Re: pgsql: Regression tests for security_barrier views.

Robert Haas <robertmhaas@gmail.com> writes:
> On Fri, Jan 20, 2012 at 2:58 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> More generally, please do not use role names as generic as "alice" in
>> regression tests, as that could have disastrous effects if someone
>> were to run the regression tests in a live installation. �We have a
>> convention of using "regressuser1" and so forth.

> A quick grep suggests that we have quite a number of violations of
> that convention, some of them dating back more than 5 years:

Yeah, I was wondering whether we'd stuck to that lately or not, but
was in too much of a hurry to look for myself.

> I can't help thinking we could probably manage an adequate set of
> regression tests that involves a somewhat fewer CREATE USER/ROLE/GROUP
> commands than the above list.  Surely some roles could be used by more
> than one test, and dropped at the end?

I think that would probably be more trouble than it's worth, because of
the coupling it'd introduce between different tests.  I don't mind
having a lot of create/drop role operations in the tests --- I just want
the names to all start with "regress" to minimize the risk of conflicts.

            regards, tom lane