pgadmin-org
/
pgadmin4
mirror of https://github.com/pgadmin-org/pgadmin4.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed an issue where SQL for revoke statements are not shown for databases. Fixes #4258

pull/81/head
Yogesh Mahajan 2022-03-28 17:35:54 +05:30 committed by Akshay Joshi
parent 7ecc0169df
commit 7f2ff5af5c
52 changed files with 807 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/en_US/release_notes_6_8.rst
View File

@ -20,6 +20,7 @@ Housekeeping
Bug fixes
*********
| `Issue #4258 <https://redmine.postgresql.org/issues/4258>`_ - Fixed an issue where SQL for revoke statements are not shown for databases.
| `Issue #7059 <https://redmine.postgresql.org/issues/7059>`_ - Fixed an issue where the error is shown on logout when the authentication source is oauth2.
| `Issue #7197 <https://redmine.postgresql.org/issues/7197>`_ - Fixed an issue where foreign key relationships do not update when the primary key is modified.
| `Issue #7216 <https://redmine.postgresql.org/issues/7216>`_ - Ensure that the values of certain fields are prettified in the statistics tab for collection nodes.

4
web/pgadmin/browser/server_groups/servers/databases/__init__.py
View File

@ -426,7 +426,7 @@ class DatabaseView(PGChildNodeView):
SQL = render_template(
"/".join([self.template_path, 'defacl.sql']),
did=did, conn=self.conn
did=did, conn=self.conn, grant_reovke_sql=False
)
status, defaclres = self.conn.execute_dict(SQL)
if not status:
@ -1172,7 +1172,7 @@ class DatabaseView(PGChildNodeView):
SQL = render_template(
"/".join([self.template_path, 'defacl.sql']),
did=did, conn=self.conn
did=did, conn=self.conn, grant_reovke_sql=True
)
status, defaclres = self.conn.execute_dict(SQL)
if not status:

2
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/pg/9.2_plus/sql/create.sql
View File

@ -27,7 +27,7 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{{ DEFAULT_PRIVILEGE.SET(
conn, 'SCHEMA', data.name, type, priv.grantee,
priv.without_grant, priv.with_grant
priv.without_grant, priv.with_grant, priv.grantor
) }}{% endfor %}
{% endif %}
{% endfor %}

10
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/pg/9.2_plus/sql/update.sql
View File

@ -50,22 +50,22 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data[defacl] %}{% set acl = data[defacl] %}
{% if 'deleted' in acl %}
{% for priv in acl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in acl %}
{% for priv in acl.changed %}
{% if priv.grantee != priv.old_grantee %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.old_grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.old_grantee, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee, priv.grantor) }}
{% endif %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in acl %}
{% for priv in acl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% endif %}

2
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/pg/default/sql/create.sql
View File

@ -27,7 +27,7 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{{ DEFAULT_PRIVILEGE.SET(
conn, 'SCHEMA', data.name, type, priv.grantee,
priv.without_grant, priv.with_grant
priv.without_grant, priv.with_grant, priv.grantor
) }}{% endfor %}
{% endif %}
{% endfor %}

10
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/pg/default/sql/update.sql
View File

@ -50,22 +50,22 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data[defacl] %}{% set acl = data[defacl] %}
{% if 'deleted' in acl %}
{% for priv in acl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in acl %}
{% for priv in acl.changed %}
{% if priv.grantee != priv.old_grantee %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.old_grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.old_grantee, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, type, priv.grantee, priv.grantor) }}
{% endif %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in acl %}
{% for priv in acl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, type, priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% endif %}

2
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/ppas/9.1_plus/sql/create.sql
View File

@ -27,7 +27,7 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{{ DEFAULT_PRIVILEGE.SET(
conn, 'SCHEMA', data.name, type, priv.grantee,
priv.without_grant, priv.with_grant
priv.without_grant, priv.with_grant, priv.grantor
) }}{% endfor %}
{% endif %}
{% endfor %}

26
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/ppas/9.1_plus/sql/update.sql
View File

@ -69,22 +69,22 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data.deftblacl %}
{% if 'deleted' in data.deftblacl %}
{% for priv in data.deftblacl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deftblacl %}
{% for priv in data.deftblacl.changed %}
{% if priv.grantee != priv.old_grantee %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.old_grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.old_grantee, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee, priv.grantor) }}
{% endif %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deftblacl %}
{% for priv in data.deftblacl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
@ -93,18 +93,18 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data.defseqacl %}
{% if 'deleted' in data.defseqacl %}
{% for priv in data.defseqacl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.defseqacl %}
{% for priv in data.defseqacl.changed %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.defseqacl %}
{% for priv in data.defseqacl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
@ -113,18 +113,18 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data.deffuncacl %}
{% if 'deleted' in data.deffuncacl %}
{% for priv in data.deffuncacl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deffuncacl %}
{% for priv in data.deffuncacl.changed %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deffuncacl %}
{% for priv in data.deffuncacl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}

2
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/ppas/9.2_plus/sql/create.sql
View File

@ -27,7 +27,7 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{{ DEFAULT_PRIVILEGE.SET(
conn, 'SCHEMA', data.name, type, priv.grantee,
priv.without_grant, priv.with_grant
priv.without_grant, priv.with_grant, priv.grantor
) }}{% endfor %}
{% endif %}
{% endfor %}

34
web/pgadmin/browser/server_groups/servers/databases/schemas/templates/schemas/ppas/9.2_plus/sql/update.sql
View File

@ -69,22 +69,22 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data.deftblacl %}
{% if 'deleted' in data.deftblacl %}
{% for priv in data.deftblacl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deftblacl %}
{% for priv in data.deftblacl.changed %}
{% if priv.grantee != priv.old_grantee %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.old_grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.old_grantee, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn, 'SCHEMA', data.name, 'TABLES', priv.grantee, priv.grantor) }}
{% endif %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deftblacl %}
{% for priv in data.deftblacl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
@ -93,18 +93,18 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data.defseqacl %}
{% if 'deleted' in data.defseqacl %}
{% for priv in data.defseqacl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.defseqacl %}
{% for priv in data.defseqacl.changed %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.defseqacl %}
{% for priv in data.defseqacl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
@ -113,18 +113,18 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data.deffuncacl %}
{% if 'deleted' in data.deffuncacl %}
{% for priv in data.deffuncacl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deffuncacl %}
{% for priv in data.deffuncacl.changed %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deffuncacl %}
{% for priv in data.deffuncacl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
@ -133,18 +133,18 @@ COMMENT ON SCHEMA {{ conn|qtIdent(data.name) }}
{% if data.deftypeacl %}
{% if 'deleted' in data.deftypeacl %}
{% for priv in data.deftypeacl.deleted %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deftypeacl %}
{% for priv in data.deftypeacl.changed %}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.UNSET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deftypeacl %}
{% for priv in data.deftypeacl.added %}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.SET(conn,'SCHEMA', data.name, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/alter_schema_add_priv.sql
View File

@ -9,14 +9,14 @@ GRANT CREATE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO postgres;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/alter_schema_add_priv_msql.sql
View File

@ -1,13 +1,13 @@
GRANT CREATE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

4
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/alter_schema_drop_priv.sql
View File

@ -7,8 +7,8 @@ CREATE SCHEMA IF NOT EXISTS "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO postgres;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;

4
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/alter_schema_drop_priv_msql.sql
View File

@ -1,5 +1,5 @@
REVOKE ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON SEQUENCES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON TYPES FROM PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/alter_schema_update_priv.sql
View File

@ -9,14 +9,14 @@ GRANT USAGE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO postgres;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT UPDATE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/alter_schema_update_priv_msql.sql
View File

@ -1,12 +1,12 @@
REVOKE ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" FROM PUBLIC;
GRANT USAGE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON TABLES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON SEQUENCES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT UPDATE ON SEQUENCES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/create_schema_all_options.sql
View File

@ -12,14 +12,14 @@ GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO postgres;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/pg/9.2_plus/create_schema_all_options_msql.sql
View File

@ -5,14 +5,14 @@ COMMENT ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE postgres IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/alter_schema_add_priv.sql
View File

@ -9,14 +9,14 @@ GRANT CREATE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO enterprisedb;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/alter_schema_add_priv_msql.sql
View File

@ -1,17 +1,17 @@
GRANT CREATE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT, UPDATE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

4
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/alter_schema_drop_priv.sql
View File

@ -7,8 +7,8 @@ CREATE SCHEMA IF NOT EXISTS "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO enterprisedb;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;

4
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/alter_schema_drop_priv_msql.sql
View File

@ -1,7 +1,7 @@
REVOKE ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON SEQUENCES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON TYPES FROM PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/alter_schema_update_priv.sql
View File

@ -9,14 +9,14 @@ GRANT USAGE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO enterprisedb;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT UPDATE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/alter_schema_update_priv_msql.sql
View File

@ -2,13 +2,13 @@ REVOKE ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" FROM PUBLIC;
GRANT USAGE ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON TABLES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
REVOKE ALL ON SEQUENCES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT UPDATE ON SEQUENCES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/create_schema_all_options.sql
View File

@ -12,14 +12,14 @@ GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO enterprisedb;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

8
web/pgadmin/browser/server_groups/servers/databases/schemas/tests/ppas/9.2_plus/create_schema_all_options_msql.sql
View File

@ -5,14 +5,14 @@ COMMENT ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#" TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT ALL ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT EXECUTE ON FUNCTIONS TO PUBLIC;
ALTER DEFAULT PRIVILEGES IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb IN SCHEMA "test_schema_$%{}[]()&*^!@""""'`\/#"
GRANT USAGE ON TYPES TO PUBLIC;

32
web/pgadmin/browser/server_groups/servers/databases/templates/databases/sql/9.3_plus/alter_online.sql
View File

@ -78,18 +78,18 @@
{% if data.deftblacl %}
{% if 'deleted' in data.deftblacl %}
{% for priv in data.deftblacl.deleted %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TABLES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TABLES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deftblacl %}
{% for priv in data.deftblacl.changed %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TABLES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TABLES', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deftblacl %}
{% for priv in data.deftblacl.added %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% endif %}
@ -98,18 +98,18 @@
{% if data.defseqacl %}
{% if 'deleted' in data.defseqacl %}
{% for priv in data.defseqacl.deleted %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'SEQUENCES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'SEQUENCES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.defseqacl %}
{% for priv in data.defseqacl.changed %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'SEQUENCES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'SEQUENCES', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.defseqacl %}
{% for priv in data.defseqacl.added %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% endif %}
@ -118,18 +118,18 @@
{% if data.deffuncacl %}
{% if 'deleted' in data.deffuncacl %}
{% for priv in data.deffuncacl.deleted %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'FUNCTIONS', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'FUNCTIONS', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deffuncacl %}
{% for priv in data.deffuncacl.changed %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'FUNCTIONS', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'FUNCTIONS', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deffuncacl %}
{% for priv in data.deffuncacl.added %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% endif %}
@ -138,18 +138,18 @@
{% if data.deftypeacl %}
{% if 'deleted' in data.deftypeacl %}
{% for priv in data.deftypeacl.deleted %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TYPES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TYPES', priv.grantee, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'changed' in data.deftypeacl %}
{% for priv in data.deftypeacl.changed %}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TYPES', priv.grantee) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.RESETALL(conn, 'TYPES', priv.grantee, priv.grantor) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% if 'added' in data.deftypeacl %}
{% for priv in data.deftypeacl.added %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant) }}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endfor %}
{% endif %}
{% endif %}

129
web/pgadmin/browser/server_groups/servers/databases/templates/databases/sql/9.3_plus/defacl.sql
View File

@ -1,10 +1,12 @@
SELECT
{% if not grant_reovke_sql %}
(SELECT
CASE (a.deftype)
WHEN 'r' THEN 'deftblacl'
WHEN 'S' THEN 'defseqacl'
WHEN 'f' THEN 'deffuncacl'
WHEN 'T' THEN 'deftypeacl'
END AS deftype,
'defaultacls' as acltype,
COALESCE(gt.rolname, 'PUBLIC') AS grantee, g.rolname AS grantor, pg_catalog.array_agg(a.privilege_type) as privileges, pg_catalog.array_agg(a.is_grantable) as grantable
FROM
(SELECT
@ -32,3 +34,128 @@ FROM
LEFT JOIN pg_catalog.pg_roles gt ON (a.grantee = gt.oid)
GROUP BY g.rolname, gt.rolname, a.deftype
ORDER BY a.deftype
)
{% else %}
(SELECT
CASE (e.deftype)
WHEN 'r' THEN 'deftblacl'
WHEN 'S' THEN 'defseqacl'
WHEN 'f' THEN 'deffuncacl'
WHEN 'T' THEN 'deftypeacl'
END AS deftype,
'revoke' as acltype,
COALESCE(gt.rolname, 'PUBLIC') AS grantee, g.rolname AS grantor, pg_catalog.array_agg(e.privilege_type) as privileges, pg_catalog.array_agg(e.is_grantable) as grantable
FROM(
SELECT
(d.acl).grantee as grantee, (d.acl).grantor AS grantor, (d.acl).is_grantable AS is_grantable,
CASE (d.acl).privilege_type
WHEN 'CONNECT' THEN 'c'
WHEN 'CREATE' THEN 'C'
WHEN 'DELETE' THEN 'd'
WHEN 'EXECUTE' THEN 'X'
WHEN 'INSERT' THEN 'a'
WHEN 'REFERENCES' THEN 'x'
WHEN 'SELECT' THEN 'r'
WHEN 'TEMPORARY' THEN 'T'
WHEN 'TRIGGER' THEN 't'
WHEN 'TRUNCATE' THEN 'D'
WHEN 'UPDATE' THEN 'w'
WHEN 'USAGE' THEN 'U'
ELSE 'UNKNOWN'
END AS privilege_type,
d.defaclobjtype as deftype
FROM
(select
b.defaclobjtype,
pg_catalog.aclexplode(b.revoke_priv) as acl
from
(select
a.defaclobjtype,
a.defaclrole,
a.defaultprivileges,
a.acldefault,
array(select unnest(a.acldefault) except select unnest(a.defaultprivileges)) as revoke_priv
from
(SELECT
defaclobjtype,
defaclrole,
defaclacl as defaultprivileges,
CASE
WHEN defaclnamespace = 0 THEN acldefault(CASE WHEN defaclobjtype = 'S' THEN 's'::"char" ELSE defaclobjtype END, defaclrole)
ELSE '{}'
END AS acldefault
FROM pg_catalog.pg_default_acl dacl
WHERE dacl.defaclnamespace = 0::OID
) a
) b
where not b.revoke_priv = '{}'
) d
) e
LEFT JOIN pg_catalog.pg_roles g ON (e.grantor = g.oid)
LEFT JOIN pg_catalog.pg_roles gt ON (e.grantee = gt.oid)
GROUP BY g.rolname, gt.rolname, e.deftype
ORDER BY e.deftype)
UNION
(
SELECT
CASE (e.deftype)
WHEN 'r' THEN 'deftblacl'
WHEN 'S' THEN 'defseqacl'
WHEN 'f' THEN 'deffuncacl'
WHEN 'T' THEN 'deftypeacl'
END AS deftype,
'grant' as acltype,
COALESCE(gt.rolname, 'PUBLIC') AS grantee, g.rolname AS grantor, pg_catalog.array_agg(e.privilege_type) as privileges, pg_catalog.array_agg(e.is_grantable) as grantable
FROM(
SELECT
(d.acl).grantee as grantee, (d.acl).grantor AS grantor, (d.acl).is_grantable AS is_grantable,
CASE (d.acl).privilege_type
WHEN 'CONNECT' THEN 'c'
WHEN 'CREATE' THEN 'C'
WHEN 'DELETE' THEN 'd'
WHEN 'EXECUTE' THEN 'X'
WHEN 'INSERT' THEN 'a'
WHEN 'REFERENCES' THEN 'x'
WHEN 'SELECT' THEN 'r'
WHEN 'TEMPORARY' THEN 'T'
WHEN 'TRIGGER' THEN 't'
WHEN 'TRUNCATE' THEN 'D'
WHEN 'UPDATE' THEN 'w'
WHEN 'USAGE' THEN 'U'
ELSE 'UNKNOWN'
END AS privilege_type,
d.defaclobjtype as deftype
FROM(
select
*,
pg_catalog.aclexplode(b.grant_priv) as acl
from
(select
a.defaclobjtype,
a.defaclrole,
a.defaultprivileges,
a.acldefault,
array(select unnest(a.defaultprivileges) except select unnest(a.acldefault)) as grant_priv
from
(SELECT
defaclobjtype,
defaclrole,
defaclacl as defaultprivileges,
CASE
WHEN defaclnamespace = 0
THEN acldefault(CASE WHEN defaclobjtype = 'S' THEN 's'::"char" ELSE defaclobjtype END, defaclrole)
ELSE '{}'
END AS acldefault
FROM pg_catalog.pg_default_acl dacl
WHERE dacl.defaclnamespace = 0::OID
) a
) b where not b.grant_priv = '{}'
) d
) e
LEFT JOIN pg_catalog.pg_roles g ON (e.grantor = g.oid)
LEFT JOIN pg_catalog.pg_roles gt ON (e.grantee = gt.oid)
GROUP BY g.rolname, gt.rolname, e.deftype
ORDER BY e.deftype)
{% endif %}

27
web/pgadmin/browser/server_groups/servers/databases/templates/databases/sql/9.3_plus/grant.sql
View File

@ -41,24 +41,43 @@ COMMENT ON DATABASE {{ conn|qtIdent(data.name) }}
{# Default privileges/ACLs for tables #}
{% if data.deftblacl %}
{% for priv in data.deftblacl %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant) }}
{% if priv.acltype == 'grant' %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.REMOVE(conn, 'TABLES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endif %}
{% endfor %}
{% endif %}
{# Default privileges/ACLs for sequences #}
{% if data.defseqacl %}
{% for priv in data.defseqacl %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant) }}
{% if priv.acltype == 'grant' %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.REMOVE(conn, 'SEQUENCES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endif %}
{% endfor %}
{% endif %}
{# Default privileges/ACLs for functions #}
{% if data.deffuncacl %}
{% for priv in data.deffuncacl %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant) }}
{% if priv.acltype == 'grant' %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.REMOVE(conn, 'FUNCTIONS', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endif %}
{% endfor %}
{% endif %}
{# Default privileges/ACLs for types #}
{% if data.deftypeacl %}
{% for priv in data.deftypeacl %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant) }}
{% if priv.acltype == 'grant' %}
{{ DEFAULT_PRIVILEGE.APPLY(conn, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% else %}
{{ DEFAULT_PRIVILEGE.REMOVE(conn, 'TYPES', priv.grantee, priv.without_grant, priv.with_grant, priv.grantor) }}
{% endif %}
{% endfor %}
{% endif %}

2
web/pgadmin/browser/server_groups/servers/databases/templates/databases/sql/default/create.sql
View File

@ -1,7 +1,7 @@
{% if data %}
CREATE DATABASE {{ conn|qtIdent(data.name) }}
{% if data.datowner %}
WITH {% endif %}{% if data.datowner %}
WITH{% endif %}{% if data.datowner %}
OWNER = {{ conn|qtIdent(data.datowner) }}{% endif %}{% if data.template %}

14
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_function.sql Normal file
View File

@ -0,0 +1,14 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = postgres
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;

4
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_function_msql.sql Normal file
View File

@ -0,0 +1,4 @@
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
REVOKE ALL ON FUNCTIONS FROM PUBLIC;

12
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_reset_all.sql Normal file
View File

@ -0,0 +1,12 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = postgres
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;

21
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_sequences.sql Normal file
View File

@ -0,0 +1,21 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = postgres
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE ALL ON TABLES FROM postgres;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
GRANT SELECT, USAGE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE ALL ON SEQUENCES FROM postgres;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;

9
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_sequences_msql.sql Normal file
View File

@ -0,0 +1,9 @@
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
REVOKE ALL ON TABLES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
REVOKE ALL ON SEQUENCES FROM postgres;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
GRANT USAGE, SELECT ON SEQUENCES TO PUBLIC;

19
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_tables.sql Normal file
View File

@ -0,0 +1,19 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = postgres
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE ALL ON TABLES FROM postgres;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;

6
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_tables_msql.sql Normal file
View File

@ -0,0 +1,6 @@
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
REVOKE ALL ON TABLES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
GRANT SELECT ON TABLES TO PUBLIC;

23
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/alter_default_db_privileges_types.sql Normal file
View File

@ -0,0 +1,23 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = postgres
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE ALL ON TABLES FROM postgres;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres
GRANT SELECT, USAGE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE ALL ON SEQUENCES FROM postgres;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE postgres REVOKE USAGE ON TYPES FROM PUBLIC;

141
web/pgadmin/browser/server_groups/servers/databases/tests/pg/default/test_database.json Normal file
View File

@ -0,0 +1,141 @@
{
"scenarios": [
{
"type": "alter",
"name": "Alert default priviliges for functions",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"msql_endpoint": "NODE-database.msql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deffuncacl": {
"deleted": [
{
"grantor": "postgres",
"grantee": "PUBLIC",
"privileges": [
{
"privilege_type": "X",
"privilege": true,
"with_grant": false
}
],
"acltype": "defaultacls"
}
]
}
},
"expected_sql_file": "alter_default_db_privileges_function.sql",
"expected_msql_file": "alter_default_db_privileges_function_msql.sql"
},
{
"type": "alter",
"name": "Alert default privileges for tables",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deftblacl": {
"deleted": [
{
"grantor": "postgres",
"grantee": "postgres",
"privileges": [
{"privilege_type":"D","privilege":true,"with_grant":false},
{"privilege_type":"w","privilege":true,"with_grant":false}
],
"acltype": "deftblacl"
}
],
"added": [
{
"grantee": "PUBLIC",
"privileges": [
{
"privilege_type": "r",
"privilege": true,
"with_grant": false
}
],
"grantor": "postgres"
}
]
}
},
"expected_sql_file": "alter_default_db_privileges_tables.sql"
},
{
"type": "alter",
"name": "Alert default privileges for sequences",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"msql_endpoint": "NODE-database.msql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"defseqacl": {
"deleted": [
{
"grantor": "postgres",
"grantee": "postgres",
"privileges": [
{
"privilege_type": "w",
"privilege": true,
"with_grant": false
}
],
"acltype": "defaultacls"
}
],
"added":[
{"grantee":"PUBLIC","privileges":[{"privilege_type":"U","privilege":true,"with_grant":false},
{"privilege_type":"r","privilege":true,"with_grant":false}],"grantor":"postgres"}]
},
"deftblacl": {"deleted":[{"grantor":"postgres","grantee":"PUBLIC","privileges":[{"privilege_type":"r","privilege":true,"with_grant":false}],"acltype":"defaultacls"}]}
},
"expected_sql_file": "alter_default_db_privileges_sequences.sql",
"expected_msql_file": "alter_default_db_privileges_sequences_msql.sql"
},
{
"type": "alter",
"name": "Alert default privileges for types",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deftypeacl": {
"deleted": [
{
"grantor": "postgres",
"grantee": "PUBLIC",
"privileges": [
{
"privilege_type": "U",
"privilege": true,
"with_grant": false
}
],
"acltype": "defaultacls"
}
]
}
},
"expected_sql_file": "alter_default_db_privileges_types.sql"
},
{
"type": "alter",
"name": "Alert default privileges reset all",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deffuncacl": {"added":[{"grantee":"PUBLIC","privileges":[{"privilege_type":"X","privilege":true,"with_grant":false}],"grantor":"postgres"}]},
"deftypeacl": {"added":[{"grantee":"PUBLIC","privileges":[{"privilege_type":"U","privilege":true,"with_grant":false}],"grantor":"postgres"}]},
"deftblacl":{"added":[{"grantee":"postgres","privileges":[{"privilege_type":"a","privilege":true,"with_grant":false},{"privilege_type":"r","privilege":true,"with_grant":false},{"privilege_type":"w","privilege":true,"with_grant":false},{"privilege_type":"d","privilege":true,"with_grant":false},{"privilege_type":"D","privilege":true,"with_grant":false},{"privilege_type":"x","privilege":true,"with_grant":false},{"privilege_type":"t","privilege":true,"with_grant":false}],"grantor":"postgres"}],"deleted":[{"grantor":"postgres","grantee":"PUBLIC","privileges":[{"privilege_type":"a","privilege":true,"with_grant":false,"cid":"nn626"},{"privilege_type":"r","privilege":true,"with_grant":false,"cid":"nn627"},{"privilege_type":"w","privilege":true,"with_grant":false,"cid":"nn628"},{"privilege_type":"d","privilege":true,"with_grant":false},{"privilege_type":"D","privilege":true,"with_grant":false},{"privilege_type":"x","privilege":true,"with_grant":false},{"privilege_type":"t","privilege":true,"with_grant":false}],"acltype":"defaultacls"}]},
"defseqacl":{"added":[{"grantee":"postgres","privileges":[{"privilege_type":"r","privilege":true,"with_grant":false},{"privilege_type":"w","privilege":true,"with_grant":false},{"privilege_type":"U","privilege":true,"with_grant":false}],"grantor":"postgres"}],"deleted":[{"grantor":"postgres","grantee":"PUBLIC","privileges":[{"privilege_type":"r","privilege":true,"with_grant":false,"cid":"nn673"},{"privilege_type":"U","privilege":true,"with_grant":false}],"acltype":"defaultacls"}]}
},
"expected_sql_file": "alter_default_db_privileges_reset_all.sql"
}
]
}

14
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_function.sql Normal file
View File

@ -0,0 +1,14 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = enterprisedb
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;

4
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_function_msql.sql Normal file
View File

@ -0,0 +1,4 @@
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
REVOKE ALL ON FUNCTIONS FROM PUBLIC;

12
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_reset_all.sql Normal file
View File

@ -0,0 +1,12 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = enterprisedb
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;

21
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_sequences.sql Normal file
View File

@ -0,0 +1,21 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = enterprisedb
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE ALL ON TABLES FROM enterprisedb;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE ALL ON SEQUENCES FROM enterprisedb;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
GRANT SELECT, USAGE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;

9
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_sequences_msql.sql Normal file
View File

@ -0,0 +1,9 @@
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
REVOKE ALL ON TABLES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
REVOKE ALL ON SEQUENCES FROM enterprisedb;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
GRANT USAGE, SELECT ON SEQUENCES TO PUBLIC;

19
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_tables.sql Normal file
View File

@ -0,0 +1,19 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = enterprisedb
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
GRANT SELECT ON TABLES TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE ALL ON TABLES FROM enterprisedb;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;

6
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_tables_msql.sql Normal file
View File

@ -0,0 +1,6 @@
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
REVOKE ALL ON TABLES FROM PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
GRANT SELECT ON TABLES TO PUBLIC;

23
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/alter_default_db_privileges_types.sql Normal file
View File

@ -0,0 +1,23 @@
-- Database: <TEST_DB_NAME>
-- DROP DATABASE IF EXISTS <TEST_DB_NAME>;
CREATE DATABASE <TEST_DB_NAME>
WITH
OWNER = enterprisedb
ENCODING = 'UTF8'
LC_COLLATE = 'C'
LC_CTYPE = 'C'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE ALL ON TABLES FROM enterprisedb;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE ALL ON SEQUENCES FROM enterprisedb;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb
GRANT SELECT, USAGE ON SEQUENCES TO PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
ALTER DEFAULT PRIVILEGES FOR ROLE enterprisedb REVOKE USAGE ON TYPES FROM PUBLIC;

141
web/pgadmin/browser/server_groups/servers/databases/tests/ppas/default/test_database.json Normal file
View File

@ -0,0 +1,141 @@
{
"scenarios": [
{
"type": "alter",
"name": "Alert default priviliges for functions",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"msql_endpoint": "NODE-database.msql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deffuncacl": {
"deleted": [
{
"grantor": "enterprisedb",
"grantee": "PUBLIC",
"privileges": [
{
"privilege_type": "X",
"privilege": true,
"with_grant": false
}
],
"acltype": "defaultacls"
}
]
}
},
"expected_sql_file": "alter_default_db_privileges_function.sql",
"expected_msql_file": "alter_default_db_privileges_function_msql.sql"
},
{
"type": "alter",
"name": "Alert default privileges for tables",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deftblacl": {
"deleted": [
{
"grantor": "enterprisedb",
"grantee": "enterprisedb",
"privileges": [
{"privilege_type":"D","privilege":true,"with_grant":false},
{"privilege_type":"w","privilege":true,"with_grant":false}
],
"acltype": "deftblacl"
}
],
"added": [
{
"grantee": "PUBLIC",
"privileges": [
{
"privilege_type": "r",
"privilege": true,
"with_grant": false
}
],
"grantor": "enterprisedb"
}
]
}
},
"expected_sql_file": "alter_default_db_privileges_tables.sql"
},
{
"type": "alter",
"name": "Alert default privileges for sequences",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"msql_endpoint": "NODE-database.msql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"defseqacl": {
"deleted": [
{
"grantor": "enterprisedb",
"grantee": "enterprisedb",
"privileges": [
{
"privilege_type": "w",
"privilege": true,
"with_grant": false
}
],
"acltype": "defaultacls"
}
],
"added":[{"grantee":"PUBLIC","privileges":[{"privilege_type":"U","privilege":true,"with_grant":false},
{"privilege_type":"r","privilege":true,"with_grant":false}],"grantor":"enterprisedb"}]
},
"deftblacl": {"deleted":[{"grantor":"enterprisedb","grantee":"PUBLIC","privileges":[{"privilege_type":"r","privilege":true,"with_grant":false}],"acltype":"defaultacls"}]}
},
"expected_sql_file": "alter_default_db_privileges_sequences.sql",
"expected_msql_file": "alter_default_db_privileges_sequences_msql.sql"
},
{
"type": "alter",
"name": "Alert default privileges for types",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deftypeacl": {
"deleted": [
{
"grantor": "enterprisedb",
"grantee": "PUBLIC",
"privileges": [
{
"privilege_type": "U",
"privilege": true,
"with_grant": false
}
],
"acltype": "defaultacls"
}
]
}
},
"expected_sql_file": "alter_default_db_privileges_types.sql"
},
{
"type": "alter",
"name": "Alert default privileges reset all",
"endpoint": "NODE-database.obj_id",
"sql_endpoint": "NODE-database.sql_id",
"TEST_DB_NAME": "<TEST_DB_NAME>",
"data": {
"deffuncacl": {"added":[{"grantee":"PUBLIC","privileges":[{"privilege_type":"X","privilege":true,"with_grant":false}],"grantor":"enterprisedb"}]},
"deftypeacl": {"added":[{"grantee":"PUBLIC","privileges":[{"privilege_type":"U","privilege":true,"with_grant":false}],"grantor":"enterprisedb"}]},
"deftblacl":{"added":[{"grantee":"enterprisedb","privileges":[{"privilege_type":"a","privilege":true,"with_grant":false},{"privilege_type":"r","privilege":true,"with_grant":false},{"privilege_type":"w","privilege":true,"with_grant":false},{"privilege_type":"d","privilege":true,"with_grant":false},{"privilege_type":"D","privilege":true,"with_grant":false},{"privilege_type":"x","privilege":true,"with_grant":false},{"privilege_type":"t","privilege":true,"with_grant":false}],"grantor":"enterprisedb"}],"deleted":[{"grantor":"enterprisedb","grantee":"PUBLIC","privileges":[{"privilege_type":"a","privilege":true,"with_grant":false,"cid":"nn626"},{"privilege_type":"r","privilege":true,"with_grant":false,"cid":"nn627"},{"privilege_type":"w","privilege":true,"with_grant":false,"cid":"nn628"},{"privilege_type":"d","privilege":true,"with_grant":false},{"privilege_type":"D","privilege":true,"with_grant":false},{"privilege_type":"x","privilege":true,"with_grant":false},{"privilege_type":"t","privilege":true,"with_grant":false}],"acltype":"defaultacls"}]},
"defseqacl":{"added":[{"grantee":"enterprisedb","privileges":[{"privilege_type":"r","privilege":true,"with_grant":false},{"privilege_type":"w","privilege":true,"with_grant":false},{"privilege_type":"U","privilege":true,"with_grant":false}],"grantor":"enterprisedb"}],"deleted":[{"grantor":"enterprisedb","grantee":"PUBLIC","privileges":[{"privilege_type":"r","privilege":true,"with_grant":false,"cid":"nn673"},{"privilege_type":"U","privilege":true,"with_grant":false}],"acltype":"defaultacls"}]}
},
"expected_sql_file": "alter_default_db_privileges_reset_all.sql"
}
]
}

29
web/pgadmin/browser/server_groups/servers/templates/macros/default_privilege.macros
View File

@ -1,29 +1,38 @@
{% macro APPLY(conn, type, role, privs, with_grant_privs) -%}
{% macro APPLY(conn, type, role, privs, with_grant_privs, grantor) -%}
{% if privs %}
ALTER DEFAULT PRIVILEGES
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}}
GRANT {{ privs|join(', ') }} ON {{ type }} TO {{ role }};
{% endif %}
{% if with_grant_privs %}
ALTER DEFAULT PRIVILEGES
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}}
GRANT {{ with_grant_privs|join(', ') }} ON {{ type }} TO {{ role }} WITH GRANT OPTION;
{% endif %}
{%- endmacro %}
{% macro RESETALL(conn, type, role) -%}
ALTER DEFAULT PRIVILEGES
{% macro RESETALL(conn, type, role, grantor) -%}
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}}
REVOKE ALL ON {{ type }} FROM {{ role }};
{%- endmacro %}
{### To allow create macro for specific database object ###}
{% macro SET(conn, db_object_type, db_object_name, type, role, privs, with_grant_privs) -%}
{% macro SET(conn, db_object_type, db_object_name, type, role, privs, with_grant_privs, grantor) -%}
{% if privs %}
ALTER DEFAULT PRIVILEGES IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }}
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}} IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }}
GRANT {{ privs|join(', ') }} ON {{ type }} TO {{ role }};
{% endif %}
{% if with_grant_privs %}
ALTER DEFAULT PRIVILEGES IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }}
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}} IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }}
GRANT {{ with_grant_privs|join(', ') }} ON {{ type }} TO {{ role }} WITH GRANT OPTION;
{% endif %}
{%- endmacro %}
{% macro UNSET(conn, db_object_type, db_object_name, type, role) -%}
ALTER DEFAULT PRIVILEGES IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }}
{% macro UNSET(conn, db_object_type, db_object_name, type, role, grantor) -%}
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}} IN {{ db_object_type }} {{ conn|qtIdent(db_object_name) }}
REVOKE ALL ON {{ type }} FROM {{ role }};
{%- endmacro %}
{% macro REMOVE(conn, type, role, privs, with_grant_privs, grantor) -%}
{% if privs %}
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}} REVOKE {{ privs|join(', ') }} ON {{ type }} FROM {{ role }};
{% endif %}
{% if with_grant_privs %}
ALTER DEFAULT PRIVILEGES FOR ROLE {{grantor}} REVOKE {{ with_grant_privs|join(', ') }} ON {{ type }} FROM {{ role }} WITH GRANT OPTION;
{% endif %}
{%- endmacro %}

8
web/pgadmin/browser/server_groups/servers/utils.py
View File

@ -31,6 +31,8 @@ def parse_priv_from_db(db_privileges):
'grantee': db_privileges['grantee'],
'privileges': []
}
if 'acltype' in db_privileges:
acl['acltype'] = db_privileges['acltype']
privileges = []
for idx, priv in enumerate(db_privileges['privileges']):
@ -133,12 +135,16 @@ def parse_priv_to_db(str_privileges, allowed_acls=[]):
if 'old_grantee' in priv and priv['old_grantee'] != 'PUBLIC' \
else grantee
acltype = priv['acltype'] if 'acltype' in priv else 'defaultacls'
# Appending and returning all ACL
privileges.append({
'grantor': priv['grantor'],
'grantee': grantee,
'with_grant': priv_with_grant,
'without_grant': priv_without_grant,
'old_grantee': old_grantee
'old_grantee': old_grantee,
'acltype': acltype
})
return privileges

9
web/regression/python_test_utils/test_utils.py
View File

@ -633,9 +633,11 @@ def add_db_to_parent_node_dict(srv_id, db_id, test_db_name):
})
def add_schema_to_parent_node_dict(srv_id, db_id, schema_id, schema_name):
def add_schema_to_parent_node_dict(srv_id, db_name, db_id, schema_id,
schema_name):
""" This function stores the schema details into parent dict """
server_information = {"server_id": srv_id, "db_id": db_id,
"test_db_name": db_name,
"schema_id": schema_id,
"schema_name": schema_name}
regression.parent_node_dict["schema"].append(server_information)
@ -653,7 +655,8 @@ def create_parent_server_node(server_info):
srv_id = create_server(server_info)
# Create database
test_db_name = "test_db_%s" % str(uuid.uuid4())[1:6]
db_id = create_database(server_info, test_db_name)
encodings = ['UTF-8', 'C', 'C']
db_id = create_database(server_info, test_db_name, encodings)
add_db_to_parent_node_dict(srv_id, db_id, test_db_name)
# Create schema
schema_name = "test_schema_%s" % str(uuid.uuid4())[1:6]
@ -668,7 +671,7 @@ def create_parent_server_node(server_info):
schema = regression.schema_utils.create_schema(connection, schema_name)
return add_schema_to_parent_node_dict(
srv_id, db_id, schema[0], schema[1]
srv_id, test_db_name, db_id, schema[0], schema[1]
)

7
web/regression/re_sql/tests/test_resql.py
View File

@ -104,7 +104,8 @@ class ReverseEngineeredSQLTestCases(BaseTestGenerator):
'timestamptz_1': '<TIMESTAMPTZ_1>',
'password': '<PASSWORD>',
'pga_job_id': '<PGA_JOB_ID>',
'timestamptz_2': '<TIMESTAMPTZ_2>'}
'timestamptz_2': '<TIMESTAMPTZ_2>',
'db_name': '<TEST_DB_NAME>'}
resql_module_list = create_resql_module_list(
BaseTestGenerator.re_sql_module_list,
@ -752,6 +753,10 @@ class ReverseEngineeredSQLTestCases(BaseTestGenerator):
sql = sql.replace(self.JSON_PLACEHOLDERS['pga_job_id'],
str(object_id))
if 'TEST_DB_NAME' in scenario:
sql = sql.replace(self.JSON_PLACEHOLDERS['db_name'],
self.server_information['test_db_name'])
return sql
def replace_placeholder_with_id(self, value):