From c956c65731306b1773542282eb7bd49b97403fc8 Mon Sep 17 00:00:00 2001 From: Will Thames Date: Wed, 8 Apr 2015 13:00:50 +1000 Subject: [PATCH] Usage is not a valid database or table privilege Remove `USAGE` from the `VALID_PRIVS` dict for both database and table because it is not a valid privilege for either (and breaks the implementation of `has_table_privilege` and `has_database_privilege` See http://www.postgresql.org/docs/9.0/static/sql-grant.html --- database/postgresql/postgresql_user.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/database/postgresql/postgresql_user.py b/database/postgresql/postgresql_user.py index 71cdbcaec5a..7dda85f343c 100644 --- a/database/postgresql/postgresql_user.py +++ b/database/postgresql/postgresql_user.py @@ -174,8 +174,8 @@ else: _flags = ('SUPERUSER', 'CREATEROLE', 'CREATEUSER', 'CREATEDB', 'INHERIT', 'LOGIN', 'REPLICATION') VALID_FLAGS = frozenset(itertools.chain(_flags, ('NO%s' % f for f in _flags))) -VALID_PRIVS = dict(table=frozenset(('SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'ALL', 'USAGE')), - database=frozenset(('CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'ALL', 'USAGE')), +VALID_PRIVS = dict(table=frozenset(('SELECT', 'INSERT', 'UPDATE', 'DELETE', 'TRUNCATE', 'REFERENCES', 'TRIGGER', 'ALL')), + database=frozenset(('CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'ALL')), ) # map to cope with idiosyncracies of SUPERUSER and LOGIN @@ -326,7 +326,7 @@ def user_delete(cursor, user): def has_table_privilege(cursor, user, table, priv): if priv == 'ALL': - priv = [ p for p in VALID_PRIVS['table'] if p != 'ALL' ].join(',') + priv = ','.join([ p for p in VALID_PRIVS['table'] if p != 'ALL' ]) query = 'SELECT has_table_privilege(%s, %s, %s)' cursor.execute(query, (user, table, priv)) return cursor.fetchone()[0] @@ -381,7 +381,7 @@ def get_database_privileges(cursor, user, db): def has_database_privilege(cursor, user, db, priv): if priv == 'ALL': - priv = [ p for p in VALID_PRIVS['database'] if p != 'ALL' ].join(',') + priv = ','.join([ p for p in VALID_PRIVS['database'] if p != 'ALL' ]) query = 'SELECT has_database_privilege(%s, %s, %s)' cursor.execute(query, (user, db, priv)) return cursor.fetchone()[0]