diff options
| author | Michael Paquier <michael@paquier.xyz> | 2021-01-20 11:39:31 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2021-01-20 11:39:31 +0900 |
| commit | 7dc3be9df86cfd2515e76c078347dccc9a929d0b (patch) | |
| tree | ec5c29c34b0436136e1d0237ec52ddbe69e24871 | |
| parent | fe8edbb8267adf24ba3b392ac6229b96c4287f93 (diff) | |
Fix ALTER DEFAULT PRIVILEGES with duplicated objects
Specifying duplicated objects in this command would lead to unique
constraint violations in pg_default_acl or "tuple already updated by
self" errors. Similarly to GRANT/REVOKE, increment the command ID after
each subcommand processing to allow this case to work transparently.
A regression test is added by tweaking one of the existing queries of
privileges.sql to stress this case.
Reported-by: Andrus
Author: Michael Paquier
Reviewed-by: Álvaro Herrera
Discussion: https://postgr.es/m/ae2a7dc1-9d71-8cba-3bb9-e4cb7eb1f44e@hot.ee
Backpatch-through: 9.5
| -rw-r--r-- | src/backend/catalog/aclchk.c | 3 | ||||
| -rw-r--r-- | src/test/regress/expected/privileges.out | 3 | ||||
| -rw-r--r-- | src/test/regress/sql/privileges.sql | 3 |
3 files changed, 7 insertions, 2 deletions
diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c index 9c8711ed050..63ea8f11f44 100644 --- a/src/backend/catalog/aclchk.c +++ b/src/backend/catalog/aclchk.c @@ -1312,6 +1312,9 @@ SetDefaultACL(InternalDefaultACL *iacls) ReleaseSysCache(tuple); heap_close(rel, RowExclusiveLock); + + /* prevent error when processing duplicate objects */ + CommandCounterIncrement(); } diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out index 14ce823ffc7..adc9c9b5b60 100644 --- a/src/test/regress/expected/privileges.out +++ b/src/test/regress/expected/privileges.out @@ -1562,7 +1562,8 @@ SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no f (1 row) -ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT SELECT ON TABLES TO public; +-- placeholder for test with duplicated schema and role names +ALTER DEFAULT PRIVILEGES IN SCHEMA testns,testns GRANT SELECT ON TABLES TO public,public; SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- no has_table_privilege --------------------- diff --git a/src/test/regress/sql/privileges.sql b/src/test/regress/sql/privileges.sql index f1d879c0873..ff3ed02415f 100644 --- a/src/test/regress/sql/privileges.sql +++ b/src/test/regress/sql/privileges.sql @@ -933,7 +933,8 @@ CREATE TABLE testns.acltest1 (x int); SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- no SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no -ALTER DEFAULT PRIVILEGES IN SCHEMA testns GRANT SELECT ON TABLES TO public; +-- placeholder for test with duplicated schema and role names +ALTER DEFAULT PRIVILEGES IN SCHEMA testns,testns GRANT SELECT ON TABLES TO public,public; SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'SELECT'); -- no SELECT has_table_privilege('regress_user1', 'testns.acltest1', 'INSERT'); -- no |