Closed gonzaloriestra closed 4 years ago
Default privileges granted for functions are not the same as for other objects in postgres. As stated in the documentation (https://www.postgresql.org/docs/9.6/sql-grant.html):
PostgreSQL grants default privileges on some types of objects to PUBLIC. No privileges are granted to PUBLIC by default on tables, table columns, sequences, foreign data wrappers, foreign servers, large objects, schemas, or tablespaces. For other types of objects, the default privileges granted to PUBLIC are as follows: CONNECT and TEMPORARY (create temporary tables) privileges for databases; EXECUTE privilege for functions; and USAGE privilege for languages and data types (including domains).
I updated the expected results of the tests to reflect this (the event trigger function can be executed publicly). However, if extra security is preferred we should explicitly limit the execute privileges of this trigger function to mimic the other objects' behavior (and change back the tests accordingly). @gonzaloriestra
@esloho Nice. I think there's no need to change the default behavior.
But now we are testing that it doesn't raise an error when executing and that it allows the ownership role to drop it, which is ok, but we should also check that other roles can't do it:
we should also check that other roles can't do it:
- Without trigger: only the creator role can drop.
- With trigger: only the ownership role can drop.
Agree, uses cases added :)
Related to: https://github.com/CartoDB/cartodb/issues/15160