Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role - Mailing list pgsql-bugs
From | Tom Lane |
---|---|
Subject | Re: BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role |
Date | |
Msg-id | 1285021.1624045994@sss.pgh.pa.us Whole thread Raw |
In response to | BUG #17062: Assert failed in RemoveRoleFromObjectPolicy() on DROP OWNED policy applied to duplicate role (PG Bug reporting form <noreply@postgresql.org>) |
List | pgsql-bugs |
Here's a stop-the-bleeding patch that just gets rid of the assertion failure and the tuple-updated-by-self problem. I think this is reasonable to slip in for beta2, although the other issues we mentioned seem to require more thought. (For ease of review, I've not re-pgindented.) regards, tom lane diff --git a/src/backend/commands/policy.c b/src/backend/commands/policy.c index 5d469309ce..abb6c66316 100644 --- a/src/backend/commands/policy.c +++ b/src/backend/commands/policy.c @@ -18,6 +18,7 @@ #include "access/relation.h" #include "access/sysattr.h" #include "access/table.h" +#include "access/xact.h" #include "catalog/catalog.h" #include "catalog/dependency.h" #include "catalog/indexing.h" @@ -425,7 +426,6 @@ RemoveRoleFromObjectPolicy(Oid roleid, Oid classid, Oid policy_id) Oid relid; Relation rel; ArrayType *policy_roles; - int num_roles; Datum roles_datum; bool attr_isnull; bool noperm = true; @@ -481,11 +481,6 @@ RemoveRoleFromObjectPolicy(Oid roleid, Oid classid, Oid policy_id) policy_roles = DatumGetArrayTypePCopy(roles_datum); - /* We should be removing exactly one entry from the roles array */ - num_roles = ARR_DIMS(policy_roles)[0] - 1; - - Assert(num_roles >= 0); - /* Must own relation. */ if (pg_class_ownercheck(relid, GetUserId())) noperm = false; /* user is allowed to modify this policy */ @@ -497,15 +492,13 @@ RemoveRoleFromObjectPolicy(Oid roleid, Oid classid, Oid policy_id) NameStr(((Form_pg_policy) GETSTRUCT(tuple))->polname), RelationGetRelationName(rel)))); - /* - * If multiple roles exist on this policy, then remove the one we were - * asked to and leave the rest. - */ - if (!noperm && num_roles > 0) + /* Skip the rest if we lack permissions. */ + if (!noperm) { int i, j; Oid *roles = (Oid *) ARR_DATA_PTR(policy_roles); + int num_roles = ARR_DIMS(policy_roles)[0]; Datum *role_oids; char *qual_value; Node *qual_expr; @@ -582,16 +575,22 @@ RemoveRoleFromObjectPolicy(Oid roleid, Oid classid, Oid policy_id) else with_check_qual = NULL; - /* Rebuild the roles array to then update the pg_policy tuple with */ + /* + * Rebuild the roles array, without any mentions of the target role. + * Ordinarily there'd be exactly one, but we must cope with duplicate + * mentions, since CREATE/ALTER POLICY historically have allowed that. + */ role_oids = (Datum *) palloc(num_roles * sizeof(Datum)); - for (i = 0, j = 0; i < ARR_DIMS(policy_roles)[0]; i++) - /* Copy over all of the roles which are not the one being removed */ + for (i = 0, j = 0; i < num_roles; i++) + { if (roles[i] != roleid) role_oids[j++] = ObjectIdGetDatum(roles[i]); + } + num_roles = j; - /* We should have only removed the one role */ - Assert(j == num_roles); - + /* If no roles remain, we have to drop the policy instead. */ + if (num_roles > 0) + { /* This is the array for the new tuple */ role_ids = construct_array(role_oids, num_roles, OIDOID, sizeof(Oid), true, TYPALIGN_INT); @@ -646,8 +645,15 @@ RemoveRoleFromObjectPolicy(Oid roleid, Oid classid, Oid policy_id) heap_freetuple(new_tuple); + /* Make updates visible */ + CommandCounterIncrement(); + /* Invalidate Relation Cache */ CacheInvalidateRelcache(rel); + + /* Report that policy should not be dropped */ + noperm = true; + } } /* Clean up. */ @@ -657,7 +663,7 @@ RemoveRoleFromObjectPolicy(Oid roleid, Oid classid, Oid policy_id) table_close(pg_policy_rel, RowExclusiveLock); - return (noperm || num_roles > 0); + return noperm; } /*
pgsql-bugs by date: