From c146e4e0c4a12a595238e64522d3bf8267ba7756 Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Fri, 2 Sep 2022 17:29:55 +0200 Subject: [PATCH v31 2/2] Add support event triggers on authenticated login --- doc/src/sgml/bki.sgml | 2 +- doc/src/sgml/catalogs.sgml | 13 ++ doc/src/sgml/ecpg.sgml | 2 + doc/src/sgml/event-trigger.sgml | 88 ++++++++++ src/backend/commands/dbcommands.c | 1 + src/backend/commands/event_trigger.c | 156 +++++++++++++++++- src/backend/tcop/postgres.c | 4 + src/backend/utils/cache/evtcache.c | 2 + src/backend/utils/misc/guc.c | 1 + src/backend/utils/misc/postgresql.conf.sample | 1 + src/bin/pg_dump/pg_dump.c | 5 + src/bin/psql/tab-complete.c | 4 +- src/include/catalog/pg_database.dat | 2 +- src/include/catalog/pg_database.h | 3 + src/include/commands/event_trigger.h | 4 +- src/include/tcop/cmdtaglist.h | 1 + src/include/utils/evtcache.h | 3 +- src/test/recovery/t/001_stream_rep.pl | 23 +++ src/test/regress/expected/event_trigger.out | 45 +++++ src/test/regress/sql/event_trigger.sql | 26 +++ 20 files changed, 375 insertions(+), 11 deletions(-) diff --git a/doc/src/sgml/bki.sgml b/doc/src/sgml/bki.sgml index f71644e398..315ba81951 100644 --- a/doc/src/sgml/bki.sgml +++ b/doc/src/sgml/bki.sgml @@ -184,7 +184,7 @@ descr => 'database\'s default template', datname => 'template1', encoding => 'ENCODING', datlocprovider => 'LOCALE_PROVIDER', datistemplate => 't', - datallowconn => 't', datconnlimit => '-1', datfrozenxid => '0', + datallowconn => 't', dathasloginevt => 'f', datconnlimit => '-1', datfrozenxid => '0', datminmxid => '1', dattablespace => 'pg_default', datcollate => 'LC_COLLATE', datctype => 'LC_CTYPE', daticulocale => 'ICU_LOCALE', datacl => '_null_' }, diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 00f833d210..9d0ef1cbb2 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -3016,6 +3016,19 @@ SCRAM-SHA-256$<iteration count>:&l + + + dathasloginevt bool + + + Indicates that there are login event triggers defined for this database. + This flag is used to avoid extra lookups on the + pg_event_trigger table during each backend + startup. This flag is used internally by PostgreSQL + and should not be manually altered or read for monitoring purposes. + + + datconnlimit int4 diff --git a/doc/src/sgml/ecpg.sgml b/doc/src/sgml/ecpg.sgml index 16853ced6f..8afa2ff05c 100644 --- a/doc/src/sgml/ecpg.sgml +++ b/doc/src/sgml/ecpg.sgml @@ -4769,6 +4769,7 @@ datdba = 10 (type: 1) encoding = 0 (type: 5) datistemplate = t (type: 1) datallowconn = t (type: 1) +dathasloginevt = f (type: 1) datconnlimit = -1 (type: 5) datfrozenxid = 379 (type: 1) dattablespace = 1663 (type: 1) @@ -4793,6 +4794,7 @@ datdba = 10 (type: 1) encoding = 0 (type: 5) datistemplate = f (type: 1) datallowconn = t (type: 1) +dathasloginevt = f (type: 1) datconnlimit = -1 (type: 5) datfrozenxid = 379 (type: 1) dattablespace = 1663 (type: 1) diff --git a/doc/src/sgml/event-trigger.sgml b/doc/src/sgml/event-trigger.sgml index f1235a2c9f..a24f2e7cfa 100644 --- a/doc/src/sgml/event-trigger.sgml +++ b/doc/src/sgml/event-trigger.sgml @@ -28,6 +28,7 @@ An event trigger fires whenever the event with which it is associated occurs in the database in which it is defined. Currently, the only supported events are + login, ddl_command_start, ddl_command_end, table_rewrite @@ -35,6 +36,20 @@ Support for additional events may be added in future releases. + + The login event occurs when an authenticated user logs + in to the system. Any bugs in a trigger procedure for this event may + prevent successful login to the system. Such bugs may be fixed after first + reconnecting to the system with event triggers disabled (see + ) or by restarting the system + in single-user mode (as event triggers are disabled in this mode). See the + reference page for details about using + single-user mode. The login event will also fire on + standby servers. To prevent servers from becoming inaccessible, such + triggers must avoid writing anything to the database when running on a + standby. + + The ddl_command_start event occurs just before the execution of a CREATE, ALTER, DROP, @@ -1296,6 +1311,79 @@ $$; CREATE EVENT TRIGGER no_rewrite_allowed ON table_rewrite EXECUTE FUNCTION no_rewrite(); + + + + + + A Database Login Event Trigger Example + + + The event trigger on the login event can be + useful for logging user logins, for verifying the connection and + assigning roles according to current circumstances, or for session + data initialization. It is very important that any event trigger using the + login event checks whether or not the database is in + recovery before performing any writes. Writing to a standby server will + make it inaccessible. + + + + The following example demonstrates these options. + +-- create test tables and roles +CREATE TABLE user_login_log ( + "user" text, + "session_start" timestamp with time zone +); +CREATE ROLE day_worker; +CREATE ROLE night_worker; + +-- the example trigger function +CREATE OR REPLACE FUNCTION init_session() + RETURNS event_trigger SECURITY DEFINER + LANGUAGE plpgsql AS +$$ +DECLARE + hour integer = EXTRACT('hour' FROM current_time); + rec boolean; +BEGIN +-- 1. Forbid logging in between 2AM and 4AM. +IF hour BETWEEN 2 AND 4 THEN + RAISE EXCEPTION 'Login forbidden'; +END IF; + +-- The checks below cannot be performed on standby servers so +-- ensure the database is not in recovery before we perform any +-- operations. +SELECT pg_is_in_recovery() INTO rec; +IF rec THEN + RETURN; +END IF + +-- 2. Assign some roles. At daytime, grant the day_worker role, else the +-- night_worker role. +IF hour BETWEEN 8 AND 20 THEN + EXECUTE 'REVOKE night_worker FROM ' || quote_ident(session_user); + EXECUTE 'GRANT day_worker TO ' || quote_ident(session_user); +ELSE + EXECUTE 'REVOKE day_worker FROM ' || quote_ident(session_user); + EXECUTE 'GRANT night_worker TO ' || quote_ident(session_user); +END IF; + +-- 3. Initialize user session data +CREATE TEMP TABLE session_storage (x float, y integer); + +-- 4. Log the connection time +INSERT INTO user_login_log VALUES (session_user, current_timestamp); + +END; +$$; + +-- trigger definition +CREATE EVENT TRIGGER init_session + ON login + EXECUTE FUNCTION init_session(); diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c index 6ff48bb18f..4e541d631e 100644 --- a/src/backend/commands/dbcommands.c +++ b/src/backend/commands/dbcommands.c @@ -1296,6 +1296,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt) new_record[Anum_pg_database_datlocprovider - 1] = CharGetDatum(dblocprovider); new_record[Anum_pg_database_datistemplate - 1] = BoolGetDatum(dbistemplate); new_record[Anum_pg_database_datallowconn - 1] = BoolGetDatum(dballowconnections); + new_record[Anum_pg_database_dathasloginevt - 1] = BoolGetDatum(false); new_record[Anum_pg_database_datconnlimit - 1] = Int32GetDatum(dbconnlimit); new_record[Anum_pg_database_datfrozenxid - 1] = TransactionIdGetDatum(src_frozenxid); new_record[Anum_pg_database_datminmxid - 1] = TransactionIdGetDatum(src_minmxid); diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c index 85d01c559e..e23773d0e1 100644 --- a/src/backend/commands/event_trigger.c +++ b/src/backend/commands/event_trigger.c @@ -20,6 +20,7 @@ #include "catalog/dependency.h" #include "catalog/indexing.h" #include "catalog/objectaccess.h" +#include "catalog/pg_database.h" #include "catalog/pg_event_trigger.h" #include "catalog/pg_namespace.h" #include "catalog/pg_opclass.h" @@ -37,15 +38,18 @@ #include "miscadmin.h" #include "parser/parse_func.h" #include "pgstat.h" +#include "storage/lmgr.h" #include "tcop/deparse_utility.h" #include "tcop/utility.h" #include "utils/acl.h" #include "utils/builtins.h" #include "utils/evtcache.h" #include "utils/fmgroids.h" +#include "utils/inval.h" #include "utils/lsyscache.h" #include "utils/memutils.h" #include "utils/rel.h" +#include "utils/snapmgr.h" #include "utils/syscache.h" typedef struct EventTriggerQueryState @@ -134,6 +138,7 @@ CreateEventTrigger(CreateEventTrigStmt *stmt) if (strcmp(stmt->eventname, "ddl_command_start") != 0 && strcmp(stmt->eventname, "ddl_command_end") != 0 && strcmp(stmt->eventname, "sql_drop") != 0 && + strcmp(stmt->eventname, "login") != 0 && strcmp(stmt->eventname, "table_rewrite") != 0) ereport(ERROR, (errcode(ERRCODE_SYNTAX_ERROR), @@ -297,6 +302,30 @@ insert_event_trigger_tuple(const char *trigname, const char *eventname, Oid evtO CatalogTupleInsert(tgrel, tuple); heap_freetuple(tuple); + /* + * Login event triggers have an additional flag in pg_database to allow + * faster lookups in hot codepaths. Set the flag unless already True. + */ + if (strcmp(eventname, "login") == 0) + { + Form_pg_database db; + Relation pg_db = table_open(DatabaseRelationId, RowExclusiveLock); + + /* Set dathasloginevt flag in pg_database */ + tuple = SearchSysCacheCopy1(DATABASEOID, ObjectIdGetDatum(MyDatabaseId)); + if (!HeapTupleIsValid(tuple)) + elog(ERROR, "cache lookup failed for database %u", MyDatabaseId); + db = (Form_pg_database) GETSTRUCT(tuple); + if (!db->dathasloginevt) + { + db->dathasloginevt = true; + CatalogTupleUpdate(pg_db, &tuple->t_self, tuple); + CommandCounterIncrement(); + } + table_close(pg_db, RowExclusiveLock); + heap_freetuple(tuple); + } + /* Depend on owner. */ recordDependencyOnOwner(EventTriggerRelationId, trigoid, evtOwner); @@ -583,10 +612,15 @@ EventTriggerCommonSetup(Node *parsetree, { CommandTag dbgtag; - dbgtag = CreateCommandTag(parsetree); + if (event == EVT_Login) + dbgtag = CMDTAG_LOGIN; + else + dbgtag = CreateCommandTag(parsetree); + if (event == EVT_DDLCommandStart || event == EVT_DDLCommandEnd || - event == EVT_SQLDrop) + event == EVT_SQLDrop || + event == EVT_Login) { if (!command_tag_event_trigger_ok(dbgtag)) elog(ERROR, "unexpected command tag \"%s\"", GetCommandTagName(dbgtag)); @@ -605,7 +639,10 @@ EventTriggerCommonSetup(Node *parsetree, return NIL; /* Get the command tag. */ - tag = CreateCommandTag(parsetree); + if (event == EVT_Login) + tag = CMDTAG_LOGIN; + else + tag = CreateCommandTag(parsetree); /* * Filter list of event triggers by command tag, and copy them into our @@ -806,6 +843,112 @@ EventTriggerSQLDrop(Node *parsetree) list_free(runlist); } +/* + * Return true if this database has login event triggers, false otherwise. + */ +static bool +DatabaseHasLoginEventTriggers(void) +{ + bool has_login_event_triggers; + HeapTuple tuple = SearchSysCache1(DATABASEOID, ObjectIdGetDatum(MyDatabaseId)); + + if (!HeapTupleIsValid(tuple)) + elog(ERROR, "cache lookup failed for database %u", MyDatabaseId); + + has_login_event_triggers = ((Form_pg_database) GETSTRUCT(tuple))->dathasloginevt; + ReleaseSysCache(tuple); + return has_login_event_triggers; +} + +/* + * Fire login event triggers if any are present. The dathasloginevt + * pg_database flag is left when an event trigger is dropped, to avoid + * complicating the codepath in the case of multiple event triggers. This + * function will instead unset the flag if no trigger is defined. + */ +void +EventTriggerOnLogin(void) +{ + List *runlist; + EventTriggerData trigdata; + + /* + * See EventTriggerDDLCommandStart for a discussion about why event + * triggers are disabled in single user mode. + */ + if (!IsUnderPostmaster || !OidIsValid(MyDatabaseId) + || ignore_event_trigger_check(EVT_Login)) + return; + + StartTransactionCommand(); + + if (DatabaseHasLoginEventTriggers()) + { + runlist = EventTriggerCommonSetup(NULL, + EVT_Login, "login", + &trigdata); + + if (runlist != NIL) + { + /* + * Event trigger execution may require an active snapshot. + */ + PushActiveSnapshot(GetTransactionSnapshot()); + + /* Run the triggers. */ + EventTriggerInvoke(runlist, &trigdata); + + /* Cleanup. */ + list_free(runlist); + + PopActiveSnapshot(); + } + else + { + /* + * Runlist is empty: clear dathasloginevt flag + */ + Relation pg_db = table_open(DatabaseRelationId, RowExclusiveLock); + HeapTuple tuple; + Form_pg_database db; + + LockSharedObject(DatabaseRelationId, MyDatabaseId, 0, AccessExclusiveLock); + + tuple = SearchSysCacheCopy1(DATABASEOID, ObjectIdGetDatum(MyDatabaseId)); + + if (!HeapTupleIsValid(tuple)) + elog(ERROR, "cache lookup failed for database %u", MyDatabaseId); + + db = (Form_pg_database) GETSTRUCT(tuple); + if (db->dathasloginevt) + { + /* + * There can be a race condition: a login event trigger may + * have been added after the pg_event_trigger table was + * scanned, and we don't want to erroneously clear the + * dathasloginevt flag in this case. To be sure that this + * hasn't happened, repeat the scan under the pg_database + * table lock. + */ + runlist = EventTriggerCommonSetup(NULL, + EVT_Login, "login", + &trigdata); + if (runlist == NIL) /* list is still empty, so clear the + * flag */ + { + db->dathasloginevt = false; + CatalogTupleUpdate(pg_db, &tuple->t_self, tuple); + } + else + list_free(runlist); + } + table_close(pg_db, RowExclusiveLock); + heap_freetuple(tuple); + } + } + CommitTransactionCommand(); +} + /* * Fire table_rewrite triggers. @@ -2186,8 +2329,7 @@ stringify_adefprivs_objtype(ObjectType objtype) /* * Checks whether the specified event is ignored by the ignore_event_trigger - * GUC or not. Currently, the GUC only supports ignoreing all or nothing but - * that will most likely change so the function takes an event to aid that. + * GUC or not. */ static bool ignore_event_trigger_check(EventTriggerEvent event) @@ -2197,6 +2339,10 @@ ignore_event_trigger_check(EventTriggerEvent event) if (ignore_event_trigger == IGNORE_EVENT_TRIGGER_ALL) return true; + if (ignore_event_trigger == IGNORE_EVENT_TRIGGER_LOGIN + && event == EVT_Login) + return true; + /* IGNORE_EVENT_TRIGGER_NONE */ return false; diff --git a/src/backend/tcop/postgres.c b/src/backend/tcop/postgres.c index 7bec4e4ff5..51c1fe8f87 100644 --- a/src/backend/tcop/postgres.c +++ b/src/backend/tcop/postgres.c @@ -33,6 +33,7 @@ #include "access/xact.h" #include "catalog/pg_type.h" #include "commands/async.h" +#include "commands/event_trigger.h" #include "commands/prepare.h" #include "common/pg_prng.h" #include "jit/jit.h" @@ -4151,6 +4152,9 @@ PostgresMain(const char *dbname, const char *username) initStringInfo(&row_description_buf); MemoryContextSwitchTo(TopMemoryContext); + /* Fire any defined login event triggers, if appropriate */ + EventTriggerOnLogin(); + /* * POSTGRES main processing loop begins here * diff --git a/src/backend/utils/cache/evtcache.c b/src/backend/utils/cache/evtcache.c index f7f7165f7f..3e9388e956 100644 --- a/src/backend/utils/cache/evtcache.c +++ b/src/backend/utils/cache/evtcache.c @@ -167,6 +167,8 @@ BuildEventTriggerCache(void) event = EVT_SQLDrop; else if (strcmp(evtevent, "table_rewrite") == 0) event = EVT_TableRewrite; + else if (strcmp(evtevent, "login") == 0) + event = EVT_Login; else continue; diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c index cb688f6789..402c43f803 100644 --- a/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c @@ -600,6 +600,7 @@ static const struct config_enum_entry wal_compression_options[] = { static const struct config_enum_entry ignore_event_trigger_options[] = { {"none", IGNORE_EVENT_TRIGGER_NONE, false}, {"all", IGNORE_EVENT_TRIGGER_ALL, false}, + {"login", IGNORE_EVENT_TRIGGER_LOGIN, false}, {NULL, 0, false} }; diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample index 90bec0502c..b8bdf29d7f 100644 --- a/src/backend/utils/misc/postgresql.conf.sample +++ b/src/backend/utils/misc/postgresql.conf.sample @@ -679,6 +679,7 @@ # error #search_path = '"$user", public' # schema names #row_security = on +#ignore_event_trigger = 'none' #default_table_access_method = 'heap' #default_tablespace = '' # a tablespace name, '' uses the default #default_toast_compression = 'pglz' # 'pglz' or 'lz4' diff --git a/src/bin/pg_dump/pg_dump.c b/src/bin/pg_dump/pg_dump.c index d25709ad5f..b1f1ff85f9 100644 --- a/src/bin/pg_dump/pg_dump.c +++ b/src/bin/pg_dump/pg_dump.c @@ -3104,6 +3104,11 @@ dumpDatabase(Archive *fout) appendPQExpBufferStr(delQry, ";\n"); } + /* + * We do not restore pg_database.dathasloginevt because it is set + * automatically on login event trigger creation. + */ + /* Add database-specific SET options */ dumpDatabaseConfig(fout, creaQry, datname, dbCatId.oid); diff --git a/src/bin/psql/tab-complete.c b/src/bin/psql/tab-complete.c index 62a39779b9..e5f1ffd230 100644 --- a/src/bin/psql/tab-complete.c +++ b/src/bin/psql/tab-complete.c @@ -3409,8 +3409,8 @@ psql_completion(const char *text, int start, int end) COMPLETE_WITH("ON"); /* Complete CREATE EVENT TRIGGER ON with event_type */ else if (Matches("CREATE", "EVENT", "TRIGGER", MatchAny, "ON")) - COMPLETE_WITH("ddl_command_start", "ddl_command_end", "sql_drop", - "table_rewrite"); + COMPLETE_WITH("ddl_command_start", "ddl_command_end", "login", + "sql_drop", "table_rewrite"); /* * Complete CREATE EVENT TRIGGER ON . EXECUTE FUNCTION diff --git a/src/include/catalog/pg_database.dat b/src/include/catalog/pg_database.dat index 47dcbfb343..df32761f74 100644 --- a/src/include/catalog/pg_database.dat +++ b/src/include/catalog/pg_database.dat @@ -16,7 +16,7 @@ descr => 'default template for new databases', datname => 'template1', encoding => 'ENCODING', datlocprovider => 'LOCALE_PROVIDER', datistemplate => 't', - datallowconn => 't', datconnlimit => '-1', datfrozenxid => '0', + datallowconn => 't', dathasloginevt => 'f', datconnlimit => '-1', datfrozenxid => '0', datminmxid => '1', dattablespace => 'pg_default', datcollate => 'LC_COLLATE', datctype => 'LC_CTYPE', daticulocale => 'ICU_LOCALE', datacl => '_null_' }, diff --git a/src/include/catalog/pg_database.h b/src/include/catalog/pg_database.h index 611c95656a..ebf7151109 100644 --- a/src/include/catalog/pg_database.h +++ b/src/include/catalog/pg_database.h @@ -49,6 +49,9 @@ CATALOG(pg_database,1262,DatabaseRelationId) BKI_SHARED_RELATION BKI_ROWTYPE_OID /* new connections allowed? */ bool datallowconn; + /* database has login event triggers? */ + bool dathasloginevt; + /* max connections allowed (-1=no limit) */ int32 datconnlimit; diff --git a/src/include/commands/event_trigger.h b/src/include/commands/event_trigger.h index 9e7671e63f..2400cc7d7a 100644 --- a/src/include/commands/event_trigger.h +++ b/src/include/commands/event_trigger.h @@ -32,7 +32,8 @@ typedef struct EventTriggerData typedef enum ignore_event_trigger_events { IGNORE_EVENT_TRIGGER_NONE, - IGNORE_EVENT_TRIGGER_ALL + IGNORE_EVENT_TRIGGER_ALL, + IGNORE_EVENT_TRIGGER_LOGIN } IgnoreEventTriggersEvents; extern int ignore_event_trigger; @@ -62,6 +63,7 @@ extern void EventTriggerDDLCommandStart(Node *parsetree); extern void EventTriggerDDLCommandEnd(Node *parsetree); extern void EventTriggerSQLDrop(Node *parsetree); extern void EventTriggerTableRewrite(Node *parsetree, Oid tableOid, int reason); +extern void EventTriggerOnLogin(void); extern bool EventTriggerBeginCompleteQuery(void); extern void EventTriggerEndCompleteQuery(void); diff --git a/src/include/tcop/cmdtaglist.h b/src/include/tcop/cmdtaglist.h index 9e94f44c5f..b900227e0c 100644 --- a/src/include/tcop/cmdtaglist.h +++ b/src/include/tcop/cmdtaglist.h @@ -186,6 +186,7 @@ PG_CMDTAG(CMDTAG_INSERT, "INSERT", false, false, true) PG_CMDTAG(CMDTAG_LISTEN, "LISTEN", false, false, false) PG_CMDTAG(CMDTAG_LOAD, "LOAD", false, false, false) PG_CMDTAG(CMDTAG_LOCK_TABLE, "LOCK TABLE", false, false, false) +PG_CMDTAG(CMDTAG_LOGIN, "LOGIN", true, false, false) PG_CMDTAG(CMDTAG_MERGE, "MERGE", false, false, true) PG_CMDTAG(CMDTAG_MOVE, "MOVE", false, false, true) PG_CMDTAG(CMDTAG_NOTIFY, "NOTIFY", false, false, false) diff --git a/src/include/utils/evtcache.h b/src/include/utils/evtcache.h index ddb67a68fa..a66344aacb 100644 --- a/src/include/utils/evtcache.h +++ b/src/include/utils/evtcache.h @@ -22,7 +22,8 @@ typedef enum EVT_DDLCommandStart, EVT_DDLCommandEnd, EVT_SQLDrop, - EVT_TableRewrite + EVT_TableRewrite, + EVT_Login, } EventTriggerEvent; typedef struct diff --git a/src/test/recovery/t/001_stream_rep.pl b/src/test/recovery/t/001_stream_rep.pl index 986147b730..8ad50762c4 100644 --- a/src/test/recovery/t/001_stream_rep.pl +++ b/src/test/recovery/t/001_stream_rep.pl @@ -46,6 +46,24 @@ $node_standby_2->start; $node_primary->safe_psql('postgres', "CREATE TABLE tab_int AS SELECT generate_series(1,1002) AS a"); +$node_primary->safe_psql('postgres', q{ +CREATE TABLE user_logins(id serial, who text); + +CREATE FUNCTION on_login_proc() RETURNS EVENT_TRIGGER AS $$ +BEGIN + IF NOT pg_is_in_recovery() THEN + INSERT INTO user_logins (who) VALUES (session_user); + END IF; + IF session_user = 'regress_hacker' THEN + RAISE EXCEPTION 'You are not welcome!'; + END IF; +END; +$$ LANGUAGE plpgsql SECURITY DEFINER; + +CREATE EVENT TRIGGER on_login_trigger ON login EXECUTE FUNCTION on_login_proc(); +ALTER EVENT TRIGGER on_login_trigger ENABLE ALWAYS; +}); + # Wait for standbys to catch up my $primary_lsn = $node_primary->lsn('write'); $node_primary->wait_for_catchup($node_standby_1, 'replay', $primary_lsn); @@ -388,6 +406,11 @@ sub replay_check replay_check(); +my $evttrig = $node_standby_1->safe_psql('postgres', "SELECT evtname FROM pg_event_trigger WHERE evtevent = 'login'"); +is($evttrig, 'on_login_trigger', 'Name of login trigger'); +$evttrig = $node_standby_2->safe_psql('postgres', "SELECT evtname FROM pg_event_trigger WHERE evtevent = 'login'"); +is($evttrig, 'on_login_trigger', 'Name of login trigger'); + note "enabling hot_standby_feedback"; # Enable hs_feedback. The slot should gain an xmin. We set the status interval diff --git a/src/test/regress/expected/event_trigger.out b/src/test/regress/expected/event_trigger.out index 5a10958df5..cb16f47c35 100644 --- a/src/test/regress/expected/event_trigger.out +++ b/src/test/regress/expected/event_trigger.out @@ -614,3 +614,48 @@ SELECT DROP EVENT TRIGGER start_rls_command; DROP EVENT TRIGGER end_rls_command; DROP EVENT TRIGGER sql_drop_command; +-- Login event triggers +CREATE TABLE user_logins(id serial, who text); +GRANT SELECT ON user_logins TO public; +CREATE FUNCTION on_login_proc() RETURNS event_trigger AS $$ +BEGIN + INSERT INTO user_logins (who) VALUES (SESSION_USER); + RAISE NOTICE 'You are welcome!'; +END; +$$ LANGUAGE plpgsql; +CREATE EVENT TRIGGER on_login_trigger ON login EXECUTE PROCEDURE on_login_proc(); +ALTER EVENT TRIGGER on_login_trigger ENABLE ALWAYS; +\c +NOTICE: You are welcome! +SELECT COUNT(*) FROM user_logins; + count +------- + 1 +(1 row) + +\c +NOTICE: You are welcome! +SELECT COUNT(*) FROM user_logins; + count +------- + 2 +(1 row) + +-- Check dathasloginevt in system catalog +SELECT dathasloginevt FROM pg_database WHERE datname= :'DBNAME'; + dathasloginevt +---------------- + t +(1 row) + +-- Cleanup +DROP TABLE user_logins; +DROP EVENT TRIGGER on_login_trigger; +DROP FUNCTION on_login_proc(); +\c +SELECT dathasloginevt FROM pg_database WHERE datname= :'DBNAME'; + dathasloginevt +---------------- + f +(1 row) + diff --git a/src/test/regress/sql/event_trigger.sql b/src/test/regress/sql/event_trigger.sql index 1aeaddbe71..9d5bb328b0 100644 --- a/src/test/regress/sql/event_trigger.sql +++ b/src/test/regress/sql/event_trigger.sql @@ -471,3 +471,29 @@ SELECT DROP EVENT TRIGGER start_rls_command; DROP EVENT TRIGGER end_rls_command; DROP EVENT TRIGGER sql_drop_command; + +-- Login event triggers +CREATE TABLE user_logins(id serial, who text); +GRANT SELECT ON user_logins TO public; +CREATE FUNCTION on_login_proc() RETURNS event_trigger AS $$ +BEGIN + INSERT INTO user_logins (who) VALUES (SESSION_USER); + RAISE NOTICE 'You are welcome!'; +END; +$$ LANGUAGE plpgsql; +CREATE EVENT TRIGGER on_login_trigger ON login EXECUTE PROCEDURE on_login_proc(); +ALTER EVENT TRIGGER on_login_trigger ENABLE ALWAYS; +\c +SELECT COUNT(*) FROM user_logins; +\c +SELECT COUNT(*) FROM user_logins; + +-- Check dathasloginevt in system catalog +SELECT dathasloginevt FROM pg_database WHERE datname= :'DBNAME'; + +-- Cleanup +DROP TABLE user_logins; +DROP EVENT TRIGGER on_login_trigger; +DROP FUNCTION on_login_proc(); +\c +SELECT dathasloginevt FROM pg_database WHERE datname= :'DBNAME'; -- 2.32.1 (Apple Git-133)