diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:17:33 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:17:33 +0000 |
commit | 5e45211a64149b3c659b90ff2de6fa982a5a93ed (patch) | |
tree | 739caf8c461053357daa9f162bef34516c7bf452 /src/test/regress/sql/security_label.sql | |
parent | Initial commit. (diff) | |
download | postgresql-15-5e45211a64149b3c659b90ff2de6fa982a5a93ed.tar.xz postgresql-15-5e45211a64149b3c659b90ff2de6fa982a5a93ed.zip |
Adding upstream version 15.5.upstream/15.5
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/test/regress/sql/security_label.sql')
-rw-r--r-- | src/test/regress/sql/security_label.sql | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/test/regress/sql/security_label.sql b/src/test/regress/sql/security_label.sql new file mode 100644 index 0000000..98e6a5f --- /dev/null +++ b/src/test/regress/sql/security_label.sql @@ -0,0 +1,45 @@ +-- +-- Test for facilities of security label +-- + +-- initial setups +SET client_min_messages TO 'warning'; + +DROP ROLE IF EXISTS regress_seclabel_user1; +DROP ROLE IF EXISTS regress_seclabel_user2; + +RESET client_min_messages; + +CREATE USER regress_seclabel_user1 WITH CREATEROLE; +CREATE USER regress_seclabel_user2; + +CREATE TABLE seclabel_tbl1 (a int, b text); +CREATE TABLE seclabel_tbl2 (x int, y text); +CREATE VIEW seclabel_view1 AS SELECT * FROM seclabel_tbl2; +CREATE FUNCTION seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql; +CREATE DOMAIN seclabel_domain AS text; + +ALTER TABLE seclabel_tbl1 OWNER TO regress_seclabel_user1; +ALTER TABLE seclabel_tbl2 OWNER TO regress_seclabel_user2; + +-- +-- Test of SECURITY LABEL statement without a plugin +-- +SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- fail +SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'classified'; -- fail +SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail +SECURITY LABEL ON TABLE seclabel_tbl3 IS 'unclassified'; -- fail + +SECURITY LABEL ON ROLE regress_seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL FOR 'dummy' ON ROLE regress_seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user1 IS '...invalid label...'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user3 IS 'unclassified'; -- fail + +-- clean up objects +DROP FUNCTION seclabel_four(); +DROP DOMAIN seclabel_domain; +DROP VIEW seclabel_view1; +DROP TABLE seclabel_tbl1; +DROP TABLE seclabel_tbl2; +DROP USER regress_seclabel_user1; +DROP USER regress_seclabel_user2; |