MDB-32132: fix grantor selection for mdb_superuser#6
Merged
reshke merged 1 commit intoMDB_17_2_no_aqofrom Jan 17, 2025
Merged
Conversation
x4m
approved these changes
Jan 17, 2025
reshke
added a commit
that referenced
this pull request
Feb 7, 2025
reshke
added a commit
that referenced
this pull request
Feb 10, 2025
reshke
added a commit
that referenced
this pull request
Feb 11, 2025
reshke
added a commit
that referenced
this pull request
Feb 17, 2025
reshke
added a commit
that referenced
this pull request
Feb 18, 2025
reshke
added a commit
that referenced
this pull request
May 6, 2025
reshke
added a commit
that referenced
this pull request
Aug 4, 2025
reshke
added a commit
that referenced
this pull request
Aug 6, 2025
reshke
added a commit
that referenced
this pull request
Aug 6, 2025
reshke
added a commit
that referenced
this pull request
Aug 10, 2025
reshke
added a commit
that referenced
this pull request
Aug 11, 2025
reshke
added a commit
that referenced
this pull request
Aug 12, 2025
reshke
added a commit
that referenced
this pull request
Sep 11, 2025
reshke
added a commit
that referenced
this pull request
Sep 15, 2025
reshke
added a commit
that referenced
this pull request
Sep 23, 2025
reshke
added a commit
that referenced
this pull request
Nov 7, 2025
reshke
added a commit
that referenced
this pull request
Nov 7, 2025
reshke
added a commit
that referenced
this pull request
Nov 13, 2025
reshke
added a commit
that referenced
this pull request
Nov 13, 2025
reshke
added a commit
that referenced
this pull request
Dec 8, 2025
reshke
added a commit
that referenced
this pull request
Jan 31, 2026
reshke
added a commit
that referenced
this pull request
Jan 31, 2026
reshke
added a commit
that referenced
this pull request
Jan 31, 2026
reshke
added a commit
that referenced
this pull request
Feb 6, 2026
reshke
added a commit
that referenced
this pull request
Feb 6, 2026
reshke
added a commit
that referenced
this pull request
Feb 9, 2026
reshke
added a commit
that referenced
this pull request
Feb 9, 2026
reshke
added a commit
that referenced
this pull request
Feb 9, 2026
reshke
added a commit
that referenced
this pull request
Feb 9, 2026
reshke
added a commit
that referenced
this pull request
Feb 10, 2026
reshke
added a commit
that referenced
this pull request
Feb 10, 2026
reshke
added a commit
that referenced
this pull request
Feb 24, 2026
reshke
added a commit
that referenced
this pull request
Feb 24, 2026
reshke
added a commit
that referenced
this pull request
Feb 25, 2026
reshke
added a commit
that referenced
this pull request
Feb 25, 2026
reshke
added a commit
that referenced
this pull request
Feb 25, 2026
reshke
added a commit
that referenced
this pull request
Feb 25, 2026
reshke
added a commit
that referenced
this pull request
Feb 25, 2026
reshke
added a commit
that referenced
this pull request
Feb 25, 2026
This commit introduces new mdb internal role mdb_superuser. Role is capaple of: GRANT/REVOKE any set of priviledges to/from any object in database. Has power of pg_database_owner in any database, including: DROP any object in database (except system catalog and stuff) Role is NOT capaple of: Create database, role, extension or alter other roles with such priviledges. Transfer ownership to /pass has_priv of roles: PG_READ_ALL_DATA PG_WRITE_ALL_DATA PG_EXECUTE_SERVER_PROGRAM PG_READ_SERVER_FILES PG_WRITE_SERVER_FILES Fix configure.ac USE_MDBLOCALES option handling Apply autoreconf stuff Set missing ok parameter ito true while acquiring mdb_superuser oid In regress tests, nobody creates mdb_superuser role, so missing ok is fine Fix spelling Applied suggestion Allow mdb_superuser to have power of pg_database_owner Allow mdb_superuser to alter objects and grant ACl to objects, owned by pg_database_owner. Also, when acl check, allow mdb_superuser use pg_database_owner role power to pass check regression test fixes MDB-32132: fix grantor selection for mdb_superuser (#6)
reshke
added a commit
that referenced
this pull request
Apr 1, 2026
reshke
added a commit
that referenced
this pull request
Apr 2, 2026
reshke
added a commit
that referenced
this pull request
Apr 2, 2026
This commit introduces new mdb internal role mdb_superuser. Role is capaple of: GRANT/REVOKE any set of priviledges to/from any object in database. Has power of pg_database_owner in any database, including: DROP any object in database (except system catalog and stuff) Role is NOT capaple of: Create database, role, extension or alter other roles with such priviledges. Transfer ownership to /pass has_priv of roles: PG_READ_ALL_DATA PG_WRITE_ALL_DATA PG_EXECUTE_SERVER_PROGRAM PG_READ_SERVER_FILES PG_WRITE_SERVER_FILES Fix configure.ac USE_MDBLOCALES option handling Apply autoreconf stuff Set missing ok parameter ito true while acquiring mdb_superuser oid In regress tests, nobody creates mdb_superuser role, so missing ok is fine Fix spelling Applied suggestion Allow mdb_superuser to have power of pg_database_owner Allow mdb_superuser to alter objects and grant ACl to objects, owned by pg_database_owner. Also, when acl check, allow mdb_superuser use pg_database_owner role power to pass check regression test fixes MDB-32132: fix grantor selection for mdb_superuser (#6)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.