opensourcemirror
/
postgresql
mirror of git://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Replace AclObjectKind with ObjectType 

AclObjectKind was basically just another enumeration for object types,
and we already have a preferred one for that.  It's only used in
aclcheck_error.  By using ObjectType instead, we can also give some more
precise error messages, for example "index" instead of "relation".

Reviewed-by: Michael Paquier <michael.paquier@gmail.com>
This commit is contained in:
Peter Eisentraut 2017-12-02 09:26:34 -05:00
parent 2c6f37ed62
commit 8b9e9644dc
65 changed files with 742 additions and 550 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
contrib/dblink/dblink.c
View File

@ -2504,7 +2504,7 @@ get_rel_from_relname(text *relname_text, LOCKMODE lockmode, AclMode aclmode)
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
aclmode);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
return rel;
@ -2789,7 +2789,7 @@ get_connect_string(const char *servername)
/* Check permissions, user must have usage on the server. */
aclresult = pg_foreign_server_aclcheck(serverid, userid, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, foreign_server->servername);
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, foreign_server->servername);
foreach(cell, fdw->options)
{

2
contrib/file_fdw/output/file_fdw.source
View File

@ -393,7 +393,7 @@ SELECT * FROM agg_text ORDER BY a;
SET ROLE regress_no_priv_user;
SELECT * FROM agg_text ORDER BY a; -- ERROR
ERROR: permission denied for relation agg_text
ERROR: permission denied for foreign table agg_text
SET ROLE regress_file_fdw_user;
\t on
EXPLAIN (VERBOSE, COSTS FALSE) SELECT * FROM agg_text WHERE a > 0;

2
contrib/pg_prewarm/pg_prewarm.c
View File

@ -107,7 +107,7 @@ pg_prewarm(PG_FUNCTION_ARGS)
rel = relation_open(relOid, AccessShareLock);
aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS, get_rel_name(relOid));
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), get_rel_name(relOid));
/* Check that the fork exists. */
RelationOpenSmgr(rel);

2
contrib/pgrowlocks/pgrowlocks.c
View File

@ -121,7 +121,7 @@ pgrowlocks(PG_FUNCTION_ARGS)
aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL);

4
contrib/test_decoding/expected/permissions.out
View File

@ -38,7 +38,7 @@ SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_d
(1 row)
INSERT INTO lr_test VALUES('lr_superuser_init');
ERROR: permission denied for relation lr_test
ERROR: permission denied for table lr_test
SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
data
------
@ -56,7 +56,7 @@ SET ROLE regress_lr_normal;
SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_decoding');
ERROR: must be superuser or replication role to use replication slots
INSERT INTO lr_test VALUES('lr_superuser_init');
ERROR: permission denied for relation lr_test
ERROR: permission denied for table lr_test
SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
ERROR: must be superuser or replication role to use replication slots
SELECT pg_drop_replication_slot('regression_slot');

4
src/backend/access/brin/brin.c
View File

@ -894,7 +894,7 @@ brin_summarize_range(PG_FUNCTION_ARGS)
/* User must own the index (comparable to privileges needed for VACUUM) */
if (!pg_class_ownercheck(indexoid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
RelationGetRelationName(indexRel));
/*
@ -965,7 +965,7 @@ brin_desummarize_range(PG_FUNCTION_ARGS)
/* User must own the index (comparable to privileges needed for VACUUM) */
if (!pg_class_ownercheck(indexoid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
RelationGetRelationName(indexRel));
/*

2
src/backend/access/gin/ginfast.c
View File

@ -1035,7 +1035,7 @@ gin_clean_pending_list(PG_FUNCTION_ARGS)
/* User must own the index (comparable to privileges needed for VACUUM) */
if (!pg_class_ownercheck(indexoid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
RelationGetRelationName(indexRel));
memset(&stats, 0, sizeof(stats));

505
src/backend/catalog/aclchk.c
View File

@ -132,9 +132,9 @@ static const char *privilege_to_string(AclMode privilege);
static AclMode restrict_and_check_grant(bool is_grant, AclMode avail_goptions,
bool all_privs, AclMode privileges,
Oid objectId, Oid grantorId,
AclObjectKind objkind, const char *objname,
ObjectType objtype, const char *objname,
AttrNumber att_number, const char *colname);
static AclMode pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum,
static AclMode pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum,
Oid roleid, AclMode mask, AclMaskHow how);
static void recordExtensionInitPriv(Oid objoid, Oid classoid, int objsubid,
Acl *new_acl);
@ -236,56 +236,56 @@ merge_acl_with_grant(Acl *old_acl, bool is_grant,
static AclMode
restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
AclMode privileges, Oid objectId, Oid grantorId,
AclObjectKind objkind, const char *objname,
ObjectType objtype, const char *objname,
AttrNumber att_number, const char *colname)
{
AclMode this_privileges;
AclMode whole_mask;
switch (objkind)
switch (objtype)
{
case ACL_KIND_COLUMN:
case OBJECT_COLUMN:
whole_mask = ACL_ALL_RIGHTS_COLUMN;
break;
case ACL_KIND_CLASS:
case OBJECT_TABLE:
whole_mask = ACL_ALL_RIGHTS_RELATION;
break;
case ACL_KIND_SEQUENCE:
case OBJECT_SEQUENCE:
whole_mask = ACL_ALL_RIGHTS_SEQUENCE;
break;
case ACL_KIND_DATABASE:
case OBJECT_DATABASE:
whole_mask = ACL_ALL_RIGHTS_DATABASE;
break;
case ACL_KIND_PROC:
case OBJECT_FUNCTION:
whole_mask = ACL_ALL_RIGHTS_FUNCTION;
break;
case ACL_KIND_LANGUAGE:
case OBJECT_LANGUAGE:
whole_mask = ACL_ALL_RIGHTS_LANGUAGE;
break;
case ACL_KIND_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
break;
case ACL_KIND_NAMESPACE:
case OBJECT_SCHEMA:
whole_mask = ACL_ALL_RIGHTS_SCHEMA;
break;
case ACL_KIND_TABLESPACE:
case OBJECT_TABLESPACE:
whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
break;
case ACL_KIND_FDW:
case OBJECT_FDW:
whole_mask = ACL_ALL_RIGHTS_FDW;
break;
case ACL_KIND_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
whole_mask = ACL_ALL_RIGHTS_FOREIGN_SERVER;
break;
case ACL_KIND_EVENT_TRIGGER:
case OBJECT_EVENT_TRIGGER:
elog(ERROR, "grantable rights not supported for event triggers");
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
case ACL_KIND_TYPE:
case OBJECT_TYPE:
whole_mask = ACL_ALL_RIGHTS_TYPE;
break;
default:
elog(ERROR, "unrecognized object kind: %d", objkind);
elog(ERROR, "unrecognized object type: %d", objtype);
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
}
@ -297,14 +297,14 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
*/
if (avail_goptions == ACL_NO_RIGHTS)
{
if (pg_aclmask(objkind, objectId, att_number, grantorId,
if (pg_aclmask(objtype, objectId, att_number, grantorId,
whole_mask | ACL_GRANT_OPTION_FOR(whole_mask),
ACLMASK_ANY) == ACL_NO_RIGHTS)
{
if (objkind == ACL_KIND_COLUMN && colname)
aclcheck_error_col(ACLCHECK_NO_PRIV, objkind, objname, colname);
if (objtype == OBJECT_COLUMN && colname)
aclcheck_error_col(ACLCHECK_NO_PRIV, objtype, objname, colname);
else
aclcheck_error(ACLCHECK_NO_PRIV, objkind, objname);
aclcheck_error(ACLCHECK_NO_PRIV, objtype, objname);
}
}
@ -320,7 +320,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
{
if (this_privileges == 0)
{
if (objkind == ACL_KIND_COLUMN && colname)
if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
errmsg("no privileges were granted for column \"%s\" of relation \"%s\"",
@ -333,7 +333,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
}
else if (!all_privs && this_privileges != privileges)
{
if (objkind == ACL_KIND_COLUMN && colname)
if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
errmsg("not all privileges were granted for column \"%s\" of relation \"%s\"",
@ -349,7 +349,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
{
if (this_privileges == 0)
{
if (objkind == ACL_KIND_COLUMN && colname)
if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
errmsg("no privileges could be revoked for column \"%s\" of relation \"%s\"",
@ -362,7 +362,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
}
else if (!all_privs && this_privileges != privileges)
{
if (objkind == ACL_KIND_COLUMN && colname)
if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
errmsg("not all privileges could be revoked for column \"%s\" of relation \"%s\"",
@ -1721,7 +1721,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
restrict_and_check_grant(istmt->is_grant, avail_goptions,
(col_privileges == ACL_ALL_RIGHTS_COLUMN),
col_privileges,
relOid, grantorId, ACL_KIND_COLUMN,
relOid, grantorId, OBJECT_COLUMN,
relname, attnum,
NameStr(pg_attribute_tuple->attname));
@ -1976,7 +1976,7 @@ ExecGrant_Relation(InternalGrant *istmt)
bool replaces[Natts_pg_class];
int nnewmembers;
Oid *newmembers;
AclObjectKind aclkind;
ObjectType objtype;
/* Determine ID to do the grant as, and available grant options */
select_best_grantor(GetUserId(), this_privileges,
@ -1986,10 +1986,10 @@ ExecGrant_Relation(InternalGrant *istmt)
switch (pg_class_tuple->relkind)
{
case RELKIND_SEQUENCE:
aclkind = ACL_KIND_SEQUENCE;
objtype = OBJECT_SEQUENCE;
break;
default:
aclkind = ACL_KIND_CLASS;
objtype = OBJECT_TABLE;
break;
}
@ -2000,7 +2000,7 @@ ExecGrant_Relation(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, this_privileges,
relOid, grantorId, aclkind,
relOid, grantorId, objtype,
NameStr(pg_class_tuple->relname),
0, NULL);
@ -2194,7 +2194,7 @@ ExecGrant_Database(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
datId, grantorId, ACL_KIND_DATABASE,
datId, grantorId, OBJECT_DATABASE,
NameStr(pg_database_tuple->datname),
0, NULL);
@ -2316,7 +2316,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
fdwid, grantorId, ACL_KIND_FDW,
fdwid, grantorId, OBJECT_FDW,
NameStr(pg_fdw_tuple->fdwname),
0, NULL);
@ -2442,7 +2442,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
srvid, grantorId, ACL_KIND_FOREIGN_SERVER,
srvid, grantorId, OBJECT_FOREIGN_SERVER,
NameStr(pg_server_tuple->srvname),
0, NULL);
@ -2566,7 +2566,7 @@ ExecGrant_Function(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
funcId, grantorId, ACL_KIND_PROC,
funcId, grantorId, OBJECT_FUNCTION,
NameStr(pg_proc_tuple->proname),
0, NULL);
@ -2697,7 +2697,7 @@ ExecGrant_Language(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
langId, grantorId, ACL_KIND_LANGUAGE,
langId, grantorId, OBJECT_LANGUAGE,
NameStr(pg_language_tuple->lanname),
0, NULL);
@ -2836,7 +2836,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
loid, grantorId, ACL_KIND_LARGEOBJECT,
loid, grantorId, OBJECT_LARGEOBJECT,
loname, 0, NULL);
/*
@ -2961,7 +2961,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
nspid, grantorId, ACL_KIND_NAMESPACE,
nspid, grantorId, OBJECT_SCHEMA,
NameStr(pg_namespace_tuple->nspname),
0, NULL);
@ -3085,7 +3085,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
tblId, grantorId, ACL_KIND_TABLESPACE,
tblId, grantorId, OBJECT_TABLESPACE,
NameStr(pg_tablespace_tuple->spcname),
0, NULL);
@ -3219,7 +3219,7 @@ ExecGrant_Type(InternalGrant *istmt)
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
typId, grantorId, ACL_KIND_TYPE,
typId, grantorId, OBJECT_TYPE,
NameStr(pg_type_tuple->typname),
0, NULL);
@ -3348,114 +3348,8 @@ privilege_to_string(AclMode privilege)
* Note: we do not double-quote the %s's below, because many callers
* supply strings that might be already quoted.
*/
static const char *const no_priv_msg[MAX_ACL_KIND] =
{
/* ACL_KIND_COLUMN */
gettext_noop("permission denied for column %s"),
/* ACL_KIND_CLASS */
gettext_noop("permission denied for relation %s"),
/* ACL_KIND_SEQUENCE */
gettext_noop("permission denied for sequence %s"),
/* ACL_KIND_DATABASE */
gettext_noop("permission denied for database %s"),
/* ACL_KIND_PROC */
gettext_noop("permission denied for function %s"),
/* ACL_KIND_OPER */
gettext_noop("permission denied for operator %s"),
/* ACL_KIND_TYPE */
gettext_noop("permission denied for type %s"),
/* ACL_KIND_LANGUAGE */
gettext_noop("permission denied for language %s"),
/* ACL_KIND_LARGEOBJECT */
gettext_noop("permission denied for large object %s"),
/* ACL_KIND_NAMESPACE */
gettext_noop("permission denied for schema %s"),
/* ACL_KIND_OPCLASS */
gettext_noop("permission denied for operator class %s"),
/* ACL_KIND_OPFAMILY */
gettext_noop("permission denied for operator family %s"),
/* ACL_KIND_COLLATION */
gettext_noop("permission denied for collation %s"),
/* ACL_KIND_CONVERSION */
gettext_noop("permission denied for conversion %s"),
/* ACL_KIND_STATISTICS */
gettext_noop("permission denied for statistics object %s"),
/* ACL_KIND_TABLESPACE */
gettext_noop("permission denied for tablespace %s"),
/* ACL_KIND_TSDICTIONARY */
gettext_noop("permission denied for text search dictionary %s"),
/* ACL_KIND_TSCONFIGURATION */
gettext_noop("permission denied for text search configuration %s"),
/* ACL_KIND_FDW */
gettext_noop("permission denied for foreign-data wrapper %s"),
/* ACL_KIND_FOREIGN_SERVER */
gettext_noop("permission denied for foreign server %s"),
/* ACL_KIND_EVENT_TRIGGER */
gettext_noop("permission denied for event trigger %s"),
/* ACL_KIND_EXTENSION */
gettext_noop("permission denied for extension %s"),
/* ACL_KIND_PUBLICATION */
gettext_noop("permission denied for publication %s"),
/* ACL_KIND_SUBSCRIPTION */
gettext_noop("permission denied for subscription %s"),
};
static const char *const not_owner_msg[MAX_ACL_KIND] =
{
/* ACL_KIND_COLUMN */
gettext_noop("must be owner of relation %s"),
/* ACL_KIND_CLASS */
gettext_noop("must be owner of relation %s"),
/* ACL_KIND_SEQUENCE */
gettext_noop("must be owner of sequence %s"),
/* ACL_KIND_DATABASE */
gettext_noop("must be owner of database %s"),
/* ACL_KIND_PROC */
gettext_noop("must be owner of function %s"),
/* ACL_KIND_OPER */
gettext_noop("must be owner of operator %s"),
/* ACL_KIND_TYPE */
gettext_noop("must be owner of type %s"),
/* ACL_KIND_LANGUAGE */
gettext_noop("must be owner of language %s"),
/* ACL_KIND_LARGEOBJECT */
gettext_noop("must be owner of large object %s"),
/* ACL_KIND_NAMESPACE */
gettext_noop("must be owner of schema %s"),
/* ACL_KIND_OPCLASS */
gettext_noop("must be owner of operator class %s"),
/* ACL_KIND_OPFAMILY */
gettext_noop("must be owner of operator family %s"),
/* ACL_KIND_COLLATION */
gettext_noop("must be owner of collation %s"),
/* ACL_KIND_CONVERSION */
gettext_noop("must be owner of conversion %s"),
/* ACL_KIND_STATISTICS */
gettext_noop("must be owner of statistics object %s"),
/* ACL_KIND_TABLESPACE */
gettext_noop("must be owner of tablespace %s"),
/* ACL_KIND_TSDICTIONARY */
gettext_noop("must be owner of text search dictionary %s"),
/* ACL_KIND_TSCONFIGURATION */
gettext_noop("must be owner of text search configuration %s"),
/* ACL_KIND_FDW */
gettext_noop("must be owner of foreign-data wrapper %s"),
/* ACL_KIND_FOREIGN_SERVER */
gettext_noop("must be owner of foreign server %s"),
/* ACL_KIND_EVENT_TRIGGER */
gettext_noop("must be owner of event trigger %s"),
/* ACL_KIND_EXTENSION */
gettext_noop("must be owner of extension %s"),
/* ACL_KIND_PUBLICATION */
gettext_noop("must be owner of publication %s"),
/* ACL_KIND_SUBSCRIPTION */
gettext_noop("must be owner of subscription %s"),
};
void
aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
aclcheck_error(AclResult aclerr, ObjectType objtype,
const char *objectname)
{
switch (aclerr)
@ -3464,15 +3358,272 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
/* no error, so return to caller */
break;
case ACLCHECK_NO_PRIV:
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg(no_priv_msg[objectkind], objectname)));
break;
{
const char *msg;
switch (objtype)
{
case OBJECT_AGGREGATE:
msg = gettext_noop("permission denied for aggregate %s");
break;
case OBJECT_COLLATION:
msg = gettext_noop("permission denied for collation %s");
break;
case OBJECT_COLUMN:
msg = gettext_noop("permission denied for column %s");
break;
case OBJECT_CONVERSION:
msg = gettext_noop("permission denied for conversion %s");
break;
case OBJECT_DATABASE:
msg = gettext_noop("permission denied for database %s");
break;
case OBJECT_DOMAIN:
msg = gettext_noop("permission denied for domain %s");
break;
case OBJECT_EVENT_TRIGGER:
msg = gettext_noop("permission denied for event trigger %s");
break;
case OBJECT_EXTENSION:
msg = gettext_noop("permission denied for extension %s");
break;
case OBJECT_FDW:
msg = gettext_noop("permission denied for foreign-data wrapper %s");
break;
case OBJECT_FOREIGN_SERVER:
msg = gettext_noop("permission denied for foreign server %s");
break;
case OBJECT_FOREIGN_TABLE:
msg = gettext_noop("permission denied for foreign table %s");
break;
case OBJECT_FUNCTION:
msg = gettext_noop("permission denied for function %s");
break;
case OBJECT_INDEX:
msg = gettext_noop("permission denied for index %s");
break;
case OBJECT_LANGUAGE:
msg = gettext_noop("permission denied for language %s");
break;
case OBJECT_LARGEOBJECT:
msg = gettext_noop("permission denied for large object %s");
break;
case OBJECT_MATVIEW:
msg = gettext_noop("permission denied for materialized view %s");
break;
case OBJECT_OPCLASS:
msg = gettext_noop("permission denied for operator class %s");
break;
case OBJECT_OPERATOR:
msg = gettext_noop("permission denied for operator %s");
break;
case OBJECT_OPFAMILY:
msg = gettext_noop("permission denied for operator family %s");
break;
case OBJECT_POLICY:
msg = gettext_noop("permission denied for policy %s");
break;
case OBJECT_PROCEDURE:
msg = gettext_noop("permission denied for procedure %s");
break;
case OBJECT_PUBLICATION:
msg = gettext_noop("permission denied for publication %s");
break;
case OBJECT_ROUTINE:
msg = gettext_noop("permission denied for routine %s");
break;
case OBJECT_SCHEMA:
msg = gettext_noop("permission denied for schema %s");
break;
case OBJECT_SEQUENCE:
msg = gettext_noop("permission denied for sequence %s");
break;
case OBJECT_STATISTIC_EXT:
msg = gettext_noop("permission denied for statistics object %s");
break;
case OBJECT_SUBSCRIPTION:
msg = gettext_noop("permission denied for subscription %s");
break;
case OBJECT_TABLE:
msg = gettext_noop("permission denied for table %s");
break;
case OBJECT_TABLESPACE:
msg = gettext_noop("permission denied for tablespace %s");
break;
case OBJECT_TSCONFIGURATION:
msg = gettext_noop("permission denied for text search configuration %s");
break;
case OBJECT_TSDICTIONARY:
msg = gettext_noop("permission denied for text search dictionary %s");
break;
case OBJECT_TYPE:
msg = gettext_noop("permission denied for type %s");
break;
case OBJECT_VIEW:
msg = gettext_noop("permission denied for view %s");
break;
/* these currently aren't used */
case OBJECT_ACCESS_METHOD:
case OBJECT_AMOP:
case OBJECT_AMPROC:
case OBJECT_ATTRIBUTE:
case OBJECT_CAST:
case OBJECT_DEFAULT:
case OBJECT_DEFACL:
case OBJECT_DOMCONSTRAINT:
case OBJECT_PUBLICATION_REL:
case OBJECT_ROLE:
case OBJECT_RULE:
case OBJECT_TABCONSTRAINT:
case OBJECT_TRANSFORM:
case OBJECT_TRIGGER:
case OBJECT_TSPARSER:
case OBJECT_TSTEMPLATE:
case OBJECT_USER_MAPPING:
elog(ERROR, "unsupported object type %d", objtype);
msg = "???";
}
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg(msg, objectname)));
break;
}
case ACLCHECK_NOT_OWNER:
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg(not_owner_msg[objectkind], objectname)));
break;
{
const char *msg;
switch (objtype)
{
case OBJECT_AGGREGATE:
msg = gettext_noop("must be owner of aggregate %s");
break;
case OBJECT_COLLATION:
msg = gettext_noop("must be owner of collation %s");
break;
case OBJECT_CONVERSION:
msg = gettext_noop("must be owner of conversion %s");
break;
case OBJECT_DATABASE:
msg = gettext_noop("must be owner of database %s");
break;
case OBJECT_DOMAIN:
msg = gettext_noop("must be owner of domain %s");
break;
case OBJECT_EVENT_TRIGGER:
msg = gettext_noop("must be owner of event trigger %s");
break;
case OBJECT_EXTENSION:
msg = gettext_noop("must be owner of extension %s");
break;
case OBJECT_FDW:
msg = gettext_noop("must be owner of foreign-data wrapper %s");
break;
case OBJECT_FOREIGN_SERVER:
msg = gettext_noop("must be owner of foreign server %s");
break;
case OBJECT_FOREIGN_TABLE:
msg = gettext_noop("must be owner of foreign table %s");
break;
case OBJECT_FUNCTION:
msg = gettext_noop("must be owner of function %s");
break;
case OBJECT_INDEX:
msg = gettext_noop("must be owner of index %s");
break;
case OBJECT_LANGUAGE:
msg = gettext_noop("must be owner of language %s");
break;
case OBJECT_LARGEOBJECT:
msg = gettext_noop("must be owner of large object %s");
break;
case OBJECT_MATVIEW:
msg = gettext_noop("must be owner of materialized view %s");
break;
case OBJECT_OPCLASS:
msg = gettext_noop("must be owner of operator class %s");
break;
case OBJECT_OPERATOR:
msg = gettext_noop("must be owner of operator %s");
break;
case OBJECT_OPFAMILY:
msg = gettext_noop("must be owner of operator family %s");
break;
case OBJECT_PROCEDURE:
msg = gettext_noop("must be owner of procedure %s");
break;
case OBJECT_PUBLICATION:
msg = gettext_noop("must be owner of publication %s");
break;
case OBJECT_ROUTINE:
msg = gettext_noop("must be owner of routine %s");
break;
case OBJECT_SEQUENCE:
msg = gettext_noop("must be owner of sequence %s");
break;
case OBJECT_SUBSCRIPTION:
msg = gettext_noop("must be owner of subscription %s");
break;
case OBJECT_TABLE:
msg = gettext_noop("must be owner of table %s");
break;
case OBJECT_TYPE:
msg = gettext_noop("must be owner of type %s");
break;
case OBJECT_VIEW:
msg = gettext_noop("must be owner of view %s");
break;
case OBJECT_SCHEMA:
msg = gettext_noop("must be owner of schema %s");
break;
case OBJECT_STATISTIC_EXT:
msg = gettext_noop("must be owner of statistics object %s");
break;
case OBJECT_TABLESPACE:
msg = gettext_noop("must be owner of tablespace %s");
break;
case OBJECT_TSCONFIGURATION:
msg = gettext_noop("must be owner of text search configuration %s");
break;
case OBJECT_TSDICTIONARY:
msg = gettext_noop("must be owner of text search dictionary %s");
break;
/*
* Special cases: For these, the error message talks about
* "relation", because that's where the ownership is
* attached. See also check_object_ownership().
*/
case OBJECT_COLUMN:
case OBJECT_POLICY:
case OBJECT_RULE:
case OBJECT_TABCONSTRAINT:
case OBJECT_TRIGGER:
msg = gettext_noop("must be owner of relation %s");
break;
/* these currently aren't used */
case OBJECT_ACCESS_METHOD:
case OBJECT_AMOP:
case OBJECT_AMPROC:
case OBJECT_ATTRIBUTE:
case OBJECT_CAST:
case OBJECT_DEFAULT:
case OBJECT_DEFACL:
case OBJECT_DOMCONSTRAINT:
case OBJECT_PUBLICATION_REL:
case OBJECT_ROLE:
case OBJECT_TRANSFORM:
case OBJECT_TSPARSER:
case OBJECT_TSTEMPLATE:
case OBJECT_USER_MAPPING:
elog(ERROR, "unsupported object type %d", objtype);
msg = "???";
}
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg(msg, objectname)));
break;
}
default:
elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
break;
@ -3481,7 +3632,7 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
void
aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
aclcheck_error_col(AclResult aclerr, ObjectType objtype,
const char *objectname, const char *colname)
{
switch (aclerr)
@ -3497,9 +3648,7 @@ aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
break;
case ACLCHECK_NOT_OWNER:
/* relation msg is OK since columns don't have separate owners */
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg(not_owner_msg[objectkind], objectname)));
aclcheck_error(aclerr, objtype, objectname);
break;
default:
elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
@ -3517,7 +3666,7 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
{
Oid element_type = get_element_type(typeOid);
aclcheck_error(aclerr, ACL_KIND_TYPE, format_type_be(element_type ? element_type : typeOid));
aclcheck_error(aclerr, OBJECT_TYPE, format_type_be(element_type ? element_type : typeOid));
}
@ -3525,48 +3674,48 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid)
* Relay for the various pg_*_mask routines depending on object kind
*/
static AclMode
pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum, Oid roleid,
pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid,
AclMode mask, AclMaskHow how)
{
switch (objkind)
switch (objtype)
{
case ACL_KIND_COLUMN:
case OBJECT_COLUMN:
return
pg_class_aclmask(table_oid, roleid, mask, how) |
pg_attribute_aclmask(table_oid, attnum, roleid, mask, how);
case ACL_KIND_CLASS:
case ACL_KIND_SEQUENCE:
case OBJECT_TABLE:
case OBJECT_SEQUENCE:
return pg_class_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_DATABASE:
case OBJECT_DATABASE:
return pg_database_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_PROC:
case OBJECT_FUNCTION:
return pg_proc_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_LANGUAGE:
case OBJECT_LANGUAGE:
return pg_language_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
return pg_largeobject_aclmask_snapshot(table_oid, roleid,
mask, how, NULL);
case ACL_KIND_NAMESPACE:
case OBJECT_SCHEMA:
return pg_namespace_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_STATISTICS:
case OBJECT_STATISTIC_EXT:
elog(ERROR, "grantable rights not supported for statistics objects");
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
case ACL_KIND_TABLESPACE:
case OBJECT_TABLESPACE:
return pg_tablespace_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_FDW:
case OBJECT_FDW:
return pg_foreign_data_wrapper_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
return pg_foreign_server_aclmask(table_oid, roleid, mask, how);
case ACL_KIND_EVENT_TRIGGER:
case OBJECT_EVENT_TRIGGER:
elog(ERROR, "grantable rights not supported for event triggers");
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
case ACL_KIND_TYPE:
case OBJECT_TYPE:
return pg_type_aclmask(table_oid, roleid, mask, how);
default:
elog(ERROR, "unrecognized objkind: %d",
(int) objkind);
elog(ERROR, "unrecognized objtype: %d",
(int) objtype);
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
}

8
src/backend/catalog/namespace.c
View File

@ -560,7 +560,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
/* Check namespace permissions. */
aclresult = pg_namespace_aclcheck(nspid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(nspid));
if (retry)
@ -585,7 +585,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation,
if (lockmode != NoLock && OidIsValid(relid))
{
if (!pg_class_ownercheck(relid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)),
relation->relname);
if (relid != oldrelid)
LockRelationOid(relid, lockmode);
@ -2874,7 +2874,7 @@ LookupExplicitNamespace(const char *nspname, bool missing_ok)
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
nspname);
/* Schema search hook for this lookup */
InvokeNamespaceSearchHook(namespaceId, true);
@ -2911,7 +2911,7 @@ LookupCreationNamespace(const char *nspname)
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
nspname);
return namespaceId;

125
src/backend/catalog/objectaddress.c
View File

@ -104,7 +104,7 @@ typedef struct
AttrNumber attnum_namespace; /* attnum of namespace field */
AttrNumber attnum_owner; /* attnum of owner field */
AttrNumber attnum_acl; /* attnum of acl field */
AclObjectKind acl_kind; /* ACL_KIND_* of this object type */
ObjectType objtype; /* OBJECT_* of this object type */
bool is_nsp_name_unique; /* can the nsp/name combination (or name
* alone, if there's no namespace) be
* considered a unique identifier for an
@ -146,7 +146,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_collation_collnamespace,
Anum_pg_collation_collowner,
InvalidAttrNumber,
ACL_KIND_COLLATION,
OBJECT_COLLATION,
true
},
{
@ -170,7 +170,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_conversion_connamespace,
Anum_pg_conversion_conowner,
InvalidAttrNumber,
ACL_KIND_CONVERSION,
OBJECT_CONVERSION,
true
},
{
@ -182,7 +182,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_database_datdba,
Anum_pg_database_datacl,
ACL_KIND_DATABASE,
OBJECT_DATABASE,
true
},
{
@ -194,7 +194,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber, /* extension doesn't belong to extnamespace */
Anum_pg_extension_extowner,
InvalidAttrNumber,
ACL_KIND_EXTENSION,
OBJECT_EXTENSION,
true
},
{
@ -206,7 +206,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_foreign_data_wrapper_fdwowner,
Anum_pg_foreign_data_wrapper_fdwacl,
ACL_KIND_FDW,
OBJECT_FDW,
true
},
{
@ -218,7 +218,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_foreign_server_srvowner,
Anum_pg_foreign_server_srvacl,
ACL_KIND_FOREIGN_SERVER,
OBJECT_FOREIGN_SERVER,
true
},
{
@ -230,7 +230,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_proc_pronamespace,
Anum_pg_proc_proowner,
Anum_pg_proc_proacl,
ACL_KIND_PROC,
OBJECT_FUNCTION,
false
},
{
@ -242,7 +242,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_language_lanowner,
Anum_pg_language_lanacl,
ACL_KIND_LANGUAGE,
OBJECT_LANGUAGE,
true
},
{
@ -254,7 +254,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_largeobject_metadata_lomowner,
Anum_pg_largeobject_metadata_lomacl,
ACL_KIND_LARGEOBJECT,
OBJECT_LARGEOBJECT,
false
},
{
@ -266,7 +266,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_opclass_opcnamespace,
Anum_pg_opclass_opcowner,
InvalidAttrNumber,
ACL_KIND_OPCLASS,
OBJECT_OPCLASS,
true
},
{
@ -278,7 +278,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_operator_oprnamespace,
Anum_pg_operator_oprowner,
InvalidAttrNumber,
ACL_KIND_OPER,
OBJECT_OPERATOR,
false
},
{
@ -290,7 +290,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_opfamily_opfnamespace,
Anum_pg_opfamily_opfowner,
InvalidAttrNumber,
ACL_KIND_OPFAMILY,
OBJECT_OPFAMILY,
true
},
{
@ -326,7 +326,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_namespace_nspowner,
Anum_pg_namespace_nspacl,
ACL_KIND_NAMESPACE,
OBJECT_SCHEMA,
true
},
{
@ -338,7 +338,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_class_relnamespace,
Anum_pg_class_relowner,
Anum_pg_class_relacl,
ACL_KIND_CLASS,
OBJECT_TABLE,
true
},
{
@ -350,7 +350,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_tablespace_spcowner,
Anum_pg_tablespace_spcacl,
ACL_KIND_TABLESPACE,
OBJECT_TABLESPACE,
true
},
{
@ -392,7 +392,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_event_trigger_evtowner,
InvalidAttrNumber,
ACL_KIND_EVENT_TRIGGER,
OBJECT_EVENT_TRIGGER,
true
},
{
@ -404,7 +404,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_ts_config_cfgnamespace,
Anum_pg_ts_config_cfgowner,
InvalidAttrNumber,
ACL_KIND_TSCONFIGURATION,
OBJECT_TSCONFIGURATION,
true
},
{
@ -416,7 +416,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_ts_dict_dictnamespace,
Anum_pg_ts_dict_dictowner,
InvalidAttrNumber,
ACL_KIND_TSDICTIONARY,
OBJECT_TSDICTIONARY,
true
},
{
@ -452,7 +452,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_type_typnamespace,
Anum_pg_type_typowner,
Anum_pg_type_typacl,
ACL_KIND_TYPE,
OBJECT_TYPE,
true
},
{
@ -464,7 +464,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_publication_pubowner,
InvalidAttrNumber,
ACL_KIND_PUBLICATION,
OBJECT_PUBLICATION,
true
},
{
@ -476,7 +476,7 @@ static const ObjectPropertyType ObjectProperty[] =
InvalidAttrNumber,
Anum_pg_subscription_subowner,
InvalidAttrNumber,
ACL_KIND_SUBSCRIPTION,
OBJECT_SUBSCRIPTION,
true
},
{
@ -488,7 +488,7 @@ static const ObjectPropertyType ObjectProperty[] =
Anum_pg_statistic_ext_stxnamespace,
Anum_pg_statistic_ext_stxowner,
InvalidAttrNumber, /* no ACL (same as relation) */
ACL_KIND_STATISTICS,
OBJECT_STATISTIC_EXT,
true
}
};
@ -2242,12 +2242,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
case OBJECT_POLICY:
case OBJECT_TABCONSTRAINT:
if (!pg_class_ownercheck(RelationGetRelid(relation), roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
RelationGetRelationName(relation));
break;
case OBJECT_DATABASE:
if (!pg_database_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_TYPE:
@ -2262,62 +2262,62 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
case OBJECT_PROCEDURE:
case OBJECT_ROUTINE:
if (!pg_proc_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString((castNode(ObjectWithArgs, object))->objname));
break;
case OBJECT_OPERATOR:
if (!pg_oper_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString((castNode(ObjectWithArgs, object))->objname));
break;
case OBJECT_SCHEMA:
if (!pg_namespace_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_COLLATION:
if (!pg_collation_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_CONVERSION:
if (!pg_conversion_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_EXTENSION:
if (!pg_extension_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_FDW:
if (!pg_foreign_data_wrapper_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FDW,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_FOREIGN_SERVER:
if (!pg_foreign_server_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_EVENT_TRIGGER:
if (!pg_event_trigger_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_LANGUAGE:
if (!pg_language_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_OPCLASS:
if (!pg_opclass_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_OPFAMILY:
if (!pg_opfamily_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPFAMILY,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_LARGEOBJECT:
@ -2347,12 +2347,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
break;
case OBJECT_PUBLICATION:
if (!pg_publication_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_SUBSCRIPTION:
if (!pg_subscription_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_TRANSFORM:
@ -2366,17 +2366,17 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address,
break;
case OBJECT_TABLESPACE:
if (!pg_tablespace_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_TSDICTIONARY:
if (!pg_ts_dict_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_TSCONFIGURATION:
if (!pg_ts_config_ownercheck(address.objectId, roleid))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_ROLE:
@ -2540,12 +2540,22 @@ get_object_attnum_acl(Oid class_id)
return prop->attnum_acl;
}
AclObjectKind
get_object_aclkind(Oid class_id)
ObjectType
get_object_type(Oid class_id, Oid object_id)
{
const ObjectPropertyType *prop = get_object_property_data(class_id);
return prop->acl_kind;
if (prop->objtype == OBJECT_TABLE)
{
/*
* If the property data says it's a table, dig a little deeper to get
* the real relation kind, so that callers can produce more precise
* error messages.
*/
return get_relkind_objtype(get_rel_relkind(object_id));
}
else
return prop->objtype;
}
bool
@ -5099,3 +5109,28 @@ strlist_to_textarray(List *list)
return arr;
}
ObjectType
get_relkind_objtype(char relkind)
{
switch (relkind)
{
case RELKIND_RELATION:
case RELKIND_PARTITIONED_TABLE:
return OBJECT_TABLE;
case RELKIND_INDEX:
return OBJECT_INDEX;
case RELKIND_SEQUENCE:
return OBJECT_SEQUENCE;
case RELKIND_VIEW:
return OBJECT_VIEW;
case RELKIND_MATVIEW:
return OBJECT_MATVIEW;
case RELKIND_FOREIGN_TABLE:
return OBJECT_FOREIGN_TABLE;
/* other relkinds are not supported here because they don't map to OBJECT_* values */
default:
elog(ERROR, "unexpected relkind: %d", relkind);
return 0;
}
}

2
src/backend/catalog/pg_aggregate.c
View File

@ -865,7 +865,7 @@ lookup_agg_function(List *fnName,
/* Check aggregate creator has permission to call the function */
aclresult = pg_proc_aclcheck(fnOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fnOid));
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(fnOid));
return fnOid;
}

8
src/backend/catalog/pg_operator.c
View File

@ -425,7 +425,7 @@ OperatorCreate(const char *operatorName,
*/
if (OidIsValid(operatorObjectId) &&
!pg_oper_ownercheck(operatorObjectId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
operatorName);
/*
@ -445,7 +445,7 @@ OperatorCreate(const char *operatorName,
/* Permission check: must own other operator */
if (OidIsValid(commutatorId) &&
!pg_oper_ownercheck(commutatorId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
NameListToString(commutatorName));
/*
@ -470,7 +470,7 @@ OperatorCreate(const char *operatorName,
/* Permission check: must own other operator */
if (OidIsValid(negatorId) &&
!pg_oper_ownercheck(negatorId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
NameListToString(negatorName));
}
else
@ -618,7 +618,7 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(otherNamespace));
other_oid = OperatorShellMake(otherName,

2
src/backend/catalog/pg_proc.c
View File

@ -400,7 +400,7 @@ ProcedureCreate(const char *procedureName,
errmsg("function \"%s\" already exists with same argument types",
procedureName)));
if (!pg_proc_ownercheck(HeapTupleGetOid(oldtup), proowner))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
procedureName);
/*

2
src/backend/catalog/pg_type.c
View File

@ -413,7 +413,7 @@ TypeCreate(Oid newTypeOid,
* shell type must have been created by same owner
*/
if (((Form_pg_type) GETSTRUCT(tup))->typowner != ownerId)
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, typeName);
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TYPE, typeName);
/* trouble if caller wanted to force the OID */
if (OidIsValid(newTypeOid))

2
src/backend/commands/aggregatecmds.c
View File

@ -103,7 +103,7 @@ DefineAggregate(ParseState *pstate, List *name, List *args, bool oldstyle, List
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(aggNamespace));
/* Deconstruct the output of the aggr_args grammar production */

18
src/backend/commands/alter.c
View File

@ -171,7 +171,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
AttrNumber Anum_name = get_object_attnum_name(classId);
AttrNumber Anum_namespace = get_object_attnum_namespace(classId);
AttrNumber Anum_owner = get_object_attnum_owner(classId);
AclObjectKind acl_kind = get_object_aclkind(classId);
ObjectType objtype = get_object_type(classId, objectId);
HeapTuple oldtup;
HeapTuple newtup;
Datum datum;
@ -223,7 +223,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
ownerId = DatumGetObjectId(datum);
if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId)))
aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, old_name);
aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name);
/* User must have CREATE privilege on the namespace */
if (OidIsValid(namespaceId))
@ -231,7 +231,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
}
}
@ -663,7 +663,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
AttrNumber Anum_name = get_object_attnum_name(classId);
AttrNumber Anum_namespace = get_object_attnum_namespace(classId);
AttrNumber Anum_owner = get_object_attnum_owner(classId);
AclObjectKind acl_kind = get_object_aclkind(classId);
ObjectType objtype = get_object_type(classId, objid);
Oid oldNspOid;
Datum name,
namespace;
@ -719,13 +719,13 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
ownerId = DatumGetObjectId(owner);
if (!has_privs_of_role(GetUserId(), ownerId))
aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind,
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameStr(*(DatumGetName(name))));
/* User must have CREATE privilege on new namespace */
aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(nspOid));
}
@ -942,7 +942,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
/* Superusers can bypass permission checks */
if (!superuser())
{
AclObjectKind aclkind = get_object_aclkind(classId);
ObjectType objtype = get_object_type(classId, objectId);
/* must be owner */
if (!has_privs_of_role(GetUserId(), old_ownerId))
@ -963,7 +963,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
HeapTupleGetOid(oldtup));
objname = namebuf;
}
aclcheck_error(ACLCHECK_NOT_OWNER, aclkind, objname);
aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname);
}
/* Must be able to become new owner */
check_is_member_of_role(GetUserId(), new_ownerId);
@ -976,7 +976,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
}
}

4
src/backend/commands/collationcmds.c
View File

@ -74,7 +74,7 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e
aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(collNamespace));
foreach(pl, parameters)
@ -278,7 +278,7 @@ AlterCollation(AlterCollationStmt *stmt)
collOid = get_collation_oid(stmt->collname, false);
if (!pg_collation_ownercheck(collOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_COLLATION,
NameListToString(stmt->collname));
tup = SearchSysCacheCopy1(COLLOID, ObjectIdGetDatum(collOid));

4
src/backend/commands/conversioncmds.c
View File

@ -55,7 +55,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
/* Check the encoding names */
@ -90,7 +90,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
/* Check we have EXECUTE rights for the function */
aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(func_name));
/*

16
src/backend/commands/dbcommands.c
View File

@ -422,7 +422,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
aclcheck_error(aclresult, OBJECT_TABLESPACE,
tablespacename);
/* pg_global must never be the default tablespace */
@ -822,7 +822,7 @@ dropdb(const char *dbname, bool missing_ok)
* Permission checks
*/
if (!pg_database_ownercheck(db_id, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
dbname);
/* DROP hook for the database being removed */
@ -997,7 +997,7 @@ RenameDatabase(const char *oldname, const char *newname)
/* must be owner */
if (!pg_database_ownercheck(db_id, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
oldname);
/* must have createdb rights */
@ -1112,7 +1112,7 @@ movedb(const char *dbname, const char *tblspcname)
* Permission checks
*/
if (!pg_database_ownercheck(db_id, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
dbname);
/*
@ -1134,7 +1134,7 @@ movedb(const char *dbname, const char *tblspcname)
aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
aclcheck_error(aclresult, OBJECT_TABLESPACE,
tblspcname);
/*
@ -1515,7 +1515,7 @@ AlterDatabase(ParseState *pstate, AlterDatabaseStmt *stmt, bool isTopLevel)
dboid = HeapTupleGetOid(tuple);
if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
stmt->dbname);
/*
@ -1583,7 +1583,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
shdepLockAndCheckObject(DatabaseRelationId, datid);
if (!pg_database_ownercheck(datid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
stmt->dbname);
AlterSetting(datid, InvalidOid, stmt->setstmt);
@ -1646,7 +1646,7 @@ AlterDatabaseOwner(const char *dbname, Oid newOwnerId)
/* Otherwise, must be owner of the existing object */
if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
dbname);
/* Must be able to become new owner */

4
src/backend/commands/event_trigger.c
View File

@ -519,7 +519,7 @@ AlterEventTrigger(AlterEventTrigStmt *stmt)
trigoid = HeapTupleGetOid(tup);
if (!pg_event_trigger_ownercheck(trigoid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
stmt->trigname);
/* tuple is a copy, so we can modify it below */
@ -610,7 +610,7 @@ AlterEventTriggerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
return;
if (!pg_event_trigger_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
NameStr(form->evtname));
/* New owner must be a superuser */

8
src/backend/commands/extension.c
View File

@ -2704,13 +2704,13 @@ AlterExtensionNamespace(const char *extensionName, const char *newschema, Oid *o
* check ownership of the individual member objects ...
*/
if (!pg_extension_ownercheck(extensionOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
extensionName);
/* Permission check: must have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE, newschema);
aclcheck_error(aclresult, OBJECT_SCHEMA, newschema);
/*
* If the schema is currently a member of the extension, disallow moving
@ -2924,7 +2924,7 @@ ExecAlterExtensionStmt(ParseState *pstate, AlterExtensionStmt *stmt)
/* Permission check: must own extension */
if (!pg_extension_ownercheck(extensionOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
stmt->extname);
/*
@ -3182,7 +3182,7 @@ ExecAlterExtensionContentsStmt(AlterExtensionContentsStmt *stmt,
/* Permission check: must own extension */
if (!pg_extension_ownercheck(extension.objectId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
stmt->extname);
/*

16
src/backend/commands/foreigncmds.c
View File

@ -358,7 +358,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
/* Must be owner */
if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
NameStr(form->srvname));
/* Must be able to become new owner */
@ -370,7 +370,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
{
ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw);
aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
}
}
@ -907,7 +907,7 @@ CreateForeignServer(CreateForeignServerStmt *stmt)
aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
/*
* Insert tuple into pg_foreign_server.
@ -1010,7 +1010,7 @@ AlterForeignServer(AlterForeignServerStmt *stmt)
* Only owner or a superuser can ALTER a SERVER.
*/
if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
stmt->servername);
memset(repl_val, 0, sizeof(repl_val));
@ -1119,10 +1119,10 @@ user_mapping_ddl_aclcheck(Oid umuserid, Oid serverid, const char *servername)
aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, servername);
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername);
}
else
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
servername);
}
}
@ -1477,7 +1477,7 @@ CreateForeignTable(CreateForeignTableStmt *stmt, Oid relid)
server = GetForeignServerByName(stmt->servername, false);
aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
fdw = GetForeignDataWrapper(server->fdwid);
@ -1536,7 +1536,7 @@ ImportForeignSchema(ImportForeignSchemaStmt *stmt)
server = GetForeignServerByName(stmt->server_name, false);
aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
/* Check that the schema exists and we have CREATE permissions on it */
(void) LookupCreationNamespace(stmt->local_schema);

26
src/backend/commands/functioncmds.c
View File

@ -146,7 +146,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
address = TypeShellMake(typname, namespaceId, GetUserId());
rettype = address.objectId;
@ -953,7 +953,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
/* default attributes */
@ -995,14 +995,14 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
aclcheck_error(aclresult, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
else
{
/* if untrusted language, must be superuser */
if (!superuser())
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
@ -1254,7 +1254,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt)
/* Permission check: must own function */
if (!pg_proc_ownercheck(funcOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype,
NameListToString(stmt->func->objname));
if (procForm->proisagg)
@ -1911,7 +1911,7 @@ CreateTransform(CreateTransformStmt *stmt)
aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_LANGUAGE, stmt->lang);
aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang);
/*
* Get the functions
@ -1921,11 +1921,11 @@ CreateTransform(CreateTransformStmt *stmt)
fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false);
if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(fromsqlfuncid));
if (!HeapTupleIsValid(tuple))
@ -1947,11 +1947,11 @@ CreateTransform(CreateTransformStmt *stmt)
tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false);
if (!pg_proc_ownercheck(tosqlfuncid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(tosqlfuncid));
if (!HeapTupleIsValid(tuple))
@ -2209,14 +2209,14 @@ ExecuteDoStmt(DoStmt *stmt)
aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(),
ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
aclcheck_error(aclresult, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
else
{
/* if untrusted language, must be superuser */
if (!superuser())
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
@ -2270,7 +2270,7 @@ ExecuteCallStmt(ParseState *pstate, CallStmt *stmt)
aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fexpr->funcid));
aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid));
InvokeFunctionExecuteHook(fexpr->funcid);
nargs = list_length(fexpr->args);

10
src/backend/commands/indexcmds.c
View File

@ -474,7 +474,7 @@ DefineIndex(Oid relationId,
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
}
@ -501,7 +501,7 @@ DefineIndex(Oid relationId,
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(tablespaceId));
}
@ -2048,7 +2048,7 @@ RangeVarCallbackForReindexIndex(const RangeVar *relation,
/* Check permissions */
if (!pg_class_ownercheck(relId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, relation->relname);
/* Lock heap before index to avoid deadlock. */
if (relId != oldRelId)
@ -2127,7 +2127,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
objectOid = get_namespace_oid(objectName, false);
if (!pg_namespace_ownercheck(objectOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
objectName);
}
else
@ -2139,7 +2139,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
errmsg("can only reindex the currently open database")));
if (!pg_database_ownercheck(objectOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
objectName);
}

4
src/backend/commands/lockcmds.c
View File

@ -96,7 +96,7 @@ RangeVarCallbackForLockTable(const RangeVar *rv, Oid relid, Oid oldrelid,
/* Check permissions. */
aclresult = LockTableAclCheck(relid, lockmode);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS, rv->relname);
aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
}
/*
@ -127,7 +127,7 @@ LockTableRecurse(Oid reloid, LOCKMODE lockmode, bool nowait)
if (!relname)
continue; /* child concurrently dropped, just skip it */
aclcheck_error(aclresult, ACL_KIND_CLASS, relname);
aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(childreloid)), relname);
}
/* We have enough rights to lock the relation; do so. */

16
src/backend/commands/opclasscmds.c
View File

@ -353,7 +353,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/* Get necessary info about access method */
@ -497,11 +497,11 @@ DefineOpClass(CreateOpClassStmt *stmt)
/* XXX this is unnecessary given the superuser check above */
/* Caller must own operator and its underlying function */
if (!pg_oper_ownercheck(operOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
get_opname(operOid));
funcOid = get_opcode(operOid);
if (!pg_proc_ownercheck(funcOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif
@ -525,7 +525,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
/* XXX this is unnecessary given the superuser check above */
/* Caller must own function */
if (!pg_proc_ownercheck(funcOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif
@ -730,7 +730,7 @@ DefineOpFamily(CreateOpFamilyStmt *stmt)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/* Get access method OID, throwing an error if it doesn't exist. */
@ -871,11 +871,11 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
/* XXX this is unnecessary given the superuser check above */
/* Caller must own operator and its underlying function */
if (!pg_oper_ownercheck(operOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
get_opname(operOid));
funcOid = get_opcode(operOid);
if (!pg_proc_ownercheck(funcOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif
@ -899,7 +899,7 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
/* XXX this is unnecessary given the superuser check above */
/* Caller must own function */
if (!pg_proc_ownercheck(funcOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif

10
src/backend/commands/operatorcmds.c
View File

@ -95,7 +95,7 @@ DefineOperator(List *names, List *parameters)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(oprNamespace));
/*
@ -215,7 +215,7 @@ DefineOperator(List *names, List *parameters)
*/
aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(functionName));
rettype = get_func_rettype(functionOid);
@ -281,7 +281,7 @@ ValidateRestrictionEstimator(List *restrictionName)
/* Require EXECUTE rights for the estimator */
aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(restrictionName));
return restrictionOid;
@ -327,7 +327,7 @@ ValidateJoinEstimator(List *joinName)
/* Require EXECUTE rights for the estimator */
aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(joinName));
return joinOid;
@ -457,7 +457,7 @@ AlterOperator(AlterOperatorStmt *stmt)
/* Check permissions. Must be owner. */
if (!pg_oper_ownercheck(oprId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
NameStr(oprForm->oprname));
/*

2
src/backend/commands/policy.c
View File

@ -78,7 +78,7 @@ RangeVarCallbackForPolicy(const RangeVar *rv, Oid relid, Oid oldrelid,
/* Must own relation. */
if (!pg_class_ownercheck(relid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
/* No system table modifications unless explicitly allowed. */
if (!allowSystemTableMods && IsSystemClass(relid, classform))

4
src/backend/commands/proclang.c
View File

@ -97,7 +97,7 @@ CreateProceduralLanguage(CreatePLangStmt *stmt)
errmsg("must be superuser to create procedural language \"%s\"",
stmt->plname)));
if (!pg_database_ownercheck(MyDatabaseId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
}
@ -366,7 +366,7 @@ create_proc_lang(const char *languageName, bool replace,
(errcode(ERRCODE_DUPLICATE_OBJECT),
errmsg("language \"%s\" already exists", languageName)));
if (!pg_language_ownercheck(HeapTupleGetOid(oldtup), languageOwner))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_LANGUAGE,
languageName);
/*

10
src/backend/commands/publicationcmds.c
View File

@ -150,7 +150,7 @@ CreatePublication(CreatePublicationStmt *stmt)
/* must have CREATE privilege on database */
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_DATABASE,
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
/* FOR ALL TABLES requires superuser */
@ -403,7 +403,7 @@ AlterPublication(AlterPublicationStmt *stmt)
/* must be owner */
if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
stmt->pubname);
if (stmt->options)
@ -582,7 +582,7 @@ PublicationAddTables(Oid pubid, List *rels, bool if_not_exists,
/* Must be owner of the table or superuser. */
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
obj = publication_add_relation(pubid, rel, if_not_exists);
@ -649,7 +649,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
/* Must be owner */
if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
NameStr(form->pubname));
/* Must be able to become new owner */
@ -658,7 +658,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
/* New owner must have CREATE privilege on database */
aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_DATABASE,
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
if (form->puballtables && !superuser_arg(newOwnerId))

10
src/backend/commands/schemacmds.c
View File

@ -94,7 +94,7 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
*/
aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_DATABASE,
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
check_is_member_of_role(saved_uid, owner_uid);
@ -265,13 +265,13 @@ RenameSchema(const char *oldname, const char *newname)
/* must be owner */
if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
oldname);
/* must have CREATE privilege on database */
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_DATABASE,
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
if (!allowSystemTableMods && IsReservedName(newname))
@ -373,7 +373,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
/* Otherwise, must be owner of the existing object */
if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
NameStr(nspForm->nspname));
/* Must be able to become new owner */
@ -391,7 +391,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_DATABASE,
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
memset(repl_null, false, sizeof(repl_null));

2
src/backend/commands/statscmds.c
View File

@ -141,7 +141,7 @@ CreateStatistics(CreateStatsStmt *stmt)
/* You must own the relation to create stats on it */
if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
}

6
src/backend/commands/subscriptioncmds.c
View File

@ -635,7 +635,7 @@ AlterSubscription(AlterSubscriptionStmt *stmt)
/* must be owner */
if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
stmt->subname);
subid = HeapTupleGetOid(tup);
@ -854,7 +854,7 @@ DropSubscription(DropSubscriptionStmt *stmt, bool isTopLevel)
/* must be owner */
if (!pg_subscription_ownercheck(subid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
stmt->subname);
/* DROP hook for the subscription being removed */
@ -1022,7 +1022,7 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
return;
if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
NameStr(form->subname));
/* New owner must be a superuser */

36
src/backend/commands/tablecmds.c
View File

@ -601,7 +601,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(tablespaceId));
}
@ -1255,7 +1255,7 @@ RangeVarCallbackForDropRelation(const RangeVar *rel, Oid relOid, Oid oldRelOid,
/* Allow DROP to either table owner or schema owner */
if (!pg_class_ownercheck(relOid, GetUserId()) &&
!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)),
rel->relname);
if (!allowSystemTableMods && IsSystemClass(relOid, classform))
@ -1438,7 +1438,7 @@ ExecuteTruncate(TruncateStmt *stmt)
/* This check must match AlterSequence! */
if (!pg_class_ownercheck(seq_relid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SEQUENCE,
RelationGetRelationName(seq_rel));
seq_relids = lappend_oid(seq_relids, seq_relid);
@ -1626,7 +1626,7 @@ truncate_check_rel(Relation rel)
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_TRUNCATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (!allowSystemTableMods && IsSystemRelation(rel))
@ -1912,7 +1912,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence,
* demand that creator of a child table own the parent.
*/
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(relation->rd_rel->relkind),
RelationGetRelationName(relation));
/*
@ -2600,7 +2600,7 @@ renameatt_check(Oid myrelid, Form_pg_class classform, bool recursing)
* permissions checking. only the owner of a class can change its schema.
*/
if (!pg_class_ownercheck(myrelid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(myrelid)),
NameStr(classform->relname));
if (!allowSystemTableMods && IsSystemClass(myrelid, classform))
ereport(ERROR,
@ -4837,7 +4837,7 @@ ATSimplePermissions(Relation rel, int allowed_targets)
/* Permissions checks */
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (!allowSystemTableMods && IsSystemRelation(rel))
@ -6283,7 +6283,7 @@ ATPrepSetStatistics(Relation rel, const char *colName, int16 colNum, Node *newVa
/* Permissions checks */
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
}
@ -8209,7 +8209,7 @@ checkFkeyPermissions(Relation rel, int16 *attnums, int natts)
aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i],
roleid, ACL_REFERENCES);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
}
}
@ -10129,7 +10129,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
/* Otherwise, must be owner of the existing object */
if (!pg_class_ownercheck(relationOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relationOid)),
RelationGetRelationName(target_rel));
/* Must be able to become new owner */
@ -10139,7 +10139,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceOid));
}
}
@ -10437,7 +10437,7 @@ ATPrepSetTableSpace(AlteredTableInfo *tab, Relation rel, const char *tablespacen
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE, tablespacename);
aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename);
}
/* Save info for Phase 3 to do the real work */
@ -10872,7 +10872,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(new_tablespaceoid));
}
@ -10944,7 +10944,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
* Caller must be considered an owner on the table to move it.
*/
if (!pg_class_ownercheck(relOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)),
NameStr(relForm->relname));
if (stmt->nowait &&
@ -13162,7 +13162,7 @@ RangeVarCallbackOwnsTable(const RangeVar *relation,
/* Check permissions */
if (!pg_class_ownercheck(relId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)), relation->relname);
}
/*
@ -13184,7 +13184,7 @@ RangeVarCallbackOwnsRelation(const RangeVar *relation,
elog(ERROR, "cache lookup failed for relation %u", relId);
if (!pg_class_ownercheck(relId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)),
relation->relname);
if (!allowSystemTableMods &&
@ -13220,7 +13220,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
/* Must own relation. */
if (!pg_class_ownercheck(relid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
/* No system table modifications unless explicitly allowed. */
if (!allowSystemTableMods && IsSystemClass(relid, classform))
@ -13240,7 +13240,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
aclresult = pg_namespace_aclcheck(classform->relnamespace,
GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(classform->relnamespace));
reltype = ((RenameStmt *) stmt)->renameType;
}

10
src/backend/commands/tablespace.c
View File

@ -444,13 +444,13 @@ DropTableSpace(DropTableSpaceStmt *stmt)
/* Must be tablespace owner */
if (!pg_tablespace_ownercheck(tablespaceoid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
tablespacename);
/* Disallow drop of the standard tablespaces, even by superuser */
if (tablespaceoid == GLOBALTABLESPACE_OID ||
tablespaceoid == DEFAULTTABLESPACE_OID)
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE,
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE,
tablespacename);
/* DROP hook for the tablespace being removed */
@ -941,7 +941,7 @@ RenameTableSpace(const char *oldname, const char *newname)
/* Must be owner */
if (!pg_tablespace_ownercheck(HeapTupleGetOid(newtuple), GetUserId()))
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, oldname);
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, oldname);
/* Validate new name */
if (!allowSystemTableMods && IsReservedName(newname))
@ -1017,7 +1017,7 @@ AlterTableSpaceOptions(AlterTableSpaceOptionsStmt *stmt)
/* Must be owner of the existing object */
if (!pg_tablespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
stmt->tablespacename);
/* Generate new proposed spcoptions (text array) */
@ -1232,7 +1232,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source)
if (aclresult != ACLCHECK_OK)
{
if (source >= PGC_S_INTERACTIVE)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE, curname);
aclcheck_error(aclresult, OBJECT_TABLESPACE, curname);
continue;
}

8
src/backend/commands/trigger.c
View File

@ -284,7 +284,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_TRIGGER);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (OidIsValid(constrrelid))
@ -292,7 +292,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
ACL_TRIGGER);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(constrrelid)),
get_rel_name(constrrelid));
}
}
@ -592,7 +592,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
{
aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(stmt->funcname));
}
funcrettype = get_func_rettype(funcoid);
@ -1422,7 +1422,7 @@ RangeVarCallbackForRenameTrigger(const RangeVar *rv, Oid relid, Oid oldrelid,
/* you must own the table to rename one of its triggers */
if (!pg_class_ownercheck(relid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
if (!allowSystemTableMods && IsSystemClass(relid, form))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),

8
src/backend/commands/tsearchcmds.c
View File

@ -428,7 +428,7 @@ DefineTSDictionary(List *names, List *parameters)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/*
@ -549,7 +549,7 @@ AlterTSDictionary(AlterTSDictionaryStmt *stmt)
/* must be owner */
if (!pg_ts_dict_ownercheck(dictId, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSDICTIONARY,
NameListToString(stmt->dictname));
/* deserialize the existing set of options */
@ -980,7 +980,7 @@ DefineTSConfiguration(List *names, List *parameters, ObjectAddress *copied)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/*
@ -1189,7 +1189,7 @@ AlterTSConfiguration(AlterTSConfigurationStmt *stmt)
/* must be owner */
if (!pg_ts_config_ownercheck(HeapTupleGetOid(tup), GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSCONFIGURATION,
NameListToString(stmt->cfgname));
relMap = heap_open(TSConfigMapRelationId, RowExclusiveLock);

28
src/backend/commands/typecmds.c
View File

@ -190,7 +190,7 @@ DefineType(ParseState *pstate, List *names, List *parameters)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typeNamespace));
#endif
@ -526,25 +526,25 @@ DefineType(ParseState *pstate, List *names, List *parameters)
#ifdef NOT_USED
/* XXX this is unnecessary given the superuser check above */
if (inputOid && !pg_proc_ownercheck(inputOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(inputName));
if (outputOid && !pg_proc_ownercheck(outputOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(outputName));
if (receiveOid && !pg_proc_ownercheck(receiveOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(receiveName));
if (sendOid && !pg_proc_ownercheck(sendOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(sendName));
if (typmodinOid && !pg_proc_ownercheck(typmodinOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(typmodinName));
if (typmodoutOid && !pg_proc_ownercheck(typmodoutOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(typmodoutName));
if (analyzeOid && !pg_proc_ownercheck(analyzeOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(analyzeName));
#endif
@ -772,7 +772,7 @@ DefineDomain(CreateDomainStmt *stmt)
aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(domainNamespace));
/*
@ -1171,7 +1171,7 @@ DefineEnum(CreateEnumStmt *stmt)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(enumNamespace));
/*
@ -1398,7 +1398,7 @@ DefineRange(CreateRangeStmt *stmt)
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typeNamespace));
/*
@ -2042,7 +2042,7 @@ findRangeCanonicalFunction(List *procname, Oid typeOid)
/* Also, range type's creator must have permission to call function */
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
return procOid;
}
@ -2085,7 +2085,7 @@ findRangeSubtypeDiffFunction(List *procname, Oid subtype)
/* Also, range type's creator must have permission to call function */
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
return procOid;
}
@ -3380,7 +3380,7 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype)
newOwnerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typTup->typnamespace));
}

2
src/backend/commands/user.c
View File

@ -939,7 +939,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
* ALTER DATABASE ... SET, so use the same permission check.
*/
if (!pg_database_ownercheck(databaseid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
stmt->database);
}
}

4
src/backend/executor/execExpr.c
View File

@ -955,7 +955,7 @@ ExecInitExprRec(Expr *node, ExprState *state,
GetUserId(),
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(opexpr->opfuncid));
InvokeFunctionExecuteHook(opexpr->opfuncid);
@ -2162,7 +2162,7 @@ ExecInitFunc(ExprEvalStep *scratch, Expr *node, List *args, Oid funcid,
/* Check permission to call function */
aclresult = pg_proc_aclcheck(funcid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(funcid));
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(funcid));
InvokeFunctionExecuteHook(funcid);
/*

2
src/backend/executor/execMain.c
View File

@ -579,7 +579,7 @@ ExecCheckRTPerms(List *rangeTable, bool ereport_on_violation)
{
Assert(rte->rtekind == RTE_RELATION);
if (ereport_on_violation)
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NO_PRIV, get_relkind_objtype(get_rel_relkind(rte->relid)),
get_rel_name(rte->relid));
return false;
}

2
src/backend/executor/execSRF.c
View File

@ -682,7 +682,7 @@ init_sexpr(Oid foid, Oid input_collation, Expr *node,
/* Check permission to call function */
aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid));
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(foid));
InvokeFunctionExecuteHook(foid);
/*

10
src/backend/executor/nodeAgg.c
View File

@ -2548,7 +2548,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(),
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_AGGREGATE,
get_func_name(aggref->aggfnoid));
InvokeFunctionExecuteHook(aggref->aggfnoid);
@ -2638,7 +2638,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(transfn_oid));
InvokeFunctionExecuteHook(transfn_oid);
if (OidIsValid(finalfn_oid))
@ -2646,7 +2646,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(finalfn_oid));
InvokeFunctionExecuteHook(finalfn_oid);
}
@ -2655,7 +2655,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
aclresult = pg_proc_aclcheck(serialfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(serialfn_oid));
InvokeFunctionExecuteHook(serialfn_oid);
}
@ -2664,7 +2664,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags)
aclresult = pg_proc_aclcheck(deserialfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(deserialfn_oid));
InvokeFunctionExecuteHook(deserialfn_oid);
}

8
src/backend/executor/nodeWindowAgg.c
View File

@ -1928,7 +1928,7 @@ ExecInitWindowAgg(WindowAgg *node, EState *estate, int eflags)
aclresult = pg_proc_aclcheck(wfunc->winfnoid, GetUserId(),
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(wfunc->winfnoid));
InvokeFunctionExecuteHook(wfunc->winfnoid);
@ -2189,7 +2189,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(transfn_oid));
InvokeFunctionExecuteHook(transfn_oid);
@ -2198,7 +2198,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
aclresult = pg_proc_aclcheck(invtransfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(invtransfn_oid));
InvokeFunctionExecuteHook(invtransfn_oid);
}
@ -2208,7 +2208,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc,
aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(finalfn_oid));
InvokeFunctionExecuteHook(finalfn_oid);
}

4
src/backend/parser/parse_utilcmd.c
View File

@ -951,7 +951,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
aclresult = pg_type_aclcheck(relation->rd_rel->reltype, GetUserId(),
ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TYPE,
aclcheck_error(aclresult, OBJECT_TYPE,
RelationGetRelationName(relation));
}
else
@ -959,7 +959,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla
aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(),
ACL_SELECT);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(relation->rd_rel->relkind),
RelationGetRelationName(relation));
}

6
src/backend/rewrite/rewriteDefine.c
View File

@ -276,7 +276,7 @@ DefineQueryRewrite(const char *rulename,
* Check user has permission to apply rules to this relation.
*/
if (!pg_class_ownercheck(event_relid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(event_relation->rd_rel->relkind),
RelationGetRelationName(event_relation));
/*
@ -864,7 +864,7 @@ EnableDisableRule(Relation rel, const char *rulename,
eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(ruletup))->ev_class;
Assert(eventRelationOid == owningRel);
if (!pg_class_ownercheck(eventRelationOid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(eventRelationOid)),
get_rel_name(eventRelationOid));
/*
@ -927,7 +927,7 @@ RangeVarCallbackForRenameRule(const RangeVar *rv, Oid relid, Oid oldrelid,
/* you must own the table to rename one of its rules */
if (!pg_class_ownercheck(relid, GetUserId()))
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
ReleaseSysCache(tuple);
}

4
src/backend/tcop/fastpath.c
View File

@ -315,13 +315,13 @@ HandleFunctionRequest(StringInfo msgBuf)
*/
aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(fip->namespace));
InvokeNamespaceSearchHook(fip->namespace, true);
aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC,
aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(fid));
InvokeFunctionExecuteHook(fid);

4
src/backend/utils/adt/dbsize.c
View File

@ -97,7 +97,7 @@ calculate_database_size(Oid dbOid)
if (aclresult != ACLCHECK_OK &&
!is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
{
aclcheck_error(aclresult, ACL_KIND_DATABASE,
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(dbOid));
}
@ -183,7 +183,7 @@ calculate_tablespace_size(Oid tblspcOid)
{
aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(tblspcOid));
}

4
src/backend/utils/adt/tid.c
View File

@ -343,7 +343,7 @@ currtid_byreloid(PG_FUNCTION_ARGS)
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_SELECT);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (rel->rd_rel->relkind == RELKIND_VIEW)
@ -377,7 +377,7 @@ currtid_byrelname(PG_FUNCTION_ARGS)
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_SELECT);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_CLASS,
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (rel->rd_rel->relkind == RELKIND_VIEW)

4
src/backend/utils/fmgr/fmgr.c
View File

@ -2124,7 +2124,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
aclresult = pg_language_aclcheck(procStruct->prolang, GetUserId(),
ACL_USAGE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
aclcheck_error(aclresult, OBJECT_LANGUAGE,
NameStr(langStruct->lanname));
/*
@ -2134,7 +2134,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid)
*/
aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, NameStr(procStruct->proname));
aclcheck_error(aclresult, OBJECT_FUNCTION, NameStr(procStruct->proname));
ReleaseSysCache(procTup);
ReleaseSysCache(langTup);

4
src/include/catalog/objectaddress.h
View File

@ -62,7 +62,7 @@ extern AttrNumber get_object_attnum_name(Oid class_id);
extern AttrNumber get_object_attnum_namespace(Oid class_id);
extern AttrNumber get_object_attnum_owner(Oid class_id);
extern AttrNumber get_object_attnum_acl(Oid class_id);
extern AclObjectKind get_object_aclkind(Oid class_id);
extern ObjectType get_object_type(Oid class_id, Oid object_id);
extern bool get_object_namensp_unique(Oid class_id);
extern HeapTuple get_catalog_object_by_oid(Relation catalog,
@ -78,4 +78,6 @@ extern char *getObjectIdentityParts(const ObjectAddress *address,
List **objname, List **objargs);
extern ArrayType *strlist_to_textarray(List *list);
extern ObjectType get_relkind_objtype(char relkind);
#endif /* OBJECTADDRESS_H */

35
src/include/utils/acl.h
View File

@ -182,37 +182,6 @@ typedef enum
ACLCHECK_NOT_OWNER
} AclResult;
/* this enum covers all object types that can have privilege errors */
/* currently it's only used to tell aclcheck_error what to say */
typedef enum AclObjectKind
{
ACL_KIND_COLUMN, /* pg_attribute */
ACL_KIND_CLASS, /* pg_class */
ACL_KIND_SEQUENCE, /* pg_sequence */
ACL_KIND_DATABASE, /* pg_database */
ACL_KIND_PROC, /* pg_proc */
ACL_KIND_OPER, /* pg_operator */
ACL_KIND_TYPE, /* pg_type */
ACL_KIND_LANGUAGE, /* pg_language */
ACL_KIND_LARGEOBJECT, /* pg_largeobject */
ACL_KIND_NAMESPACE, /* pg_namespace */
ACL_KIND_OPCLASS, /* pg_opclass */
ACL_KIND_OPFAMILY, /* pg_opfamily */
ACL_KIND_COLLATION, /* pg_collation */
ACL_KIND_CONVERSION, /* pg_conversion */
ACL_KIND_STATISTICS, /* pg_statistic_ext */
ACL_KIND_TABLESPACE, /* pg_tablespace */
ACL_KIND_TSDICTIONARY, /* pg_ts_dict */
ACL_KIND_TSCONFIGURATION, /* pg_ts_config */
ACL_KIND_FDW, /* pg_foreign_data_wrapper */
ACL_KIND_FOREIGN_SERVER, /* pg_foreign_server */
ACL_KIND_EVENT_TRIGGER, /* pg_event_trigger */
ACL_KIND_EXTENSION, /* pg_extension */
ACL_KIND_PUBLICATION, /* pg_publication */
ACL_KIND_SUBSCRIPTION, /* pg_subscription */
MAX_ACL_KIND /* MUST BE LAST */
} AclObjectKind;
/*
* routines used internally
@ -301,10 +270,10 @@ extern AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMo
extern AclResult pg_foreign_server_aclcheck(Oid srv_oid, Oid roleid, AclMode mode);
extern AclResult pg_type_aclcheck(Oid type_oid, Oid roleid, AclMode mode);
extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
extern void aclcheck_error(AclResult aclerr, ObjectType objtype,
const char *objectname);
extern void aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
extern void aclcheck_error_col(AclResult aclerr, ObjectType objtype,
const char *objectname, const char *colname);
extern void aclcheck_error_type(AclResult aclerr, Oid typeOid);

2
src/pl/tcl/pltcl.c
View File

@ -618,7 +618,7 @@ call_pltcl_start_proc(Oid prolang, bool pltrusted)
/* Current user must have permission to call function */
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, ACL_KIND_PROC, start_proc);
aclcheck_error(aclresult, OBJECT_FUNCTION, start_proc);
/* Get the function's pg_proc entry */
procTup = SearchSysCache1(PROCOID, ObjectIdGetDatum(procOid));

4
src/test/modules/dummy_seclabel/expected/dummy_seclabel.out
View File

@ -30,14 +30,14 @@ SECURITY LABEL FOR 'dummy' ON TABLE dummy_seclabel_tbl1 IS 'unclassified'; -- OK
SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified'; -- fail
ERROR: security label provider "unknown_seclabel" is not loaded
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified'; -- fail (not owner)
ERROR: must be owner of relation dummy_seclabel_tbl2
ERROR: must be owner of table dummy_seclabel_tbl2
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret'; -- fail (not superuser)
ERROR: only superuser can set 'secret' label
SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified'; -- fail (not found)
ERROR: relation "dummy_seclabel_tbl3" does not exist
SET SESSION AUTHORIZATION regress_dummy_seclabel_user2;
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified'; -- fail
ERROR: must be owner of relation dummy_seclabel_tbl1
ERROR: must be owner of table dummy_seclabel_tbl1
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified'; -- OK
--
-- Test for shared database object

18
src/test/regress/expected/alter_table.out
View File

@ -1,5 +1,12 @@
--
-- ALTER_TABLE
--
-- Clean up in case a prior regression run failed
SET client_min_messages TO 'warning';
DROP ROLE IF EXISTS regress_alter_user1;
RESET client_min_messages;
CREATE USER regress_alter_user1;
--
-- add attribute
--
CREATE TABLE tmp (initial int4);
@ -209,9 +216,17 @@ ALTER INDEX IF EXISTS __tmp_onek_unique1 RENAME TO onek_unique1;
NOTICE: relation "__tmp_onek_unique1" does not exist, skipping
ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1;
ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1;
SET ROLE regress_alter_user1;
ALTER INDEX onek_unique1 RENAME TO fail; -- permission denied
ERROR: must be owner of index onek_unique1
RESET ROLE;
-- renaming views
CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1;
ALTER TABLE tmp_view RENAME TO tmp_view_new;
SET ROLE regress_alter_user1;
ALTER VIEW tmp_view_new RENAME TO fail; -- permission denied
ERROR: must be owner of view tmp_view_new
RESET ROLE;
-- hack to ensure we get an indexscan here
set enable_seqscan to off;
set enable_bitmapscan to off;
@ -3364,7 +3379,7 @@ CREATE TABLE owned_by_me (
a int
) PARTITION BY LIST (a);
ALTER TABLE owned_by_me ATTACH PARTITION not_owned_by_me FOR VALUES IN (1);
ERROR: must be owner of relation not_owned_by_me
ERROR: must be owner of table not_owned_by_me
RESET SESSION AUTHORIZATION;
DROP TABLE owned_by_me, not_owned_by_me;
DROP ROLE regress_test_not_me;
@ -3883,3 +3898,4 @@ ALTER TABLE tmp ALTER COLUMN i SET (n_distinct = 1, n_distinct_inherited = 2);
ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited);
ANALYZE tmp;
DROP TABLE tmp;
DROP USER regress_alter_user1;

6
src/test/regress/expected/copy2.out
View File

@ -521,12 +521,12 @@ RESET SESSION AUTHORIZATION;
SET SESSION AUTHORIZATION regress_rls_copy_user_colperms;
-- attempt all columns (should fail)
COPY rls_t1 TO stdout;
ERROR: permission denied for relation rls_t1
ERROR: permission denied for table rls_t1
COPY rls_t1 (a, b, c) TO stdout;
ERROR: permission denied for relation rls_t1
ERROR: permission denied for table rls_t1
-- try to copy column with no privileges (should fail)
COPY rls_t1 (c) TO stdout;
ERROR: permission denied for relation rls_t1
ERROR: permission denied for table rls_t1
-- subset of columns (should succeed)
COPY rls_t1 (a) TO stdout;
2

2
src/test/regress/expected/create_procedure.out
View File

@ -82,7 +82,7 @@ GRANT INSERT ON cp_test TO regress_user1;
REVOKE EXECUTE ON PROCEDURE ptest1(text) FROM PUBLIC;
SET ROLE regress_user1;
CALL ptest1('a'); -- error
ERROR: permission denied for function ptest1
ERROR: permission denied for procedure ptest1
RESET ROLE;
GRANT EXECUTE ON PROCEDURE ptest1(text) TO regress_user1;
SET ROLE regress_user1;

2
src/test/regress/expected/lock.out
View File

@ -45,7 +45,7 @@ GRANT UPDATE ON TABLE lock_tbl1 TO regress_rol_lock1;
SET ROLE regress_rol_lock1;
BEGIN;
LOCK TABLE lock_tbl1 * IN ACCESS EXCLUSIVE MODE;
ERROR: permission denied for relation lock_tbl2
ERROR: permission denied for table lock_tbl2
ROLLBACK;
BEGIN;
LOCK TABLE ONLY lock_tbl1;

152
src/test/regress/expected/privileges.out
View File

@ -92,11 +92,11 @@ SELECT * FROM atest2; -- ok
INSERT INTO atest1 VALUES (2, 'two'); -- ok
INSERT INTO atest2 VALUES ('foo', true); -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
INSERT INTO atest1 SELECT 1, b FROM atest1; -- ok
UPDATE atest1 SET a = 1 WHERE a = 2; -- ok
UPDATE atest2 SET col2 = NOT col2; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
SELECT * FROM atest1 FOR UPDATE; -- ok
a | b
---+-----
@ -105,17 +105,17 @@ SELECT * FROM atest1 FOR UPDATE; -- ok
(2 rows)
SELECT * FROM atest2 FOR UPDATE; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
DELETE FROM atest2; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
TRUNCATE atest2; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
BEGIN;
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
COMMIT;
COPY atest2 FROM stdin; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
GRANT ALL ON atest1 TO PUBLIC; -- fail
WARNING: no privileges were granted for "atest1"
-- checks in subquery, both ok
@ -144,37 +144,37 @@ SELECT * FROM atest1; -- ok
(2 rows)
SELECT * FROM atest2; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
INSERT INTO atest1 VALUES (2, 'two'); -- fail
ERROR: permission denied for relation atest1
ERROR: permission denied for table atest1
INSERT INTO atest2 VALUES ('foo', true); -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
INSERT INTO atest1 SELECT 1, b FROM atest1; -- fail
ERROR: permission denied for relation atest1
ERROR: permission denied for table atest1
UPDATE atest1 SET a = 1 WHERE a = 2; -- fail
ERROR: permission denied for relation atest1
ERROR: permission denied for table atest1
UPDATE atest2 SET col2 = NULL; -- ok
UPDATE atest2 SET col2 = NOT col2; -- fails; requires SELECT on atest2
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
UPDATE atest2 SET col2 = true FROM atest1 WHERE atest1.a = 5; -- ok
SELECT * FROM atest1 FOR UPDATE; -- fail
ERROR: permission denied for relation atest1
ERROR: permission denied for table atest1
SELECT * FROM atest2 FOR UPDATE; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
DELETE FROM atest2; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
TRUNCATE atest2; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
BEGIN;
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- ok
COMMIT;
COPY atest2 FROM stdin; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
-- checks in subquery, both fail
SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) );
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) );
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
SET SESSION AUTHORIZATION regress_user4;
COPY atest2 FROM stdin; -- ok
SELECT * FROM atest1; -- ok
@ -234,7 +234,7 @@ CREATE OPERATOR >>> (procedure = leak2, leftarg = integer, rightarg = integer,
restrict = scalargtsel);
-- This should not show any "leak" notices before failing.
EXPLAIN (COSTS OFF) SELECT * FROM atest12 WHERE a >>> 0;
ERROR: permission denied for relation atest12
ERROR: permission denied for table atest12
-- This plan should use hashjoin, as it will expect many rows to be selected.
EXPLAIN (COSTS OFF) SELECT * FROM atest12v x, atest12v y WHERE x.a = y.b;
QUERY PLAN
@ -287,7 +287,7 @@ CREATE TABLE atest3 (one int, two int, three int);
GRANT DELETE ON atest3 TO GROUP regress_group2;
SET SESSION AUTHORIZATION regress_user1;
SELECT * FROM atest3; -- fail
ERROR: permission denied for relation atest3
ERROR: permission denied for table atest3
DELETE FROM atest3; -- ok
-- views
SET SESSION AUTHORIZATION regress_user3;
@ -305,7 +305,7 @@ SELECT * FROM atestv1; -- ok
(2 rows)
SELECT * FROM atestv2; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
GRANT SELECT ON atestv1, atestv3 TO regress_user4;
GRANT SELECT ON atestv2 TO regress_user2;
SET SESSION AUTHORIZATION regress_user4;
@ -317,28 +317,28 @@ SELECT * FROM atestv1; -- ok
(2 rows)
SELECT * FROM atestv2; -- fail
ERROR: permission denied for relation atestv2
ERROR: permission denied for view atestv2
SELECT * FROM atestv3; -- ok
one | two | three
-----+-----+-------
(0 rows)
SELECT * FROM atestv0; -- fail
ERROR: permission denied for relation atestv0
ERROR: permission denied for view atestv0
-- Appendrels excluded by constraints failed to check permissions in 8.4-9.2.
select * from
((select a.q1 as x from int8_tbl a offset 0)
union all
(select b.q2 as x from int8_tbl b offset 0)) ss
where false;
ERROR: permission denied for relation int8_tbl
ERROR: permission denied for table int8_tbl
set constraint_exclusion = on;
select * from
((select a.q1 as x, random() from int8_tbl a where q1 > 0)
union all
(select b.q2 as x, random() from int8_tbl b where q2 > 0)) ss
where x < 0;
ERROR: permission denied for relation int8_tbl
ERROR: permission denied for table int8_tbl
reset constraint_exclusion;
CREATE VIEW atestv4 AS SELECT * FROM atestv3; -- nested view
SELECT * FROM atestv4; -- ok
@ -350,7 +350,7 @@ GRANT SELECT ON atestv4 TO regress_user2;
SET SESSION AUTHORIZATION regress_user2;
-- Two complex cases:
SELECT * FROM atestv3; -- fail
ERROR: permission denied for relation atestv3
ERROR: permission denied for view atestv3
SELECT * FROM atestv4; -- ok (even though regress_user2 cannot access underlying atestv3)
one | two | three
-----+-----+-------
@ -363,7 +363,7 @@ SELECT * FROM atest2; -- ok
(1 row)
SELECT * FROM atestv2; -- fail (even though regress_user2 can access underlying atest2)
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
-- Test column level permissions
SET SESSION AUTHORIZATION regress_user1;
CREATE TABLE atest5 (one int, two int unique, three int, four int unique);
@ -373,7 +373,7 @@ GRANT ALL (one) ON atest5 TO regress_user3;
INSERT INTO atest5 VALUES (1,2,3);
SET SESSION AUTHORIZATION regress_user4;
SELECT * FROM atest5; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT one FROM atest5; -- ok
one
-----
@ -383,13 +383,13 @@ SELECT one FROM atest5; -- ok
COPY atest5 (one) TO stdout; -- ok
1
SELECT two FROM atest5; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
COPY atest5 (two) TO stdout; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT atest5 FROM atest5; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
COPY atest5 (one,two) TO stdout; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT 1 FROM atest5; -- ok
?column?
----------
@ -403,15 +403,15 @@ SELECT 1 FROM atest5 a JOIN atest5 b USING (one); -- ok
(1 row)
SELECT 1 FROM atest5 a JOIN atest5 b USING (two); -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT 1 FROM atest5 a NATURAL JOIN atest5 b; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT (j.*) IS NULL FROM (atest5 a JOIN atest5 b USING (one)) j; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT 1 FROM atest5 WHERE two = 2; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT * FROM atest1, atest5; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT atest1.* FROM atest1, atest5; -- ok
a | b
---+-----
@ -427,7 +427,7 @@ SELECT atest1.*,atest5.one FROM atest1, atest5; -- ok
(2 rows)
SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.two); -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); -- ok
a | b | one
---+-----+-----
@ -436,12 +436,12 @@ SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); -
(2 rows)
SELECT one, two FROM atest5; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT (one,two) ON atest6 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT one, two FROM atest5 NATURAL JOIN atest6; -- fail still
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT (two) ON atest5 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
@ -453,23 +453,23 @@ SELECT one, two FROM atest5 NATURAL JOIN atest6; -- ok now
-- test column-level privileges for INSERT and UPDATE
INSERT INTO atest5 (two) VALUES (3); -- ok
COPY atest5 FROM stdin; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
COPY atest5 (two) FROM stdin; -- ok
INSERT INTO atest5 (three) VALUES (4); -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
INSERT INTO atest5 VALUES (5,5,5); -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
UPDATE atest5 SET three = 10; -- ok
UPDATE atest5 SET one = 8; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
UPDATE atest5 SET three = 5, one = 2; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
-- Check that column level privs are enforced in RETURNING
-- Ok.
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10;
-- Error. No SELECT on column three.
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.three;
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
-- Ok. May SELECT on column "one":
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.one;
one
@ -482,21 +482,21 @@ INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RE
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.one;
-- Error. No select rights on three
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.three;
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set one = 8; -- fails (due to UPDATE)
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
INSERT INTO atest5(three) VALUES (4) ON CONFLICT (two) DO UPDATE set three = 10; -- fails (due to INSERT)
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
-- Check that the columns in the inference require select privileges
INSERT INTO atest5(four) VALUES (4); -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
GRANT INSERT (four) ON atest5 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
INSERT INTO atest5(four) VALUES (4) ON CONFLICT (four) DO UPDATE set three = 3; -- fails (due to SELECT)
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
INSERT INTO atest5(four) VALUES (4) ON CONFLICT ON CONSTRAINT atest5_four_key DO UPDATE set three = 3; -- fails (due to SELECT)
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
INSERT INTO atest5(four) VALUES (4); -- ok
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT (four) ON atest5 TO regress_user4;
@ -508,9 +508,9 @@ REVOKE ALL (one) ON atest5 FROM regress_user4;
GRANT SELECT (one,two,blue) ON atest6 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT one FROM atest5; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
UPDATE atest5 SET one = 1; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SELECT atest6 FROM atest6; -- ok
atest6
--------
@ -557,9 +557,9 @@ REVOKE ALL (one) ON atest5 FROM regress_user3;
GRANT SELECT (one) ON atest5 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT atest6 FROM atest6; -- fail
ERROR: permission denied for relation atest6
ERROR: permission denied for table atest6
SELECT one FROM atest5 NATURAL JOIN atest6; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
ALTER TABLE atest6 DROP COLUMN three;
SET SESSION AUTHORIZATION regress_user4;
@ -578,12 +578,12 @@ ALTER TABLE atest6 DROP COLUMN two;
REVOKE SELECT (one,blue) ON atest6 FROM regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT * FROM atest6; -- fail
ERROR: permission denied for relation atest6
ERROR: permission denied for table atest6
SELECT 1 FROM atest6; -- fail
ERROR: permission denied for relation atest6
ERROR: permission denied for table atest6
SET SESSION AUTHORIZATION regress_user3;
DELETE FROM atest5 WHERE one = 1; -- fail
ERROR: permission denied for relation atest5
ERROR: permission denied for table atest5
DELETE FROM atest5 WHERE two = 2; -- ok
-- check inheritance cases
SET SESSION AUTHORIZATION regress_user1;
@ -614,7 +614,7 @@ SELECT oid FROM atestp2; -- ok
(0 rows)
SELECT fy FROM atestc; -- fail
ERROR: permission denied for relation atestc
ERROR: permission denied for table atestc
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT(fy,oid) ON atestc TO regress_user2;
SET SESSION AUTHORIZATION regress_user2;
@ -694,11 +694,11 @@ SET SESSION AUTHORIZATION regress_user3;
SELECT testfunc1(5); -- fail
ERROR: permission denied for function testfunc1
SELECT testagg1(x) FROM (VALUES (1), (2), (3)) _(x); -- fail
ERROR: permission denied for function testagg1
ERROR: permission denied for aggregate testagg1
CALL testproc1(6); -- fail
ERROR: permission denied for function testproc1
ERROR: permission denied for procedure testproc1
SELECT col1 FROM atest2 WHERE col2 = true; -- fail
ERROR: permission denied for relation atest2
ERROR: permission denied for table atest2
SELECT testfunc4(true); -- ok
testfunc4
-----------
@ -722,9 +722,9 @@ CALL testproc1(6); -- ok
DROP FUNCTION testfunc1(int); -- fail
ERROR: must be owner of function testfunc1
DROP AGGREGATE testagg1(int); -- fail
ERROR: must be owner of function testagg1
ERROR: must be owner of aggregate testagg1
DROP PROCEDURE testproc1(int); -- fail
ERROR: must be owner of function testproc1
ERROR: must be owner of procedure testproc1
\c -
DROP FUNCTION testfunc1(int); -- ok
-- restore to sanity
@ -849,7 +849,7 @@ DROP DOMAIN testdomain1; -- ok
SET SESSION AUTHORIZATION regress_user5;
TRUNCATE atest2; -- ok
TRUNCATE atest3; -- fail
ERROR: permission denied for relation atest3
ERROR: permission denied for table atest3
-- has_table_privilege function
-- bad-input checks
select has_table_privilege(NULL,'pg_authid','select');
@ -1435,7 +1435,7 @@ SELECT * FROM pg_largeobject LIMIT 0;
SET SESSION AUTHORIZATION regress_user1;
SELECT * FROM pg_largeobject LIMIT 0; -- to be denied
ERROR: permission denied for relation pg_largeobject
ERROR: permission denied for table pg_largeobject
-- test default ACLs
\c -
CREATE SCHEMA testns;
@ -1899,14 +1899,14 @@ GRANT SELECT ON lock_table TO regress_locktable_user;
SET SESSION AUTHORIZATION regress_locktable_user;
BEGIN;
LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should fail
ERROR: permission denied for relation lock_table
ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail
ERROR: permission denied for relation lock_table
ERROR: permission denied for table lock_table
ROLLBACK;
\c
REVOKE SELECT ON lock_table FROM regress_locktable_user;
@ -1918,11 +1918,11 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
ERROR: permission denied for relation lock_table
ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail
ERROR: permission denied for relation lock_table
ERROR: permission denied for table lock_table
ROLLBACK;
\c
REVOKE INSERT ON lock_table FROM regress_locktable_user;
@ -1934,7 +1934,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
ERROR: permission denied for relation lock_table
ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
@ -1949,7 +1949,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
ERROR: permission denied for relation lock_table
ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
@ -1964,7 +1964,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
ERROR: permission denied for relation lock_table
ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass

2
src/test/regress/expected/publication.out
View File

@ -198,7 +198,7 @@ GRANT CREATE ON DATABASE regression TO regress_publication_user2;
SET ROLE regress_publication_user2;
CREATE PUBLICATION testpub2; -- ok
ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1; -- fail
ERROR: must be owner of relation testpub_tbl1
ERROR: must be owner of table testpub_tbl1
SET ROLE regress_publication_user;
GRANT regress_publication_user TO regress_publication_user2;
SET ROLE regress_publication_user2;

18
src/test/regress/expected/rowsecurity.out
View File

@ -361,7 +361,7 @@ INSERT INTO document VALUES (100, 55, 1, 'regress_rls_dave', 'testing sorting of
ERROR: new row violates row-level security policy "p2r" for table "document"
-- only owner can change policies
ALTER POLICY p1 ON document USING (true); --fail
ERROR: must be owner of relation document
ERROR: must be owner of table document
DROP POLICY p1 ON document; --fail
ERROR: must be owner of relation document
SET SESSION AUTHORIZATION regress_rls_alice;
@ -1192,7 +1192,7 @@ EXPLAIN (COSTS OFF) SELECT * FROM part_document WHERE f_leak(dtitle);
-- only owner can change policies
ALTER POLICY pp1 ON part_document USING (true); --fail
ERROR: must be owner of relation part_document
ERROR: must be owner of table part_document
DROP POLICY pp1 ON part_document; --fail
ERROR: must be owner of relation part_document
SET SESSION AUTHORIZATION regress_rls_alice;
@ -2446,9 +2446,9 @@ EXPLAIN (COSTS OFF) SELECT * FROM rls_view;
-- Query as role that is not the owner of the table or view without permissions.
SET SESSION AUTHORIZATION regress_rls_carol;
SELECT * FROM rls_view; --fail - permission denied.
ERROR: permission denied for relation rls_view
ERROR: permission denied for view rls_view
EXPLAIN (COSTS OFF) SELECT * FROM rls_view; --fail - permission denied.
ERROR: permission denied for relation rls_view
ERROR: permission denied for view rls_view
-- Query as role that is not the owner of the table or view with permissions.
SET SESSION AUTHORIZATION regress_rls_bob;
GRANT SELECT ON rls_view TO regress_rls_carol;
@ -3235,7 +3235,7 @@ COPY (SELECT * FROM copy_t ORDER BY a ASC) TO STDOUT WITH DELIMITER ','; --fail
ERROR: query would be affected by row-level security policy for table "copy_t"
SET row_security TO ON;
COPY (SELECT * FROM copy_t ORDER BY a ASC) TO STDOUT WITH DELIMITER ','; --fail - permission denied
ERROR: permission denied for relation copy_t
ERROR: permission denied for table copy_t
-- Check COPY relation TO; keep it just one row to avoid reordering issues
RESET SESSION AUTHORIZATION;
SET row_security TO ON;
@ -3271,10 +3271,10 @@ COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --ok
SET SESSION AUTHORIZATION regress_rls_carol;
SET row_security TO OFF;
COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied
ERROR: permission denied for relation copy_rel_to
ERROR: permission denied for table copy_rel_to
SET row_security TO ON;
COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied
ERROR: permission denied for relation copy_rel_to
ERROR: permission denied for table copy_rel_to
-- Check COPY FROM as Superuser/owner.
RESET SESSION AUTHORIZATION;
SET row_security TO OFF;
@ -3298,10 +3298,10 @@ COPY copy_t FROM STDIN; --ok
SET SESSION AUTHORIZATION regress_rls_carol;
SET row_security TO OFF;
COPY copy_t FROM STDIN; --fail - permission denied.
ERROR: permission denied for relation copy_t
ERROR: permission denied for table copy_t
SET row_security TO ON;
COPY copy_t FROM STDIN; --fail - permission denied.
ERROR: permission denied for relation copy_t
ERROR: permission denied for table copy_t
RESET SESSION AUTHORIZATION;
DROP TABLE copy_t;
DROP TABLE copy_rel_to CASCADE;

6
src/test/regress/expected/select_into.out
View File

@ -22,15 +22,15 @@ GRANT ALL ON SCHEMA selinto_schema TO public;
SET SESSION AUTHORIZATION regress_selinto_user;
SELECT * INTO TABLE selinto_schema.tmp1
FROM pg_class WHERE relname like '%a%'; -- Error
ERROR: permission denied for relation tmp1
ERROR: permission denied for table tmp1
SELECT oid AS clsoid, relname, relnatts + 10 AS x
INTO selinto_schema.tmp2
FROM pg_class WHERE relname like '%b%'; -- Error
ERROR: permission denied for relation tmp2
ERROR: permission denied for table tmp2
CREATE TABLE selinto_schema.tmp3 (a,b,c)
AS SELECT oid,relname,relacl FROM pg_class
WHERE relname like '%c%'; -- Error
ERROR: permission denied for relation tmp3
ERROR: permission denied for table tmp3
RESET SESSION AUTHORIZATION;
ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user
GRANT INSERT ON TABLES TO regress_selinto_user;

2
src/test/regress/expected/sequence.out
View File

@ -785,7 +785,7 @@ ROLLBACK;
BEGIN;
SET LOCAL SESSION AUTHORIZATION regress_seq_user;
ALTER SEQUENCE sequence_test2 START WITH 1;
ERROR: must be owner of relation sequence_test2
ERROR: must be owner of sequence sequence_test2
ROLLBACK;
-- Sequences should get wiped out as well:
DROP TABLE serialTest1, serialTest2;

30
src/test/regress/expected/updatable_views.out
View File

@ -990,26 +990,26 @@ SELECT * FROM rw_view2; -- ok
(2 rows)
INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
INSERT INTO rw_view1 VALUES ('Row 3', 3.0, 3); -- not allowed
ERROR: permission denied for relation rw_view1
ERROR: permission denied for view rw_view1
INSERT INTO rw_view2 VALUES ('Row 3', 3.0, 3); -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
UPDATE base_tbl SET a=a, c=c; -- ok
UPDATE base_tbl SET b=b; -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
UPDATE rw_view1 SET bb=bb, cc=cc; -- ok
UPDATE rw_view1 SET aa=aa; -- not allowed
ERROR: permission denied for relation rw_view1
ERROR: permission denied for view rw_view1
UPDATE rw_view2 SET aa=aa, cc=cc; -- ok
UPDATE rw_view2 SET bb=bb; -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
DELETE FROM base_tbl; -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
DELETE FROM rw_view1; -- not allowed
ERROR: permission denied for relation rw_view1
ERROR: permission denied for view rw_view1
DELETE FROM rw_view2; -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
RESET SESSION AUTHORIZATION;
SET SESSION AUTHORIZATION regress_view_user1;
GRANT INSERT, DELETE ON base_tbl TO regress_view_user2;
@ -1017,11 +1017,11 @@ RESET SESSION AUTHORIZATION;
SET SESSION AUTHORIZATION regress_view_user2;
INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- ok
INSERT INTO rw_view1 VALUES ('Row 4', 4.0, 4); -- not allowed
ERROR: permission denied for relation rw_view1
ERROR: permission denied for view rw_view1
INSERT INTO rw_view2 VALUES ('Row 4', 4.0, 4); -- ok
DELETE FROM base_tbl WHERE a=1; -- ok
DELETE FROM rw_view1 WHERE aa=2; -- not allowed
ERROR: permission denied for relation rw_view1
ERROR: permission denied for view rw_view1
DELETE FROM rw_view2 WHERE aa=2; -- ok
SELECT * FROM base_tbl;
a | b | c
@ -1037,15 +1037,15 @@ GRANT INSERT, DELETE ON rw_view1 TO regress_view_user2;
RESET SESSION AUTHORIZATION;
SET SESSION AUTHORIZATION regress_view_user2;
INSERT INTO base_tbl VALUES (5, 'Row 5', 5.0); -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
INSERT INTO rw_view1 VALUES ('Row 5', 5.0, 5); -- ok
INSERT INTO rw_view2 VALUES ('Row 6', 6.0, 6); -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
DELETE FROM base_tbl WHERE a=3; -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
DELETE FROM rw_view1 WHERE aa=3; -- ok
DELETE FROM rw_view2 WHERE aa=4; -- not allowed
ERROR: permission denied for relation base_tbl
ERROR: permission denied for table base_tbl
SELECT * FROM base_tbl;
a | b | c
---+-------+---

21
src/test/regress/sql/alter_table.sql
View File

@ -1,5 +1,15 @@
--
-- ALTER_TABLE
--
-- Clean up in case a prior regression run failed
SET client_min_messages TO 'warning';
DROP ROLE IF EXISTS regress_alter_user1;
RESET client_min_messages;
CREATE USER regress_alter_user1;
--
-- add attribute
--
@ -209,10 +219,19 @@ ALTER INDEX IF EXISTS __tmp_onek_unique1 RENAME TO onek_unique1;
ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1;
ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1;
SET ROLE regress_alter_user1;
ALTER INDEX onek_unique1 RENAME TO fail; -- permission denied
RESET ROLE;
-- renaming views
CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1;
ALTER TABLE tmp_view RENAME TO tmp_view_new;
SET ROLE regress_alter_user1;
ALTER VIEW tmp_view_new RENAME TO fail; -- permission denied
RESET ROLE;
-- hack to ensure we get an indexscan here
set enable_seqscan to off;
set enable_bitmapscan to off;
@ -2546,3 +2565,5 @@ ALTER TABLE tmp ALTER COLUMN i SET (n_distinct = 1, n_distinct_inherited = 2);
ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited);
ANALYZE tmp;
DROP TABLE tmp;
DROP USER regress_alter_user1;