# HG changeset patch # User Sascha L. Teichmann # Date 1533311956 -7200 # Node ID 9d69eb2f0af3423bfba0d421a2cc733cee57939c # Parent bd292a554b6e72bed889fa4562a525467a3f4901# Parent df1fc589ad9de7ba1bd0451775c342f83836931d Merged. diff -r bd292a554b6e -r 9d69eb2f0af3 schema/manage_users.sql --- a/schema/manage_users.sql Fri Aug 03 17:58:51 2018 +0200 +++ b/schema/manage_users.sql Fri Aug 03 17:59:16 2018 +0200 @@ -93,6 +93,14 @@ BEGIN cur_username = OLD.username; + IF cur_username <> session_user + AND NOT (pg_has_role(session_user, 'sys_admin', 'MEMBER') + OR pg_has_role(session_user, 'pw_reset', 'MEMBER')) + THEN + -- Discard row. This is what WITH CHECK in an RLS policy would do. + RETURN NULL; + END IF; + UPDATE internal.user_profiles p SET (username, country, map_extent, email_address) = (NEW.username, NEW.country, NEW.map_extent, NEW.email_address) diff -r bd292a554b6e -r 9d69eb2f0af3 schema/manage_users_tests.sql --- a/schema/manage_users_tests.sql Fri Aug 03 17:58:51 2018 +0200 +++ b/schema/manage_users_tests.sql Fri Aug 03 17:59:16 2018 +0200 @@ -123,6 +123,21 @@ 42501, NULL, 'Waterway user cannot update arbitrary user attributes'); +SET SESSION AUTHORIZATION test_admin_at; + +SELECT results_eq($$ + UPDATE users.list_users + SET (pw, map_extent, email_address) + = ('user_at2!', 'BOX(0 0,1 1)', 'user_at_test') + WHERE country = users.current_user_country() + AND username <> current_user + RETURNING * + $$, + $$ + SELECT '' WHERE false -- Empty result set + $$, + 'Waterway admin cannot update attributes of other users in country'); + SET SESSION AUTHORIZATION test_sys_admin1; SELECT lives_ok($$ diff -r bd292a554b6e -r 9d69eb2f0af3 schema/run_tests.sh --- a/schema/run_tests.sh Fri Aug 03 17:58:51 2018 +0200 +++ b/schema/run_tests.sh Fri Aug 03 17:59:16 2018 +0200 @@ -16,7 +16,7 @@ -c 'SET client_min_messages TO WARNING' \ -c "DROP ROLE IF EXISTS $TEST_ROLES" \ -f tap_tests_data.sql \ - -c 'SELECT plan(44)' \ + -c 'SELECT plan(45)' \ -f auth_tests.sql \ -f manage_users_tests.sql \ -c 'SELECT * FROM finish()'