db_datawriter should have update privilege on sequences (babelfish-fo…

…r-postgresql#3210)

T-SQL allows member of db_datawriter to get next value from sequence.
Issues Resolved

Task: BABEL-5356

Signed-off-by: Shalini Lohia [email protected]

contrib/babelfishpg_tsql/src/dbcmds.c

@@ -1402,17 +1402,19 @@ grant_perms_to_dbreader_dbwriter_ddladmin(const uint16 dbid,
 	initStringInfo(&query);
 	appendStringInfo(&query, "GRANT SELECT ON ALL TABLES IN SCHEMA dummy TO dummy; ");
 	appendStringInfo(&query, "GRANT INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA dummy TO dummy; ");
+	appendStringInfo(&query, "GRANT UPDATE ON ALL SEQUENCES IN SCHEMA dummy TO dummy; ");
 	appendStringInfo(&query, "GRANT TRUNCATE ON ALL TABLES IN SCHEMA dummy TO dummy; ");
 	appendStringInfo(&query, "GRANT CREATE ON SCHEMA dummy TO dummy ; ");
 
 	/* Grant ALTER DEFAULT PRIVILEGES on schema owner and dbo user. */
 	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT SELECT ON TABLES TO dummy; ");
 	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT INSERT, UPDATE, DELETE ON TABLES TO dummy; ");
+	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT UPDATE ON SEQUENCES TO dummy; ");
 	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT TRUNCATE ON TABLES TO dummy; ");
 
 	stmt_list = raw_parser(query.data, RAW_PARSE_DEFAULT);
 
-	Assert(list_length(stmt_list) == 7);
+	Assert(list_length(stmt_list) == 9);
 
 	ScanKeyInit(&key,
 				Anum_namespace_ext_dbid,
@@ -1443,6 +1445,8 @@ grant_perms_to_dbreader_dbwriter_ddladmin(const uint16 dbid,
 		stmts = parsetree_nth_stmt(stmt_list, i++);
 		update_GrantStmt(stmts, schema_name, NULL, db_datawriter, NULL);
 		stmts = parsetree_nth_stmt(stmt_list, i++);
+		update_GrantStmt(stmts, schema_name, NULL, db_datawriter, NULL);
+		stmts = parsetree_nth_stmt(stmt_list, i++);
 		update_GrantStmt(stmts, schema_name, NULL, db_ddladmin, NULL);
 		stmts = parsetree_nth_stmt(stmt_list, i++);
 		update_GrantStmt(stmts, schema_name, NULL, db_ddladmin, NULL);
@@ -1452,6 +1456,8 @@ grant_perms_to_dbreader_dbwriter_ddladmin(const uint16 dbid,
 		stmts = parsetree_nth_stmt(stmt_list, i++);
 		update_AlterDefaultPrivilegesStmt(stmts, schema_name, schema_owner, dbo_user, db_datawriter, NULL);
 		stmts = parsetree_nth_stmt(stmt_list, i++);
+		update_AlterDefaultPrivilegesStmt(stmts, schema_name, schema_owner, dbo_user, db_datawriter, NULL);
+		stmts = parsetree_nth_stmt(stmt_list, i++);
 		update_AlterDefaultPrivilegesStmt(stmts, schema_name, schema_owner, dbo_user, db_ddladmin, NULL);
 
 		/* Run all subcommands */

contrib/babelfishpg_tsql/src/pltsql_utils.c

@@ -2527,7 +2527,7 @@ exec_database_roles_subcmds(const char *schema)
 	char		*schema_owner;
 	const char	*dbname = get_current_pltsql_db_name();
 	List		*stmt_list;
-	int 		expected_stmts = 4;
+	int 		expected_stmts = 5;
 	ListCell	*parsetree_item;
 	Node		*stmts;
 	int		i=0;
@@ -2550,6 +2550,7 @@ exec_database_roles_subcmds(const char *schema)
 	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT SELECT ON TABLES TO dummy; ");
 	/* Grant privileges to db_datawriter */
 	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT INSERT, UPDATE, DELETE ON TABLES TO dummy; ");
+	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT UPDATE ON SEQUENCES TO dummy; ");
 	/* Grant privileges to db_ddladmin */
 	appendStringInfo(&query, "ALTER DEFAULT PRIVILEGES FOR ROLE dummy, dummy IN SCHEMA dummy GRANT TRUNCATE ON TABLES TO dummy; ");
 	appendStringInfo(&query, "GRANT CREATE ON SCHEMA dummy TO dummy ; ");
@@ -2564,6 +2565,8 @@ exec_database_roles_subcmds(const char *schema)
 	stmts = parsetree_nth_stmt(stmt_list, i++);
 	update_AlterDefaultPrivilegesStmt(stmts, schema, schema_owner, dbo_role, db_datareader, NULL);
 
+	stmts = parsetree_nth_stmt(stmt_list, i++);
+	update_AlterDefaultPrivilegesStmt(stmts, schema, schema_owner, dbo_role, db_datawriter, NULL);
 	stmts = parsetree_nth_stmt(stmt_list, i++);
 	update_AlterDefaultPrivilegesStmt(stmts, schema, schema_owner, dbo_role, db_datawriter, NULL);
 

test/JDBC/expected/datareader_datawriter-vu-cleanup.out

@@ -40,6 +40,33 @@ void
 use db_roles_db1
 go
 
+drop sequence db_roles_schema_1.before_sq1;
+go
+
+drop sequence db_roles_schema_1.after_sq1;
+go
+
+drop sequence db_roles_schema_1.after_sq2;
+go
+
+drop sequence db_roles_schema_2.before_created_by_dbo_sq1;
+go
+
+drop sequence db_roles_schema_2.after_created_by_dbo_sq1;
+go
+
+drop sequence db_roles_schema_2.after_created_by_dbo_sq2;
+go
+
+drop sequence db_roles_schema_2.before_created_by_u2_sq1;
+go
+
+drop sequence db_roles_schema_2.after_created_by_u2_sq1;
+go
+
+drop sequence db_roles_schema_2.after_created_by_u2_sq2;
+go
+
 drop table db_roles_schema_1.before_t1;
 go
 

test/JDBC/expected/datareader_datawriter-vu-prepare.out

@@ -27,12 +27,18 @@ go
 create table db_roles_schema_1.before_t1(a int);
 go
 
+create sequence db_roles_schema_1.before_sq1 start with 1 increment by 1 ;
+go
+
 create view db_roles_schema_1.before_v1 as select 2;
 go
 
 create table db_roles_schema_2.before_created_by_dbo_t1(a int);
 go
 
+create sequence db_roles_schema_2.before_created_by_dbo_sq1 start with 1 increment by 1 ;
+go
+
 create view db_roles_schema_2.before_created_by_dbo_v1 as select 2;
 go
 
@@ -46,6 +52,9 @@ go
 create table db_roles_schema_2.before_created_by_u2_t1(a int);
 go
 
+create sequence db_roles_schema_2.before_created_by_u2_sq1 start with 1 increment by 1 ;
+go
+
 create view db_roles_schema_2.before_created_by_u2_v1 as select 2;
 go