<entry><type>text[]</type></entry>
<entry></entry>
<entry>
- User mapping specific options, as <quote>keyword=value</>
- strings. This column will show as null unless the current user
- is the user being mapped, or the mapping is for
- <literal>PUBLIC</literal> and the current user is the server
- owner, or the current user is a superuser. The intent is
- to protect password information stored as user mapping option.
+ User mapping specific options, as <quote>keyword=value</> strings
</entry>
</row>
</tbody>
</tgroup>
</table>
+
+ <para>
+ To protect password information stored as a user mapping option,
+ the <structfield>umoptions</structfield> column will read as null
+ unless one of the following applies:
+ <itemizedlist>
+ <listitem>
+ <para>
+ current user is the user being mapped, and owns the server or
+ holds <literal>USAGE</> privilege on it
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ current user is the server owner and mapping is for <literal>PUBLIC</>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ current user is a superuser
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+
</sect1>
ELSE
A.rolname
END AS usename,
- CASE WHEN (U.umuser <> 0 AND A.rolname = current_user)
+ CASE WHEN (U.umuser <> 0 AND A.rolname = current_user
+ AND (pg_has_role(S.srvowner, 'USAGE')
+ OR has_server_privilege(S.oid, 'USAGE')))
OR (U.umuser = 0 AND pg_has_role(S.srvowner, 'USAGE'))
OR (SELECT rolsuper FROM pg_authid WHERE rolname = current_user)
THEN U.umoptions
ALTER SERVER s9 VERSION '1.1';
GRANT USAGE ON FOREIGN SERVER s9 TO regress_test_role;
CREATE USER MAPPING FOR current_user SERVER s9;
+-- We use terse mode to avoid ordering issues in cascade detail output.
+\set VERBOSITY terse
DROP SERVER s9 CASCADE;
NOTICE: drop cascades to 2 other objects
-DETAIL: drop cascades to user mapping for public on server s9
-drop cascades to user mapping for unprivileged_role on server s9
+\set VERBOSITY default
RESET ROLE;
CREATE SERVER s9 FOREIGN DATA WRAPPER foo;
GRANT USAGE ON FOREIGN SERVER s9 TO unprivileged_role;
SET ROLE regress_test_role;
CREATE SERVER s10 FOREIGN DATA WRAPPER foo;
CREATE USER MAPPING FOR public SERVER s10 OPTIONS (user 'secret');
-GRANT USAGE ON FOREIGN SERVER s10 TO unprivileged_role;
--- owner of server can see option fields
+CREATE USER MAPPING FOR unprivileged_role SERVER s10 OPTIONS (user 'secret');
+-- owner of server can see some option fields
\deu+
List of user mappings
Server | User name | FDW Options
--------+-------------------+-------------------
s10 | public | ("user" 'secret')
+ s10 | unprivileged_role |
s4 | foreign_data_user |
s5 | regress_test_role | (modified '1')
s6 | regress_test_role |
s8 | public |
s9 | unprivileged_role |
t1 | public | (modified '1')
-(8 rows)
+(9 rows)
RESET ROLE;
--- superuser can see option fields
+-- superuser can see all option fields
\deu+
List of user mappings
Server | User name | FDW Options
--------+-------------------+---------------------
s10 | public | ("user" 'secret')
+ s10 | unprivileged_role | ("user" 'secret')
s4 | foreign_data_user |
s5 | regress_test_role | (modified '1')
s6 | regress_test_role |
s8 | public |
s9 | unprivileged_role |
t1 | public | (modified '1')
-(8 rows)
+(9 rows)
--- unprivileged user cannot see option fields
+-- unprivileged user cannot see any option field
SET ROLE unprivileged_role;
\deu+
List of user mappings
Server | User name | FDW Options
--------+-------------------+-------------
s10 | public |
+ s10 | unprivileged_role |
s4 | foreign_data_user |
s5 | regress_test_role |
s6 | regress_test_role |
s8 | public |
s9 | unprivileged_role |
t1 | public |
-(8 rows)
+(9 rows)
RESET ROLE;
+\set VERBOSITY terse
DROP SERVER s10 CASCADE;
-NOTICE: drop cascades to user mapping for public on server s10
+NOTICE: drop cascades to 2 other objects
+\set VERBOSITY default
-- DROP FOREIGN TABLE
DROP FOREIGN TABLE no_table; -- ERROR
ERROR: foreign table "no_table" does not exist
DROP SERVER t1 CASCADE;
NOTICE: drop cascades to user mapping for public on server t1
DROP USER MAPPING FOR regress_test_role SERVER s6;
--- This test causes some order dependent cascade detail output,
--- so switch to terse mode for it.
\set VERBOSITY terse
DROP FOREIGN DATA WRAPPER foo CASCADE;
NOTICE: drop cascades to 5 other objects
-\set VERBOSITY default
DROP SERVER s8 CASCADE;
NOTICE: drop cascades to 2 other objects
-DETAIL: drop cascades to user mapping for foreign_data_user on server s8
-drop cascades to user mapping for public on server s8
+\set VERBOSITY default
DROP ROLE regress_test_indirect;
DROP ROLE regress_test_role;
DROP ROLE unprivileged_role; -- ERROR
pg_timezone_abbrevs | SELECT pg_timezone_abbrevs.abbrev, pg_timezone_abbrevs.utc_offset, pg_timezone_abbrevs.is_dst FROM pg_timezone_abbrevs() pg_timezone_abbrevs(abbrev, utc_offset, is_dst);
pg_timezone_names | SELECT pg_timezone_names.name, pg_timezone_names.abbrev, pg_timezone_names.utc_offset, pg_timezone_names.is_dst FROM pg_timezone_names() pg_timezone_names(name, abbrev, utc_offset, is_dst);
pg_user | SELECT pg_shadow.usename, pg_shadow.usesysid, pg_shadow.usecreatedb, pg_shadow.usesuper, pg_shadow.usecatupd, pg_shadow.userepl, '********'::text AS passwd, pg_shadow.valuntil, pg_shadow.useconfig FROM pg_shadow;
- pg_user_mappings | SELECT u.oid AS umid, s.oid AS srvid, s.srvname, u.umuser, CASE WHEN (u.umuser = (0)::oid) THEN 'public'::name ELSE a.rolname END AS usename, CASE WHEN ((((u.umuser <> (0)::oid) AND (a.rolname = "current_user"())) OR ((u.umuser = (0)::oid) AND pg_has_role(s.srvowner, 'USAGE'::text))) OR (SELECT pg_authid.rolsuper FROM pg_authid WHERE (pg_authid.rolname = "current_user"()))) THEN u.umoptions ELSE NULL::text[] END AS umoptions FROM ((pg_user_mapping u LEFT JOIN pg_authid a ON ((a.oid = u.umuser))) JOIN pg_foreign_server s ON ((u.umserver = s.oid)));
+ pg_user_mappings | SELECT u.oid AS umid, s.oid AS srvid, s.srvname, u.umuser, CASE WHEN (u.umuser = (0)::oid) THEN 'public'::name ELSE a.rolname END AS usename, CASE WHEN (((((u.umuser <> (0)::oid) AND (a.rolname = "current_user"())) AND (pg_has_role(s.srvowner, 'USAGE'::text) OR has_server_privilege(s.oid, 'USAGE'::text))) OR ((u.umuser = (0)::oid) AND pg_has_role(s.srvowner, 'USAGE'::text))) OR (SELECT pg_authid.rolsuper FROM pg_authid WHERE (pg_authid.rolname = "current_user"()))) THEN u.umoptions ELSE NULL::text[] END AS umoptions FROM ((pg_user_mapping u LEFT JOIN pg_authid a ON ((a.oid = u.umuser))) JOIN pg_foreign_server s ON ((u.umserver = s.oid)));
pg_views | SELECT n.nspname AS schemaname, c.relname AS viewname, pg_get_userbyid(c.relowner) AS viewowner, pg_get_viewdef(c.oid) AS definition FROM (pg_class c LEFT JOIN pg_namespace n ON ((n.oid = c.relnamespace))) WHERE (c.relkind = 'v'::"char");
rtest_v1 | SELECT rtest_t1.a, rtest_t1.b FROM rtest_t1;
rtest_vcomp | SELECT x.part, (x.size * y.factor) AS size_in_cm FROM rtest_comp x, rtest_unitfact y WHERE (x.unit = y.unit);
ALTER SERVER s9 VERSION '1.1';
GRANT USAGE ON FOREIGN SERVER s9 TO regress_test_role;
CREATE USER MAPPING FOR current_user SERVER s9;
+-- We use terse mode to avoid ordering issues in cascade detail output.
+\set VERBOSITY terse
DROP SERVER s9 CASCADE;
+\set VERBOSITY default
RESET ROLE;
CREATE SERVER s9 FOREIGN DATA WRAPPER foo;
GRANT USAGE ON FOREIGN SERVER s9 TO unprivileged_role;
SET ROLE regress_test_role;
CREATE SERVER s10 FOREIGN DATA WRAPPER foo;
CREATE USER MAPPING FOR public SERVER s10 OPTIONS (user 'secret');
-GRANT USAGE ON FOREIGN SERVER s10 TO unprivileged_role;
--- owner of server can see option fields
+CREATE USER MAPPING FOR unprivileged_role SERVER s10 OPTIONS (user 'secret');
+-- owner of server can see some option fields
\deu+
RESET ROLE;
--- superuser can see option fields
+-- superuser can see all option fields
\deu+
--- unprivileged user cannot see option fields
+-- unprivileged user cannot see any option field
SET ROLE unprivileged_role;
\deu+
RESET ROLE;
+\set VERBOSITY terse
DROP SERVER s10 CASCADE;
+\set VERBOSITY default
-- DROP FOREIGN TABLE
DROP FOREIGN TABLE no_table; -- ERROR
DROP ROLE regress_test_role; -- ERROR
DROP SERVER t1 CASCADE;
DROP USER MAPPING FOR regress_test_role SERVER s6;
--- This test causes some order dependent cascade detail output,
--- so switch to terse mode for it.
\set VERBOSITY terse
DROP FOREIGN DATA WRAPPER foo CASCADE;
-\set VERBOSITY default
DROP SERVER s8 CASCADE;
+\set VERBOSITY default
DROP ROLE regress_test_indirect;
DROP ROLE regress_test_role;
DROP ROLE unprivileged_role; -- ERROR
projects / postgresql.git / commitdiff