From bc55791b7ff05b322ad6ea240d0b67d6d471c1ff Mon Sep 17 00:00:00 2001
From: Gabriele Quaresima <gabriele.quaresima@enterprisedb.com>
Date: Thu, 19 Dec 2024 16:35:17 +0100
Subject: [PATCH] fix(roles): properly quote inRoles in SQL statements (#6346)

This patch fixes an issue where the `inRoles` parameter was not properly
quoted in SQL statements, which could cause syntax errors if the role
name contains special characters.

Closes #6337

Signed-off-by: wolfox <gabriele.quaresima@enterprisedb.com>
---
 internal/management/controller/roles/postgres.go      | 8 +++++++-
 internal/management/controller/roles/postgres_test.go | 8 ++++----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/internal/management/controller/roles/postgres.go b/internal/management/controller/roles/postgres.go
index eb1dcf913c..26c909d4b2 100644
--- a/internal/management/controller/roles/postgres.go
+++ b/internal/management/controller/roles/postgres.go
@@ -301,7 +301,13 @@ func GetParentRoles(ctx context.Context, db *sql.DB, role DatabaseRole) ([]strin
 
 func appendInRoleOptions(role DatabaseRole, query *strings.Builder) {
 	if len(role.InRoles) > 0 {
-		query.WriteString(fmt.Sprintf(" IN ROLE %s ", strings.Join(role.InRoles, ",")))
+		quotedInRoles := make([]string, len(role.InRoles))
+
+		for i, inRole := range role.InRoles {
+			quotedInRoles[i] = pgx.Identifier{inRole}.Sanitize()
+		}
+
+		query.WriteString(fmt.Sprintf(" IN ROLE %s ", strings.Join(quotedInRoles, ",")))
 	}
 }
 
diff --git a/internal/management/controller/roles/postgres_test.go b/internal/management/controller/roles/postgres_test.go
index 01f3dd1dc9..4357f62f0c 100644
--- a/internal/management/controller/roles/postgres_test.go
+++ b/internal/management/controller/roles/postgres_test.go
@@ -104,22 +104,22 @@ var _ = Describe("Postgres RoleManager implementation test", func() {
 	}
 	wantedRoleExpectedCrtStmt := fmt.Sprintf(
 		"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
-			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring VALID UNTIL '2100-01-01 00:00:00Z'",
+			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE \"pg_monitoring\" VALID UNTIL '2100-01-01 00:00:00Z'",
 		wantedRole.Name)
 
 	wantedRoleWithPassExpectedCrtStmt := fmt.Sprintf(
 		"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
-			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring PASSWORD 'myPassword' VALID UNTIL '2100-01-01 00:00:00Z'",
+			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE \"pg_monitoring\" PASSWORD 'myPassword' VALID UNTIL '2100-01-01 00:00:00Z'",
 		wantedRole.Name)
 
 	wantedRoleWithoutValidUntilExpectedCrtStmt := fmt.Sprintf(
 		"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
-			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring PASSWORD 'myPassword'",
+			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE \"pg_monitoring\" PASSWORD 'myPassword'",
 		wantedRole.Name)
 
 	wantedRoleWithPassDeletionExpectedCrtStmt := fmt.Sprintf(
 		"CREATE ROLE \"%s\" BYPASSRLS NOCREATEDB CREATEROLE NOINHERIT LOGIN NOREPLICATION "+
-			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE pg_monitoring PASSWORD NULL VALID UNTIL '2100-01-01 00:00:00Z'",
+			"NOSUPERUSER CONNECTION LIMIT 2 IN ROLE \"pg_monitoring\" PASSWORD NULL VALID UNTIL '2100-01-01 00:00:00Z'",
 		wantedRole.Name)
 	wantedRoleWithDefaultConnectionLimitExpectedCrtStmt := fmt.Sprintf(
 		"CREATE ROLE \"%s\" NOBYPASSRLS NOCREATEDB NOCREATEROLE INHERIT NOLOGIN NOREPLICATION "+