From 11b30c8f5984113ff78ffcf8ec5f87a4a970a13d Mon Sep 17 00:00:00 2001 From: Gonzalo Riestra Date: Fri, 25 Oct 2019 11:34:59 +0200 Subject: [PATCH 01/10] fix oauth reassign ownership for functions --- scripts-available/CDB_OAuth.sql | 9 +++++++-- test/CDB_OAuth.sql | 16 ++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/scripts-available/CDB_OAuth.sql b/scripts-available/CDB_OAuth.sql index ee0a617..2d28587 100644 --- a/scripts-available/CDB_OAuth.sql +++ b/scripts-available/CDB_OAuth.sql @@ -15,13 +15,18 @@ BEGIN obj.object_type, obj.schema_name, obj.object_identity; - SELECT rolname FROM pg_class JOIN pg_roles ON relowner = pg_roles.oid WHERE pg_class.oid = obj.objid INTO creator_role; + IF obj.object_type = 'function' THEN + SELECT rolname FROM pg_proc JOIN pg_roles ON proowner = pg_roles.oid WHERE pg_proc.oid = obj.objid INTO creator_role; + ELSE + SELECT rolname FROM pg_class JOIN pg_roles ON relowner = pg_roles.oid WHERE pg_class.oid = obj.objid INTO creator_role; + END IF; SELECT value->>'ownership_role_name' from @extschema@.CDB_Conf_GetConf('api_keys_' || quote_ident(creator_role)) value INTO owner_role; IF owner_role IS NULL OR owner_role = '' THEN + RAISE DEBUG 'owner_role not found'; CONTINUE; ELSE EXECUTE 'ALTER ' || obj.object_type || ' ' || obj.object_identity || ' OWNER TO ' || quote_ident(owner_role); - EXECUTE 'GRANT ALL ON ' || obj.object_identity || ' TO ' || QUOTE_IDENT(creator_role); + EXECUTE 'GRANT ALL ON ' || obj.object_type || ' ' || obj.object_identity || ' TO ' || QUOTE_IDENT(creator_role); RAISE DEBUG 'Changing ownership from % to %', creator_role, owner_role; END IF; END LOOP; diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index 3a32b3b..198450d 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -36,12 +36,14 @@ CREATE TABLE test_tablesas AS SELECT * FROM test; CREATE VIEW test_view AS SELECT * FROM test; CREATE MATERIALIZED VIEW test_mview AS SELECT * FROM test; SELECT * INTO test_selectinto FROM test; +CREATE FUNCTION test_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test; SELECT * FROM test_tablesas; SELECT * FROM test_view; SELECT * FROM test_mview; SELECT * FROM test_selectinto; +SELECT test_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -52,6 +54,7 @@ SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$ SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$); SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$); SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$); +SELECT test_function(); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -62,6 +65,7 @@ DROP VIEW test_view; DROP MATERIALIZED VIEW test_mview; DROP TABLE test_selectinto; DROP TABLE test; +DROP FUNCTION test_function; -- Second part with event trigger but without ownership_role_name in cdb_conf @@ -77,12 +81,14 @@ CREATE TABLE test2_tablesas AS SELECT * FROM test2; CREATE VIEW test2_view AS SELECT * FROM test2; CREATE MATERIALIZED VIEW test2_mview AS SELECT * FROM test2; SELECT * INTO test2_selectinto FROM test2; +CREATE FUNCTION test2_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test2; SELECT * FROM test2_tablesas; SELECT * FROM test2_view; SELECT * FROM test2_mview; SELECT * FROM test2_selectinto; +SELECT test2_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -93,6 +99,7 @@ SELECT 'denied_tableas2', catch_permission_error($$SELECT * FROM test2_tablesas; SELECT 'denied_view2', catch_permission_error($$SELECT * FROM test2_view;$$); SELECT 'denied_mview2', catch_permission_error($$SELECT * FROM test2_mview;$$); SELECT 'denied_selectinto2', catch_permission_error($$SELECT * FROM test2_selectinto;$$); +SELECT test2_function(); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -103,6 +110,7 @@ DROP VIEW test2_view; DROP MATERIALIZED VIEW test2_mview; DROP TABLE test2_selectinto; DROP TABLE test2; +DROP FUNCTION test2_function; -- Third part with event trigger but with empty ownership_role_name in cdb_conf @@ -118,12 +126,14 @@ CREATE TABLE test3_tablesas AS SELECT * FROM test3; CREATE VIEW test3_view AS SELECT * FROM test3; CREATE MATERIALIZED VIEW test3_mview AS SELECT * FROM test3; SELECT * INTO test3_selectinto FROM test3; +CREATE FUNCTION test3_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test3; SELECT * FROM test3_tablesas; SELECT * FROM test3_view; SELECT * FROM test3_mview; SELECT * FROM test3_selectinto; +SELECT test_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -134,6 +144,7 @@ SELECT 'denied_tableas3', catch_permission_error($$SELECT * FROM test3_tablesas; SELECT 'denied_view3', catch_permission_error($$SELECT * FROM test3_view;$$); SELECT 'denied_mview3', catch_permission_error($$SELECT * FROM test3_mview;$$); SELECT 'denied_selectinto3', catch_permission_error($$SELECT * FROM test3_selectinto;$$); +SELECT test_function(); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -144,6 +155,7 @@ DROP VIEW test3_view; DROP MATERIALIZED VIEW test3_mview; DROP TABLE test3_selectinto; DROP TABLE test3; +DROP FUNCTION test3_function; -- Fourth part with the event trigger active and configured @@ -159,12 +171,14 @@ CREATE TABLE test4_tablesas AS SELECT * FROM test4; CREATE VIEW test4_view AS SELECT * FROM test4; CREATE MATERIALIZED VIEW test4_mview AS SELECT * FROM test4; SELECT * INTO test4_selectinto FROM test4; +CREATE FUNCTION test4_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test4; SELECT * FROM test4_tablesas; SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; +SELECT test4_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -175,6 +189,7 @@ SELECT * FROM test4_tablesas; SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; +SELECT test4_function(); -- Ownership role drops the tables DROP TABLE test4_tablesas; @@ -182,6 +197,7 @@ DROP VIEW test4_view; DROP MATERIALIZED VIEW test4_mview; DROP TABLE test4_selectinto; DROP TABLE test4; +DROP FUNCTION test4_function; -- Cleanup \set QUIET on From a8966270bdf453f222e384e713f6d194a81a5b70 Mon Sep 17 00:00:00 2001 From: Gonzalo Riestra Date: Fri, 25 Oct 2019 11:50:03 +0200 Subject: [PATCH 02/10] add test expect --- test/CDB_OAuth.sql | 16 ++++++++-------- test/CDB_OAuth_expect | 16 ++++++++++++++++ 2 files changed, 24 insertions(+), 8 deletions(-) diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index 198450d..56a42fa 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -36,7 +36,7 @@ CREATE TABLE test_tablesas AS SELECT * FROM test; CREATE VIEW test_view AS SELECT * FROM test; CREATE MATERIALIZED VIEW test_mview AS SELECT * FROM test; SELECT * INTO test_selectinto FROM test; -CREATE FUNCTION test_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; +CREATE FUNCTION test_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test; SELECT * FROM test_tablesas; @@ -54,7 +54,7 @@ SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$ SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$); SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$); SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$); -SELECT test_function(); +SELECT 'denied_function', catch_permission_error($$SELECT test_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -81,7 +81,7 @@ CREATE TABLE test2_tablesas AS SELECT * FROM test2; CREATE VIEW test2_view AS SELECT * FROM test2; CREATE MATERIALIZED VIEW test2_mview AS SELECT * FROM test2; SELECT * INTO test2_selectinto FROM test2; -CREATE FUNCTION test2_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; +CREATE FUNCTION test2_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test2; SELECT * FROM test2_tablesas; @@ -99,7 +99,7 @@ SELECT 'denied_tableas2', catch_permission_error($$SELECT * FROM test2_tablesas; SELECT 'denied_view2', catch_permission_error($$SELECT * FROM test2_view;$$); SELECT 'denied_mview2', catch_permission_error($$SELECT * FROM test2_mview;$$); SELECT 'denied_selectinto2', catch_permission_error($$SELECT * FROM test2_selectinto;$$); -SELECT test2_function(); +SELECT 'denied_function2', catch_permission_error($$SELECT test2_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -126,14 +126,14 @@ CREATE TABLE test3_tablesas AS SELECT * FROM test3; CREATE VIEW test3_view AS SELECT * FROM test3; CREATE MATERIALIZED VIEW test3_mview AS SELECT * FROM test3; SELECT * INTO test3_selectinto FROM test3; -CREATE FUNCTION test3_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; +CREATE FUNCTION test3_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test3; SELECT * FROM test3_tablesas; SELECT * FROM test3_view; SELECT * FROM test3_mview; SELECT * FROM test3_selectinto; -SELECT test_function(); +SELECT test3_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -144,7 +144,7 @@ SELECT 'denied_tableas3', catch_permission_error($$SELECT * FROM test3_tablesas; SELECT 'denied_view3', catch_permission_error($$SELECT * FROM test3_view;$$); SELECT 'denied_mview3', catch_permission_error($$SELECT * FROM test3_mview;$$); SELECT 'denied_selectinto3', catch_permission_error($$SELECT * FROM test3_selectinto;$$); -SELECT test_function(); +SELECT 'denied_function3', catch_permission_error($$SELECT test3_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -171,7 +171,7 @@ CREATE TABLE test4_tablesas AS SELECT * FROM test4; CREATE VIEW test4_view AS SELECT * FROM test4; CREATE MATERIALIZED VIEW test4_mview AS SELECT * FROM test4; SELECT * INTO test4_selectinto FROM test4; -CREATE FUNCTION test4_function() RETURNS text AS $$ BEGIN RETURN 'test'; END; $$ LANGUAGE PLPGSQL; +CREATE FUNCTION test4_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SELECT * FROM test4; SELECT * FROM test4_tablesas; diff --git a/test/CDB_OAuth_expect b/test/CDB_OAuth_expect index 1a334c0..96e682d 100644 --- a/test/CDB_OAuth_expect +++ b/test/CDB_OAuth_expect @@ -5,6 +5,8 @@ SELECT 1 CREATE VIEW SELECT 1 SELECT 1 +CREATE FUNCTION +1 1 1 1 @@ -15,11 +17,13 @@ denied_tableas|t denied_view|t denied_mview|t denied_selectinto|t +denied_function|t DROP TABLE DROP VIEW DROP MATERIALIZED VIEW DROP TABLE DROP TABLE +DROP FUNCTION NOTICE: event trigger "oauth_reassign_tables_trigger" does not exist, skipping CREATE TABLE @@ -28,6 +32,8 @@ SELECT 1 CREATE VIEW SELECT 1 SELECT 1 +CREATE FUNCTION +1 1 1 1 @@ -38,11 +44,13 @@ denied_tableas2|t denied_view2|t denied_mview2|t denied_selectinto2|t +denied_function2|t DROP TABLE DROP VIEW DROP MATERIALIZED VIEW DROP TABLE DROP TABLE +DROP FUNCTION CREATE TABLE INSERT 0 1 @@ -50,6 +58,8 @@ SELECT 1 CREATE VIEW SELECT 1 SELECT 1 +CREATE FUNCTION +1 1 1 1 @@ -60,11 +70,13 @@ denied_tableas3|t denied_view3|t denied_mview3|t denied_selectinto3|t +denied_function3|t DROP TABLE DROP VIEW DROP MATERIALIZED VIEW DROP TABLE DROP TABLE +DROP FUNCTION CREATE TABLE INSERT 0 1 @@ -72,6 +84,9 @@ SELECT 1 CREATE VIEW SELECT 1 SELECT 1 +CREATE FUNCTION +1 +1 1 1 1 @@ -87,4 +102,5 @@ DROP VIEW DROP MATERIALIZED VIEW DROP TABLE DROP TABLE +DROP FUNCTION From 2ce4d8ee142f028f74d85c944a9ce6cff6309dd9 Mon Sep 17 00:00:00 2001 From: Gonzalo Riestra Date: Fri, 25 Oct 2019 12:02:08 +0200 Subject: [PATCH 03/10] fix grant query --- scripts-available/CDB_OAuth.sql | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts-available/CDB_OAuth.sql b/scripts-available/CDB_OAuth.sql index 2d28587..3928235 100644 --- a/scripts-available/CDB_OAuth.sql +++ b/scripts-available/CDB_OAuth.sql @@ -26,7 +26,11 @@ BEGIN CONTINUE; ELSE EXECUTE 'ALTER ' || obj.object_type || ' ' || obj.object_identity || ' OWNER TO ' || quote_ident(owner_role); - EXECUTE 'GRANT ALL ON ' || obj.object_type || ' ' || obj.object_identity || ' TO ' || QUOTE_IDENT(creator_role); + IF obj.object_type = 'function' THEN + EXECUTE 'GRANT ALL ON FUNCTION ' || obj.object_identity || ' TO ' || QUOTE_IDENT(creator_role); + ELSE + EXECUTE 'GRANT ALL ON ' || obj.object_identity || ' TO ' || QUOTE_IDENT(creator_role); + END IF; RAISE DEBUG 'Changing ownership from % to %', creator_role, owner_role; END IF; END LOOP; From 036127af9c03fa16f73dce1f11fcb9b050e884ad Mon Sep 17 00:00:00 2001 From: Gonzalo Riestra Date: Fri, 25 Oct 2019 12:26:21 +0200 Subject: [PATCH 04/10] add schema to function calls --- test/CDB_OAuth.sql | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index 56a42fa..56f7c22 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -43,7 +43,7 @@ SELECT * FROM test_tablesas; SELECT * FROM test_view; SELECT * FROM test_mview; SELECT * FROM test_selectinto; -SELECT test_function(); +SELECT public.test_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -54,7 +54,7 @@ SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$ SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$); SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$); SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$); -SELECT 'denied_function', catch_permission_error($$SELECT test_function();$$); +SELECT 'denied_function', catch_permission_error($$SELECT public.test_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -88,7 +88,7 @@ SELECT * FROM test2_tablesas; SELECT * FROM test2_view; SELECT * FROM test2_mview; SELECT * FROM test2_selectinto; -SELECT test2_function(); +SELECT public.test2_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -99,7 +99,7 @@ SELECT 'denied_tableas2', catch_permission_error($$SELECT * FROM test2_tablesas; SELECT 'denied_view2', catch_permission_error($$SELECT * FROM test2_view;$$); SELECT 'denied_mview2', catch_permission_error($$SELECT * FROM test2_mview;$$); SELECT 'denied_selectinto2', catch_permission_error($$SELECT * FROM test2_selectinto;$$); -SELECT 'denied_function2', catch_permission_error($$SELECT test2_function();$$); +SELECT 'denied_function2', catch_permission_error($$SELECT public.test2_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -133,7 +133,7 @@ SELECT * FROM test3_tablesas; SELECT * FROM test3_view; SELECT * FROM test3_mview; SELECT * FROM test3_selectinto; -SELECT test3_function(); +SELECT public.test3_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -144,7 +144,7 @@ SELECT 'denied_tableas3', catch_permission_error($$SELECT * FROM test3_tablesas; SELECT 'denied_view3', catch_permission_error($$SELECT * FROM test3_view;$$); SELECT 'denied_mview3', catch_permission_error($$SELECT * FROM test3_mview;$$); SELECT 'denied_selectinto3', catch_permission_error($$SELECT * FROM test3_selectinto;$$); -SELECT 'denied_function3', catch_permission_error($$SELECT test3_function();$$); +SELECT 'denied_function3', catch_permission_error($$SELECT public.test3_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -178,7 +178,7 @@ SELECT * FROM test4_tablesas; SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; -SELECT test4_function(); +SELECT public.test4_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -189,7 +189,7 @@ SELECT * FROM test4_tablesas; SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; -SELECT test4_function(); +SELECT public.test4_function(); -- Ownership role drops the tables DROP TABLE test4_tablesas; From f2e8d029ebd1635b6d96913aad1242c6ea99ba41 Mon Sep 17 00:00:00 2001 From: Gonzalo Riestra Date: Fri, 25 Oct 2019 12:39:30 +0200 Subject: [PATCH 05/10] check error message --- test/CDB_OAuth.sql | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index 56f7c22..8353696 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -54,6 +54,8 @@ SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$ SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$); SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$); SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$); +SELECT test_function(); +SELECT public.test_function(); SELECT 'denied_function', catch_permission_error($$SELECT public.test_function();$$); \set QUIET on From e63f5040d98d2710ccc0bec9b7dbe980a0a63ad8 Mon Sep 17 00:00:00 2001 From: Esther Lozano Date: Wed, 6 Nov 2019 17:51:00 +0100 Subject: [PATCH 06/10] Use privileged action on functions for tests --- test/CDB_OAuth.sql | 21 +++++++++++---------- test/CDB_OAuth_expect | 10 +++++----- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index 8353696..bca61d7 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -43,7 +43,7 @@ SELECT * FROM test_tablesas; SELECT * FROM test_view; SELECT * FROM test_mview; SELECT * FROM test_selectinto; -SELECT public.test_function(); +DROP FUNCTION test_function; \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -54,9 +54,7 @@ SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$ SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$); SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$); SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$); -SELECT test_function(); -SELECT public.test_function(); -SELECT 'denied_function', catch_permission_error($$SELECT public.test_function();$$); +SELECT 'denied_function', catch_permission_error($$DROP FUNCTION test_function;$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -90,9 +88,10 @@ SELECT * FROM test2_tablesas; SELECT * FROM test2_view; SELECT * FROM test2_mview; SELECT * FROM test2_selectinto; -SELECT public.test2_function(); +DROP FUNCTION test2_function; \set QUIET on +CREATE FUNCTION test2_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -101,7 +100,7 @@ SELECT 'denied_tableas2', catch_permission_error($$SELECT * FROM test2_tablesas; SELECT 'denied_view2', catch_permission_error($$SELECT * FROM test2_view;$$); SELECT 'denied_mview2', catch_permission_error($$SELECT * FROM test2_mview;$$); SELECT 'denied_selectinto2', catch_permission_error($$SELECT * FROM test2_selectinto;$$); -SELECT 'denied_function2', catch_permission_error($$SELECT public.test2_function();$$); +SELECT 'denied_function2', catch_permission_error($$DROP FUNCTION public.test2_function;$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -135,9 +134,10 @@ SELECT * FROM test3_tablesas; SELECT * FROM test3_view; SELECT * FROM test3_mview; SELECT * FROM test3_selectinto; -SELECT public.test3_function(); +DROP FUNCTION test3_function; \set QUIET on +CREATE FUNCTION test3_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -146,7 +146,7 @@ SELECT 'denied_tableas3', catch_permission_error($$SELECT * FROM test3_tablesas; SELECT 'denied_view3', catch_permission_error($$SELECT * FROM test3_view;$$); SELECT 'denied_mview3', catch_permission_error($$SELECT * FROM test3_mview;$$); SELECT 'denied_selectinto3', catch_permission_error($$SELECT * FROM test3_selectinto;$$); -SELECT 'denied_function3', catch_permission_error($$SELECT public.test3_function();$$); +SELECT 'denied_function3', catch_permission_error($$DROP FUNCTION public.test3_function;$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -180,9 +180,10 @@ SELECT * FROM test4_tablesas; SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; -SELECT public.test4_function(); +DROP FUNCTION test4_function; \set QUIET on +CREATE FUNCTION test4_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -191,7 +192,7 @@ SELECT * FROM test4_tablesas; SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; -SELECT public.test4_function(); +SELECT test4_function(); -- Ownership role drops the tables DROP TABLE test4_tablesas; diff --git a/test/CDB_OAuth_expect b/test/CDB_OAuth_expect index 96e682d..eb41d0a 100644 --- a/test/CDB_OAuth_expect +++ b/test/CDB_OAuth_expect @@ -11,7 +11,7 @@ CREATE FUNCTION 1 1 1 -1 +DROP FUNCTION denied_table|t denied_tableas|t denied_view|t @@ -38,7 +38,7 @@ CREATE FUNCTION 1 1 1 -1 +DROP FUNCTION denied_table2|t denied_tableas2|t denied_view2|t @@ -64,7 +64,7 @@ CREATE FUNCTION 1 1 1 -1 +DROP FUNCTION denied_table3|t denied_tableas3|t denied_view3|t @@ -90,13 +90,13 @@ CREATE FUNCTION 1 1 1 +DROP FUNCTION 1 1 1 1 1 -1 -1 +DROP FUNCTION DROP TABLE DROP VIEW DROP MATERIALIZED VIEW From 09076924c07c4b4516a4f344b746060687e80b93 Mon Sep 17 00:00:00 2001 From: Esther Lozano Date: Wed, 6 Nov 2019 21:12:44 +0100 Subject: [PATCH 07/10] Functions are selectable by all roles but not dropable --- test/CDB_OAuth.sql | 27 ++++++++++++--------------- test/CDB_OAuth_expect | 16 ++++++++-------- 2 files changed, 20 insertions(+), 23 deletions(-) diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index bca61d7..9b5c45d 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -4,7 +4,7 @@ SET client_min_messages TO error; -- The permission error changed between pre PG11 and post 11 (before everythin "relation", now it's "view", "table" and so on CREATE OR REPLACE FUNCTION catch_permission_error(query text) -RETURNS bool + RETURNS bool AS $$ BEGIN EXECUTE query; @@ -43,7 +43,7 @@ SELECT * FROM test_tablesas; SELECT * FROM test_view; SELECT * FROM test_mview; SELECT * FROM test_selectinto; -DROP FUNCTION test_function; +SELECT test_function(); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; @@ -54,7 +54,7 @@ SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$ SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$); SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$); SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$); -SELECT 'denied_function', catch_permission_error($$DROP FUNCTION test_function;$$); +SELECT 'denied_function', catch_permission_error($$SELECT test_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -65,7 +65,7 @@ DROP VIEW test_view; DROP MATERIALIZED VIEW test_mview; DROP TABLE test_selectinto; DROP TABLE test; -DROP FUNCTION test_function; +DROP FUNCTION test_function(); -- Second part with event trigger but without ownership_role_name in cdb_conf @@ -88,10 +88,9 @@ SELECT * FROM test2_tablesas; SELECT * FROM test2_view; SELECT * FROM test2_mview; SELECT * FROM test2_selectinto; -DROP FUNCTION test2_function; +SELECT test2_function(); \set QUIET on -CREATE FUNCTION test2_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -100,7 +99,7 @@ SELECT 'denied_tableas2', catch_permission_error($$SELECT * FROM test2_tablesas; SELECT 'denied_view2', catch_permission_error($$SELECT * FROM test2_view;$$); SELECT 'denied_mview2', catch_permission_error($$SELECT * FROM test2_mview;$$); SELECT 'denied_selectinto2', catch_permission_error($$SELECT * FROM test2_selectinto;$$); -SELECT 'denied_function2', catch_permission_error($$DROP FUNCTION public.test2_function;$$); +SELECT 'denied_function2', catch_permission_error($$SELECT test2_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -111,7 +110,7 @@ DROP VIEW test2_view; DROP MATERIALIZED VIEW test2_mview; DROP TABLE test2_selectinto; DROP TABLE test2; -DROP FUNCTION test2_function; +DROP FUNCTION test2_function(); -- Third part with event trigger but with empty ownership_role_name in cdb_conf @@ -134,10 +133,9 @@ SELECT * FROM test3_tablesas; SELECT * FROM test3_view; SELECT * FROM test3_mview; SELECT * FROM test3_selectinto; -DROP FUNCTION test3_function; +SELECT test3_function(); \set QUIET on -CREATE FUNCTION test3_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -146,7 +144,7 @@ SELECT 'denied_tableas3', catch_permission_error($$SELECT * FROM test3_tablesas; SELECT 'denied_view3', catch_permission_error($$SELECT * FROM test3_view;$$); SELECT 'denied_mview3', catch_permission_error($$SELECT * FROM test3_mview;$$); SELECT 'denied_selectinto3', catch_permission_error($$SELECT * FROM test3_selectinto;$$); -SELECT 'denied_function3', catch_permission_error($$DROP FUNCTION public.test3_function;$$); +SELECT 'denied_function3', catch_permission_error($$SELECT test3_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -157,7 +155,7 @@ DROP VIEW test3_view; DROP MATERIALIZED VIEW test3_mview; DROP TABLE test3_selectinto; DROP TABLE test3; -DROP FUNCTION test3_function; +DROP FUNCTION test3_function(); -- Fourth part with the event trigger active and configured @@ -180,10 +178,9 @@ SELECT * FROM test4_tablesas; SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; -DROP FUNCTION test4_function; +SELECT test4_function(); \set QUIET on -CREATE FUNCTION test4_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -200,7 +197,7 @@ DROP VIEW test4_view; DROP MATERIALIZED VIEW test4_mview; DROP TABLE test4_selectinto; DROP TABLE test4; -DROP FUNCTION test4_function; +DROP FUNCTION test4_function(); -- Cleanup \set QUIET on diff --git a/test/CDB_OAuth_expect b/test/CDB_OAuth_expect index eb41d0a..9229f74 100644 --- a/test/CDB_OAuth_expect +++ b/test/CDB_OAuth_expect @@ -11,13 +11,13 @@ CREATE FUNCTION 1 1 1 -DROP FUNCTION +1 denied_table|t denied_tableas|t denied_view|t denied_mview|t denied_selectinto|t -denied_function|t +denied_function|f DROP TABLE DROP VIEW DROP MATERIALIZED VIEW @@ -38,13 +38,13 @@ CREATE FUNCTION 1 1 1 -DROP FUNCTION +1 denied_table2|t denied_tableas2|t denied_view2|t denied_mview2|t denied_selectinto2|t -denied_function2|t +denied_function2|f DROP TABLE DROP VIEW DROP MATERIALIZED VIEW @@ -64,13 +64,13 @@ CREATE FUNCTION 1 1 1 -DROP FUNCTION +1 denied_table3|t denied_tableas3|t denied_view3|t denied_mview3|t denied_selectinto3|t -denied_function3|t +denied_function3|f DROP TABLE DROP VIEW DROP MATERIALIZED VIEW @@ -90,13 +90,13 @@ CREATE FUNCTION 1 1 1 -DROP FUNCTION 1 1 1 1 1 -DROP FUNCTION +1 +1 DROP TABLE DROP VIEW DROP MATERIALIZED VIEW From f06b8996050db8d0fb7c35a0df84cc3539208268 Mon Sep 17 00:00:00 2001 From: Esther Lozano Date: Thu, 7 Nov 2019 11:14:26 +0100 Subject: [PATCH 08/10] Add drop permission test for functions --- test/CDB_OAuth.sql | 16 +++++++++++++--- test/CDB_OAuth_expect | 13 ++++++++++--- 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index 9b5c45d..06f4370 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -44,8 +44,10 @@ SELECT * FROM test_view; SELECT * FROM test_mview; SELECT * FROM test_selectinto; SELECT test_function(); +DROP FUNCTION test_function(); \set QUIET on +CREATE FUNCTION test_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -54,7 +56,8 @@ SELECT 'denied_tableas', catch_permission_error($$SELECT * FROM test_tablesas;$$ SELECT 'denied_view', catch_permission_error($$SELECT * FROM test_view;$$); SELECT 'denied_mview', catch_permission_error($$SELECT * FROM test_mview;$$); SELECT 'denied_selectinto', catch_permission_error($$SELECT * FROM test_selectinto;$$); -SELECT 'denied_function', catch_permission_error($$SELECT test_function();$$); +SELECT test_function(); +SELECT 'denied_function', catch_permission_error($$DROP FUNCTION test_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -89,8 +92,10 @@ SELECT * FROM test2_view; SELECT * FROM test2_mview; SELECT * FROM test2_selectinto; SELECT test2_function(); +DROP FUNCTION test2_function(); \set QUIET on +CREATE FUNCTION test2_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -99,7 +104,8 @@ SELECT 'denied_tableas2', catch_permission_error($$SELECT * FROM test2_tablesas; SELECT 'denied_view2', catch_permission_error($$SELECT * FROM test2_view;$$); SELECT 'denied_mview2', catch_permission_error($$SELECT * FROM test2_mview;$$); SELECT 'denied_selectinto2', catch_permission_error($$SELECT * FROM test2_selectinto;$$); -SELECT 'denied_function2', catch_permission_error($$SELECT test2_function();$$); +SELECT test2_function(); +SELECT 'denied_function2', catch_permission_error($$DROP FUNCTION test2_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -134,8 +140,10 @@ SELECT * FROM test3_view; SELECT * FROM test3_mview; SELECT * FROM test3_selectinto; SELECT test3_function(); +DROP FUNCTION test3_function(); \set QUIET on +CREATE FUNCTION test3_function() RETURNS integer AS $$ BEGIN RETURN 1; END; $$ LANGUAGE PLPGSQL; SET SESSION AUTHORIZATION "ownership_role"; \set QUIET off @@ -144,7 +152,8 @@ SELECT 'denied_tableas3', catch_permission_error($$SELECT * FROM test3_tablesas; SELECT 'denied_view3', catch_permission_error($$SELECT * FROM test3_view;$$); SELECT 'denied_mview3', catch_permission_error($$SELECT * FROM test3_mview;$$); SELECT 'denied_selectinto3', catch_permission_error($$SELECT * FROM test3_selectinto;$$); -SELECT 'denied_function3', catch_permission_error($$SELECT test3_function();$$); +SELECT test3_function(); +SELECT 'denied_function3', catch_permission_error($$DROP FUNCTION test3_function();$$); \set QUIET on SET SESSION AUTHORIZATION "creator_role"; @@ -179,6 +188,7 @@ SELECT * FROM test4_view; SELECT * FROM test4_mview; SELECT * FROM test4_selectinto; SELECT test4_function(); +SELECT 'denied_function4', catch_permission_error($$DROP FUNCTION test4_function();$$); \set QUIET on SET SESSION AUTHORIZATION "ownership_role"; diff --git a/test/CDB_OAuth_expect b/test/CDB_OAuth_expect index 9229f74..a9f9ef7 100644 --- a/test/CDB_OAuth_expect +++ b/test/CDB_OAuth_expect @@ -12,12 +12,14 @@ CREATE FUNCTION 1 1 1 +DROP FUNCTION denied_table|t denied_tableas|t denied_view|t denied_mview|t denied_selectinto|t -denied_function|f +1 +denied_function|t DROP TABLE DROP VIEW DROP MATERIALIZED VIEW @@ -39,12 +41,14 @@ CREATE FUNCTION 1 1 1 +DROP FUNCTION denied_table2|t denied_tableas2|t denied_view2|t denied_mview2|t denied_selectinto2|t -denied_function2|f +1 +denied_function2|t DROP TABLE DROP VIEW DROP MATERIALIZED VIEW @@ -65,12 +69,14 @@ CREATE FUNCTION 1 1 1 +DROP FUNCTION denied_table3|t denied_tableas3|t denied_view3|t denied_mview3|t denied_selectinto3|t -denied_function3|f +1 +denied_function3|t DROP TABLE DROP VIEW DROP MATERIALIZED VIEW @@ -91,6 +97,7 @@ CREATE FUNCTION 1 1 1 +denied_function4|t 1 1 1 From 8a4a59b3406728aba6d1d543613f2c4676ac3e3c Mon Sep 17 00:00:00 2001 From: Esther Lozano Date: Thu, 7 Nov 2019 15:03:46 +0100 Subject: [PATCH 09/10] Document default privileges on functions --- test/CDB_OAuth.sql | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/CDB_OAuth.sql b/test/CDB_OAuth.sql index 06f4370..7b46966 100644 --- a/test/CDB_OAuth.sql +++ b/test/CDB_OAuth.sql @@ -2,7 +2,7 @@ \set QUIET on SET client_min_messages TO error; --- The permission error changed between pre PG11 and post 11 (before everythin "relation", now it's "view", "table" and so on +-- The permission error changed between pre PG11 and post 11 (before everything was "relation", now it's "view", "table" and so on CREATE OR REPLACE FUNCTION catch_permission_error(query text) RETURNS bool AS $$ @@ -44,6 +44,8 @@ SELECT * FROM test_view; SELECT * FROM test_mview; SELECT * FROM test_selectinto; SELECT test_function(); +-- Postgres grants default execute privilege on functions to PUBLIC. So in order to check the different permissions +-- between creator and owner roles is not enough with performing a selection, we need to DROP the table (which only the owner can do) DROP FUNCTION test_function(); \set QUIET on From b1830e49af124dac8903cacad7eee3fc877b8ecf Mon Sep 17 00:00:00 2001 From: Esther Lozano Date: Fri, 8 Nov 2019 13:09:45 +0100 Subject: [PATCH 10/10] Increase version number to 0.32.0 --- Makefile | 3 ++- NEWS.md | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 99682e4..24da332 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ # cartodb/Makefile EXTENSION = cartodb -EXTVERSION = 0.31.0 +EXTVERSION = 0.32.0 SED = sed AWK = awk @@ -104,6 +104,7 @@ UPGRADABLE = \ 0.29.0 \ 0.30.0 \ 0.31.0 \ + 0.32.0 \ $(EXTVERSION)dev \ $(EXTVERSION)next \ $(END) diff --git a/NEWS.md b/NEWS.md index a7c33bb..e006327 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,4 +1,5 @@ -0.32.0 (XXXX-XX-XX) +0.32.0 (2019-11-08) +* Fix oAuth ownership re-assignation for functions * Some fixes for PG12. * Make PG12 depend on plpython3u instead of plpythonu * CDB_UserDataSize is now compatible with postgis 3 without postgis_raster.