diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 13:44:03 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 13:44:03 +0000 |
commit | 293913568e6a7a86fd1479e1cff8e2ecb58d6568 (patch) | |
tree | fc3b469a3ec5ab71b36ea97cc7aaddb838423a0c /src/test/regress/sql/security_label.sql | |
parent | Initial commit. (diff) | |
download | postgresql-16-293913568e6a7a86fd1479e1cff8e2ecb58d6568.tar.xz postgresql-16-293913568e6a7a86fd1479e1cff8e2ecb58d6568.zip |
Adding upstream version 16.2.upstream/16.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/test/regress/sql/security_label.sql')
-rw-r--r-- | src/test/regress/sql/security_label.sql | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/test/regress/sql/security_label.sql b/src/test/regress/sql/security_label.sql new file mode 100644 index 0000000..98e6a5f --- /dev/null +++ b/src/test/regress/sql/security_label.sql @@ -0,0 +1,45 @@ +-- +-- Test for facilities of security label +-- + +-- initial setups +SET client_min_messages TO 'warning'; + +DROP ROLE IF EXISTS regress_seclabel_user1; +DROP ROLE IF EXISTS regress_seclabel_user2; + +RESET client_min_messages; + +CREATE USER regress_seclabel_user1 WITH CREATEROLE; +CREATE USER regress_seclabel_user2; + +CREATE TABLE seclabel_tbl1 (a int, b text); +CREATE TABLE seclabel_tbl2 (x int, y text); +CREATE VIEW seclabel_view1 AS SELECT * FROM seclabel_tbl2; +CREATE FUNCTION seclabel_four() RETURNS integer AS $$SELECT 4$$ language sql; +CREATE DOMAIN seclabel_domain AS text; + +ALTER TABLE seclabel_tbl1 OWNER TO regress_seclabel_user1; +ALTER TABLE seclabel_tbl2 OWNER TO regress_seclabel_user2; + +-- +-- Test of SECURITY LABEL statement without a plugin +-- +SECURITY LABEL ON TABLE seclabel_tbl1 IS 'classified'; -- fail +SECURITY LABEL FOR 'dummy' ON TABLE seclabel_tbl1 IS 'classified'; -- fail +SECURITY LABEL ON TABLE seclabel_tbl1 IS '...invalid label...'; -- fail +SECURITY LABEL ON TABLE seclabel_tbl3 IS 'unclassified'; -- fail + +SECURITY LABEL ON ROLE regress_seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL FOR 'dummy' ON ROLE regress_seclabel_user1 IS 'classified'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user1 IS '...invalid label...'; -- fail +SECURITY LABEL ON ROLE regress_seclabel_user3 IS 'unclassified'; -- fail + +-- clean up objects +DROP FUNCTION seclabel_four(); +DROP DOMAIN seclabel_domain; +DROP VIEW seclabel_view1; +DROP TABLE seclabel_tbl1; +DROP TABLE seclabel_tbl2; +DROP USER regress_seclabel_user1; +DROP USER regress_seclabel_user2; |