From 25be7f1867e9a4ab35fce368723b9cac3c7919a6 Mon Sep 17 00:00:00 2001 From: Shahid Ullah Date: Sat, 19 Apr 2025 00:04:57 +0500 Subject: [PATCH 1/2] [PG-1545] Update test case to cover this scenario --- contrib/pg_tde/expected/access_control.out | 6 ++++++ contrib/pg_tde/sql/access_control.sql | 1 + 2 files changed, 7 insertions(+) diff --git a/contrib/pg_tde/expected/access_control.out b/contrib/pg_tde/expected/access_control.out index c6a5594bc9bf9..aba529c212fa3 100644 --- a/contrib/pg_tde/expected/access_control.out +++ b/contrib/pg_tde/expected/access_control.out @@ -19,6 +19,12 @@ SELECT pg_tde_grant_key_viewer_to_role('regress_pg_tde_access_control'); (1 row) +select pg_tde_grant_grant_management_to_role('regress_pg_tde_access_control'); + pg_tde_grant_grant_management_to_role +--------------------------------------- + +(1 row) + SET ROLE regress_pg_tde_access_control; -- should now be allowed SELECT pg_tde_add_database_key_provider_file('file-vault', '/tmp/pg_tde_test_keyring.per'); diff --git a/contrib/pg_tde/sql/access_control.sql b/contrib/pg_tde/sql/access_control.sql index f992304b1b590..274f831fb9397 100644 --- a/contrib/pg_tde/sql/access_control.sql +++ b/contrib/pg_tde/sql/access_control.sql @@ -12,6 +12,7 @@ RESET ROLE; SELECT pg_tde_grant_database_key_management_to_role('regress_pg_tde_access_control'); SELECT pg_tde_grant_key_viewer_to_role('regress_pg_tde_access_control'); +select pg_tde_grant_grant_management_to_role('regress_pg_tde_access_control'); SET ROLE regress_pg_tde_access_control; From 36cf48a4e0a022463ac109b9e91cebdfbbc8c303 Mon Sep 17 00:00:00 2001 From: Shahid Ullah Date: Sat, 19 Apr 2025 00:07:16 +0500 Subject: [PATCH 2/2] [PG-1545] Update test case to cover this scenario --- contrib/pg_tde/sql/access_control.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/pg_tde/sql/access_control.sql b/contrib/pg_tde/sql/access_control.sql index 274f831fb9397..5aca3c6bdf001 100644 --- a/contrib/pg_tde/sql/access_control.sql +++ b/contrib/pg_tde/sql/access_control.sql @@ -12,7 +12,7 @@ RESET ROLE; SELECT pg_tde_grant_database_key_management_to_role('regress_pg_tde_access_control'); SELECT pg_tde_grant_key_viewer_to_role('regress_pg_tde_access_control'); -select pg_tde_grant_grant_management_to_role('regress_pg_tde_access_control'); +SELECT pg_tde_grant_grant_management_to_role('regress_pg_tde_access_control'); SET ROLE regress_pg_tde_access_control;