Skip to content

Commit fb6acfd

Browse files
committed
Add test for minimum required permissions
1 parent f09abf0 commit fb6acfd

1 file changed

Lines changed: 53 additions & 0 deletions

File tree

tests/test_repack.py

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1822,3 +1822,56 @@ def test_user_without_referred_table_references_privilege(
18221822
cur=cur,
18231823
schema=schema,
18241824
)
1825+
1826+
1827+
def test_user_with_bare_minimum_permissions(connection: _psycopg.Connection) -> None:
1828+
schema = "sweet_schema"
1829+
with connection.cursor() as cur:
1830+
cur.execute(f"CREATE SCHEMA {schema};")
1831+
cur.execute(f"REVOKE CREATE ON SCHEMA {schema} FROM PUBLIC;")
1832+
factories.create_table_for_repacking(
1833+
connection=connection,
1834+
cur=cur,
1835+
table_name="to_repack",
1836+
rows=10,
1837+
schema=schema,
1838+
)
1839+
table_before = _collect_table_info(
1840+
table="to_repack",
1841+
connection=connection,
1842+
schema=schema,
1843+
)
1844+
cur.execute("DROP USER IF EXISTS sweet_user;")
1845+
cur.execute("CREATE USER sweet_user;")
1846+
cur.execute("GRANT CREATE, USAGE ON SCHEMA sweet_schema TO sweet_user;")
1847+
cur.execute("ALTER TABLE sweet_schema.to_repack OWNER TO sweet_user;")
1848+
cur.execute("ALTER TABLE sweet_schema.referring_table OWNER TO sweet_user;")
1849+
cur.execute(
1850+
"ALTER TABLE sweet_schema.not_valid_referring_table OWNER TO sweet_user;"
1851+
)
1852+
cur.execute(
1853+
"GRANT REFERENCES ON TABLE sweet_schema.referred_table TO sweet_user;"
1854+
)
1855+
cur.execute(
1856+
"GRANT REFERENCES ON TABLE sweet_schema.not_valid_referred_table TO sweet_user;"
1857+
)
1858+
cur.execute("SET ROLE sweet_user;")
1859+
repack = Repack(
1860+
table="to_repack",
1861+
batch_size=1,
1862+
conn=connection,
1863+
cur=cur,
1864+
schema=schema,
1865+
)
1866+
repack.full()
1867+
table_after = _collect_table_info(
1868+
table="to_repack",
1869+
connection=connection,
1870+
schema=schema,
1871+
)
1872+
_assert_repack(
1873+
table_before=table_before,
1874+
table_after=table_after,
1875+
repack=repack,
1876+
cur=cur,
1877+
)

0 commit comments

Comments
 (0)