Adds test for non-authorized writes to cdb_tablemetadata through CDB_TableMetadataTouch

2015-02-19 14:02:27 +01:00
parent 27aec0d4b4
commit f16f53ceab
1 changed files with 12 additions and 0 deletions
--- a/test/extension/test.sh
+++ b/test/extension/test.sh
@@ -310,6 +310,18 @@ function test_cdb_tablemetadatatouch_fails_for_unexistent_table() {
    sql postgres "SELECT CDB_TableMetadataTouch('unexistent_example');" fails
 }

+function test_cdb_tablemetadatatouch_fails_from_user_without_permission() {
+    sql "CREATE TABLE touch_example (a int);"
+    sql postgres "SELECT CDB_TableMetadataTouch('touch_example');"
+
+    sql cdb_testmember_1 "SELECT CDB_TableMetadataTouch('touch_example');" fails
+
+    sql postgres "GRANT ALL ON CDB_TableMetadata TO cdb_testmember_1;"
+    sql cdb_testmember_1 "SELECT CDB_TableMetadataTouch('touch_example');"
+
+    sql postgres "REVOKE ALL ON CDB_TableMetadata FROM cdb_testmember_1;"
+}
+
 #################################################### TESTS END HERE ####################################################

 run_tests $@