rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/backend/catalog/aclchk.c

724 lines
16 KiB
C
Raw Normal View History

Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
/*-------------------------------------------------------------------------
*
Change my-function-name-- to my_function_name, and optimizer renames.
1999-02-14 00:22:53 +01:00
* aclchk.c
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
* Routines to check access control permissions.
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
Change Copyright from PostgreSQL, Inc to PostgreSQL Global Development Group.
2001-01-24 20:43:33 +01:00
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
Add: * Portions Copyright (c) 1996-2000, PostgreSQL, Inc to all files copyright Regents of Berkeley. Man, that's a lot of files.
2000-01-26 06:58:53 +01:00
* Portions Copyright (c) 1994, Regents of the University of California
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
*
* IDENTIFICATION
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.52 2001/10/25 05:49:22 momjian Exp $
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
* NOTES
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
* See acl.h.
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*
*-------------------------------------------------------------------------
*/
Produce a clean compile of backend...
1996-11-03 07:54:38 +01:00
#include "postgres.h"
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#include "access/heapam.h"
#include "catalog/catalog.h"
#include "catalog/catname.h"
Final cleanup.
1999-07-16 07:00:38 +02:00
#include "catalog/indexing.h"
This patch... 1. Removes the unnecessary "#define AbcRegProcedure 123"'s from pg_proc.h. 2. Changes those #defines to use the names already defined in fmgr.h. 3. Forces the make of fmgr.h in backend/Makefile instead of having it made as a dependency in access/common/Makefile *hack*hack*hack* 4. Rearranged the #includes to a less helter-skelter arrangement, also changing <file.h> to "file.h" to signify a non-system header. 5. Removed "pg_proc.h" from files where its only purpose was for the #defines removed in item #1. 6. Added "fmgr.h" to each file changed for completeness sake. Turns out that #6 was not necessary for some files because fmgr.h was being included in a roundabout way SIX levels deep by the first include. "access/genam.h" ->"access/relscan.h" ->"utils/rel.h" ->"access/strat.h" ->"access/skey.h" ->"fmgr.h" So adding fmgr.h really didn't add anything to the compile, hopefully just made it clearer to the programmer. S Darren.
1998-04-27 06:08:07 +02:00
#include "catalog/pg_aggregate.h"
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#include "catalog/pg_group.h"
Changed make to gmake. Added needed include file.
1996-10-31 06:55:24 +01:00
#include "catalog/pg_operator.h"
Compile and warning cleanup
1996-11-08 07:02:30 +01:00
#include "catalog/pg_proc.h"
From: Jan Wieck <jwieck@debis.com> seems that my last post didn't make it through. That's good since the diff itself didn't covered the renaming of pg_user.h to pg_shadow.h and it's new content. Here it's again. The complete regression test passwd with only some float diffs. createuser and destroyuser work. pg_shadow cannot be read by ordinary user.
1998-02-25 14:09:49 +01:00
#include "catalog/pg_shadow.h"
This patch... 1. Removes the unnecessary "#define AbcRegProcedure 123"'s from pg_proc.h. 2. Changes those #defines to use the names already defined in fmgr.h. 3. Forces the make of fmgr.h in backend/Makefile instead of having it made as a dependency in access/common/Makefile *hack*hack*hack* 4. Rearranged the #includes to a less helter-skelter arrangement, also changing <file.h> to "file.h" to signify a non-system header. 5. Removed "pg_proc.h" from files where its only purpose was for the #defines removed in item #1. 6. Added "fmgr.h" to each file changed for completeness sake. Turns out that #6 was not necessary for some files because fmgr.h was being included in a roundabout way SIX levels deep by the first include. "access/genam.h" ->"access/relscan.h" ->"utils/rel.h" ->"access/strat.h" ->"access/skey.h" ->"fmgr.h" So adding fmgr.h really didn't add anything to the compile, hopefully just made it clearer to the programmer. S Darren.
1998-04-27 06:08:07 +02:00
#include "catalog/pg_type.h"
Final cleanup.
1999-07-16 07:00:38 +02:00
#include "miscadmin.h"
Break parser functions into smaller files, group together.
1997-11-25 23:07:18 +01:00
#include "parser/parse_agg.h"
#include "parser/parse_func.h"
Final cleanup.
1999-07-16 07:00:38 +02:00
#include "utils/acl.h"
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#include "utils/syscache.h"
Allow removal of system-named pg_* temp tables. Rename temp file/dir as pgsql_tmp.
2001-06-18 18:13:21 +02:00
#include "utils/temprel.h"
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
static int32 aclcheck(Acl *acl, AclId id, AclIdType idtype, AclMode mode);
Make functions static where possible, enclose unused functions in #ifdef NOT_USED.
1997-08-19 23:40:56 +02:00
From: Dan McGuirk <mcguirk@indirect.com> Subject: [HACKERS] better access control error messages This patch replaces the 'no such class or insufficient privilege' with distinct error messages that tell you whether the table really doesn't exist or whether access was denied.
1997-03-12 21:48:48 +01:00
/* warning messages, now more explicit. */
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
/* MUST correspond to the order of the ACLCHK_* result codes in acl.h. */
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
char *aclcheck_error_strings[] = {
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
"No error.",
"Permission denied.",
"Table does not exist.",
"Must be table owner."
From: Dan McGuirk <mcguirk@indirect.com> Subject: [HACKERS] better access control error messages This patch replaces the 'no such class or insufficient privilege' with distinct error messages that tell you whether the table really doesn't exist or whether access was denied.
1997-03-12 21:48:48 +01:00
};
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
static
Add typdefs to pgindent run.
1997-09-08 22:59:27 +02:00
dumpacl(Acl *acl)
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
{
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
int i;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
AclItem *aip;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
elog(DEBUG, "acl size = %d, # acls = %d",
ACL_SIZE(acl), ACL_NUM(acl));
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
aip = ACL_DAT(acl);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
for (i = 0; i < ACL_NUM(acl); ++i)
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
elog(DEBUG, " acl[%d]: %s", i,
DatumGetCString(DirectFunctionCall1(aclitemout,
pgindent run. Make it all clean.
2001-03-22 05:01:46 +01:00
PointerGetDatum(aip + i))));
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
#endif /* ACLDEBUG */
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
/*
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
* Called to execute the utility commands GRANT and REVOKE
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*/
void
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
ExecuteGrantStmt(GrantStmt *stmt)
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
{
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
List *i;
List *j;
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
/* see comment in pg_type.h */
Assert(ACLITEMSIZE == sizeof(AclItem));
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
foreach(i, stmt->relnames)
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
{
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
char *relname = strVal(lfirst(i));
Relation relation;
HeapTuple tuple;
Form_pg_class pg_class_tuple;
Datum aclDatum;
bool isNull;
Acl *old_acl;
Acl *new_acl;
unsigned i;
HeapTuple newtuple;
Datum values[Natts_pg_class];
char nulls[Natts_pg_class];
char replaces[Natts_pg_class];
if (!pg_ownercheck(GetUserId(), relname, RELNAME))
elog(ERROR, "permission denied");
/* open pg_class */
relation = heap_openr(RelationRelationName, RowExclusiveLock);
tuple = SearchSysCache(RELNAME,
PointerGetDatum(relname),
0, 0, 0);
if (!HeapTupleIsValid(tuple))
{
heap_close(relation, RowExclusiveLock);
elog(ERROR, "relation \"%s\" not found",
relname);
}
pg_class_tuple = (Form_pg_class) GETSTRUCT(tuple);
if (pg_class_tuple->relkind == RELKIND_INDEX)
elog(ERROR, "\"%s\" is an index",
relname);
/*
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
* If there's no ACL, create a default using the pg_class.relowner
* field.
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
*/
aclDatum = SysCacheGetAttr(RELNAME, tuple, Anum_pg_class_relacl,
&isNull);
if (isNull)
old_acl = acldefault(relname, pg_class_tuple->relowner);
else
/* get a detoasted copy of the rel's ACL */
old_acl = DatumGetAclPCopy(aclDatum);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
dumpacl(old_acl);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
new_acl = old_acl;
foreach(j, stmt->grantees)
{
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
PrivGrantee *grantee = (PrivGrantee *) lfirst(j);
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
char *granteeString;
char *aclString;
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
AclItem aclitem;
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
unsigned modechg;
if (grantee->username)
granteeString = aclmakeuser("U", grantee->username);
else if (grantee->groupname)
granteeString = aclmakeuser("G", grantee->groupname);
else
granteeString = aclmakeuser("A", "");
aclString = makeAclString(stmt->privileges, granteeString,
stmt->is_grant ? '+' : '-');
/* Convert string ACL spec into internal form */
aclparse(aclString, &aclitem, &modechg);
new_acl = aclinsert3(new_acl, &aclitem, modechg);
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
dumpacl(new_acl);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
}
/* finished building new ACL value, now insert it */
for (i = 0; i < Natts_pg_class; ++i)
{
replaces[i] = ' ';
nulls[i] = ' '; /* ignored if replaces[i]==' ' anyway */
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
values[i] = (Datum) NULL; /* ignored if replaces[i]==' '
* anyway */
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
}
replaces[Anum_pg_class_relacl - 1] = 'r';
values[Anum_pg_class_relacl - 1] = PointerGetDatum(new_acl);
newtuple = heap_modifytuple(tuple, relation, values, nulls, replaces);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
ReleaseSysCache(tuple);
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
simple_heap_update(relation, &newtuple->t_self, newtuple);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
{
/* keep the catalog indexes up to date */
Relation idescs[Num_pg_class_indices];
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
CatalogOpenIndices(Num_pg_class_indices, Name_pg_class_indices,
idescs);
CatalogIndexInsert(idescs, Num_pg_class_indices, relation, newtuple);
CatalogCloseIndices(Num_pg_class_indices, idescs);
}
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
pfree(old_acl);
pfree(new_acl);
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
heap_close(relation, RowExclusiveLock);
}
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers.
2001-06-10 01:21:55 +02:00
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
AclId
get_grosysid(char *groname)
{
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
HeapTuple tuple;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
AclId id = 0;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(GRONAME,
PointerGetDatum(groname),
0, 0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (HeapTupleIsValid(tuple))
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
{
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
id = ((Form_pg_group) GETSTRUCT(tuple))->grosysid;
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
}
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
else
Change some ABORTS to ERROR. Add line number when COPY Failure.
1998-01-05 17:40:20 +01:00
elog(ERROR, "non-existent group \"%s\"", groname);
Renaming cleanup, no pgindent yet.
1998-09-01 05:29:17 +02:00
return id;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
aclitemout() shouldn't coredump when it finds an ACL item for a now-vanished group. Instead, display the numeric group ID, same as it does for vanished users.
2000-11-29 00:42:31 +01:00
/*
* Convert group ID to name, or return NULL if group can't be found
*/
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
char *
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
get_groname(AclId grosysid)
{
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
HeapTuple tuple;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
char *name = NULL;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(GROSYSID,
ObjectIdGetDatum(grosysid),
0, 0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (HeapTupleIsValid(tuple))
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
{
name = pstrdup(NameStr(((Form_pg_group) GETSTRUCT(tuple))->groname));
ReleaseSysCache(tuple);
}
Renaming cleanup, no pgindent yet.
1998-09-01 05:29:17 +02:00
return name;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/*
* Is user a member of group?
*/
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
static bool
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
in_group(AclId uid, AclId gid)
{
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
bool result = false;
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
HeapTuple tuple;
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
Datum att;
bool isNull;
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
IdList *glist;
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
AclId *aidp;
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
int i,
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
num;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(GROSYSID,
ObjectIdGetDatum(gid),
0, 0, 0);
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
if (HeapTupleIsValid(tuple))
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
att = SysCacheGetAttr(GROSYSID,
tuple,
Anum_pg_group_grolist,
&isNull);
if (!isNull)
{
/* be sure the IdList is not toasted */
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
glist = DatumGetIdListP(att);
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
/* scan it */
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
num = IDLIST_NUM(glist);
aidp = IDLIST_DAT(glist);
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
for (i = 0; i < num; ++i)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
if (aidp[i] == uid)
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
{
result = true;
break;
}
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/* if IdList was toasted, free detoasted copy */
if ((Pointer) glist != DatumGetPointer(att))
pfree(glist);
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
}
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
else
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
elog(NOTICE, "in_group: group %u not found", gid);
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
return result;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
/*
* aclcheck
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
*
* Returns ACLCHECK_OK if the 'id' of type 'idtype' has ACL entries in 'acl'
* to satisfy any one of the requirements of 'mode'. Returns an appropriate
* ACLCHECK_* error code otherwise.
*
* The ACL list is expected to be sorted in standard order.
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
*/
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
static int32
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
aclcheck(Acl *acl, AclId id, AclIdType idtype, AclMode mode)
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
{
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
AclItem *aip,
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
*aidat;
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
int i,
num;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
/*
pgindent run. Make it all clean.
2001-03-22 05:01:46 +01:00
* If ACL is null, default to "OK" --- this should not happen, since
* caller should have inserted appropriate default
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
*/
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
if (!acl)
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
{
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
elog(DEBUG, "aclcheck: null ACL, returning OK");
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
return ACLCHECK_OK;
}
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
num = ACL_NUM(acl);
aidat = ACL_DAT(acl);
/*
* We'll treat the empty ACL like that, too, although this is more
* like an error (i.e., you manually blew away your ACL array) -- the
pgindent run. Make it all clean.
2001-03-22 05:01:46 +01:00
* system never creates an empty ACL, since there must always be a
* "world" entry in the first slot.
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
*/
if (num < 1)
{
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
elog(DEBUG, "aclcheck: zero-length ACL, returning OK");
return ACLCHECK_OK;
}
/*
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
* "World" rights are applicable regardless of the passed-in ID, and
* since they're much the cheapest to check, check 'em first.
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
*/
if (aidat->ai_idtype != ACL_IDTYPE_WORLD)
elog(ERROR, "aclcheck: first entry in ACL is not 'world' entry");
if (aidat->ai_mode & mode)
{
#ifdef ACLDEBUG
elog(DEBUG, "aclcheck: using world=%d", aidat->ai_mode);
#endif
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
return ACLCHECK_OK;
}
switch (idtype)
{
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
case ACL_IDTYPE_UID:
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/* See if permission is granted directly to user */
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
for (i = 1, aip = aidat + 1; /* skip world entry */
i < num && aip->ai_idtype == ACL_IDTYPE_UID;
++i, ++aip)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
if (aip->ai_id == id)
{
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
elog(DEBUG, "aclcheck: found user %u/%d",
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
aip->ai_id, aip->ai_mode);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
if (aip->ai_mode & mode)
return ACLCHECK_OK;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
}
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
/* See if he has the permission via any group */
for (;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
i < num && aip->ai_idtype == ACL_IDTYPE_GID;
++i, ++aip)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
if (aip->ai_mode & mode)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
if (in_group(id, aip->ai_id))
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
{
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
elog(DEBUG, "aclcheck: found group %u/%d",
aip->ai_id, aip->ai_mode);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
return ACLCHECK_OK;
}
}
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
}
break;
case ACL_IDTYPE_GID:
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
/* Look for this group ID */
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
for (i = 1, aip = aidat + 1; /* skip world entry */
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
i < num && aip->ai_idtype == ACL_IDTYPE_UID;
++i, ++aip)
pgindent run on all C files. Java run to follow. initdb/regression tests pass.
2001-10-25 07:50:21 +02:00
/* skip UID entry */ ;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
for (;
i < num && aip->ai_idtype == ACL_IDTYPE_GID;
++i, ++aip)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
if (aip->ai_id == id)
{
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
elog(DEBUG, "aclcheck: found group %u/%d",
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
aip->ai_id, aip->ai_mode);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
if (aip->ai_mode & mode)
return ACLCHECK_OK;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
}
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
break;
case ACL_IDTYPE_WORLD:
Minor code cleanups, make in_group() check faster.
2000-11-03 20:02:18 +01:00
/* Only check the world entry */
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
break;
default:
Change some ABORTS to ERROR. Add line number when COPY Failure.
1998-01-05 17:40:20 +01:00
elog(ERROR, "aclcheck: bogus ACL id type: %d", idtype);
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
break;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/* If get here, he doesn't have the privilege nohow */
return ACLCHECK_NO_PRIV;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/*
* Exported routine for checking a user's access privileges to a table
*
* Returns an ACLCHECK_* result code.
*/
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
int32
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
pg_aclcheck(char *relname, Oid userid, AclMode mode)
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
{
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
int32 result;
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
HeapTuple tuple;
pgindent run. Make it all clean.
2001-03-22 05:01:46 +01:00
char *usename;
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
Datum aclDatum;
bool isNull;
Acl *acl;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/*
* Validate userid, find out if he is superuser
*/
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(SHADOWSYSID,
ObjectIdGetDatum(userid),
0, 0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
elog(ERROR, "pg_aclcheck: invalid user id %u",
(unsigned) userid);
usename = NameStr(((Form_pg_shadow) GETSTRUCT(tuple))->usename);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
/*
* Deny anyone permission to update a system catalog unless
pgindent run before 6.3 release, with Thomas' requested changes.
1998-02-26 05:46:47 +01:00
* pg_shadow.usecatupd is set. (This is to let superusers protect
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
* themselves from themselves.)
*/
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
if ((mode & (ACL_INSERT | ACL_UPDATE | ACL_DELETE)) &&
Add new postgres -O option to allow system table structure changes.
1999-03-17 23:53:31 +01:00
!allowSystemTableMods && IsSystemRelationName(relname) &&
Allow removal of system-named pg_* temp tables. Rename temp file/dir as pgsql_tmp.
2001-06-18 18:13:21 +02:00
!is_temp_relname(relname) &&
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
!((Form_pg_shadow) GETSTRUCT(tuple))->usecatupd)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
#ifdef ACLDEBUG
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
elog(DEBUG, "pg_aclcheck: catalog update to \"%s\": permission denied",
relname);
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
#endif
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
return ACLCHECK_NO_PRIV;
}
/*
* Otherwise, superusers bypass all permission-checking.
*/
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (((Form_pg_shadow) GETSTRUCT(tuple))->usesuper)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
elog(DEBUG, "pg_aclcheck: \"%s\" is superuser",
usename);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
return ACLCHECK_OK;
}
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
/* caution: usename is inaccessible beyond this point... */
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
/*
* Normal case: get the relation's ACL from pg_class
*/
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(RELNAME,
PointerGetDatum(relname),
0, 0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
elog(ERROR, "pg_aclcheck: class \"%s\" not found", relname);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
aclDatum = SysCacheGetAttr(RELNAME, tuple, Anum_pg_class_relacl,
&isNull);
if (isNull)
{
/* No ACL, so build default ACL for rel */
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
AclId ownerId;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Make acl-related functions safe for TOAST. Mark pg_class.relacl as compressible but not externally storable (since we're not sure about whether creating a toast relation for pg_class would work).
2000-08-01 00:39:17 +02:00
ownerId = ((Form_pg_class) GETSTRUCT(tuple))->relowner;
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
acl = acldefault(relname, ownerId);
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
aclDatum = (Datum) 0;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
else
Mega-commit to make heap_open/heap_openr/heap_close take an additional argument specifying the kind of lock to acquire/release (or 'NoLock' to do no lock processing). Ensure that all relations are locked with some appropriate lock level before being examined --- this ensures that relevant shared-inval messages have been processed and should prevent problems caused by concurrent VACUUM. Fix several bugs having to do with mismatched increment/decrement of relation ref count and mismatched heap_open/close (which amounts to the same thing). A bogus ref count on a relation doesn't matter much *unless* a SI Inval message happens to arrive at the wrong time, which is probably why we got away with this sloppiness for so long. Repair missing grab of AccessExclusiveLock in DROP TABLE, ALTER/RENAME TABLE, etc, as noted by Hiroshi. Recommend 'make clean all' after pulling this update; I modified the Relation struct layout slightly. Will post further discussion to pghackers list shortly.
1999-09-18 21:08:25 +02:00
{
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/* detoast rel's ACL if necessary */
acl = DatumGetAclP(aclDatum);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Make default ACL be consistent --- ie, starting point for ChangeAcl is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2000-10-02 06:49:28 +02:00
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
result = aclcheck(acl, userid, (AclIdType) ACL_IDTYPE_UID, mode);
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/* if we have a detoasted copy, free it */
if (acl && (Pointer) acl != DatumGetPointer(aclDatum))
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
pfree(acl);
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Renaming cleanup, no pgindent yet.
1998-09-01 05:29:17 +02:00
return result;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/*
* Check ownership of an object identified by name (which will be looked
* up in the system cache identified by cacheid).
*
* Returns true if userid owns the item, or should be allowed to modify
* the item as if he owned it.
*/
bool
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
pg_ownercheck(Oid userid,
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
const char *name,
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
int cacheid)
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
{
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
HeapTuple tuple;
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
AclId owner_id;
pgindent run. Make it all clean.
2001-03-22 05:01:46 +01:00
char *usename;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(SHADOWSYSID,
ObjectIdGetDatum(userid),
0, 0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
elog(ERROR, "pg_ownercheck: invalid user id %u",
(unsigned) userid);
usename = NameStr(((Form_pg_shadow) GETSTRUCT(tuple))->usename);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
/*
* Superusers bypass all permission-checking.
*/
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (((Form_pg_shadow) GETSTRUCT(tuple))->usesuper)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
elog(DEBUG, "pg_ownercheck: user \"%s\" is superuser",
usename);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
return true;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
/* caution: usename is inaccessible beyond this point... */
tuple = SearchSysCache(cacheid,
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
PointerGetDatum(name),
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
0, 0, 0);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
switch (cacheid)
{
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
case RELNAME:
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Change some ABORTS to ERROR. Add line number when COPY Failure.
1998-01-05 17:40:20 +01:00
elog(ERROR, "pg_ownercheck: class \"%s\" not found",
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
name);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
owner_id = ((Form_pg_class) GETSTRUCT(tuple))->relowner;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
break;
Add system indexes to match all caches. Make all system indexes unique. Make all cache loads use system indexes. Rename *rel to *relid in inheritance tables. Rename cache names to be clearer.
1999-11-22 18:56:41 +01:00
case TYPENAME:
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Change some ABORTS to ERROR. Add line number when COPY Failure.
1998-01-05 17:40:20 +01:00
elog(ERROR, "pg_ownercheck: type \"%s\" not found",
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
name);
Renaming cleanup, no pgindent yet.
1998-09-01 05:29:17 +02:00
owner_id = ((Form_pg_type) GETSTRUCT(tuple))->typowner;
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
break;
default:
Change error messages to oids come out as %u and not %d. Change has no real affect now.
1999-05-10 02:46:32 +02:00
elog(ERROR, "pg_ownercheck: invalid cache id: %d", cacheid);
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
owner_id = 0; /* keep compiler quiet */
Another PGINDENT run that changes variable indenting and case label indenting. Also static variable indenting.
1997-09-08 04:41:22 +02:00
break;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
return userid == owner_id;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/*
* Ownership check for an operator (specified by OID).
*/
bool
pg_oper_ownercheck(Oid userid, Oid oprid)
{
HeapTuple tuple;
AclId owner_id;
char *usename;
tuple = SearchSysCache(SHADOWSYSID,
ObjectIdGetDatum(userid),
0, 0, 0);
if (!HeapTupleIsValid(tuple))
elog(ERROR, "pg_oper_ownercheck: invalid user id %u",
(unsigned) userid);
usename = NameStr(((Form_pg_shadow) GETSTRUCT(tuple))->usename);
/*
* Superusers bypass all permission-checking.
*/
if (((Form_pg_shadow) GETSTRUCT(tuple))->usesuper)
{
#ifdef ACLDEBUG
elog(DEBUG, "pg_ownercheck: user \"%s\" is superuser",
usename);
#endif
ReleaseSysCache(tuple);
return true;
}
ReleaseSysCache(tuple);
/* caution: usename is inaccessible beyond this point... */
tuple = SearchSysCache(OPEROID,
ObjectIdGetDatum(oprid),
0, 0, 0);
if (!HeapTupleIsValid(tuple))
elog(ERROR, "pg_ownercheck: operator %u not found",
oprid);
owner_id = ((Form_pg_operator) GETSTRUCT(tuple))->oprowner;
ReleaseSysCache(tuple);
return userid == owner_id;
}
/*
* Ownership check for a function (specified by name and argument types).
*/
bool
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
pg_func_ownercheck(Oid userid,
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
char *funcname,
int nargs,
Used modified version of indent that understands over 100 typedefs.
1997-09-08 23:56:23 +02:00
Oid *arglist)
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
{
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
HeapTuple tuple;
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
AclId owner_id;
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
char *usename;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(SHADOWSYSID,
ObjectIdGetDatum(userid),
0, 0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
elog(ERROR, "pg_func_ownercheck: invalid user id %u",
(unsigned) userid);
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
usename = NameStr(((Form_pg_shadow) GETSTRUCT(tuple))->usename);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
/*
* Superusers bypass all permission-checking.
*/
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (((Form_pg_shadow) GETSTRUCT(tuple))->usesuper)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
elog(DEBUG, "pg_ownercheck: user \"%s\" is superuser",
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
usename);
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
#endif
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
return true;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
/* caution: usename is inaccessible beyond this point... */
tuple = SearchSysCache(PROCNAME,
PointerGetDatum(funcname),
Int32GetDatum(nargs),
PointerGetDatum(arglist),
0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Change parameters to func_error().
1998-05-10 01:43:45 +02:00
func_error("pg_func_ownercheck", funcname, nargs, arglist, NULL);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
owner_id = ((Form_pg_proc) GETSTRUCT(tuple))->proowner;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
return userid == owner_id;
Postgres95 1.01 Distribution - Virgin Sources
1996-07-09 08:22:35 +02:00
}
From: Darren King <aixssd!darrenk@abs.net> Subject: [PATCHES] DROP AGGREGATE patch/fix. Here's a patch that fixes the DROP AGGREGATE command to delete the desired aggregate for a specific type.
1997-05-22 02:17:24 +02:00
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
/*
* Ownership check for an aggregate function (specified by name and
* argument type).
*/
bool
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
pg_aggr_ownercheck(Oid userid,
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
char *aggname,
Oid basetypeID)
From: Darren King <aixssd!darrenk@abs.net> Subject: [PATCHES] DROP AGGREGATE patch/fix. Here's a patch that fixes the DROP AGGREGATE command to delete the desired aggregate for a specific type.
1997-05-22 02:17:24 +02:00
{
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
HeapTuple tuple;
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
AclId owner_id;
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
char *usename;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(SHADOWSYSID,
PointerGetDatum(userid),
0, 0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
elog(ERROR, "pg_aggr_ownercheck: invalid user id %u",
(unsigned) userid);
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
usename = NameStr(((Form_pg_shadow) GETSTRUCT(tuple))->usename);
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
/*
* Superusers bypass all permission-checking.
*/
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (((Form_pg_shadow) GETSTRUCT(tuple))->usesuper)
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
{
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test.
2001-05-27 11:59:30 +02:00
#ifdef ACLDEBUG
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
elog(DEBUG, "pg_aggr_ownercheck: user \"%s\" is superuser",
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
usename);
From: Darren King <aixssd!darrenk@abs.net> Subject: [PATCHES] DROP AGGREGATE patch/fix. Here's a patch that fixes the DROP AGGREGATE command to delete the desired aggregate for a specific type.
1997-05-22 02:17:24 +02:00
#endif
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Correct permissions-checking bugs associated with ancient decision to copy PUBLIC access rights into each newly created ACL entry. Instead treat each ACL entry as independent flags. Also clean up some ugliness in acl.h API.
2001-06-05 21:34:56 +02:00
return true;
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
}
From: Darren King <aixssd!darrenk@abs.net> Subject: [PATCHES] DROP AGGREGATE patch/fix. Here's a patch that fixes the DROP AGGREGATE command to delete the desired aggregate for a specific type.
1997-05-22 02:17:24 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
/* caution: usename is inaccessible beyond this point... */
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
tuple = SearchSysCache(AGGNAME,
PointerGetDatum(aggname),
ObjectIdGetDatum(basetypeID),
0, 0);
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
if (!HeapTupleIsValid(tuple))
Massive commit to run PGINDENT on all *.c and *.h files.
1997-09-07 07:04:48 +02:00
agg_error("pg_aggr_ownercheck", aggname, basetypeID);
From: Darren King <aixssd!darrenk@abs.net> Subject: [PATCHES] DROP AGGREGATE patch/fix. Here's a patch that fixes the DROP AGGREGATE command to delete the desired aggregate for a specific type.
1997-05-22 02:17:24 +02:00
heap_fetch requires buffer pointer, must be released; heap_getnext no longer returns buffer pointer, can be gotten from scan; descriptor; bootstrap can create multi-key indexes; pg_procname index now is multi-key index; oidint2, oidint4, oidname are gone (must be removed from regression tests); use System Cache rather than sequential scan in many places; heap_modifytuple no longer takes buffer parameter; remove unused buffer parameter in a few other functions; oid8 is not index-able; remove some use of single-character variable names; cleanup Buffer variables usage and scan descriptor looping; cleaned up allocation and freeing of tuples; 18k lines of diff;
1998-08-19 04:04:17 +02:00
owner_id = ((Form_pg_aggregate) GETSTRUCT(tuple))->aggowner;
From: Darren King <aixssd!darrenk@abs.net> Subject: [PATCHES] DROP AGGREGATE patch/fix. Here's a patch that fixes the DROP AGGREGATE command to delete the desired aggregate for a specific type.
1997-05-22 02:17:24 +02:00
Change SearchSysCache coding conventions so that a reference count is maintained for each cache entry. A cache entry will not be freed until the matching ReleaseSysCache call has been executed. This eliminates worries about cache entries getting dropped while still in use. See my posting to pg-hackers of even date for more info.
2000-11-16 23:30:52 +01:00
ReleaseSysCache(tuple);
Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2000-09-06 16:15:31 +02:00
return userid == owner_id;
From: Darren King <aixssd!darrenk@abs.net> Subject: [PATCHES] DROP AGGREGATE patch/fix. Here's a patch that fixes the DROP AGGREGATE command to delete the desired aggregate for a specific type.
1997-05-22 02:17:24 +02:00
}