Changeset: 098b79a0c2bb for MonetDB URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=098b79a0c2bb Modified Files: sql/server/sql_privileges.c sql/test/Users/Tests/renameUser.SQL.py Branch: default Log Message:
Merged with Oct2020 diffs (47 lines): diff --git a/sql/server/sql_privileges.c b/sql/server/sql_privileges.c --- a/sql/server/sql_privileges.c +++ b/sql/server/sql_privileges.c @@ -858,11 +858,12 @@ sql_alter_user(mvc *sql, char *user, cha if (strNil(user)) user = NULL; /* USER == NULL -> current_user */ - if (user != NULL && backend_find_user(sql, user) < 0) - throw(SQL,"sql.alter_user", SQLSTATE(42M32) "ALTER USER: no such user '%s'", user); if (!admin_privs(sql->user_id) && !admin_privs(sql->role_id) && user != NULL && strcmp(user, get_string_global_var(sql, "current_user")) != 0) throw(SQL,"sql.alter_user", SQLSTATE(M1M05) "Insufficient privileges to change user '%s'", user); + + if (user != NULL && backend_find_user(sql, user) < 0) + throw(SQL,"sql.alter_user", SQLSTATE(42M32) "ALTER USER: no such user '%s'", user); if (schema && (schema_id = sql_find_schema(sql, schema)) < 0) throw(SQL,"sql.alter_user", SQLSTATE(3F000) "ALTER USER: no such schema '%s'", schema); if (backend_alter_user(sql, user, passwd, enc, schema_id, schema_path, oldpasswd) == FALSE) @@ -873,13 +874,13 @@ sql_alter_user(mvc *sql, char *user, cha char * sql_rename_user(mvc *sql, char *olduser, char *newuser) { + if (!admin_privs(sql->user_id) && !admin_privs(sql->role_id)) + throw(SQL,"sql.rename_user", SQLSTATE(M1M05) "ALTER USER: insufficient privileges to rename user '%s'", olduser); + if (backend_find_user(sql, olduser) < 0) throw(SQL,"sql.rename_user", SQLSTATE(42M32) "ALTER USER: no such user '%s'", olduser); if (backend_find_user(sql, newuser) >= 0) throw(SQL,"sql.rename_user", SQLSTATE(42M31) "ALTER USER: user '%s' already exists", newuser); - if (!admin_privs(sql->user_id) && !admin_privs(sql->role_id)) - throw(SQL,"sql.rename_user", SQLSTATE(M1M05) "ALTER USER: insufficient privileges to rename user '%s'", olduser); - if (backend_rename_user(sql, olduser, newuser) == FALSE) throw(SQL,"sql.rename_user", SQLSTATE(M1M05) "%s", sql->errstr); return NULL; diff --git a/sql/test/Users/Tests/renameUser.SQL.py b/sql/test/Users/Tests/renameUser.SQL.py --- a/sql/test/Users/Tests/renameUser.SQL.py +++ b/sql/test/Users/Tests/renameUser.SQL.py @@ -52,7 +52,7 @@ with SQLTestCase() as mdb: # Check that a user with no special permissions cannot rename users. # FIXME: might need to change the err_message (see issue #7037) tc2.execute("ALTER USER april2 RENAME TO april3;")\ - .assertFailed(err_code="42M32", err_message="ALTER USER: no such user 'april2'") + .assertFailed(err_code="M1M05", err_message="ALTER USER: insufficient privileges to rename user 'april2'") mdb.connect(username='monetdb', password='monetdb') # Check that the admin cannot: _______________________________________________ checkin-list mailing list checkin-list@monetdb.org https://www.monetdb.org/mailman/listinfo/checkin-list