`GRANT OPTION` is not tested #1570

Open

Open

GRANT OPTION is not tested#1570

Task

opened

on Apr 23, 2025

Problem

GRANT OPTION is not tested on vault tests and some others:

postgres/nix/tests/expected/vault.out

Lines 28 to 37 in f670f7d

    
            schema |        object_name        |    grantee     | privilege_type  
        
           --------+---------------------------+----------------+---------------- 
        
            vault  | _crypto_aead_det_decrypt  | postgres       | EXECUTE 
        
            vault  | _crypto_aead_det_decrypt  | supabase_admin | EXECUTE 
        
            vault  | _crypto_aead_det_encrypt  | supabase_admin | EXECUTE 
        
            vault  | _crypto_aead_det_noncegen | supabase_admin | EXECUTE 
        
            vault  | create_secret             | postgres       | EXECUTE 
        
            vault  | create_secret             | supabase_admin | EXECUTE 
        
            vault  | decrypted_secrets         | postgres       | DELETE 
        
            vault  | decrypted_secrets         | postgres       | SELECT

For reference, GRANT OPTION is added like

grant select, delete, truncate, references on vault.secrets, vault.decrypted_secrets to postgres
with grant option;

Not testing this can cause regressions.

Solution

Add GRANT OPTION to all db object privilege tests.

Metadata

Assignees

No one assigned

Labels

No labels

No labels

Type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests