rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replace GrantObjectType with ObjectType 

There used to be a lot of different *Type and *Kind symbol groups to
address objects within different commands, most of which have been
replaced by ObjectType, starting with
b256f24264.  But this conversion was never
done for the ACL commands until now.

This change ends up being just a plain replacement of the types and
symbols, without any code restructuring needed, except deleting some now
redundant code.

Reviewed-by: Michael Paquier <michael.paquier@gmail.com>
Reviewed-by: Stephen Frost <sfrost@snowman.net>
This commit is contained in:
Peter Eisentraut 2017-10-11 18:35:19 -04:00
parent 42b5856038
commit 2c6f37ed62
14 changed files with 302 additions and 285 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

244
src/backend/catalog/aclchk.c
View File

@ -86,7 +86,7 @@ typedef struct
Oid nspid; /* namespace, or InvalidOid if none */
/* remaining fields are same as in InternalGrant: */
bool is_grant;
GrantObjectType objtype;
ObjectType objtype;
bool all_privs;
AclMode privileges;
List *grantees;
@ -116,8 +116,8 @@ static void ExecGrant_Type(InternalGrant *grantStmt);
static void SetDefaultACLsInSchemas(InternalDefaultACL *iacls, List *nspnames);
static void SetDefaultACL(InternalDefaultACL *iacls);
static List *objectNamesToOids(GrantObjectType objtype, List *objnames);
static List *objectsInSchemaToOids(GrantObjectType objtype, List *nspnames);
static List *objectNamesToOids(ObjectType objtype, List *objnames);
static List *objectsInSchemaToOids(ObjectType objtype, List *nspnames);
static List *getRelationsInNamespace(Oid namespaceId, char relkind);
static void expand_col_privileges(List *colnames, Oid table_oid,
AclMode this_privileges,
@ -266,7 +266,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
break;
case ACL_KIND_NAMESPACE:
whole_mask = ACL_ALL_RIGHTS_NAMESPACE;
whole_mask = ACL_ALL_RIGHTS_SCHEMA;
break;
case ACL_KIND_TABLESPACE:
whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
@ -441,68 +441,68 @@ ExecuteGrantStmt(GrantStmt *stmt)
/*
* Convert stmt->privileges, a list of AccessPriv nodes, into an AclMode
* bitmask. Note: objtype can't be ACL_OBJECT_COLUMN.
* bitmask. Note: objtype can't be OBJECT_COLUMN.
*/
switch (stmt->objtype)
{
case OBJECT_TABLE:
/*
* Because this might be a sequence, we test both relation and
* sequence bits, and later do a more limited test when we know
* the object type.
*/
case ACL_OBJECT_RELATION:
all_privileges = ACL_ALL_RIGHTS_RELATION | ACL_ALL_RIGHTS_SEQUENCE;
errormsg = gettext_noop("invalid privilege type %s for relation");
break;
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
errormsg = gettext_noop("invalid privilege type %s for sequence");
break;
case ACL_OBJECT_DATABASE:
case OBJECT_DATABASE:
all_privileges = ACL_ALL_RIGHTS_DATABASE;
errormsg = gettext_noop("invalid privilege type %s for database");
break;
case ACL_OBJECT_DOMAIN:
case OBJECT_DOMAIN:
all_privileges = ACL_ALL_RIGHTS_TYPE;
errormsg = gettext_noop("invalid privilege type %s for domain");
break;
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
all_privileges = ACL_ALL_RIGHTS_FUNCTION;
errormsg = gettext_noop("invalid privilege type %s for function");
break;
case ACL_OBJECT_LANGUAGE:
case OBJECT_LANGUAGE:
all_privileges = ACL_ALL_RIGHTS_LANGUAGE;
errormsg = gettext_noop("invalid privilege type %s for language");
break;
case ACL_OBJECT_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
all_privileges = ACL_ALL_RIGHTS_LARGEOBJECT;
errormsg = gettext_noop("invalid privilege type %s for large object");
break;
case ACL_OBJECT_NAMESPACE:
all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
case OBJECT_SCHEMA:
all_privileges = ACL_ALL_RIGHTS_SCHEMA;
errormsg = gettext_noop("invalid privilege type %s for schema");
break;
case ACL_OBJECT_PROCEDURE:
case OBJECT_PROCEDURE:
all_privileges = ACL_ALL_RIGHTS_FUNCTION;
errormsg = gettext_noop("invalid privilege type %s for procedure");
break;
case ACL_OBJECT_ROUTINE:
case OBJECT_ROUTINE:
all_privileges = ACL_ALL_RIGHTS_FUNCTION;
errormsg = gettext_noop("invalid privilege type %s for routine");
break;
case ACL_OBJECT_TABLESPACE:
case OBJECT_TABLESPACE:
all_privileges = ACL_ALL_RIGHTS_TABLESPACE;
errormsg = gettext_noop("invalid privilege type %s for tablespace");
break;
case ACL_OBJECT_TYPE:
case OBJECT_TYPE:
all_privileges = ACL_ALL_RIGHTS_TYPE;
errormsg = gettext_noop("invalid privilege type %s for type");
break;
case ACL_OBJECT_FDW:
case OBJECT_FDW:
all_privileges = ACL_ALL_RIGHTS_FDW;
errormsg = gettext_noop("invalid privilege type %s for foreign-data wrapper");
break;
case ACL_OBJECT_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
all_privileges = ACL_ALL_RIGHTS_FOREIGN_SERVER;
errormsg = gettext_noop("invalid privilege type %s for foreign server");
break;
@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt)
*/
if (privnode->cols)
{
if (stmt->objtype != ACL_OBJECT_RELATION)
if (stmt->objtype != OBJECT_TABLE)
ereport(ERROR,
(errcode(ERRCODE_INVALID_GRANT_OPERATION),
errmsg("column privileges are only valid for relations")));
@ -574,38 +574,38 @@ ExecGrantStmt_oids(InternalGrant *istmt)
{
switch (istmt->objtype)
{
case ACL_OBJECT_RELATION:
case ACL_OBJECT_SEQUENCE:
case OBJECT_TABLE:
case OBJECT_SEQUENCE:
ExecGrant_Relation(istmt);
break;
case ACL_OBJECT_DATABASE:
case OBJECT_DATABASE:
ExecGrant_Database(istmt);
break;
case ACL_OBJECT_DOMAIN:
case ACL_OBJECT_TYPE:
case OBJECT_DOMAIN:
case OBJECT_TYPE:
ExecGrant_Type(istmt);
break;
case ACL_OBJECT_FDW:
case OBJECT_FDW:
ExecGrant_Fdw(istmt);
break;
case ACL_OBJECT_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
ExecGrant_ForeignServer(istmt);
break;
case ACL_OBJECT_FUNCTION:
case ACL_OBJECT_PROCEDURE:
case ACL_OBJECT_ROUTINE:
case OBJECT_FUNCTION:
case OBJECT_PROCEDURE:
case OBJECT_ROUTINE:
ExecGrant_Function(istmt);
break;
case ACL_OBJECT_LANGUAGE:
case OBJECT_LANGUAGE:
ExecGrant_Language(istmt);
break;
case ACL_OBJECT_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
ExecGrant_Largeobject(istmt);
break;
case ACL_OBJECT_NAMESPACE:
case OBJECT_SCHEMA:
ExecGrant_Namespace(istmt);
break;
case ACL_OBJECT_TABLESPACE:
case OBJECT_TABLESPACE:
ExecGrant_Tablespace(istmt);
break;
default:
@ -619,7 +619,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
* the functions a chance to adjust the istmt with privileges actually
* granted.
*/
if (EventTriggerSupportsGrantObjectType(istmt->objtype))
if (EventTriggerSupportsObjectType(istmt->objtype))
EventTriggerCollectGrant(istmt);
}
@ -634,7 +634,7 @@ ExecGrantStmt_oids(InternalGrant *istmt)
* to fail.
*/
static List *
objectNamesToOids(GrantObjectType objtype, List *objnames)
objectNamesToOids(ObjectType objtype, List *objnames)
{
List *objects = NIL;
ListCell *cell;
@ -643,8 +643,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
switch (objtype)
{
case ACL_OBJECT_RELATION:
case ACL_OBJECT_SEQUENCE:
case OBJECT_TABLE:
case OBJECT_SEQUENCE:
foreach(cell, objnames)
{
RangeVar *relvar = (RangeVar *) lfirst(cell);
@ -654,7 +654,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, relOid);
}
break;
case ACL_OBJECT_DATABASE:
case OBJECT_DATABASE:
foreach(cell, objnames)
{
char *dbname = strVal(lfirst(cell));
@ -664,8 +664,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, dbid);
}
break;
case ACL_OBJECT_DOMAIN:
case ACL_OBJECT_TYPE:
case OBJECT_DOMAIN:
case OBJECT_TYPE:
foreach(cell, objnames)
{
List *typname = (List *) lfirst(cell);
@ -675,7 +675,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, oid);
}
break;
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
foreach(cell, objnames)
{
ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@ -685,7 +685,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, funcid);
}
break;
case ACL_OBJECT_LANGUAGE:
case OBJECT_LANGUAGE:
foreach(cell, objnames)
{
char *langname = strVal(lfirst(cell));
@ -695,7 +695,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, oid);
}
break;
case ACL_OBJECT_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
foreach(cell, objnames)
{
Oid lobjOid = oidparse(lfirst(cell));
@ -709,7 +709,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, lobjOid);
}
break;
case ACL_OBJECT_NAMESPACE:
case OBJECT_SCHEMA:
foreach(cell, objnames)
{
char *nspname = strVal(lfirst(cell));
@ -719,7 +719,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, oid);
}
break;
case ACL_OBJECT_PROCEDURE:
case OBJECT_PROCEDURE:
foreach(cell, objnames)
{
ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@ -729,7 +729,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, procid);
}
break;
case ACL_OBJECT_ROUTINE:
case OBJECT_ROUTINE:
foreach(cell, objnames)
{
ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell);
@ -739,7 +739,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, routid);
}
break;
case ACL_OBJECT_TABLESPACE:
case OBJECT_TABLESPACE:
foreach(cell, objnames)
{
char *spcname = strVal(lfirst(cell));
@ -749,7 +749,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, spcoid);
}
break;
case ACL_OBJECT_FDW:
case OBJECT_FDW:
foreach(cell, objnames)
{
char *fdwname = strVal(lfirst(cell));
@ -758,7 +758,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
objects = lappend_oid(objects, fdwid);
}
break;
case ACL_OBJECT_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
foreach(cell, objnames)
{
char *srvname = strVal(lfirst(cell));
@ -783,7 +783,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames)
* no privilege checking on the individual objects here.
*/
static List *
objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
objectsInSchemaToOids(ObjectType objtype, List *nspnames)
{
List *objects = NIL;
ListCell *cell;
@ -798,7 +798,7 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
switch (objtype)
{
case ACL_OBJECT_RELATION:
case OBJECT_TABLE:
objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION);
objects = list_concat(objects, objs);
objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW);
@ -810,13 +810,13 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
objs = getRelationsInNamespace(namespaceId, RELKIND_PARTITIONED_TABLE);
objects = list_concat(objects, objs);
break;
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
objs = getRelationsInNamespace(namespaceId, RELKIND_SEQUENCE);
objects = list_concat(objects, objs);
break;
case ACL_OBJECT_FUNCTION:
case ACL_OBJECT_PROCEDURE:
case ACL_OBJECT_ROUTINE:
case OBJECT_FUNCTION:
case OBJECT_PROCEDURE:
case OBJECT_ROUTINE:
{
ScanKeyData key[2];
int keycount;
@ -835,12 +835,12 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames)
* When looking for procedures, check for return type ==0.
* When looking for routines, don't check the return type.
*/
if (objtype == ACL_OBJECT_FUNCTION)
if (objtype == OBJECT_FUNCTION)
ScanKeyInit(&key[keycount++],
Anum_pg_proc_prorettype,
BTEqualStrategyNumber, F_OIDNE,
InvalidOid);
else if (objtype == ACL_OBJECT_PROCEDURE)
else if (objtype == OBJECT_PROCEDURE)
ScanKeyInit(&key[keycount++],
Anum_pg_proc_prorettype,
BTEqualStrategyNumber, F_OIDEQ,
@ -993,32 +993,32 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s
*/
switch (action->objtype)
{
case ACL_OBJECT_RELATION:
case OBJECT_TABLE:
all_privileges = ACL_ALL_RIGHTS_RELATION;
errormsg = gettext_noop("invalid privilege type %s for relation");
break;
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
all_privileges = ACL_ALL_RIGHTS_SEQUENCE;
errormsg = gettext_noop("invalid privilege type %s for sequence");
break;
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
all_privileges = ACL_ALL_RIGHTS_FUNCTION;
errormsg = gettext_noop("invalid privilege type %s for function");
break;
case ACL_OBJECT_PROCEDURE:
case OBJECT_PROCEDURE:
all_privileges = ACL_ALL_RIGHTS_FUNCTION;
errormsg = gettext_noop("invalid privilege type %s for procedure");
break;
case ACL_OBJECT_ROUTINE:
case OBJECT_ROUTINE:
all_privileges = ACL_ALL_RIGHTS_FUNCTION;
errormsg = gettext_noop("invalid privilege type %s for routine");
break;
case ACL_OBJECT_TYPE:
case OBJECT_TYPE:
all_privileges = ACL_ALL_RIGHTS_TYPE;
errormsg = gettext_noop("invalid privilege type %s for type");
break;
case ACL_OBJECT_NAMESPACE:
all_privileges = ACL_ALL_RIGHTS_NAMESPACE;
case OBJECT_SCHEMA:
all_privileges = ACL_ALL_RIGHTS_SCHEMA;
errormsg = gettext_noop("invalid privilege type %s for schema");
break;
default:
@ -1184,38 +1184,38 @@ SetDefaultACL(InternalDefaultACL *iacls)
*/
switch (iacls->objtype)
{
case ACL_OBJECT_RELATION:
case OBJECT_TABLE:
objtype = DEFACLOBJ_RELATION;
if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
this_privileges = ACL_ALL_RIGHTS_RELATION;
break;
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
objtype = DEFACLOBJ_SEQUENCE;
if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
this_privileges = ACL_ALL_RIGHTS_SEQUENCE;
break;
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
objtype = DEFACLOBJ_FUNCTION;
if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
this_privileges = ACL_ALL_RIGHTS_FUNCTION;
break;
case ACL_OBJECT_TYPE:
case OBJECT_TYPE:
objtype = DEFACLOBJ_TYPE;
if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
this_privileges = ACL_ALL_RIGHTS_TYPE;
break;
case ACL_OBJECT_NAMESPACE:
case OBJECT_SCHEMA:
if (OidIsValid(iacls->nspid))
ereport(ERROR,
(errcode(ERRCODE_INVALID_GRANT_OPERATION),
errmsg("cannot use IN SCHEMA clause when using GRANT/REVOKE ON SCHEMAS")));
objtype = DEFACLOBJ_NAMESPACE;
if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS)
this_privileges = ACL_ALL_RIGHTS_NAMESPACE;
this_privileges = ACL_ALL_RIGHTS_SCHEMA;
break;
default:
@ -1430,19 +1430,19 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
switch (pg_default_acl_tuple->defaclobjtype)
{
case DEFACLOBJ_RELATION:
iacls.objtype = ACL_OBJECT_RELATION;
iacls.objtype = OBJECT_TABLE;
break;
case DEFACLOBJ_SEQUENCE:
iacls.objtype = ACL_OBJECT_SEQUENCE;
iacls.objtype = OBJECT_SEQUENCE;
break;
case DEFACLOBJ_FUNCTION:
iacls.objtype = ACL_OBJECT_FUNCTION;
iacls.objtype = OBJECT_FUNCTION;
break;
case DEFACLOBJ_TYPE:
iacls.objtype = ACL_OBJECT_TYPE;
iacls.objtype = OBJECT_TYPE;
break;
case DEFACLOBJ_NAMESPACE:
iacls.objtype = ACL_OBJECT_NAMESPACE;
iacls.objtype = OBJECT_SCHEMA;
break;
default:
/* Shouldn't get here */
@ -1471,35 +1471,35 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
switch (classid)
{
case RelationRelationId:
/* it's OK to use RELATION for a sequence */
istmt.objtype = ACL_OBJECT_RELATION;
/* it's OK to use TABLE for a sequence */
istmt.objtype = OBJECT_TABLE;
break;
case DatabaseRelationId:
istmt.objtype = ACL_OBJECT_DATABASE;
istmt.objtype = OBJECT_DATABASE;
break;
case TypeRelationId:
istmt.objtype = ACL_OBJECT_TYPE;
istmt.objtype = OBJECT_TYPE;
break;
case ProcedureRelationId:
istmt.objtype = ACL_OBJECT_ROUTINE;
istmt.objtype = OBJECT_ROUTINE;
break;
case LanguageRelationId:
istmt.objtype = ACL_OBJECT_LANGUAGE;
istmt.objtype = OBJECT_LANGUAGE;
break;
case LargeObjectRelationId:
istmt.objtype = ACL_OBJECT_LARGEOBJECT;
istmt.objtype = OBJECT_LARGEOBJECT;
break;
case NamespaceRelationId:
istmt.objtype = ACL_OBJECT_NAMESPACE;
istmt.objtype = OBJECT_SCHEMA;
break;
case TableSpaceRelationId:
istmt.objtype = ACL_OBJECT_TABLESPACE;
istmt.objtype = OBJECT_TABLESPACE;
break;
case ForeignServerRelationId:
istmt.objtype = ACL_OBJECT_FOREIGN_SERVER;
istmt.objtype = OBJECT_FOREIGN_SERVER;
break;
case ForeignDataWrapperRelationId:
istmt.objtype = ACL_OBJECT_FDW;
istmt.objtype = OBJECT_FDW;
break;
default:
elog(ERROR, "unexpected object class %u", classid);
@ -1682,7 +1682,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname,
&isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_COLUMN, ownerId);
old_acl = acldefault(OBJECT_COLUMN, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -1839,7 +1839,7 @@ ExecGrant_Relation(InternalGrant *istmt)
NameStr(pg_class_tuple->relname))));
/* Used GRANT SEQUENCE on a non-sequence? */
if (istmt->objtype == ACL_OBJECT_SEQUENCE &&
if (istmt->objtype == OBJECT_SEQUENCE &&
pg_class_tuple->relkind != RELKIND_SEQUENCE)
ereport(ERROR,
(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@ -1863,7 +1863,7 @@ ExecGrant_Relation(InternalGrant *istmt)
* permissions. The OR of table and sequence permissions were already
* checked.
*/
if (istmt->objtype == ACL_OBJECT_RELATION)
if (istmt->objtype == OBJECT_TABLE)
{
if (pg_class_tuple->relkind == RELKIND_SEQUENCE)
{
@ -1942,10 +1942,10 @@ ExecGrant_Relation(InternalGrant *istmt)
switch (pg_class_tuple->relkind)
{
case RELKIND_SEQUENCE:
old_acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
old_acl = acldefault(OBJECT_SEQUENCE, ownerId);
break;
default:
old_acl = acldefault(ACL_OBJECT_RELATION, ownerId);
old_acl = acldefault(OBJECT_TABLE, ownerId);
break;
}
/* There are no old member roles according to the catalogs */
@ -2170,7 +2170,7 @@ ExecGrant_Database(InternalGrant *istmt)
RelationGetDescr(relation), &isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
old_acl = acldefault(OBJECT_DATABASE, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -2292,7 +2292,7 @@ ExecGrant_Fdw(InternalGrant *istmt)
&isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_FDW, ownerId);
old_acl = acldefault(OBJECT_FDW, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -2418,7 +2418,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt)
&isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
old_acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -2542,7 +2542,7 @@ ExecGrant_Function(InternalGrant *istmt)
&isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
old_acl = acldefault(OBJECT_FUNCTION, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -2673,7 +2673,7 @@ ExecGrant_Language(InternalGrant *istmt)
&isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
old_acl = acldefault(OBJECT_LANGUAGE, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -2811,7 +2811,7 @@ ExecGrant_Largeobject(InternalGrant *istmt)
RelationGetDescr(relation), &isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
old_acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -2895,7 +2895,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
ListCell *cell;
if (istmt->all_privs && istmt->privileges == ACL_NO_RIGHTS)
istmt->privileges = ACL_ALL_RIGHTS_NAMESPACE;
istmt->privileges = ACL_ALL_RIGHTS_SCHEMA;
relation = heap_open(NamespaceRelationId, RowExclusiveLock);
@ -2937,7 +2937,7 @@ ExecGrant_Namespace(InternalGrant *istmt)
&isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
old_acl = acldefault(OBJECT_SCHEMA, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -3061,7 +3061,7 @@ ExecGrant_Tablespace(InternalGrant *istmt)
RelationGetDescr(relation), &isNull);
if (isNull)
{
old_acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
old_acl = acldefault(OBJECT_TABLESPACE, ownerId);
/* There are no old member roles according to the catalogs */
noldmembers = 0;
oldmembers = NULL;
@ -3179,7 +3179,7 @@ ExecGrant_Type(InternalGrant *istmt)
errhint("Set the privileges of the element type instead.")));
/* Used GRANT DOMAIN on a non-domain? */
if (istmt->objtype == ACL_OBJECT_DOMAIN &&
if (istmt->objtype == OBJECT_DOMAIN &&
pg_type_tuple->typtype != TYPTYPE_DOMAIN)
ereport(ERROR,
(errcode(ERRCODE_WRONG_OBJECT_TYPE),
@ -3745,10 +3745,10 @@ pg_class_aclmask(Oid table_oid, Oid roleid,
switch (classForm->relkind)
{
case RELKIND_SEQUENCE:
acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId);
acl = acldefault(OBJECT_SEQUENCE, ownerId);
break;
default:
acl = acldefault(ACL_OBJECT_RELATION, ownerId);
acl = acldefault(OBJECT_TABLE, ownerId);
break;
}
aclDatum = (Datum) 0;
@ -3804,7 +3804,7 @@ pg_database_aclmask(Oid db_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
acl = acldefault(OBJECT_DATABASE, ownerId);
aclDatum = (Datum) 0;
}
else
@ -3858,7 +3858,7 @@ pg_proc_aclmask(Oid proc_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
acl = acldefault(OBJECT_FUNCTION, ownerId);
aclDatum = (Datum) 0;
}
else
@ -3912,7 +3912,7 @@ pg_language_aclmask(Oid lang_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId);
acl = acldefault(OBJECT_LANGUAGE, ownerId);
aclDatum = (Datum) 0;
}
else
@ -3992,7 +3992,7 @@ pg_largeobject_aclmask_snapshot(Oid lobj_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId);
acl = acldefault(OBJECT_LARGEOBJECT, ownerId);
aclDatum = (Datum) 0;
}
else
@ -4055,7 +4055,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
{
if (pg_database_aclcheck(MyDatabaseId, roleid,
ACL_CREATE_TEMP) == ACLCHECK_OK)
return mask & ACL_ALL_RIGHTS_NAMESPACE;
return mask & ACL_ALL_RIGHTS_SCHEMA;
else
return mask & ACL_USAGE;
}
@ -4076,7 +4076,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
acl = acldefault(OBJECT_SCHEMA, ownerId);
aclDatum = (Datum) 0;
}
else
@ -4132,7 +4132,7 @@ pg_tablespace_aclmask(Oid spc_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId);
acl = acldefault(OBJECT_TABLESPACE, ownerId);
aclDatum = (Datum) 0;
}
else
@ -4194,7 +4194,7 @@ pg_foreign_data_wrapper_aclmask(Oid fdw_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_FDW, ownerId);
acl = acldefault(OBJECT_FDW, ownerId);
aclDatum = (Datum) 0;
}
else
@ -4256,7 +4256,7 @@ pg_foreign_server_aclmask(Oid srv_oid, Oid roleid,
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId);
acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId);
aclDatum = (Datum) 0;
}
else
@ -4333,7 +4333,7 @@ pg_type_aclmask(Oid type_oid, Oid roleid, AclMode mask, AclMaskHow how)
if (isNull)
{
/* No ACL, so build default ACL */
acl = acldefault(ACL_OBJECT_TYPE, ownerId);
acl = acldefault(OBJECT_TYPE, ownerId);
aclDatum = (Datum) 0;
}
else
@ -5302,7 +5302,7 @@ get_default_acl_internal(Oid roleId, Oid nsp_oid, char objtype)
* Returns NULL if built-in system defaults should be used
*/
Acl *
get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid)
{
Acl *result;
Acl *glob_acl;
@ -5320,23 +5320,23 @@ get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid)
/* Check if object type is supported in pg_default_acl */
switch (objtype)
{
case ACL_OBJECT_RELATION:
case OBJECT_TABLE:
defaclobjtype = DEFACLOBJ_RELATION;
break;
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
defaclobjtype = DEFACLOBJ_SEQUENCE;
break;
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
defaclobjtype = DEFACLOBJ_FUNCTION;
break;
case ACL_OBJECT_TYPE:
case OBJECT_TYPE:
defaclobjtype = DEFACLOBJ_TYPE;
break;
case ACL_OBJECT_NAMESPACE:
case OBJECT_SCHEMA:
defaclobjtype = DEFACLOBJ_NAMESPACE;
break;

4
src/backend/catalog/heap.c
View File

@ -1143,11 +1143,11 @@ heap_create_with_catalog(const char *relname,
case RELKIND_MATVIEW:
case RELKIND_FOREIGN_TABLE:
case RELKIND_PARTITIONED_TABLE:
relacl = get_user_default_acl(ACL_OBJECT_RELATION, ownerid,
relacl = get_user_default_acl(OBJECT_TABLE, ownerid,
relnamespace);
break;
case RELKIND_SEQUENCE:
relacl = get_user_default_acl(ACL_OBJECT_SEQUENCE, ownerid,
relacl = get_user_default_acl(OBJECT_SEQUENCE, ownerid,
relnamespace);
break;
default:

2
src/backend/catalog/pg_namespace.c
View File

@ -63,7 +63,7 @@ NamespaceCreate(const char *nspName, Oid ownerId, bool isTemp)
errmsg("schema \"%s\" already exists", nspName)));
if (!isTemp)
nspacl = get_user_default_acl(ACL_OBJECT_NAMESPACE, ownerId,
nspacl = get_user_default_acl(OBJECT_SCHEMA, ownerId,
InvalidOid);
else
nspacl = NULL;

2
src/backend/catalog/pg_proc.c
View File

@ -582,7 +582,7 @@ ProcedureCreate(const char *procedureName,
/* Creating a new procedure */
/* First, get default permissions and set up proacl */
proacl = get_user_default_acl(ACL_OBJECT_FUNCTION, proowner,
proacl = get_user_default_acl(OBJECT_FUNCTION, proowner,
procNamespace);
if (proacl != NULL)
values[Anum_pg_proc_proacl - 1] = PointerGetDatum(proacl);

2
src/backend/catalog/pg_type.c
View File

@ -380,7 +380,7 @@ TypeCreate(Oid newTypeOid,
else
nulls[Anum_pg_type_typdefault - 1] = true;
typacl = get_user_default_acl(ACL_OBJECT_TYPE, ownerId,
typacl = get_user_default_acl(OBJECT_TYPE, ownerId,
typeNamespace);
if (typacl != NULL)
values[Anum_pg_type_typacl - 1] = PointerGetDatum(typacl);

185
src/backend/commands/event_trigger.c
View File

@ -159,8 +159,8 @@ static Oid insert_event_trigger_tuple(const char *trigname, const char *eventnam
static void validate_ddl_tags(const char *filtervar, List *taglist);
static void validate_table_rewrite_tags(const char *filtervar, List *taglist);
static void EventTriggerInvoke(List *fn_oid_list, EventTriggerData *trigdata);
static const char *stringify_grantobjtype(GrantObjectType objtype);
static const char *stringify_adefprivs_objtype(GrantObjectType objtype);
static const char *stringify_grant_objtype(ObjectType objtype);
static const char *stringify_adefprivs_objtype(ObjectType objtype);
/*
* Create an event trigger.
@ -1199,41 +1199,6 @@ EventTriggerSupportsObjectClass(ObjectClass objclass)
return false;
}
bool
EventTriggerSupportsGrantObjectType(GrantObjectType objtype)
{
switch (objtype)
{
case ACL_OBJECT_DATABASE:
case ACL_OBJECT_TABLESPACE:
/* no support for global objects */
return false;
case ACL_OBJECT_COLUMN:
case ACL_OBJECT_RELATION:
case ACL_OBJECT_SEQUENCE:
case ACL_OBJECT_DOMAIN:
case ACL_OBJECT_FDW:
case ACL_OBJECT_FOREIGN_SERVER:
case ACL_OBJECT_FUNCTION:
case ACL_OBJECT_LANGUAGE:
case ACL_OBJECT_LARGEOBJECT:
case ACL_OBJECT_NAMESPACE:
case ACL_OBJECT_PROCEDURE:
case ACL_OBJECT_ROUTINE:
case ACL_OBJECT_TYPE:
return true;
/*
* There's intentionally no default: case here; we want the
* compiler to warn if a new ACL class hasn't been handled above.
*/
}
/* Shouldn't get here, but if we do, say "no support" */
return false;
}
/*
* Prepare event trigger state for a new complete query to run, if necessary;
* returns whether this was done. If it was, EventTriggerEndCompleteQuery must
@ -2196,7 +2161,7 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS)
values[i++] = CStringGetTextDatum(cmd->d.grant.istmt->is_grant ?
"GRANT" : "REVOKE");
/* object_type */
values[i++] = CStringGetTextDatum(stringify_grantobjtype(
values[i++] = CStringGetTextDatum(stringify_grant_objtype(
cmd->d.grant.istmt->objtype));
/* schema */
nulls[i++] = true;
@ -2219,92 +2184,164 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS)
}
/*
* Return the GrantObjectType as a string, as it would appear in GRANT and
* Return the ObjectType as a string, as it would appear in GRANT and
* REVOKE commands.
*/
static const char *
stringify_grantobjtype(GrantObjectType objtype)
stringify_grant_objtype(ObjectType objtype)
{
switch (objtype)
{
case ACL_OBJECT_COLUMN:
case OBJECT_COLUMN:
return "COLUMN";
case ACL_OBJECT_RELATION:
case OBJECT_TABLE:
return "TABLE";
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
return "SEQUENCE";
case ACL_OBJECT_DATABASE:
case OBJECT_DATABASE:
return "DATABASE";
case ACL_OBJECT_DOMAIN:
case OBJECT_DOMAIN:
return "DOMAIN";
case ACL_OBJECT_FDW:
case OBJECT_FDW:
return "FOREIGN DATA WRAPPER";
case ACL_OBJECT_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
return "FOREIGN SERVER";
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
return "FUNCTION";
case ACL_OBJECT_LANGUAGE:
case OBJECT_LANGUAGE:
return "LANGUAGE";
case ACL_OBJECT_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
return "LARGE OBJECT";
case ACL_OBJECT_NAMESPACE:
case OBJECT_SCHEMA:
return "SCHEMA";
case ACL_OBJECT_PROCEDURE:
case OBJECT_PROCEDURE:
return "PROCEDURE";
case ACL_OBJECT_ROUTINE:
case OBJECT_ROUTINE:
return "ROUTINE";
case ACL_OBJECT_TABLESPACE:
case OBJECT_TABLESPACE:
return "TABLESPACE";
case ACL_OBJECT_TYPE:
case OBJECT_TYPE:
return "TYPE";
/* these currently aren't used */
case OBJECT_ACCESS_METHOD:
case OBJECT_AGGREGATE:
case OBJECT_AMOP:
case OBJECT_AMPROC:
case OBJECT_ATTRIBUTE:
case OBJECT_CAST:
case OBJECT_COLLATION:
case OBJECT_CONVERSION:
case OBJECT_DEFAULT:
case OBJECT_DEFACL:
case OBJECT_DOMCONSTRAINT:
case OBJECT_EVENT_TRIGGER:
case OBJECT_EXTENSION:
case OBJECT_FOREIGN_TABLE:
case OBJECT_INDEX:
case OBJECT_MATVIEW:
case OBJECT_OPCLASS:
case OBJECT_OPERATOR:
case OBJECT_OPFAMILY:
case OBJECT_POLICY:
case OBJECT_PUBLICATION:
case OBJECT_PUBLICATION_REL:
case OBJECT_ROLE:
case OBJECT_RULE:
case OBJECT_STATISTIC_EXT:
case OBJECT_SUBSCRIPTION:
case OBJECT_TABCONSTRAINT:
case OBJECT_TRANSFORM:
case OBJECT_TRIGGER:
case OBJECT_TSCONFIGURATION:
case OBJECT_TSDICTIONARY:
case OBJECT_TSPARSER:
case OBJECT_TSTEMPLATE:
case OBJECT_USER_MAPPING:
case OBJECT_VIEW:
elog(ERROR, "unsupported object type: %d", (int) objtype);
}
elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
return "???"; /* keep compiler quiet */
}
/*
* Return the GrantObjectType as a string; as above, but use the spelling
* Return the ObjectType as a string; as above, but use the spelling
* in ALTER DEFAULT PRIVILEGES commands instead. Generally this is just
* the plural.
*/
static const char *
stringify_adefprivs_objtype(GrantObjectType objtype)
stringify_adefprivs_objtype(ObjectType objtype)
{
switch (objtype)
{
case ACL_OBJECT_COLUMN:
case OBJECT_COLUMN:
return "COLUMNS";
case ACL_OBJECT_RELATION:
case OBJECT_TABLE:
return "TABLES";
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
return "SEQUENCES";
case ACL_OBJECT_DATABASE:
case OBJECT_DATABASE:
return "DATABASES";
case ACL_OBJECT_DOMAIN:
case OBJECT_DOMAIN:
return "DOMAINS";
case ACL_OBJECT_FDW:
case OBJECT_FDW:
return "FOREIGN DATA WRAPPERS";
case ACL_OBJECT_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
return "FOREIGN SERVERS";
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
return "FUNCTIONS";
case ACL_OBJECT_LANGUAGE:
case OBJECT_LANGUAGE:
return "LANGUAGES";
case ACL_OBJECT_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
return "LARGE OBJECTS";
case ACL_OBJECT_NAMESPACE:
case OBJECT_SCHEMA:
return "SCHEMAS";
case ACL_OBJECT_PROCEDURE:
case OBJECT_PROCEDURE:
return "PROCEDURES";
case ACL_OBJECT_ROUTINE:
case OBJECT_ROUTINE:
return "ROUTINES";
case ACL_OBJECT_TABLESPACE:
case OBJECT_TABLESPACE:
return "TABLESPACES";
case ACL_OBJECT_TYPE:
case OBJECT_TYPE:
return "TYPES";
/* these currently aren't used */
case OBJECT_ACCESS_METHOD:
case OBJECT_AGGREGATE:
case OBJECT_AMOP:
case OBJECT_AMPROC:
case OBJECT_ATTRIBUTE:
case OBJECT_CAST:
case OBJECT_COLLATION:
case OBJECT_CONVERSION:
case OBJECT_DEFAULT:
case OBJECT_DEFACL:
case OBJECT_DOMCONSTRAINT:
case OBJECT_EVENT_TRIGGER:
case OBJECT_EXTENSION:
case OBJECT_FOREIGN_TABLE:
case OBJECT_INDEX:
case OBJECT_MATVIEW:
case OBJECT_OPCLASS:
case OBJECT_OPERATOR:
case OBJECT_OPFAMILY:
case OBJECT_POLICY:
case OBJECT_PUBLICATION:
case OBJECT_PUBLICATION_REL:
case OBJECT_ROLE:
case OBJECT_RULE:
case OBJECT_STATISTIC_EXT:
case OBJECT_SUBSCRIPTION:
case OBJECT_TABCONSTRAINT:
case OBJECT_TRANSFORM:
case OBJECT_TRIGGER:
case OBJECT_TSCONFIGURATION:
case OBJECT_TSDICTIONARY:
case OBJECT_TSPARSER:
case OBJECT_TSTEMPLATE:
case OBJECT_USER_MAPPING:
case OBJECT_VIEW:
elog(ERROR, "unsupported object type: %d", (int) objtype);
}
elog(ERROR, "unrecognized grant object type: %d", (int) objtype);
return "???"; /* keep compiler quiet */
}

54
src/backend/parser/gram.y
View File

@ -115,7 +115,7 @@
typedef struct PrivTarget
{
GrantTargetType targtype;
GrantObjectType objtype;
ObjectType objtype;
List *objs;
} PrivTarget;
@ -7027,7 +7027,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_RELATION;
n->objtype = OBJECT_TABLE;
n->objs = $1;
$$ = n;
}
@ -7035,7 +7035,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_RELATION;
n->objtype = OBJECT_TABLE;
n->objs = $2;
$$ = n;
}
@ -7043,7 +7043,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_SEQUENCE;
n->objtype = OBJECT_SEQUENCE;
n->objs = $2;
$$ = n;
}
@ -7051,7 +7051,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_FDW;
n->objtype = OBJECT_FDW;
n->objs = $4;
$$ = n;
}
@ -7059,7 +7059,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_FOREIGN_SERVER;
n->objtype = OBJECT_FOREIGN_SERVER;
n->objs = $3;
$$ = n;
}
@ -7067,7 +7067,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_FUNCTION;
n->objtype = OBJECT_FUNCTION;
n->objs = $2;
$$ = n;
}
@ -7075,7 +7075,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_PROCEDURE;
n->objtype = OBJECT_PROCEDURE;
n->objs = $2;
$$ = n;
}
@ -7083,7 +7083,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_ROUTINE;
n->objtype = OBJECT_ROUTINE;
n->objs = $2;
$$ = n;
}
@ -7091,7 +7091,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_DATABASE;
n->objtype = OBJECT_DATABASE;
n->objs = $2;
$$ = n;
}
@ -7099,7 +7099,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_DOMAIN;
n->objtype = OBJECT_DOMAIN;
n->objs = $2;
$$ = n;
}
@ -7107,7 +7107,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_LANGUAGE;
n->objtype = OBJECT_LANGUAGE;
n->objs = $2;
$$ = n;
}
@ -7115,7 +7115,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_LARGEOBJECT;
n->objtype = OBJECT_LARGEOBJECT;
n->objs = $3;
$$ = n;
}
@ -7123,7 +7123,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_NAMESPACE;
n->objtype = OBJECT_SCHEMA;
n->objs = $2;
$$ = n;
}
@ -7131,7 +7131,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_TABLESPACE;
n->objtype = OBJECT_TABLESPACE;
n->objs = $2;
$$ = n;
}
@ -7139,7 +7139,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_OBJECT;
n->objtype = ACL_OBJECT_TYPE;
n->objtype = OBJECT_TYPE;
n->objs = $2;
$$ = n;
}
@ -7147,7 +7147,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
n->objtype = ACL_OBJECT_RELATION;
n->objtype = OBJECT_TABLE;
n->objs = $5;
$$ = n;
}
@ -7155,7 +7155,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
n->objtype = ACL_OBJECT_SEQUENCE;
n->objtype = OBJECT_SEQUENCE;
n->objs = $5;
$$ = n;
}
@ -7163,7 +7163,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
n->objtype = ACL_OBJECT_FUNCTION;
n->objtype = OBJECT_FUNCTION;
n->objs = $5;
$$ = n;
}
@ -7171,7 +7171,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
n->objtype = ACL_OBJECT_PROCEDURE;
n->objtype = OBJECT_PROCEDURE;
n->objs = $5;
$$ = n;
}
@ -7179,7 +7179,7 @@ privilege_target:
{
PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget));
n->targtype = ACL_TARGET_ALL_IN_SCHEMA;
n->objtype = ACL_OBJECT_ROUTINE;
n->objtype = OBJECT_ROUTINE;
n->objs = $5;
$$ = n;
}
@ -7337,12 +7337,12 @@ DefACLAction:
;
defacl_privilege_target:
TABLES { $$ = ACL_OBJECT_RELATION; }
| FUNCTIONS { $$ = ACL_OBJECT_FUNCTION; }
| ROUTINES { $$ = ACL_OBJECT_FUNCTION; }
| SEQUENCES { $$ = ACL_OBJECT_SEQUENCE; }
| TYPES_P { $$ = ACL_OBJECT_TYPE; }
| SCHEMAS { $$ = ACL_OBJECT_NAMESPACE; }
TABLES { $$ = OBJECT_TABLE; }
| FUNCTIONS { $$ = OBJECT_FUNCTION; }
| ROUTINES { $$ = OBJECT_FUNCTION; }
| SEQUENCES { $$ = OBJECT_SEQUENCE; }
| TYPES_P { $$ = OBJECT_TYPE; }
| SCHEMAS { $$ = OBJECT_SCHEMA; }
;

2
src/backend/tcop/utility.c
View File

@ -828,7 +828,7 @@ standard_ProcessUtility(PlannedStmt *pstmt,
{
GrantStmt *stmt = (GrantStmt *) parsetree;
if (EventTriggerSupportsGrantObjectType(stmt->objtype))
if (EventTriggerSupportsObjectType(stmt->objtype))
ProcessUtilitySlow(pstate, pstmt, queryString,
context, params, queryEnv,
dest, completionTag);

58
src/backend/utils/adt/acl.c
View File

@ -745,7 +745,7 @@ hash_aclitem_extended(PG_FUNCTION_ARGS)
* absence of any pg_default_acl entry.
*/
Acl *
acldefault(GrantObjectType objtype, Oid ownerId)
acldefault(ObjectType objtype, Oid ownerId)
{
AclMode world_default;
AclMode owner_default;
@ -755,56 +755,56 @@ acldefault(GrantObjectType objtype, Oid ownerId)
switch (objtype)
{
case ACL_OBJECT_COLUMN:
case OBJECT_COLUMN:
/* by default, columns have no extra privileges */
world_default = ACL_NO_RIGHTS;
owner_default = ACL_NO_RIGHTS;
break;
case ACL_OBJECT_RELATION:
case OBJECT_TABLE:
world_default = ACL_NO_RIGHTS;
owner_default = ACL_ALL_RIGHTS_RELATION;
break;
case ACL_OBJECT_SEQUENCE:
case OBJECT_SEQUENCE:
world_default = ACL_NO_RIGHTS;
owner_default = ACL_ALL_RIGHTS_SEQUENCE;
break;
case ACL_OBJECT_DATABASE:
case OBJECT_DATABASE:
/* for backwards compatibility, grant some rights by default */
world_default = ACL_CREATE_TEMP | ACL_CONNECT;
owner_default = ACL_ALL_RIGHTS_DATABASE;
break;
case ACL_OBJECT_FUNCTION:
case OBJECT_FUNCTION:
/* Grant EXECUTE by default, for now */
world_default = ACL_EXECUTE;
owner_default = ACL_ALL_RIGHTS_FUNCTION;
break;
case ACL_OBJECT_LANGUAGE:
case OBJECT_LANGUAGE:
/* Grant USAGE by default, for now */
world_default = ACL_USAGE;
owner_default = ACL_ALL_RIGHTS_LANGUAGE;
break;
case ACL_OBJECT_LARGEOBJECT:
case OBJECT_LARGEOBJECT:
world_default = ACL_NO_RIGHTS;
owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
break;
case ACL_OBJECT_NAMESPACE:
case OBJECT_SCHEMA:
world_default = ACL_NO_RIGHTS;
owner_default = ACL_ALL_RIGHTS_NAMESPACE;
owner_default = ACL_ALL_RIGHTS_SCHEMA;
break;
case ACL_OBJECT_TABLESPACE:
case OBJECT_TABLESPACE:
world_default = ACL_NO_RIGHTS;
owner_default = ACL_ALL_RIGHTS_TABLESPACE;
break;
case ACL_OBJECT_FDW:
case OBJECT_FDW:
world_default = ACL_NO_RIGHTS;
owner_default = ACL_ALL_RIGHTS_FDW;
break;
case ACL_OBJECT_FOREIGN_SERVER:
case OBJECT_FOREIGN_SERVER:
world_default = ACL_NO_RIGHTS;
owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
break;
case ACL_OBJECT_DOMAIN:
case ACL_OBJECT_TYPE:
case OBJECT_DOMAIN:
case OBJECT_TYPE:
world_default = ACL_USAGE;
owner_default = ACL_ALL_RIGHTS_TYPE;
break;
@ -855,7 +855,7 @@ acldefault(GrantObjectType objtype, Oid ownerId)
/*
* SQL-accessible version of acldefault(). Hackish mapping from "char" type to
* ACL_OBJECT_* values, but it's only used in the information schema, not
* OBJECT_* values, but it's only used in the information schema, not
* documented for general use.
*/
Datum
@ -863,45 +863,45 @@ acldefault_sql(PG_FUNCTION_ARGS)
{
char objtypec = PG_GETARG_CHAR(0);
Oid owner = PG_GETARG_OID(1);
GrantObjectType objtype = 0;
ObjectType objtype = 0;
switch (objtypec)
{
case 'c':
objtype = ACL_OBJECT_COLUMN;
objtype = OBJECT_COLUMN;
break;
case 'r':
objtype = ACL_OBJECT_RELATION;
objtype = OBJECT_TABLE;
break;
case 's':
objtype = ACL_OBJECT_SEQUENCE;
objtype = OBJECT_SEQUENCE;
break;
case 'd':
objtype = ACL_OBJECT_DATABASE;
objtype = OBJECT_DATABASE;
break;
case 'f':
objtype = ACL_OBJECT_FUNCTION;
objtype = OBJECT_FUNCTION;
break;
case 'l':
objtype = ACL_OBJECT_LANGUAGE;
objtype = OBJECT_LANGUAGE;
break;
case 'L':
objtype = ACL_OBJECT_LARGEOBJECT;
objtype = OBJECT_LARGEOBJECT;
break;
case 'n':
objtype = ACL_OBJECT_NAMESPACE;
objtype = OBJECT_SCHEMA;
break;
case 't':
objtype = ACL_OBJECT_TABLESPACE;
objtype = OBJECT_TABLESPACE;
break;
case 'F':
objtype = ACL_OBJECT_FDW;
objtype = OBJECT_FDW;
break;
case 'S':
objtype = ACL_OBJECT_FOREIGN_SERVER;
objtype = OBJECT_FOREIGN_SERVER;
break;
case 'T':
objtype = ACL_OBJECT_TYPE;
objtype = OBJECT_TYPE;
break;
default:
elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);

1
src/include/commands/event_trigger.h
View File

@ -50,7 +50,6 @@ extern void AlterEventTriggerOwner_oid(Oid, Oid newOwnerId);
extern bool EventTriggerSupportsObjectType(ObjectType obtype);
extern bool EventTriggerSupportsObjectClass(ObjectClass objclass);
extern bool EventTriggerSupportsGrantObjectType(GrantObjectType objtype);
extern void EventTriggerDDLCommandStart(Node *parsetree);
extern void EventTriggerDDLCommandEnd(Node *parsetree);
extern void EventTriggerSQLDrop(Node *parsetree);

21
src/include/nodes/parsenodes.h
View File

@ -1845,31 +1845,12 @@ typedef enum GrantTargetType
ACL_TARGET_DEFAULTS /* ALTER DEFAULT PRIVILEGES */
} GrantTargetType;
typedef enum GrantObjectType
{
ACL_OBJECT_COLUMN, /* column */
ACL_OBJECT_RELATION, /* table, view */
ACL_OBJECT_SEQUENCE, /* sequence */
ACL_OBJECT_DATABASE, /* database */
ACL_OBJECT_DOMAIN, /* domain */
ACL_OBJECT_FDW, /* foreign-data wrapper */
ACL_OBJECT_FOREIGN_SERVER, /* foreign server */
ACL_OBJECT_FUNCTION, /* function */
ACL_OBJECT_LANGUAGE, /* procedural language */
ACL_OBJECT_LARGEOBJECT, /* largeobject */
ACL_OBJECT_NAMESPACE, /* namespace */
ACL_OBJECT_PROCEDURE, /* procedure */
ACL_OBJECT_ROUTINE, /* routine */
ACL_OBJECT_TABLESPACE, /* tablespace */
ACL_OBJECT_TYPE /* type */
} GrantObjectType;
typedef struct GrantStmt
{
NodeTag type;
bool is_grant; /* true = GRANT, false = REVOKE */
GrantTargetType targtype; /* type of the grant target */
GrantObjectType objtype; /* kind of object being operated on */
ObjectType objtype; /* kind of object being operated on */
List *objects; /* list of RangeVar nodes, ObjectWithArgs
* nodes, or plain names (as Value strings) */
List *privileges; /* list of AccessPriv nodes */

2
src/include/tcop/deparse_utility.h
View File

@ -97,7 +97,7 @@ typedef struct CollectedCommand
/* ALTER DEFAULT PRIVILEGES */
struct
{
GrantObjectType objtype;
ObjectType objtype;
} defprivs;
} d;
} CollectedCommand;

6
src/include/utils/acl.h
View File

@ -163,7 +163,7 @@ typedef ArrayType Acl;
#define ACL_ALL_RIGHTS_FUNCTION (ACL_EXECUTE)
#define ACL_ALL_RIGHTS_LANGUAGE (ACL_USAGE)
#define ACL_ALL_RIGHTS_LARGEOBJECT (ACL_SELECT|ACL_UPDATE)
#define ACL_ALL_RIGHTS_NAMESPACE (ACL_USAGE|ACL_CREATE)
#define ACL_ALL_RIGHTS_SCHEMA (ACL_USAGE|ACL_CREATE)
#define ACL_ALL_RIGHTS_TABLESPACE (ACL_CREATE)
#define ACL_ALL_RIGHTS_TYPE (ACL_USAGE)
@ -217,8 +217,8 @@ typedef enum AclObjectKind
/*
* routines used internally
*/
extern Acl *acldefault(GrantObjectType objtype, Oid ownerId);
extern Acl *get_user_default_acl(GrantObjectType objtype, Oid ownerId,
extern Acl *acldefault(ObjectType objtype, Oid ownerId);
extern Acl *get_user_default_acl(ObjectType objtype, Oid ownerId,
Oid nsp_oid);
extern Acl *aclupdate(const Acl *old_acl, const AclItem *mod_aip,

4
src/include/utils/aclchk_internal.h
View File

@ -26,12 +26,12 @@
* Note: 'all_privs' and 'privileges' represent object-level privileges only.
* There might also be column-level privilege specifications, which are
* represented in col_privs (this is a list of untransformed AccessPriv nodes).
* Column privileges are only valid for objtype ACL_OBJECT_RELATION.
* Column privileges are only valid for objtype OBJECT_TABLE.
*/
typedef struct
{
bool is_grant;
GrantObjectType objtype;
ObjectType objtype;
List *objects;
bool all_privs;
AclMode privileges;