Skip to content

Commit cb4f1be

Browse files
danielgustafssondanielgustafsson
committed
Revert b2a459e "Fix GRANTED BY support in REVOKE ROLE statements"
The reverted commit attempted to fix SQL specification compliance for the cases which 6aaaa76 left. This however broke existing behavior which takes precedence over spec compliance so revert. The introduced tests are left after the revert since the codepath isn't well covered. Per bug report 17346. Backpatch down to 14 where it was introduced. Reported-by: Andrew Bille <andrewbille@gmail.com> Discussion: https://postgr.es/m/17346-f72b28bd1a341060@postgresql.org
1 parent f7d7ac2 commit cb4f1be

File tree

3 files changed

+0
-15
lines changed

3 files changed

+0
-15
lines changed

src/backend/commands/user.c

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1319,18 +1319,7 @@ GrantRole(GrantRoleStmt *stmt)
13191319
ListCell *item;
13201320

13211321
if (stmt->grantor)
1322-
{
13231322
grantor = get_rolespec_oid(stmt->grantor, false);
1324-
1325-
/*
1326-
* Currently, this clause is only for SQL compatibility, not very
1327-
* interesting otherwise.
1328-
*/
1329-
if (grantor != GetUserId())
1330-
ereport(ERROR,
1331-
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1332-
errmsg("grantor must be current user")));
1333-
}
13341323
else
13351324
grantor = GetUserId();
13361325

src/backend/parser/gram.y

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7181,7 +7181,6 @@ RevokeRoleStmt:
71817181
n->admin_opt = false;
71827182
n->granted_roles = $2;
71837183
n->grantee_roles = $4;
7184-
n->grantor = $5;
71857184
n->behavior = $6;
71867185
$$ = (Node*)n;
71877186
}
@@ -7192,7 +7191,6 @@ RevokeRoleStmt:
71927191
n->admin_opt = true;
71937192
n->granted_roles = $5;
71947193
n->grantee_roles = $7;
7195-
n->grantor = $8;
71967194
n->behavior = $9;
71977195
$$ = (Node*)n;
71987196
}

src/test/regress/expected/privileges.out

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -47,9 +47,7 @@ ALTER FUNCTION leak(integer,integer) OWNER TO regress_priv_user1;
4747
-- test owner privileges
4848
GRANT regress_priv_role TO regress_priv_user1 WITH ADMIN OPTION GRANTED BY CURRENT_ROLE;
4949
REVOKE ADMIN OPTION FOR regress_priv_role FROM regress_priv_user1 GRANTED BY foo; -- error
50-
ERROR: role "foo" does not exist
5150
REVOKE ADMIN OPTION FOR regress_priv_role FROM regress_priv_user1 GRANTED BY regress_priv_user2; -- error
52-
ERROR: grantor must be current user
5351
REVOKE ADMIN OPTION FOR regress_priv_role FROM regress_priv_user1 GRANTED BY CURRENT_USER;
5452
REVOKE regress_priv_role FROM regress_priv_user1 GRANTED BY CURRENT_ROLE;
5553
DROP ROLE regress_priv_role;

0 commit comments

Comments
 (0)