summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f7d7ac2)
raw | patch | inline | side by side (parent: f7d7ac2)
| author | Daniel Gustafsson <dgustafsson@postgresql.org> | |
| Thu, 30 Dec 2021 12:23:47 +0000 (13:23 +0100) | ||
| committer | Daniel Gustafsson <dgustafsson@postgresql.org> | |
| Thu, 30 Dec 2021 12:23:47 +0000 (13:23 +0100) |
The reverted commit attempted to fix SQL specification compliance for
the cases which 6aaaa76bb left. This however broke existing behavior
which takes precedence over spec compliance so revert. The introduced
tests are left after the revert since the codepath isn't well covered.
Per bug report 17346. Backpatch down to 14 where it was introduced.
Reported-by: Andrew Bille <andrewbille@gmail.com>
Discussion: https://postgr.es/m/17346-f72b28bd1a341060@postgresql.org
the cases which 6aaaa76bb left. This however broke existing behavior
which takes precedence over spec compliance so revert. The introduced
tests are left after the revert since the codepath isn't well covered.
Per bug report 17346. Backpatch down to 14 where it was introduced.
Reported-by: Andrew Bille <andrewbille@gmail.com>
Discussion: https://postgr.es/m/17346-f72b28bd1a341060@postgresql.org
| src/backend/commands/user.c | patch | blob | blame | history | |
| src/backend/parser/gram.y | patch | blob | blame | history | |
| src/test/regress/expected/privileges.out | patch | blob | blame | history |
index b9cca41a7d3615ae358bfb95c4d41bf7928082c0..65bb73395891d54e97ccae4b2e53b303eec15ef8 100644 (file)
ListCell *item;
if (stmt->grantor)
- {
grantor = get_rolespec_oid(stmt->grantor, false);
-
- /*
- * Currently, this clause is only for SQL compatibility, not very
- * interesting otherwise.
- */
- if (grantor != GetUserId())
- ereport(ERROR,
- (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
- errmsg("grantor must be current user")));
- }
else
grantor = GetUserId();
index 1b7494f0df8dffe9de75884d404c8a7529206bf3..fe2af568c9133a8bf3c734cbe142d327e8ad6624 100644 (file)
n->admin_opt = false;
n->granted_roles = $2;
n->grantee_roles = $4;
- n->grantor = $5;
n->behavior = $6;
$$ = (Node*)n;
}
n->admin_opt = true;
n->granted_roles = $5;
n->grantee_roles = $7;
- n->grantor = $8;
n->behavior = $9;
$$ = (Node*)n;
}
index d106733dcc637397d32f74da1a278ca76ee06e86..e91c501a95dd8aabc600d04796c1b7b22592f2be 100644 (file)
-- test owner privileges
GRANT regress_priv_role TO regress_priv_user1 WITH ADMIN OPTION GRANTED BY CURRENT_ROLE;
REVOKE ADMIN OPTION FOR regress_priv_role FROM regress_priv_user1 GRANTED BY foo; -- error
-ERROR: role "foo" does not exist
REVOKE ADMIN OPTION FOR regress_priv_role FROM regress_priv_user1 GRANTED BY regress_priv_user2; -- error
-ERROR: grantor must be current user
REVOKE ADMIN OPTION FOR regress_priv_role FROM regress_priv_user1 GRANTED BY CURRENT_USER;
REVOKE regress_priv_role FROM regress_priv_user1 GRANTED BY CURRENT_ROLE;
DROP ROLE regress_priv_role;