tandem
/
numerus
2
0
Fork 0
Code Issues 39 Pull Requests Packages Projects 1 Releases 1 Wiki Activity

Remove execution grant on build_cookie to guest 

There is no need for a guest to build any cookie, since they have none.
This commit is contained in:
jordi fita mas 2023-01-23 21:40:22 +01:00
parent 5eeaab2013
commit 56d149e211
2 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
deploy/build_cookie.sql
View File

@ -15,7 +15,6 @@ language sql
stable; stable;
revoke execute on function build_cookie(email, text) from public; revoke execute on function build_cookie(email, text) from public;
grant execute on function build_cookie(email, text) to guest;
grant execute on function build_cookie(email, text) to invoicer; grant execute on function build_cookie(email, text) to invoicer;
grant execute on function build_cookie(email, text) to admin; grant execute on function build_cookie(email, text) to admin;

8
test/build_cookie.sql
View File

@ -14,7 +14,7 @@ select function_lang_is('numerus', 'build_cookie', array ['email', 'text'], 'sql
select function_returns('numerus', 'build_cookie', array ['email', 'text'], 'text'); select function_returns('numerus', 'build_cookie', array ['email', 'text'], 'text');
select isnt_definer('numerus', 'build_cookie', array ['email', 'text']); select isnt_definer('numerus', 'build_cookie', array ['email', 'text']);
select volatility_is('numerus', 'build_cookie', array ['email', 'text'], 'stable'); select volatility_is('numerus', 'build_cookie', array ['email', 'text'], 'stable');
select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'guest', array ['EXECUTE']); select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'guest', array []::text[]);
select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'invoicer', array ['EXECUTE']); select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'invoicer', array ['EXECUTE']);
select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'admin', array ['EXECUTE']); select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'admin', array ['EXECUTE']);
select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'authenticator', array []::text[]); select function_privs_are('numerus', 'build_cookie', array ['email', 'text'], 'authenticator', array []::text[]);
@ -35,6 +35,7 @@ select is(
); );
select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog'); select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog');
reset role;
select is( select is(
build_cookie(), build_cookie(),
@ -42,9 +43,9 @@ select is(
'Should build the cookie for the logged in user' 'Should build the cookie for the logged in user'
); );
reset role;
select set_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog'); select set_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog');
reset role;
select is( select is(
build_cookie(), build_cookie(),
@ -52,9 +53,9 @@ select is(
'Should build the cookie for the other logged in user' 'Should build the cookie for the other logged in user'
); );
reset role;
select set_cookie('ashtasth'); select set_cookie('ashtasth');
reset role;
select is( select is(
build_cookie(), build_cookie(),
@ -62,7 +63,6 @@ select is(
'Should build the cookie for the guest user' 'Should build the cookie for the guest user'
); );
reset role;
select * select *
from finish(); from finish();