summaryrefslogtreecommitdiff
path: root/contrib/postgres_fdw/expected
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/postgres_fdw/expected')
-rw-r--r--contrib/postgres_fdw/expected/postgres_fdw.out9
1 files changed, 9 insertions, 0 deletions
diff --git a/contrib/postgres_fdw/expected/postgres_fdw.out b/contrib/postgres_fdw/expected/postgres_fdw.out
index 0912d6cd5e4..84fd3ad2e0c 100644
--- a/contrib/postgres_fdw/expected/postgres_fdw.out
+++ b/contrib/postgres_fdw/expected/postgres_fdw.out
@@ -8898,6 +8898,15 @@ SELECT * FROM ft1_nopw LIMIT 1;
1111 | 2 | | | | | ft1 |
(1 row)
+-- unpriv user also cannot set sslcert / sslkey on the user mapping
+-- first set password_required so we see the right error messages
+ALTER USER MAPPING FOR CURRENT_USER SERVER loopback_nopw OPTIONS (SET password_required 'true');
+ALTER USER MAPPING FOR CURRENT_USER SERVER loopback_nopw OPTIONS (ADD sslcert 'foo.crt');
+ERROR: sslcert and sslkey are superuser-only
+HINT: User mappings with the sslcert or sslkey options set may only be created or modified by the superuser
+ALTER USER MAPPING FOR CURRENT_USER SERVER loopback_nopw OPTIONS (ADD sslkey 'foo.key');
+ERROR: sslcert and sslkey are superuser-only
+HINT: User mappings with the sslcert or sslkey options set may only be created or modified by the superuser
-- We're done with the role named after a specific user and need to check the
-- changes to the public mapping.
DROP USER MAPPING FOR CURRENT_USER SERVER loopback_nopw;
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-09 13:07:18 +0000