djrobstep/migra
1
1
Fork 0
mirror of https://github.com/djrobstep/migra.git synced 2024-09-11 13:56:05 +03:00
Code Issues Projects Releases Wiki Activity

rls fixes

Browse Source
This commit is contained in:
Robert Lechte 2020-06-16 19:51:30 +10:00
parent 7848a1d862
commit 9d4cbb17fb
9 changed files with 37 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
migra/changes.py
View File

@ -167,6 +167,9 @@ def get_table_changes(tables_from, tables_target, enums_from, enums_target):
statements.append(v.drop_statement)
for t, v in added.items():
statements.append(v.create_statement)
if v.rowsecurity:
rls_alter = v.alter_rls_statement
statements.append(rls_alter)
statements += get_enum_modifications(
tables_from, tables_target, enums_from, enums_target
)
@ -217,7 +220,7 @@ def get_table_changes(tables_from, tables_target, enums_from, enums_target):
if v.rowsecurity != before.rowsecurity:
rls_alter = v.alter_rls_statement
statements += [rls_alter]
statements.append(rls_alter)
return statements

2
pyproject.toml
View File

@ -14,7 +14,7 @@ python = "*"
sqlbag = "*"
six = "*"
# schemainspect = {path="../schemainspect"}
schemainspect = ">=0.1.1592273867"
schemainspect = ">=0.1.1592300770"
psycopg2-binary = { version="*", optional = true }
[tool.poetry.dev-dependencies]

2
tests/FIXTURES/rls/expected.sql
View File

@ -7,4 +7,4 @@ on "public"."accounts"
as restrictive
for all
to schemainspect_test_role
using (manager = CURRENT_USER);
using ((manager = CURRENT_USER));

1
tests/FIXTURES/rls2/a.sql Normal file
View File

@ -0,0 +1 @@
create table t();

0
tests/FIXTURES/rls2/additions.sql Normal file
View File

7
tests/FIXTURES/rls2/b.sql Normal file
View File

@ -0,0 +1,7 @@
CREATE TABLE example (
id SERIAL PRIMARY KEY,
name text NOT NULL
);
ALTER TABLE example ENABLE ROW LEVEL SECURITY;
CREATE POLICY example_all ON example FOR ALL
USING (true);

22
tests/FIXTURES/rls2/expected.sql Normal file
View File

@ -0,0 +1,22 @@
create sequence "public"."example_id_seq";
drop table "public"."t";
create table "public"."example" (
"id" integer not null default nextval('example_id_seq'::regclass),
"name" text not null
);
alter table "public"."example" enable row level security;
CREATE UNIQUE INDEX example_pkey ON public.example USING btree (id);
alter table "public"."example" add constraint "example_pkey" PRIMARY KEY using index "example_pkey";
create policy "example_all"
on "public"."example"
as permissive
for all
to public
using (true);

0
tests/FIXTURES/rls2/expected2.sql Normal file
View File

2
tests/test_migra.py
View File

@ -111,7 +111,7 @@ SELECT 1 FROM pg_roles WHERE rolname=:rolename
def test_rls():
for FIXTURE_NAME in ["rls"]:
for FIXTURE_NAME in ["rls", "rls2"]:
do_fixture_test(FIXTURE_NAME, with_privileges=True)