public inbox for [email protected]  
help / color / mirror / Atom feed
[PATCH 08/21] vcregress: add alltaptests
6+ messages / 4 participants
[nested] [flat]

* [PATCH 08/21] vcregress: add alltaptests
@ 2022-02-25 23:00 Justin Pryzby <[email protected]>
  0 siblings, 0 replies; 6+ messages in thread

From: Justin Pryzby @ 2022-02-25 23:00 UTC (permalink / raw)

https://www.postgresql.org/message-id/[email protected]
https://www.postgresql.org/message-id/flat/[email protected]

In passing, document taptest PROVE_FLAGS

ci-os-only: windows

See also:
d835dd6685246f0737ca42ab68242210681bb220
13d856e177e69083f543d6383eeda9e12ce3c55c
fed6df486dca1b9e53d3f560031b9a236c99f4bb
---
 .cirrus.yml                 | 10 ++-------
 src/tools/msvc/vcregress.pl | 43 +++++++++++++++++++++++++++++++++----
 2 files changed, 41 insertions(+), 12 deletions(-)

diff --git a/.cirrus.yml b/.cirrus.yml
index f2bb05266cc..ea1f493923a 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -437,14 +437,8 @@ task:
   test_ssl_script: |
     set with_ssl=openssl
     %T_C% perl src/tools/msvc/vcregress.pl taptest ./src/test/ssl/
-  test_subscription_script: |
-    %T_C% perl src/tools/msvc/vcregress.pl taptest ./src/test/subscription/
-  test_authentication_script: |
-    %T_C% perl src/tools/msvc/vcregress.pl taptest ./src/test/authentication/
-  test_recovery_script: |
-    %T_C% perl src/tools/msvc/vcregress.pl recoverycheck
-  test_bin_script: |
-    %T_C% perl src/tools/msvc/vcregress.pl bincheck
+  test_tap_script: |
+    %T_C% perl src/tools/msvc/vcregress.pl alltaptests
   test_ecpg_script: |
     rem tries to build additional stuff
     vcvarsall x64
diff --git a/src/tools/msvc/vcregress.pl b/src/tools/msvc/vcregress.pl
index 54c31b0e14f..5dcc3419ad7 100644
--- a/src/tools/msvc/vcregress.pl
+++ b/src/tools/msvc/vcregress.pl
@@ -51,7 +51,7 @@ if (-e "src/tools/msvc/buildenv.pl")
 
 my $what = shift || "";
 if ($what =~
-	/^(check|installcheck|plcheck|contribcheck|modulescheck|ecpgcheck|isolationcheck|upgradecheck|bincheck|recoverycheck|taptest)$/i
+	/^(check|installcheck|plcheck|contribcheck|modulescheck|ecpgcheck|isolationcheck|upgradecheck|bincheck|recoverycheck|taptest|alltaptests)$/i
   )
 {
 	$what = uc $what;
@@ -109,6 +109,7 @@ my %command = (
 	BINCHECK       => \&bincheck,
 	RECOVERYCHECK  => \&recoverycheck,
 	UPGRADECHECK   => \&upgradecheck,     # no-op
+	ALLTAPTESTS    => \&alltaptests,
 	TAPTEST        => \&taptest,);
 
 my $proc = $command{$what};
@@ -291,6 +292,9 @@ sub tap_check
 	$ENV{PG_REGRESS}    = "$topdir/$Config/pg_regress/pg_regress";
 	$ENV{REGRESS_SHLIB} = "$topdir/src/test/regress/regress.dll";
 
+	print "============================================================\n";
+	print "Checking $dir: @args\n";
+
 	rmtree('tmp_check');
 	system(@args);
 	my $status = $? >> 8;
@@ -305,8 +309,7 @@ sub bincheck
 
 	my $mstat = 0;
 
-	# Find out all the existing TAP tests by looking for t/ directories
-	# in the tree.
+	# Find the TAP tests by looking for t/ directories
 	my @bin_dirs = glob("$topdir/src/bin/*");
 
 	# Process each test
@@ -321,6 +324,36 @@ sub bincheck
 	return;
 }
 
+sub alltaptests
+{
+	InstallTemp();
+
+	my $mstat = 0;
+
+	# Find out all the existing TAP tests by looking for t/ directories
+	# in the tree.
+	my @tap_dirs = ();
+	my @top_dir = ($topdir);
+	File::Find::find(
+		{   wanted => sub {
+			/^t\z/s
+			  && $File::Find::name !~ /\/(kerberos|ldap|ssl|ssl_passphrase_callback)\// # opt-in: warn about these?
+			  && push(@tap_dirs, $File::Find::name);
+			}
+		},
+		@top_dir);
+
+	# Process each test
+	foreach my $test_path (@tap_dirs)
+	{
+		my $dir = dirname($test_path);
+		my $status = tap_check($dir);
+		$mstat ||= $status;
+	}
+	exit $mstat if $mstat;
+	return;
+}
+
 sub taptest
 {
 	my $dir = shift;
@@ -671,6 +704,7 @@ sub usage
 	print STDERR
 	  "Usage: vcregress.pl <mode> [<arg>]\n\n",
 	  "Options for <mode>:\n",
+	  "  alltaptests    run all tap tests (except kerberos, ldap, ssl, ssl_passphrase_callback)\n",
 	  "  bincheck       run tests of utilities in src/bin/\n",
 	  "  check          deploy instance and run regression tests on it\n",
 	  "  contribcheck   run tests of modules in contrib/\n",
@@ -688,6 +722,7 @@ sub usage
 	  "\nOptions for <arg>: (used by contribcheck and modulescheck)\n",
 	  "  install        also run tests which require a new instance\n",
 	  "\nOption for <arg>: for taptest\n",
-	  "  TEST_DIR       (required) directory where tests reside\n";
+	  "  TEST_DIR       (required) directory where tests reside\n",
+	  "  PROVE_FLAGS    flags to pass to prove\n";
 	exit(1);
 }
-- 
2.17.1


--mln0rGgUGuXEqmuI
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment; filename="0009-tmp-run-tap-tests-first.patch"



^ permalink  raw  reply  [nested|flat] 6+ messages in thread

* Re: Can a role have indirect ADMIN OPTION on another role?
@ 2023-09-06 17:33 Ashutosh Sharma <[email protected]>
  2023-09-06 18:50 ` Re: Can a role have indirect ADMIN OPTION on another role? Robert Haas <[email protected]>
  2023-09-06 22:13 ` Re: Can a role have indirect ADMIN OPTION on another role? David G. Johnston <[email protected]>
  0 siblings, 2 replies; 6+ messages in thread

From: Ashutosh Sharma @ 2023-09-06 17:33 UTC (permalink / raw)
  To: Robert Haas <[email protected]>; +Cc: pgsql-hackers

On Wed, Sep 6, 2023 at 9:03 PM Robert Haas <[email protected]> wrote:
>
> On Wed, Sep 6, 2023 at 11:14 AM Ashutosh Sharma <[email protected]> wrote:
> > In PG-16, I see that we have made a lot of changes in the area roles
> > and privileges. I have a question related to this and here is my
> > question:
> >
> > Let's say there is a roleA who creates roleB and then roleB creates
> > another role, say roleC. By design, A can administer B and B can
> > administer C. But, can A administer C although it has not created C?
>
> Ultimately, yes, because A can get access to all of B's privileges,
> which include administering C. However, A might or might not have B's
> privileges by default, depending on the value of createrole_self_grant
> in effect at the time when B was created. So, depending on the
> situation, A might (or might not) need to do something like GRANT
> roleB to roleA or SET ROLE roleB in order to be able to actually
> execute the administration commands in question.
>
> IMHO, it really couldn't reasonably work in any other way. Consider
> that A's right to administer B includes the right to change B's
> password. If the superuser wants users A and B that can't interfere
> with each other, the superuser should create both of those accounts
> themselves instead of letting one create the other.
>

Thank you for the clarification. This is very helpful.

Actually I have one more question. With this new design, assuming that
createrole_self_grant is set to 'set, inherit' in postgresql.conf and
if roleA creates roleB. So, in this case, roleA will inherit
permissions of roleB which means roleA will have access to objects
owned by roleB. But what if roleB doesn't want to give roleA access to
the certain objects it owns. As an example let's say that roleB
creates a table 't' and by default (with this setting) roleA will have
access to this table, but for some reason roleB does not want roleA to
have access to it. So what's the option for roleB? I've tried running
"revoke select on table t from roleA" but that doesn't seem to be
working. the only option that works is roleA himself set inherit
option on roleB to false - "grant roleB to roleA with inherit false;"

--
With Regards,
Ashutosh Sharma.






^ permalink  raw  reply  [nested|flat] 6+ messages in thread

* Re: Can a role have indirect ADMIN OPTION on another role?
  2023-09-06 17:33 Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
@ 2023-09-06 18:50 ` Robert Haas <[email protected]>
  2023-09-07 07:29   ` Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
  1 sibling, 1 reply; 6+ messages in thread

From: Robert Haas @ 2023-09-06 18:50 UTC (permalink / raw)
  To: Ashutosh Sharma <[email protected]>; +Cc: pgsql-hackers

On Wed, Sep 6, 2023 at 1:33 PM Ashutosh Sharma <[email protected]> wrote:
> Actually I have one more question. With this new design, assuming that
> createrole_self_grant is set to 'set, inherit' in postgresql.conf and
> if roleA creates roleB. So, in this case, roleA will inherit
> permissions of roleB which means roleA will have access to objects
> owned by roleB. But what if roleB doesn't want to give roleA access to
> the certain objects it owns. As an example let's say that roleB
> creates a table 't' and by default (with this setting) roleA will have
> access to this table, but for some reason roleB does not want roleA to
> have access to it. So what's the option for roleB? I've tried running
> "revoke select on table t from roleA" but that doesn't seem to be
> working. the only option that works is roleA himself set inherit
> option on roleB to false - "grant roleB to roleA with inherit false;"

It doesn't matter what roleB wants. roleA is strictly more powerful
than roleB and can do whatever they want to roleB or roleB's objects
regardless of how roleB feels about it.

In the same way, the superuser is strictly more powerful than either
roleA or roleB and can override any security control that either one
of them put in place.

Neither roleB nor roleA has any right to hide their data from the
superuser, and roleB has no right to hide data from roleA. It's a
hierarchy. If you're on top, you're in charge, and that's it.

Here again, it can't really meaningfully work in any other way.
Suppose you were to add a feature to allow roleB to hide data from
roleA. Given that roleA has the ability to change roleB's password,
how could that possibly work? When you give one user the ability to
administer another user, that includes the right to change that user's
password, change whether they can log in, drop the role, give the
privileges of that role to themselves or other users, and a whole
bunch of other super-powerful stuff. You can't really give someone
that level of power over another account and, at the same time, expect
the account being administered to be able to keep the more powerful
account from doing stuff. It just can't possibly work. If you want
roleB to be able to resist roleA, you have to give roleA less power.

-- 
Robert Haas
EDB: http://www.enterprisedb.com






^ permalink  raw  reply  [nested|flat] 6+ messages in thread

* Re: Can a role have indirect ADMIN OPTION on another role?
  2023-09-06 17:33 Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
  2023-09-06 18:50 ` Re: Can a role have indirect ADMIN OPTION on another role? Robert Haas <[email protected]>
@ 2023-09-07 07:29   ` Ashutosh Sharma <[email protected]>
  0 siblings, 0 replies; 6+ messages in thread

From: Ashutosh Sharma @ 2023-09-07 07:29 UTC (permalink / raw)
  To: Robert Haas <[email protected]>; +Cc: pgsql-hackers

On Thu, Sep 7, 2023 at 12:20 AM Robert Haas <[email protected]> wrote:
>
> On Wed, Sep 6, 2023 at 1:33 PM Ashutosh Sharma <[email protected]> wrote:
> > Actually I have one more question. With this new design, assuming that
> > createrole_self_grant is set to 'set, inherit' in postgresql.conf and
> > if roleA creates roleB. So, in this case, roleA will inherit
> > permissions of roleB which means roleA will have access to objects
> > owned by roleB. But what if roleB doesn't want to give roleA access to
> > the certain objects it owns. As an example let's say that roleB
> > creates a table 't' and by default (with this setting) roleA will have
> > access to this table, but for some reason roleB does not want roleA to
> > have access to it. So what's the option for roleB? I've tried running
> > "revoke select on table t from roleA" but that doesn't seem to be
> > working. the only option that works is roleA himself set inherit
> > option on roleB to false - "grant roleB to roleA with inherit false;"
>
> It doesn't matter what roleB wants. roleA is strictly more powerful
> than roleB and can do whatever they want to roleB or roleB's objects
> regardless of how roleB feels about it.
>
> In the same way, the superuser is strictly more powerful than either
> roleA or roleB and can override any security control that either one
> of them put in place.
>
> Neither roleB nor roleA has any right to hide their data from the
> superuser, and roleB has no right to hide data from roleA. It's a
> hierarchy. If you're on top, you're in charge, and that's it.
>
> Here again, it can't really meaningfully work in any other way.
> Suppose you were to add a feature to allow roleB to hide data from
> roleA. Given that roleA has the ability to change roleB's password,
> how could that possibly work? When you give one user the ability to
> administer another user, that includes the right to change that user's
> password, change whether they can log in, drop the role, give the
> privileges of that role to themselves or other users, and a whole
> bunch of other super-powerful stuff. You can't really give someone
> that level of power over another account and, at the same time, expect
> the account being administered to be able to keep the more powerful
> account from doing stuff. It just can't possibly work. If you want
> roleB to be able to resist roleA, you have to give roleA less power.
>

I agree with you. thank you once again.

--
With Regards,
Ashutosh Sharma.






^ permalink  raw  reply  [nested|flat] 6+ messages in thread

* Re: Can a role have indirect ADMIN OPTION on another role?
  2023-09-06 17:33 Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
@ 2023-09-06 22:13 ` David G. Johnston <[email protected]>
  2023-09-07 07:32   ` Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
  1 sibling, 1 reply; 6+ messages in thread

From: David G. Johnston @ 2023-09-06 22:13 UTC (permalink / raw)
  To: Ashutosh Sharma <[email protected]>; +Cc: Robert Haas <[email protected]>; pgsql-hackers

On Wed, Sep 6, 2023 at 1:55 PM Ashutosh Sharma <[email protected]>
wrote:

> But what if roleB doesn't want to give roleA access to
> the certain objects it owns.


Not doable - roleA can always pretend they are roleB one way or another
since roleA made roleB.

David J.


^ permalink  raw  reply  [nested|flat] 6+ messages in thread

* Re: Can a role have indirect ADMIN OPTION on another role?
  2023-09-06 17:33 Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
  2023-09-06 22:13 ` Re: Can a role have indirect ADMIN OPTION on another role? David G. Johnston <[email protected]>
@ 2023-09-07 07:32   ` Ashutosh Sharma <[email protected]>
  0 siblings, 0 replies; 6+ messages in thread

From: Ashutosh Sharma @ 2023-09-07 07:32 UTC (permalink / raw)
  To: David G. Johnston <[email protected]>; +Cc: Robert Haas <[email protected]>; pgsql-hackers

On Thu, Sep 7, 2023 at 3:43 AM David G. Johnston
<[email protected]> wrote:
>
> On Wed, Sep 6, 2023 at 1:55 PM Ashutosh Sharma <[email protected]> wrote:
>>
>> But what if roleB doesn't want to give roleA access to
>> the certain objects it owns.
>
>
> Not doable - roleA can always pretend they are roleB one way or another since roleA made roleB.
>

Okay. It makes sense. thanks.!

--
With Regards,
Ashutosh Sharma.






^ permalink  raw  reply  [nested|flat] 6+ messages in thread


end of thread, other threads:[~2023-09-07 07:32 UTC | newest]

Thread overview: 6+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2022-02-25 23:00 [PATCH 08/21] vcregress: add alltaptests Justin Pryzby <[email protected]>
2023-09-06 17:33 Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
2023-09-06 18:50 ` Re: Can a role have indirect ADMIN OPTION on another role? Robert Haas <[email protected]>
2023-09-07 07:29   ` Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>
2023-09-06 22:13 ` Re: Can a role have indirect ADMIN OPTION on another role? David G. Johnston <[email protected]>
2023-09-07 07:32   ` Re: Can a role have indirect ADMIN OPTION on another role? Ashutosh Sharma <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox