@ -- default for superuser is false -CREATE ROLE test_def_superuser; -SELECT * FROM pg_authid WHERE rolname = 'test_def_superuser'; -CREATE ROLE test_superuser WITH SUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; -ALTER ROLE test_superuser WITH NOSUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; -ALTER ROLE test_superuser WITH SUPERUSER; -SELECT * FROM pg_authid WHERE rolname = 'test_superuser'; +CREATE ROLE regress_test_def_superuser; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_superuser'; +CREATE ROLE regress_test_superuser WITH SUPERUSER; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_superuser'; +ALTER ROLE regress_test_superuser WITH NOSUPERUSER; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_superuser'; +ALTER ROLE regress_test_superuser WITH SUPERUSER; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_superuser'; -- default for inherit is true -CREATE ROLE test_def_inherit; -SELECT * FROM pg_authid WHERE rolname = 'test_def_inherit'; -CREATE ROLE test_inherit WITH NOINHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; -ALTER ROLE test_inherit WITH INHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; -ALTER ROLE test_inherit WITH NOINHERIT; -SELECT * FROM pg_authid WHERE rolname = 'test_inherit'; +CREATE ROLE regress_test_def_inherit; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_inherit'; +CREATE ROLE regress_test_inherit WITH NOINHERIT; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_inherit'; +ALTER ROLE regress_test_inherit WITH INHERIT; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_inherit'; +ALTER ROLE regress_test_inherit WITH NOINHERIT; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_inherit'; -- default for create role is false -CREATE ROLE test_def_createrole; -SELECT * FROM pg_authid WHERE rolname = 'test_def_createrole'; -CREATE ROLE test_createrole WITH CREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; -ALTER ROLE test_createrole WITH NOCREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; -ALTER ROLE test_createrole WITH CREATEROLE; -SELECT * FROM pg_authid WHERE rolname = 'test_createrole'; +CREATE ROLE regress_test_def_createrole; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_createrole'; +CREATE ROLE regress_test_createrole WITH CREATEROLE; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createrole'; +ALTER ROLE regress_test_createrole WITH NOCREATEROLE; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createrole'; +ALTER ROLE regress_test_createrole WITH CREATEROLE; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createrole'; -- default for create database is false -CREATE ROLE test_def_createdb; -SELECT * FROM pg_authid WHERE rolname = 'test_def_createdb'; -CREATE ROLE test_createdb WITH CREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; -ALTER ROLE test_createdb WITH NOCREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; -ALTER ROLE test_createdb WITH CREATEDB; -SELECT * FROM pg_authid WHERE rolname = 'test_createdb'; +CREATE ROLE regress_test_def_createdb; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_createdb'; +CREATE ROLE regress_test_createdb WITH CREATEDB; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createdb'; +ALTER ROLE regress_test_createdb WITH NOCREATEDB; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createdb'; +ALTER ROLE regress_test_createdb WITH CREATEDB; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_createdb'; -- default for can login is false for role -CREATE ROLE test_def_role_canlogin; -SELECT * FROM pg_authid WHERE rolname = 'test_def_role_canlogin'; -CREATE ROLE test_role_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; -ALTER ROLE test_role_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; -ALTER ROLE test_role_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_role_canlogin'; +CREATE ROLE regress_test_def_role_canlogin; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_role_canlogin'; +CREATE ROLE regress_test_role_canlogin WITH LOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_role_canlogin'; +ALTER ROLE regress_test_role_canlogin WITH NOLOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_role_canlogin'; +ALTER ROLE regress_test_role_canlogin WITH LOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_role_canlogin'; -- default for can login is true for user -CREATE USER test_def_user_canlogin; -SELECT * FROM pg_authid WHERE rolname = 'test_def_user_canlogin'; -CREATE USER test_user_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; -ALTER USER test_user_canlogin WITH LOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; -ALTER USER test_user_canlogin WITH NOLOGIN; -SELECT * FROM pg_authid WHERE rolname = 'test_user_canlogin'; +CREATE USER regress_test_def_user_canlogin; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_user_canlogin'; +CREATE USER regress_test_user_canlogin WITH NOLOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_user_canlogin'; +ALTER USER regress_test_user_canlogin WITH LOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_user_canlogin'; +ALTER USER regress_test_user_canlogin WITH NOLOGIN; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_user_canlogin'; -- default for replication is false -CREATE ROLE test_def_replication; -SELECT * FROM pg_authid WHERE rolname = 'test_def_replication'; -CREATE ROLE test_replication WITH REPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; -ALTER ROLE test_replication WITH NOREPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; -ALTER ROLE test_replication WITH REPLICATION; -SELECT * FROM pg_authid WHERE rolname = 'test_replication'; +CREATE ROLE regress_test_def_replication; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_replication'; +CREATE ROLE regress_test_replication WITH REPLICATION; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_replication'; +ALTER ROLE regress_test_replication WITH NOREPLICATION; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_replication'; +ALTER ROLE regress_test_replication WITH REPLICATION; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_replication'; -- default for bypassrls is false -CREATE ROLE test_def_bypassrls; -SELECT * FROM pg_authid WHERE rolname = 'test_def_bypassrls'; -CREATE ROLE test_bypassrls WITH BYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; -ALTER ROLE test_bypassrls WITH NOBYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; -ALTER ROLE test_bypassrls WITH BYPASSRLS; -SELECT * FROM pg_authid WHERE rolname = 'test_bypassrls'; +CREATE ROLE regress_test_def_bypassrls; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_def_bypassrls'; +CREATE ROLE regress_test_bypassrls WITH BYPASSRLS; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_bypassrls'; +ALTER ROLE regress_test_bypassrls WITH NOBYPASSRLS; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_bypassrls'; +ALTER ROLE regress_test_bypassrls WITH BYPASSRLS; +SELECT * FROM pg_authid WHERE rolname = 'regress_test_bypassrls'; -- clean up roles -DROP ROLE test_def_superuser; -DROP ROLE test_superuser; -DROP ROLE test_def_inherit; -DROP ROLE test_inherit; -DROP ROLE test_def_createrole; -DROP ROLE test_createrole; -DROP ROLE test_def_createdb; -DROP ROLE test_createdb; -DROP ROLE test_def_role_canlogin; -DROP ROLE test_role_canlogin; -DROP USER test_def_user_canlogin; -DROP USER test_user_canlogin; -DROP ROLE test_def_replication; -DROP ROLE test_replication; -DROP ROLE test_def_bypassrls; -DROP ROLE test_bypassrls; +DROP ROLE regress_test_def_superuser; +DROP ROLE regress_test_superuser; +DROP ROLE regress_test_def_inherit; +DROP ROLE regress_test_inherit; +DROP ROLE regress_test_def_createrole; +DROP ROLE regress_test_createrole; +DROP ROLE regress_test_def_createdb; +DROP ROLE regress_test_createdb; +DROP ROLE regress_test_def_role_canlogin; +DROP ROLE regress_test_role_canlogin; +DROP USER regress_test_def_user_canlogin; +DROP USER regress_test_user_canlogin; +DROP ROLE regress_test_def_replication; +DROP ROLE regress_test_replication; +DROP ROLE regress_test_def_bypassrls; +DROP ROLE regress_test_bypassrls; diff --git a/src/test/regress/sql/rolenames.sql b/src/test/regress/sql/rolenames.sql index 56c1b98b390..451d9d338d2 100644 --- a/src/test/regress/sql/rolenames.sql +++ b/src/test/regress/sql/rolenames.sql @@ -26,7 +26,7 @@ SELECT COALESCE(d.datname, 'ALL'), COALESCE(r.rolname, 'ALL'), (SESSION_USER, 'session_user')) AS v(uname, keyword) ON (r.rolname = v.uname) - WHERE (r.rolname) IN ('Public', 'current_user', 'testrol1', 'testrol2') + WHERE (r.rolname) IN ('Public', 'current_user', 'regress_testrol1', 'regress_testrol2') ORDER BY 1, 2; $$ LANGUAGE SQL; @@ -62,14 +62,14 @@ CREATE ROLE "pg_abc"; -- error CREATE ROLE pg_abcdef; -- error CREATE ROLE "pg_abcdef"; -- error -CREATE ROLE testrol0 SUPERUSER LOGIN; -CREATE ROLE testrolx SUPERUSER LOGIN; -CREATE ROLE testrol2 SUPERUSER; -CREATE ROLE testrol1 SUPERUSER LOGIN IN ROLE testrol2; +CREATE ROLE regress_testrol0 SUPERUSER LOGIN; +CREATE ROLE regress_testrolx SUPERUSER LOGIN; +CREATE ROLE regress_testrol2 SUPERUSER; +CREATE ROLE regress_testrol1 SUPERUSER LOGIN IN ROLE regress_testrol2; \c - -SET SESSION AUTHORIZATION testrol1; -SET ROLE testrol2; +SET SESSION AUTHORIZATION regress_testrol1; +SET ROLE regress_testrol2; -- ALTER ROLE BEGIN; @@ -85,8 +85,8 @@ SELECT * FROM chkrolattr(); ALTER USER "Public" WITH REPLICATION; ALTER USER "None" WITH REPLICATION; SELECT * FROM chkrolattr(); -ALTER USER testrol1 WITH NOREPLICATION; -ALTER USER testrol2 WITH NOREPLICATION; +ALTER USER regress_testrol1 WITH NOREPLICATION; +ALTER USER regress_testrol2 WITH NOREPLICATION; SELECT * FROM chkrolattr(); ROLLBACK; @@ -114,8 +114,8 @@ SELECT * FROM chkrolattr(); ALTER USER "Public" WITH REPLICATION; ALTER USER "None" WITH REPLICATION; SELECT * FROM chkrolattr(); -ALTER USER testrol1 WITH NOREPLICATION; -ALTER USER testrol2 WITH NOREPLICATION; +ALTER USER regress_testrol1 WITH NOREPLICATION; +ALTER USER regress_testrol2 WITH NOREPLICATION; SELECT * FROM chkrolattr(); ROLLBACK; @@ -137,7 +137,7 @@ ALTER ROLE "current_user" SET application_name to 'FOOFOO'; ALTER ROLE "Public" SET application_name to 'BARBAR'; ALTER ROLE ALL SET application_name to 'SLAP'; SELECT * FROM chksetconfig(); -ALTER ROLE testrol1 SET application_name to 'SLAM'; +ALTER ROLE regress_testrol1 SET application_name to 'SLAM'; SELECT * FROM chksetconfig(); ALTER ROLE CURRENT_USER RESET application_name; ALTER ROLE SESSION_USER RESET application_name; @@ -160,7 +160,7 @@ ALTER USER "current_user" SET application_name to 'FOOFOO'; ALTER USER "Public" SET application_name to 'BARBAR'; ALTER USER ALL SET application_name to 'SLAP'; SELECT * FROM chksetconfig(); -ALTER USER testrol1 SET application_name to 'SLAM'; +ALTER USER regress_testrol1 SET application_name to 'SLAM'; SELECT * FROM chksetconfig(); ALTER USER CURRENT_USER RESET application_name; ALTER USER SESSION_USER RESET application_name; @@ -181,7 +181,7 @@ set client_min_messages to error; CREATE SCHEMA newschema1 AUTHORIZATION CURRENT_USER; CREATE SCHEMA newschema2 AUTHORIZATION "current_user"; CREATE SCHEMA newschema3 AUTHORIZATION SESSION_USER; -CREATE SCHEMA newschema4 AUTHORIZATION testrolx; +CREATE SCHEMA newschema4 AUTHORIZATION regress_testrolx; CREATE SCHEMA newschema5 AUTHORIZATION "Public"; CREATE SCHEMA newschema6 AUTHORIZATION USER; -- error @@ -198,7 +198,7 @@ SELECT n.nspname, r.rolname FROM pg_namespace n CREATE SCHEMA IF NOT EXISTS newschema1 AUTHORIZATION CURRENT_USER; CREATE SCHEMA IF NOT EXISTS newschema2 AUTHORIZATION "current_user"; CREATE SCHEMA IF NOT EXISTS newschema3 AUTHORIZATION SESSION_USER; -CREATE SCHEMA IF NOT EXISTS newschema4 AUTHORIZATION testrolx; +CREATE SCHEMA IF NOT EXISTS newschema4 AUTHORIZATION regress_testrolx; CREATE SCHEMA IF NOT EXISTS newschema5 AUTHORIZATION "Public"; CREATE SCHEMA IF NOT EXISTS newschema6 AUTHORIZATION USER; -- error @@ -214,7 +214,7 @@ SELECT n.nspname, r.rolname FROM pg_namespace n -- ALTER TABLE OWNER TO \c - -SET SESSION AUTHORIZATION testrol0; +SET SESSION AUTHORIZATION regress_testrol0; set client_min_messages to error; CREATE TABLE testtab1 (a int); CREATE TABLE testtab2 (a int); @@ -224,13 +224,13 @@ CREATE TABLE testtab5 (a int); CREATE TABLE testtab6 (a int); \c - -SET SESSION AUTHORIZATION testrol1; -SET ROLE testrol2; +SET SESSION AUTHORIZATION regress_testrol1; +SET ROLE regress_testrol2; ALTER TABLE testtab1 OWNER TO CURRENT_USER; ALTER TABLE testtab2 OWNER TO "current_user"; ALTER TABLE testtab3 OWNER TO SESSION_USER; -ALTER TABLE testtab4 OWNER TO testrolx; +ALTER TABLE testtab4 OWNER TO regress_testrolx; ALTER TABLE testtab5 OWNER TO "Public"; ALTER TABLE testtab6 OWNER TO CURRENT_ROLE; -- error @@ -249,7 +249,7 @@ SELECT c.relname, r.rolname -- ALTER AGGREGATE \c - -SET SESSION AUTHORIZATION testrol0; +SET SESSION AUTHORIZATION regress_testrol0; CREATE AGGREGATE testagg1(int2) (SFUNC = int2_sum, STYPE = int8); CREATE AGGREGATE testagg2(int2) (SFUNC = int2_sum, STYPE = int8); CREATE AGGREGATE testagg3(int2) (SFUNC = int2_sum, STYPE = int8); @@ -262,13 +262,13 @@ CREATE AGGREGATE testagg8(int2) (SFUNC = int2_sum, STYPE = int8); CREATE AGGREGATE testagg9(int2) (SFUNC = int2_sum, STYPE = int8); \c - -SET SESSION AUTHORIZATION testrol1; -SET ROLE testrol2; +SET SESSION AUTHORIZATION regress_testrol1; +SET ROLE regress_testrol2; ALTER AGGREGATE testagg1(int2) OWNER TO CURRENT_USER; ALTER AGGREGATE testagg2(int2) OWNER TO "current_user"; ALTER AGGREGATE testagg3(int2) OWNER TO SESSION_USER; -ALTER AGGREGATE testagg4(int2) OWNER TO testrolx; +ALTER AGGREGATE testagg4(int2) OWNER TO regress_testrolx; ALTER AGGREGATE testagg5(int2) OWNER TO "Public"; ALTER AGGREGATE testagg5(int2) OWNER TO CURRENT_ROLE; -- error @@ -301,7 +301,7 @@ CREATE USER MAPPING FOR "user" SERVER sv4 OPTIONS (user '"USER"'); CREATE USER MAPPING FOR SESSION_USER SERVER sv5 OPTIONS (user 'SESSION_USER'); CREATE USER MAPPING FOR PUBLIC SERVER sv6 OPTIONS (user 'PUBLIC'); CREATE USER MAPPING FOR "Public" SERVER sv7 OPTIONS (user '"Public"'); -CREATE USER MAPPING FOR testrolx SERVER sv8 OPTIONS (user 'testrolx'); +CREATE USER MAPPING FOR regress_testrolx SERVER sv8 OPTIONS (user 'regress_testrolx'); CREATE USER MAPPING FOR CURRENT_ROLE SERVER sv9 OPTIONS (user 'CURRENT_ROLE'); -- error @@ -325,8 +325,8 @@ ALTER USER MAPPING FOR PUBLIC SERVER sv6 OPTIONS (SET user 'public_alt'); ALTER USER MAPPING FOR "Public" SERVER sv7 OPTIONS (SET user '"Public"_alt'); -ALTER USER MAPPING FOR testrolx SERVER sv8 - OPTIONS (SET user 'testrolx_alt'); +ALTER USER MAPPING FOR regress_testrolx SERVER sv8 + OPTIONS (SET user 'regress_testrolx_alt'); ALTER USER MAPPING FOR CURRENT_ROLE SERVER sv9 OPTIONS (SET user 'CURRENT_ROLE_alt'); @@ -343,7 +343,7 @@ DROP USER MAPPING FOR "user" SERVER sv4; DROP USER MAPPING FOR SESSION_USER SERVER sv5; DROP USER MAPPING FOR PUBLIC SERVER sv6; DROP USER MAPPING FOR "Public" SERVER sv7; -DROP USER MAPPING FOR testrolx SERVER sv8; +DROP USER MAPPING FOR regress_testrolx SERVER sv8; DROP USER MAPPING FOR CURRENT_ROLE SERVER sv9; -- error DROP USER MAPPING FOR nonexistent SERVER sv; -- error @@ -356,7 +356,7 @@ CREATE USER MAPPING FOR "user" SERVER sv4 OPTIONS (user '"USER"'); CREATE USER MAPPING FOR SESSION_USER SERVER sv5 OPTIONS (user 'SESSION_USER'); CREATE USER MAPPING FOR PUBLIC SERVER sv6 OPTIONS (user 'PUBLIC'); CREATE USER MAPPING FOR "Public" SERVER sv7 OPTIONS (user '"Public"'); -CREATE USER MAPPING FOR testrolx SERVER sv8 OPTIONS (user 'testrolx'); +CREATE USER MAPPING FOR regress_testrolx SERVER sv8 OPTIONS (user 'regress_testrolx'); SELECT * FROM chkumapping(); -- DROP USER MAPPING IF EXISTS @@ -374,19 +374,19 @@ DROP USER MAPPING IF EXISTS FOR PUBLIC SERVER sv6; SELECT * FROM chkumapping(); DROP USER MAPPING IF EXISTS FOR "Public" SERVER sv7; SELECT * FROM chkumapping(); -DROP USER MAPPING IF EXISTS FOR testrolx SERVER sv8; +DROP USER MAPPING IF EXISTS FOR regress_testrolx SERVER sv8; SELECT * FROM chkumapping(); DROP USER MAPPING IF EXISTS FOR CURRENT_ROLE SERVER sv9; --error DROP USER MAPPING IF EXISTS FOR nonexistent SERVER sv9; -- error -- GRANT/REVOKE -GRANT testrol0 TO pg_signal_backend; -- success +GRANT regress_testrol0 TO pg_signal_backend; -- success SET ROLE pg_signal_backend; --success RESET ROLE; CREATE SCHEMA test_schema AUTHORIZATION pg_signal_backend; --success -SET ROLE testrol2; +SET ROLE regress_testrol2; UPDATE pg_proc SET proacl = null WHERE proname LIKE 'testagg_'; SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; @@ -405,10 +405,10 @@ GRANT ALL PRIVILEGES ON FUNCTION testagg2(int2) TO CURRENT_USER; GRANT ALL PRIVILEGES ON FUNCTION testagg3(int2) TO "current_user"; GRANT ALL PRIVILEGES ON FUNCTION testagg4(int2) TO SESSION_USER; GRANT ALL PRIVILEGES ON FUNCTION testagg5(int2) TO "Public"; -GRANT ALL PRIVILEGES ON FUNCTION testagg6(int2) TO testrolx; +GRANT ALL PRIVILEGES ON FUNCTION testagg6(int2) TO regress_testrolx; GRANT ALL PRIVILEGES ON FUNCTION testagg7(int2) TO "public"; GRANT ALL PRIVILEGES ON FUNCTION testagg8(int2) - TO current_user, public, testrolx; + TO current_user, public, regress_testrolx; SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; @@ -424,10 +424,10 @@ REVOKE ALL PRIVILEGES ON FUNCTION testagg2(int2) FROM CURRENT_USER; REVOKE ALL PRIVILEGES ON FUNCTION testagg3(int2) FROM "current_user"; REVOKE ALL PRIVILEGES ON FUNCTION testagg4(int2) FROM SESSION_USER; REVOKE ALL PRIVILEGES ON FUNCTION testagg5(int2) FROM "Public"; -REVOKE ALL PRIVILEGES ON FUNCTION testagg6(int2) FROM testrolx; +REVOKE ALL PRIVILEGES ON FUNCTION testagg6(int2) FROM regress_testrolx; REVOKE ALL PRIVILEGES ON FUNCTION testagg7(int2) FROM "public"; REVOKE ALL PRIVILEGES ON FUNCTION testagg8(int2) - FROM current_user, public, testrolx; + FROM current_user, public, regress_testrolx; SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; @@ -442,6 +442,6 @@ SELECT proname, proacl FROM pg_proc WHERE proname LIKE 'testagg_'; \c DROP SCHEMA test_schema; -DROP OWNED BY testrol0, "Public", "current_user", testrol1, testrol2, testrolx CASCADE; -DROP ROLE testrol0, testrol1, testrol2, testrolx; +DROP OWNED BY regress_testrol0, "Public", "current_user", regress_testrol1, regress_testrol2, regress_testrolx CASCADE; +DROP ROLE regress_testrol0, regress_testrol1, regress_testrol2, regress_testrolx; DROP ROLE "Public", "None", "current_user", "session_user", "user"; diff --git a/src/test/regress/sql/security_label.sql b/src/test/regress/sql/security_label.sql index 7f545896ef5..98e6a5f2113 100644 --- a/src/test/regress/sql/security_label.sql +++ b/src/test/regress/sql/security_label.sql @@ -5,15 +5,13 @@ -- initial setups SET client_min_messages TO 'warning'; -DROP ROLE IF EXISTS seclabel_user1; -DROP ROLE IF EXISTS seclabel_user2; +DROP ROLE IF EXISTS regress_seclabel_user1; +DROP ROLE IF EXISTS regress_seclabel_user2; -DROP TABLE IF EXISTS seclabel_tbl1; -DROP TABLE IF EXISTS seclabel_tbl2; -DROP TABLE IF EXISTS seclabel_tbl3; +RESET client_min_messages; -CREATE USER seclabel_user1 WITH CREATEROLE; -CREATE USER seclabel_user2; +CREATE USER regress_seclabel_user1 WITH CREATEROLE; +CREATE USER regress_seclabel_user2; CREATE TABLE seclabel_tbl1 (a int, b text); CREATE TABLE seclabel_tbl2 (x int, y text); @@ -21,10 +19,8 @@ CREATE VIEW seclabel_view1 AS SELECT * FROM seclabel_tbl2; CREATE FUNCTION seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql; CREATE DOMAIN seclabel_domain AS text; -ALTER TABLE seclabel_tbl1 OWNER TO seclabel_user1; -ALTER TABLE seclabel_tbl2 OWNER TO seclabel_user2; - -RESET client_min_messages; +ALTER TABLE seclabel_tbl1 OWNER TO regress_seclabel_user1; +ALTER TABLE seclabel_tbl2 OWNER TO regress_seclabel_user2; -- -- Test of SECURITY LABEL statement without a plugin @@ -34,10 +30,10 @@ SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'classified'; -- fail SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail SECURITY LABEL ON TABLE seclabel_tbl3 IS 'unclassified'; -- fail -SECURITY LABEL ON ROLE seclabel_user1 IS 'classified'; -- fail -SECURITY LABEL FOR 'dummy' ON ROLE seclabel_user1 IS 'classified'; -- fail -SECURITY LABEL ON ROLE seclabel_user1 IS '...invalid label...'; -- fail -SECURITY LABEL ON ROLE seclabel_user3 IS 'unclassified'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL FOR 'dummy' ON ROLE regress_seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user1 IS '...invalid label...'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user3 IS 'unclassified'; -- fail -- clean up objects DROP FUNCTION seclabel_four(); @@ -45,5 +41,5 @@ DROP DOMAIN seclabel_domain; DROP VIEW seclabel_view1; DROP TABLE seclabel_tbl1; DROP TABLE seclabel_tbl2; -DROP USER seclabel_user1; -DROP USER seclabel_user2; +DROP USER regress_seclabel_user1; +DROP USER regress_seclabel_user2; diff --git a/src/test/regress/sql/select_into.sql b/src/test/regress/sql/select_into.sql index 632077c4a4f..5cb7ce09226 100644 --- a/src/test/regress/sql/select_into.sql +++ b/src/test/regress/sql/select_into.sql @@ -20,12 +20,12 @@ DROP TABLE tmp1; -- SELECT INTO and INSERT permission, if owner is not allowed to insert. -- CREATE SCHEMA selinto_schema; -CREATE USER selinto_user; -ALTER DEFAULT PRIVILEGES FOR ROLE selinto_user - REVOKE INSERT ON TABLES FROM selinto_user; +CREATE USER regress_selinto_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user + REVOKE INSERT ON TABLES FROM regress_selinto_user; GRANT ALL ON SCHEMA selinto_schema TO public; -SET SESSION AUTHORIZATION selinto_user; +SET SESSION AUTHORIZATION regress_selinto_user; SELECT * INTO TABLE selinto_schema.tmp1 FROM pg_class WHERE relname like '%a%'; -- Error SELECT oid AS clsoid, relname, relnatts + 10 AS x @@ -36,10 +36,10 @@ CREATE TABLE selinto_schema.tmp3 (a,b,c) WHERE relname like '%c%'; -- Error RESET SESSION AUTHORIZATION; -ALTER DEFAULT PRIVILEGES FOR ROLE selinto_user - GRANT INSERT ON TABLES TO selinto_user; +ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user + GRANT INSERT ON TABLES TO regress_selinto_user; -SET SESSION AUTHORIZATION selinto_user; +SET SESSION AUTHORIZATION regress_selinto_user; SELECT * INTO TABLE selinto_schema.tmp1 FROM pg_class WHERE relname like '%a%'; -- OK SELECT oid AS clsoid, relname, relnatts + 10 AS x @@ -51,7 +51,7 @@ CREATE TABLE selinto_schema.tmp3 (a,b,c) RESET SESSION AUTHORIZATION; DROP SCHEMA selinto_schema CASCADE; -DROP USER selinto_user; +DROP USER regress_selinto_user; -- Tests for WITH NO DATA and column name consistency CREATE TABLE ctas_base (i int, j int); diff --git a/src/test/regress/sql/sequence.sql b/src/test/regress/sql/sequence.sql index 0dd653dc223..98a2e7db36d 100644 --- a/src/test/regress/sql/sequence.sql +++ b/src/test/regress/sql/sequence.sql @@ -166,88 +166,88 @@ DROP SEQUENCE seq2; -- should fail SELECT lastval(); -CREATE USER seq_user; +CREATE USER regress_seq_user; -- privileges tests -- nextval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT nextval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT nextval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT nextval('seq3'); ROLLBACK; -- currval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT currval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT currval('seq3'); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT currval('seq3'); ROLLBACK; -- lastval BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); -REVOKE ALL ON seq3 FROM seq_user; -GRANT SELECT ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT SELECT ON seq3 TO regress_seq_user; SELECT lastval(); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); -REVOKE ALL ON seq3 FROM seq_user; -GRANT UPDATE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT UPDATE ON seq3 TO regress_seq_user; SELECT lastval(); ROLLBACK; BEGIN; -SET LOCAL SESSION AUTHORIZATION seq_user; +SET LOCAL SESSION AUTHORIZATION regress_seq_user; CREATE SEQUENCE seq3; SELECT nextval('seq3'); -REVOKE ALL ON seq3 FROM seq_user; -GRANT USAGE ON seq3 TO seq_user; +REVOKE ALL ON seq3 FROM regress_seq_user; +GRANT USAGE ON seq3 TO regress_seq_user; SELECT lastval(); ROLLBACK; @@ -260,5 +260,5 @@ SELECT * FROM information_schema.sequences WHERE sequence_name IN 'serialtest2_f4_seq', 'serialtest2_f5_seq', 'serialtest2_f6_seq') ORDER BY sequence_name ASC; -DROP USER seq_user; +DROP USER regress_seq_user; DROP SEQUENCE seq; diff --git a/src/test/regress/sql/updatable_views.sql b/src/test/regress/sql/updatable_views.sql index e6674cd8678..03c3f9d35eb 100644 --- a/src/test/regress/sql/updatable_views.sql +++ b/src/test/regress/sql/updatable_views.sql @@ -391,22 +391,22 @@ DROP TABLE base_tbl CASCADE; -- permissions checks -CREATE USER view_user1; -CREATE USER view_user2; +CREATE USER regress_view_user1; +CREATE USER regress_view_user2; -SET SESSION AUTHORIZATION view_user1; +SET SESSION AUTHORIZATION regress_view_user1; CREATE TABLE base_tbl(a int, b text, c float); INSERT INTO base_tbl VALUES (1, 'Row 1', 1.0); CREATE VIEW rw_view1 AS SELECT b AS bb, c AS cc, a AS aa FROM base_tbl; INSERT INTO rw_view1 VALUES ('Row 2', 2.0, 2); -GRANT SELECT ON base_tbl TO view_user2; -GRANT SELECT ON rw_view1 TO view_user2; -GRANT UPDATE (a,c) ON base_tbl TO view_user2; -GRANT UPDATE (bb,cc) ON rw_view1 TO view_user2; +GRANT SELECT ON base_tbl TO regress_view_user2; +GRANT SELECT ON rw_view1 TO regress_view_user2; +GRANT UPDATE (a,c) ON base_tbl TO regress_view_user2; +GRANT UPDATE (bb,cc) ON rw_view1 TO regress_view_user2; RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user2; +SET SESSION AUTHORIZATION regress_view_user2; CREATE VIEW rw_view2 AS SELECT b AS bb, c AS cc, a AS aa FROM base_tbl; SELECT * FROM base_tbl; -- ok SELECT * FROM rw_view1; -- ok @@ -428,11 +428,11 @@ DELETE FROM rw_view1; -- not allowed DELETE FROM rw_view2; -- not allowed RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user1; -GRANT INSERT, DELETE ON base_tbl TO view_user2; +SET SESSION AUTHORIZATION regress_view_user1; +GRANT INSERT, DELETE ON base_tbl TO regress_view_user2; RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user2; +SET SESSION AUTHORIZATION regress_view_user2; INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- ok INSERT INTO rw_view1 VALUES ('Row 4', 4.0, 4); -- not allowed INSERT INTO rw_view2 VALUES ('Row 4', 4.0, 4); -- ok @@ -442,12 +442,12 @@ DELETE FROM rw_view2 WHERE aa=2; -- ok SELECT * FROM base_tbl; RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user1; -REVOKE INSERT, DELETE ON base_tbl FROM view_user2; -GRANT INSERT, DELETE ON rw_view1 TO view_user2; +SET SESSION AUTHORIZATION regress_view_user1; +REVOKE INSERT, DELETE ON base_tbl FROM regress_view_user2; +GRANT INSERT, DELETE ON rw_view1 TO regress_view_user2; RESET SESSION AUTHORIZATION; -SET SESSION AUTHORIZATION view_user2; +SET SESSION AUTHORIZATION regress_view_user2; INSERT INTO base_tbl VALUES (5, 'Row 5', 5.0); -- not allowed INSERT INTO rw_view1 VALUES ('Row 5', 5.0, 5); -- ok INSERT INTO rw_view2 VALUES ('Row 6', 6.0, 6); -- not allowed @@ -459,8 +459,8 @@ RESET SESSION AUTHORIZATION; DROP TABLE base_tbl CASCADE; -DROP USER view_user1; -DROP USER view_user2; +DROP USER regress_view_user1; +DROP USER regress_view_user2; -- column defaults |