diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c index a6c897c319..ae7e24ad08 100644 --- a/contrib/dblink/dblink.c +++ b/contrib/dblink/dblink.c @@ -2504,7 +2504,7 @@ get_rel_from_relname(text *relname_text, LOCKMODE lockmode, AclMode aclmode) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), aclmode); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); return rel; @@ -2789,7 +2789,7 @@ get_connect_string(const char *servername) /* Check permissions, user must have usage on the server. */ aclresult = pg_foreign_server_aclcheck(serverid, userid, ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, foreign_server->servername); + aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, foreign_server->servername); foreach(cell, fdw->options) { diff --git a/contrib/file_fdw/output/file_fdw.source b/contrib/file_fdw/output/file_fdw.source index 709c43ec80..e2d8b87015 100644 --- a/contrib/file_fdw/output/file_fdw.source +++ b/contrib/file_fdw/output/file_fdw.source @@ -393,7 +393,7 @@ SELECT * FROM agg_text ORDER BY a; SET ROLE regress_no_priv_user; SELECT * FROM agg_text ORDER BY a; -- ERROR -ERROR: permission denied for relation agg_text +ERROR: permission denied for foreign table agg_text SET ROLE regress_file_fdw_user; \t on EXPLAIN (VERBOSE, COSTS FALSE) SELECT * FROM agg_text WHERE a > 0; diff --git a/contrib/pg_prewarm/pg_prewarm.c b/contrib/pg_prewarm/pg_prewarm.c index 4117bf6d2e..7f084462b1 100644 --- a/contrib/pg_prewarm/pg_prewarm.c +++ b/contrib/pg_prewarm/pg_prewarm.c @@ -107,7 +107,7 @@ pg_prewarm(PG_FUNCTION_ARGS) rel = relation_open(relOid, AccessShareLock); aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, get_rel_name(relOid)); + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), get_rel_name(relOid)); /* Check that the fork exists. */ RelationOpenSmgr(rel); diff --git a/contrib/pgrowlocks/pgrowlocks.c b/contrib/pgrowlocks/pgrowlocks.c index eabca65bd2..94e051d642 100644 --- a/contrib/pgrowlocks/pgrowlocks.c +++ b/contrib/pgrowlocks/pgrowlocks.c @@ -121,7 +121,7 @@ pgrowlocks(PG_FUNCTION_ARGS) aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV; if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL); diff --git a/contrib/test_decoding/expected/permissions.out b/contrib/test_decoding/expected/permissions.out index 7175dcd5f6..ed97f81dda 100644 --- a/contrib/test_decoding/expected/permissions.out +++ b/contrib/test_decoding/expected/permissions.out @@ -38,7 +38,7 @@ SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_d (1 row) INSERT INTO lr_test VALUES('lr_superuser_init'); -ERROR: permission denied for relation lr_test +ERROR: permission denied for table lr_test SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1'); data ------ @@ -56,7 +56,7 @@ SET ROLE regress_lr_normal; SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_decoding'); ERROR: must be superuser or replication role to use replication slots INSERT INTO lr_test VALUES('lr_superuser_init'); -ERROR: permission denied for relation lr_test +ERROR: permission denied for table lr_test SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1'); ERROR: must be superuser or replication role to use replication slots SELECT pg_drop_replication_slot('regression_slot'); diff --git a/src/backend/access/brin/brin.c b/src/backend/access/brin/brin.c index f54968bfb5..5027872267 100644 --- a/src/backend/access/brin/brin.c +++ b/src/backend/access/brin/brin.c @@ -894,7 +894,7 @@ brin_summarize_range(PG_FUNCTION_ARGS) /* User must own the index (comparable to privileges needed for VACUUM) */ if (!pg_class_ownercheck(indexoid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, RelationGetRelationName(indexRel)); /* @@ -965,7 +965,7 @@ brin_desummarize_range(PG_FUNCTION_ARGS) /* User must own the index (comparable to privileges needed for VACUUM) */ if (!pg_class_ownercheck(indexoid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, RelationGetRelationName(indexRel)); /* diff --git a/src/backend/access/gin/ginfast.c b/src/backend/access/gin/ginfast.c index 222a80bc4b..615730b8e5 100644 --- a/src/backend/access/gin/ginfast.c +++ b/src/backend/access/gin/ginfast.c @@ -1035,7 +1035,7 @@ gin_clean_pending_list(PG_FUNCTION_ARGS) /* User must own the index (comparable to privileges needed for VACUUM) */ if (!pg_class_ownercheck(indexoid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, RelationGetRelationName(indexRel)); memset(&stats, 0, sizeof(stats)); diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c index 5cfaa510de..de18610a91 100644 --- a/src/backend/catalog/aclchk.c +++ b/src/backend/catalog/aclchk.c @@ -132,9 +132,9 @@ static const char *privilege_to_string(AclMode privilege); static AclMode restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, AclMode privileges, Oid objectId, Oid grantorId, - AclObjectKind objkind, const char *objname, + ObjectType objtype, const char *objname, AttrNumber att_number, const char *colname); -static AclMode pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum, +static AclMode pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mask, AclMaskHow how); static void recordExtensionInitPriv(Oid objoid, Oid classoid, int objsubid, Acl *new_acl); @@ -236,56 +236,56 @@ merge_acl_with_grant(Acl *old_acl, bool is_grant, static AclMode restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, AclMode privileges, Oid objectId, Oid grantorId, - AclObjectKind objkind, const char *objname, + ObjectType objtype, const char *objname, AttrNumber att_number, const char *colname) { AclMode this_privileges; AclMode whole_mask; - switch (objkind) + switch (objtype) { - case ACL_KIND_COLUMN: + case OBJECT_COLUMN: whole_mask = ACL_ALL_RIGHTS_COLUMN; break; - case ACL_KIND_CLASS: + case OBJECT_TABLE: whole_mask = ACL_ALL_RIGHTS_RELATION; break; - case ACL_KIND_SEQUENCE: + case OBJECT_SEQUENCE: whole_mask = ACL_ALL_RIGHTS_SEQUENCE; break; - case ACL_KIND_DATABASE: + case OBJECT_DATABASE: whole_mask = ACL_ALL_RIGHTS_DATABASE; break; - case ACL_KIND_PROC: + case OBJECT_FUNCTION: whole_mask = ACL_ALL_RIGHTS_FUNCTION; break; - case ACL_KIND_LANGUAGE: + case OBJECT_LANGUAGE: whole_mask = ACL_ALL_RIGHTS_LANGUAGE; break; - case ACL_KIND_LARGEOBJECT: + case OBJECT_LARGEOBJECT: whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT; break; - case ACL_KIND_NAMESPACE: + case OBJECT_SCHEMA: whole_mask = ACL_ALL_RIGHTS_SCHEMA; break; - case ACL_KIND_TABLESPACE: + case OBJECT_TABLESPACE: whole_mask = ACL_ALL_RIGHTS_TABLESPACE; break; - case ACL_KIND_FDW: + case OBJECT_FDW: whole_mask = ACL_ALL_RIGHTS_FDW; break; - case ACL_KIND_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: whole_mask = ACL_ALL_RIGHTS_FOREIGN_SERVER; break; - case ACL_KIND_EVENT_TRIGGER: + case OBJECT_EVENT_TRIGGER: elog(ERROR, "grantable rights not supported for event triggers"); /* not reached, but keep compiler quiet */ return ACL_NO_RIGHTS; - case ACL_KIND_TYPE: + case OBJECT_TYPE: whole_mask = ACL_ALL_RIGHTS_TYPE; break; default: - elog(ERROR, "unrecognized object kind: %d", objkind); + elog(ERROR, "unrecognized object type: %d", objtype); /* not reached, but keep compiler quiet */ return ACL_NO_RIGHTS; } @@ -297,14 +297,14 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, */ if (avail_goptions == ACL_NO_RIGHTS) { - if (pg_aclmask(objkind, objectId, att_number, grantorId, + if (pg_aclmask(objtype, objectId, att_number, grantorId, whole_mask | ACL_GRANT_OPTION_FOR(whole_mask), ACLMASK_ANY) == ACL_NO_RIGHTS) { - if (objkind == ACL_KIND_COLUMN && colname) - aclcheck_error_col(ACLCHECK_NO_PRIV, objkind, objname, colname); + if (objtype == OBJECT_COLUMN && colname) + aclcheck_error_col(ACLCHECK_NO_PRIV, objtype, objname, colname); else - aclcheck_error(ACLCHECK_NO_PRIV, objkind, objname); + aclcheck_error(ACLCHECK_NO_PRIV, objtype, objname); } } @@ -320,7 +320,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, { if (this_privileges == 0) { - if (objkind == ACL_KIND_COLUMN && colname) + if (objtype == OBJECT_COLUMN && colname) ereport(WARNING, (errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED), errmsg("no privileges were granted for column \"%s\" of relation \"%s\"", @@ -333,7 +333,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, } else if (!all_privs && this_privileges != privileges) { - if (objkind == ACL_KIND_COLUMN && colname) + if (objtype == OBJECT_COLUMN && colname) ereport(WARNING, (errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED), errmsg("not all privileges were granted for column \"%s\" of relation \"%s\"", @@ -349,7 +349,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, { if (this_privileges == 0) { - if (objkind == ACL_KIND_COLUMN && colname) + if (objtype == OBJECT_COLUMN && colname) ereport(WARNING, (errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED), errmsg("no privileges could be revoked for column \"%s\" of relation \"%s\"", @@ -362,7 +362,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, } else if (!all_privs && this_privileges != privileges) { - if (objkind == ACL_KIND_COLUMN && colname) + if (objtype == OBJECT_COLUMN && colname) ereport(WARNING, (errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED), errmsg("not all privileges could be revoked for column \"%s\" of relation \"%s\"", @@ -1721,7 +1721,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname, restrict_and_check_grant(istmt->is_grant, avail_goptions, (col_privileges == ACL_ALL_RIGHTS_COLUMN), col_privileges, - relOid, grantorId, ACL_KIND_COLUMN, + relOid, grantorId, OBJECT_COLUMN, relname, attnum, NameStr(pg_attribute_tuple->attname)); @@ -1976,7 +1976,7 @@ ExecGrant_Relation(InternalGrant *istmt) bool replaces[Natts_pg_class]; int nnewmembers; Oid *newmembers; - AclObjectKind aclkind; + ObjectType objtype; /* Determine ID to do the grant as, and available grant options */ select_best_grantor(GetUserId(), this_privileges, @@ -1986,10 +1986,10 @@ ExecGrant_Relation(InternalGrant *istmt) switch (pg_class_tuple->relkind) { case RELKIND_SEQUENCE: - aclkind = ACL_KIND_SEQUENCE; + objtype = OBJECT_SEQUENCE; break; default: - aclkind = ACL_KIND_CLASS; + objtype = OBJECT_TABLE; break; } @@ -2000,7 +2000,7 @@ ExecGrant_Relation(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, this_privileges, - relOid, grantorId, aclkind, + relOid, grantorId, objtype, NameStr(pg_class_tuple->relname), 0, NULL); @@ -2194,7 +2194,7 @@ ExecGrant_Database(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - datId, grantorId, ACL_KIND_DATABASE, + datId, grantorId, OBJECT_DATABASE, NameStr(pg_database_tuple->datname), 0, NULL); @@ -2316,7 +2316,7 @@ ExecGrant_Fdw(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - fdwid, grantorId, ACL_KIND_FDW, + fdwid, grantorId, OBJECT_FDW, NameStr(pg_fdw_tuple->fdwname), 0, NULL); @@ -2442,7 +2442,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - srvid, grantorId, ACL_KIND_FOREIGN_SERVER, + srvid, grantorId, OBJECT_FOREIGN_SERVER, NameStr(pg_server_tuple->srvname), 0, NULL); @@ -2566,7 +2566,7 @@ ExecGrant_Function(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - funcId, grantorId, ACL_KIND_PROC, + funcId, grantorId, OBJECT_FUNCTION, NameStr(pg_proc_tuple->proname), 0, NULL); @@ -2697,7 +2697,7 @@ ExecGrant_Language(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - langId, grantorId, ACL_KIND_LANGUAGE, + langId, grantorId, OBJECT_LANGUAGE, NameStr(pg_language_tuple->lanname), 0, NULL); @@ -2836,7 +2836,7 @@ ExecGrant_Largeobject(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - loid, grantorId, ACL_KIND_LARGEOBJECT, + loid, grantorId, OBJECT_LARGEOBJECT, loname, 0, NULL); /* @@ -2961,7 +2961,7 @@ ExecGrant_Namespace(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - nspid, grantorId, ACL_KIND_NAMESPACE, + nspid, grantorId, OBJECT_SCHEMA, NameStr(pg_namespace_tuple->nspname), 0, NULL); @@ -3085,7 +3085,7 @@ ExecGrant_Tablespace(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - tblId, grantorId, ACL_KIND_TABLESPACE, + tblId, grantorId, OBJECT_TABLESPACE, NameStr(pg_tablespace_tuple->spcname), 0, NULL); @@ -3219,7 +3219,7 @@ ExecGrant_Type(InternalGrant *istmt) this_privileges = restrict_and_check_grant(istmt->is_grant, avail_goptions, istmt->all_privs, istmt->privileges, - typId, grantorId, ACL_KIND_TYPE, + typId, grantorId, OBJECT_TYPE, NameStr(pg_type_tuple->typname), 0, NULL); @@ -3348,114 +3348,8 @@ privilege_to_string(AclMode privilege) * Note: we do not double-quote the %s's below, because many callers * supply strings that might be already quoted. */ - -static const char *const no_priv_msg[MAX_ACL_KIND] = -{ - /* ACL_KIND_COLUMN */ - gettext_noop("permission denied for column %s"), - /* ACL_KIND_CLASS */ - gettext_noop("permission denied for relation %s"), - /* ACL_KIND_SEQUENCE */ - gettext_noop("permission denied for sequence %s"), - /* ACL_KIND_DATABASE */ - gettext_noop("permission denied for database %s"), - /* ACL_KIND_PROC */ - gettext_noop("permission denied for function %s"), - /* ACL_KIND_OPER */ - gettext_noop("permission denied for operator %s"), - /* ACL_KIND_TYPE */ - gettext_noop("permission denied for type %s"), - /* ACL_KIND_LANGUAGE */ - gettext_noop("permission denied for language %s"), - /* ACL_KIND_LARGEOBJECT */ - gettext_noop("permission denied for large object %s"), - /* ACL_KIND_NAMESPACE */ - gettext_noop("permission denied for schema %s"), - /* ACL_KIND_OPCLASS */ - gettext_noop("permission denied for operator class %s"), - /* ACL_KIND_OPFAMILY */ - gettext_noop("permission denied for operator family %s"), - /* ACL_KIND_COLLATION */ - gettext_noop("permission denied for collation %s"), - /* ACL_KIND_CONVERSION */ - gettext_noop("permission denied for conversion %s"), - /* ACL_KIND_STATISTICS */ - gettext_noop("permission denied for statistics object %s"), - /* ACL_KIND_TABLESPACE */ - gettext_noop("permission denied for tablespace %s"), - /* ACL_KIND_TSDICTIONARY */ - gettext_noop("permission denied for text search dictionary %s"), - /* ACL_KIND_TSCONFIGURATION */ - gettext_noop("permission denied for text search configuration %s"), - /* ACL_KIND_FDW */ - gettext_noop("permission denied for foreign-data wrapper %s"), - /* ACL_KIND_FOREIGN_SERVER */ - gettext_noop("permission denied for foreign server %s"), - /* ACL_KIND_EVENT_TRIGGER */ - gettext_noop("permission denied for event trigger %s"), - /* ACL_KIND_EXTENSION */ - gettext_noop("permission denied for extension %s"), - /* ACL_KIND_PUBLICATION */ - gettext_noop("permission denied for publication %s"), - /* ACL_KIND_SUBSCRIPTION */ - gettext_noop("permission denied for subscription %s"), -}; - -static const char *const not_owner_msg[MAX_ACL_KIND] = -{ - /* ACL_KIND_COLUMN */ - gettext_noop("must be owner of relation %s"), - /* ACL_KIND_CLASS */ - gettext_noop("must be owner of relation %s"), - /* ACL_KIND_SEQUENCE */ - gettext_noop("must be owner of sequence %s"), - /* ACL_KIND_DATABASE */ - gettext_noop("must be owner of database %s"), - /* ACL_KIND_PROC */ - gettext_noop("must be owner of function %s"), - /* ACL_KIND_OPER */ - gettext_noop("must be owner of operator %s"), - /* ACL_KIND_TYPE */ - gettext_noop("must be owner of type %s"), - /* ACL_KIND_LANGUAGE */ - gettext_noop("must be owner of language %s"), - /* ACL_KIND_LARGEOBJECT */ - gettext_noop("must be owner of large object %s"), - /* ACL_KIND_NAMESPACE */ - gettext_noop("must be owner of schema %s"), - /* ACL_KIND_OPCLASS */ - gettext_noop("must be owner of operator class %s"), - /* ACL_KIND_OPFAMILY */ - gettext_noop("must be owner of operator family %s"), - /* ACL_KIND_COLLATION */ - gettext_noop("must be owner of collation %s"), - /* ACL_KIND_CONVERSION */ - gettext_noop("must be owner of conversion %s"), - /* ACL_KIND_STATISTICS */ - gettext_noop("must be owner of statistics object %s"), - /* ACL_KIND_TABLESPACE */ - gettext_noop("must be owner of tablespace %s"), - /* ACL_KIND_TSDICTIONARY */ - gettext_noop("must be owner of text search dictionary %s"), - /* ACL_KIND_TSCONFIGURATION */ - gettext_noop("must be owner of text search configuration %s"), - /* ACL_KIND_FDW */ - gettext_noop("must be owner of foreign-data wrapper %s"), - /* ACL_KIND_FOREIGN_SERVER */ - gettext_noop("must be owner of foreign server %s"), - /* ACL_KIND_EVENT_TRIGGER */ - gettext_noop("must be owner of event trigger %s"), - /* ACL_KIND_EXTENSION */ - gettext_noop("must be owner of extension %s"), - /* ACL_KIND_PUBLICATION */ - gettext_noop("must be owner of publication %s"), - /* ACL_KIND_SUBSCRIPTION */ - gettext_noop("must be owner of subscription %s"), -}; - - void -aclcheck_error(AclResult aclerr, AclObjectKind objectkind, +aclcheck_error(AclResult aclerr, ObjectType objtype, const char *objectname) { switch (aclerr) @@ -3464,15 +3358,272 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind, /* no error, so return to caller */ break; case ACLCHECK_NO_PRIV: - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg(no_priv_msg[objectkind], objectname))); - break; + { + const char *msg; + + switch (objtype) + { + case OBJECT_AGGREGATE: + msg = gettext_noop("permission denied for aggregate %s"); + break; + case OBJECT_COLLATION: + msg = gettext_noop("permission denied for collation %s"); + break; + case OBJECT_COLUMN: + msg = gettext_noop("permission denied for column %s"); + break; + case OBJECT_CONVERSION: + msg = gettext_noop("permission denied for conversion %s"); + break; + case OBJECT_DATABASE: + msg = gettext_noop("permission denied for database %s"); + break; + case OBJECT_DOMAIN: + msg = gettext_noop("permission denied for domain %s"); + break; + case OBJECT_EVENT_TRIGGER: + msg = gettext_noop("permission denied for event trigger %s"); + break; + case OBJECT_EXTENSION: + msg = gettext_noop("permission denied for extension %s"); + break; + case OBJECT_FDW: + msg = gettext_noop("permission denied for foreign-data wrapper %s"); + break; + case OBJECT_FOREIGN_SERVER: + msg = gettext_noop("permission denied for foreign server %s"); + break; + case OBJECT_FOREIGN_TABLE: + msg = gettext_noop("permission denied for foreign table %s"); + break; + case OBJECT_FUNCTION: + msg = gettext_noop("permission denied for function %s"); + break; + case OBJECT_INDEX: + msg = gettext_noop("permission denied for index %s"); + break; + case OBJECT_LANGUAGE: + msg = gettext_noop("permission denied for language %s"); + break; + case OBJECT_LARGEOBJECT: + msg = gettext_noop("permission denied for large object %s"); + break; + case OBJECT_MATVIEW: + msg = gettext_noop("permission denied for materialized view %s"); + break; + case OBJECT_OPCLASS: + msg = gettext_noop("permission denied for operator class %s"); + break; + case OBJECT_OPERATOR: + msg = gettext_noop("permission denied for operator %s"); + break; + case OBJECT_OPFAMILY: + msg = gettext_noop("permission denied for operator family %s"); + break; + case OBJECT_POLICY: + msg = gettext_noop("permission denied for policy %s"); + break; + case OBJECT_PROCEDURE: + msg = gettext_noop("permission denied for procedure %s"); + break; + case OBJECT_PUBLICATION: + msg = gettext_noop("permission denied for publication %s"); + break; + case OBJECT_ROUTINE: + msg = gettext_noop("permission denied for routine %s"); + break; + case OBJECT_SCHEMA: + msg = gettext_noop("permission denied for schema %s"); + break; + case OBJECT_SEQUENCE: + msg = gettext_noop("permission denied for sequence %s"); + break; + case OBJECT_STATISTIC_EXT: + msg = gettext_noop("permission denied for statistics object %s"); + break; + case OBJECT_SUBSCRIPTION: + msg = gettext_noop("permission denied for subscription %s"); + break; + case OBJECT_TABLE: + msg = gettext_noop("permission denied for table %s"); + break; + case OBJECT_TABLESPACE: + msg = gettext_noop("permission denied for tablespace %s"); + break; + case OBJECT_TSCONFIGURATION: + msg = gettext_noop("permission denied for text search configuration %s"); + break; + case OBJECT_TSDICTIONARY: + msg = gettext_noop("permission denied for text search dictionary %s"); + break; + case OBJECT_TYPE: + msg = gettext_noop("permission denied for type %s"); + break; + case OBJECT_VIEW: + msg = gettext_noop("permission denied for view %s"); + break; + /* these currently aren't used */ + case OBJECT_ACCESS_METHOD: + case OBJECT_AMOP: + case OBJECT_AMPROC: + case OBJECT_ATTRIBUTE: + case OBJECT_CAST: + case OBJECT_DEFAULT: + case OBJECT_DEFACL: + case OBJECT_DOMCONSTRAINT: + case OBJECT_PUBLICATION_REL: + case OBJECT_ROLE: + case OBJECT_RULE: + case OBJECT_TABCONSTRAINT: + case OBJECT_TRANSFORM: + case OBJECT_TRIGGER: + case OBJECT_TSPARSER: + case OBJECT_TSTEMPLATE: + case OBJECT_USER_MAPPING: + elog(ERROR, "unsupported object type %d", objtype); + msg = "???"; + } + + ereport(ERROR, + (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), + errmsg(msg, objectname))); + break; + } case ACLCHECK_NOT_OWNER: - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg(not_owner_msg[objectkind], objectname))); - break; + { + const char *msg; + + switch (objtype) + { + case OBJECT_AGGREGATE: + msg = gettext_noop("must be owner of aggregate %s"); + break; + case OBJECT_COLLATION: + msg = gettext_noop("must be owner of collation %s"); + break; + case OBJECT_CONVERSION: + msg = gettext_noop("must be owner of conversion %s"); + break; + case OBJECT_DATABASE: + msg = gettext_noop("must be owner of database %s"); + break; + case OBJECT_DOMAIN: + msg = gettext_noop("must be owner of domain %s"); + break; + case OBJECT_EVENT_TRIGGER: + msg = gettext_noop("must be owner of event trigger %s"); + break; + case OBJECT_EXTENSION: + msg = gettext_noop("must be owner of extension %s"); + break; + case OBJECT_FDW: + msg = gettext_noop("must be owner of foreign-data wrapper %s"); + break; + case OBJECT_FOREIGN_SERVER: + msg = gettext_noop("must be owner of foreign server %s"); + break; + case OBJECT_FOREIGN_TABLE: + msg = gettext_noop("must be owner of foreign table %s"); + break; + case OBJECT_FUNCTION: + msg = gettext_noop("must be owner of function %s"); + break; + case OBJECT_INDEX: + msg = gettext_noop("must be owner of index %s"); + break; + case OBJECT_LANGUAGE: + msg = gettext_noop("must be owner of language %s"); + break; + case OBJECT_LARGEOBJECT: + msg = gettext_noop("must be owner of large object %s"); + break; + case OBJECT_MATVIEW: + msg = gettext_noop("must be owner of materialized view %s"); + break; + case OBJECT_OPCLASS: + msg = gettext_noop("must be owner of operator class %s"); + break; + case OBJECT_OPERATOR: + msg = gettext_noop("must be owner of operator %s"); + break; + case OBJECT_OPFAMILY: + msg = gettext_noop("must be owner of operator family %s"); + break; + case OBJECT_PROCEDURE: + msg = gettext_noop("must be owner of procedure %s"); + break; + case OBJECT_PUBLICATION: + msg = gettext_noop("must be owner of publication %s"); + break; + case OBJECT_ROUTINE: + msg = gettext_noop("must be owner of routine %s"); + break; + case OBJECT_SEQUENCE: + msg = gettext_noop("must be owner of sequence %s"); + break; + case OBJECT_SUBSCRIPTION: + msg = gettext_noop("must be owner of subscription %s"); + break; + case OBJECT_TABLE: + msg = gettext_noop("must be owner of table %s"); + break; + case OBJECT_TYPE: + msg = gettext_noop("must be owner of type %s"); + break; + case OBJECT_VIEW: + msg = gettext_noop("must be owner of view %s"); + break; + case OBJECT_SCHEMA: + msg = gettext_noop("must be owner of schema %s"); + break; + case OBJECT_STATISTIC_EXT: + msg = gettext_noop("must be owner of statistics object %s"); + break; + case OBJECT_TABLESPACE: + msg = gettext_noop("must be owner of tablespace %s"); + break; + case OBJECT_TSCONFIGURATION: + msg = gettext_noop("must be owner of text search configuration %s"); + break; + case OBJECT_TSDICTIONARY: + msg = gettext_noop("must be owner of text search dictionary %s"); + break; + /* + * Special cases: For these, the error message talks about + * "relation", because that's where the ownership is + * attached. See also check_object_ownership(). + */ + case OBJECT_COLUMN: + case OBJECT_POLICY: + case OBJECT_RULE: + case OBJECT_TABCONSTRAINT: + case OBJECT_TRIGGER: + msg = gettext_noop("must be owner of relation %s"); + break; + /* these currently aren't used */ + case OBJECT_ACCESS_METHOD: + case OBJECT_AMOP: + case OBJECT_AMPROC: + case OBJECT_ATTRIBUTE: + case OBJECT_CAST: + case OBJECT_DEFAULT: + case OBJECT_DEFACL: + case OBJECT_DOMCONSTRAINT: + case OBJECT_PUBLICATION_REL: + case OBJECT_ROLE: + case OBJECT_TRANSFORM: + case OBJECT_TSPARSER: + case OBJECT_TSTEMPLATE: + case OBJECT_USER_MAPPING: + elog(ERROR, "unsupported object type %d", objtype); + msg = "???"; + } + + ereport(ERROR, + (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), + errmsg(msg, objectname))); + break; + } default: elog(ERROR, "unrecognized AclResult: %d", (int) aclerr); break; @@ -3481,7 +3632,7 @@ aclcheck_error(AclResult aclerr, AclObjectKind objectkind, void -aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind, +aclcheck_error_col(AclResult aclerr, ObjectType objtype, const char *objectname, const char *colname) { switch (aclerr) @@ -3497,9 +3648,7 @@ aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind, break; case ACLCHECK_NOT_OWNER: /* relation msg is OK since columns don't have separate owners */ - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg(not_owner_msg[objectkind], objectname))); + aclcheck_error(aclerr, objtype, objectname); break; default: elog(ERROR, "unrecognized AclResult: %d", (int) aclerr); @@ -3517,7 +3666,7 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid) { Oid element_type = get_element_type(typeOid); - aclcheck_error(aclerr, ACL_KIND_TYPE, format_type_be(element_type ? element_type : typeOid)); + aclcheck_error(aclerr, OBJECT_TYPE, format_type_be(element_type ? element_type : typeOid)); } @@ -3525,48 +3674,48 @@ aclcheck_error_type(AclResult aclerr, Oid typeOid) * Relay for the various pg_*_mask routines depending on object kind */ static AclMode -pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum, Oid roleid, +pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mask, AclMaskHow how) { - switch (objkind) + switch (objtype) { - case ACL_KIND_COLUMN: + case OBJECT_COLUMN: return pg_class_aclmask(table_oid, roleid, mask, how) | pg_attribute_aclmask(table_oid, attnum, roleid, mask, how); - case ACL_KIND_CLASS: - case ACL_KIND_SEQUENCE: + case OBJECT_TABLE: + case OBJECT_SEQUENCE: return pg_class_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_DATABASE: + case OBJECT_DATABASE: return pg_database_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_PROC: + case OBJECT_FUNCTION: return pg_proc_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_LANGUAGE: + case OBJECT_LANGUAGE: return pg_language_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_LARGEOBJECT: + case OBJECT_LARGEOBJECT: return pg_largeobject_aclmask_snapshot(table_oid, roleid, mask, how, NULL); - case ACL_KIND_NAMESPACE: + case OBJECT_SCHEMA: return pg_namespace_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_STATISTICS: + case OBJECT_STATISTIC_EXT: elog(ERROR, "grantable rights not supported for statistics objects"); /* not reached, but keep compiler quiet */ return ACL_NO_RIGHTS; - case ACL_KIND_TABLESPACE: + case OBJECT_TABLESPACE: return pg_tablespace_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_FDW: + case OBJECT_FDW: return pg_foreign_data_wrapper_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: return pg_foreign_server_aclmask(table_oid, roleid, mask, how); - case ACL_KIND_EVENT_TRIGGER: + case OBJECT_EVENT_TRIGGER: elog(ERROR, "grantable rights not supported for event triggers"); /* not reached, but keep compiler quiet */ return ACL_NO_RIGHTS; - case ACL_KIND_TYPE: + case OBJECT_TYPE: return pg_type_aclmask(table_oid, roleid, mask, how); default: - elog(ERROR, "unrecognized objkind: %d", - (int) objkind); + elog(ERROR, "unrecognized objtype: %d", + (int) objtype); /* not reached, but keep compiler quiet */ return ACL_NO_RIGHTS; } diff --git a/src/backend/catalog/namespace.c b/src/backend/catalog/namespace.c index 93c4bbfcb0..65e271a8d1 100644 --- a/src/backend/catalog/namespace.c +++ b/src/backend/catalog/namespace.c @@ -560,7 +560,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation, /* Check namespace permissions. */ aclresult = pg_namespace_aclcheck(nspid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(nspid)); if (retry) @@ -585,7 +585,7 @@ RangeVarGetAndCheckCreationNamespace(RangeVar *relation, if (lockmode != NoLock && OidIsValid(relid)) { if (!pg_class_ownercheck(relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), relation->relname); if (relid != oldrelid) LockRelationOid(relid, lockmode); @@ -2874,7 +2874,7 @@ LookupExplicitNamespace(const char *nspname, bool missing_ok) aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, nspname); /* Schema search hook for this lookup */ InvokeNamespaceSearchHook(namespaceId, true); @@ -2911,7 +2911,7 @@ LookupCreationNamespace(const char *nspname) aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, nspname); return namespaceId; diff --git a/src/backend/catalog/objectaddress.c b/src/backend/catalog/objectaddress.c index 7576606c1b..570e65affb 100644 --- a/src/backend/catalog/objectaddress.c +++ b/src/backend/catalog/objectaddress.c @@ -104,7 +104,7 @@ typedef struct AttrNumber attnum_namespace; /* attnum of namespace field */ AttrNumber attnum_owner; /* attnum of owner field */ AttrNumber attnum_acl; /* attnum of acl field */ - AclObjectKind acl_kind; /* ACL_KIND_* of this object type */ + ObjectType objtype; /* OBJECT_* of this object type */ bool is_nsp_name_unique; /* can the nsp/name combination (or name * alone, if there's no namespace) be * considered a unique identifier for an @@ -146,7 +146,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_collation_collnamespace, Anum_pg_collation_collowner, InvalidAttrNumber, - ACL_KIND_COLLATION, + OBJECT_COLLATION, true }, { @@ -170,7 +170,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_conversion_connamespace, Anum_pg_conversion_conowner, InvalidAttrNumber, - ACL_KIND_CONVERSION, + OBJECT_CONVERSION, true }, { @@ -182,7 +182,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_database_datdba, Anum_pg_database_datacl, - ACL_KIND_DATABASE, + OBJECT_DATABASE, true }, { @@ -194,7 +194,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, /* extension doesn't belong to extnamespace */ Anum_pg_extension_extowner, InvalidAttrNumber, - ACL_KIND_EXTENSION, + OBJECT_EXTENSION, true }, { @@ -206,7 +206,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_foreign_data_wrapper_fdwowner, Anum_pg_foreign_data_wrapper_fdwacl, - ACL_KIND_FDW, + OBJECT_FDW, true }, { @@ -218,7 +218,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_foreign_server_srvowner, Anum_pg_foreign_server_srvacl, - ACL_KIND_FOREIGN_SERVER, + OBJECT_FOREIGN_SERVER, true }, { @@ -230,7 +230,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_proc_pronamespace, Anum_pg_proc_proowner, Anum_pg_proc_proacl, - ACL_KIND_PROC, + OBJECT_FUNCTION, false }, { @@ -242,7 +242,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_language_lanowner, Anum_pg_language_lanacl, - ACL_KIND_LANGUAGE, + OBJECT_LANGUAGE, true }, { @@ -254,7 +254,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_largeobject_metadata_lomowner, Anum_pg_largeobject_metadata_lomacl, - ACL_KIND_LARGEOBJECT, + OBJECT_LARGEOBJECT, false }, { @@ -266,7 +266,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_opclass_opcnamespace, Anum_pg_opclass_opcowner, InvalidAttrNumber, - ACL_KIND_OPCLASS, + OBJECT_OPCLASS, true }, { @@ -278,7 +278,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_operator_oprnamespace, Anum_pg_operator_oprowner, InvalidAttrNumber, - ACL_KIND_OPER, + OBJECT_OPERATOR, false }, { @@ -290,7 +290,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_opfamily_opfnamespace, Anum_pg_opfamily_opfowner, InvalidAttrNumber, - ACL_KIND_OPFAMILY, + OBJECT_OPFAMILY, true }, { @@ -326,7 +326,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_namespace_nspowner, Anum_pg_namespace_nspacl, - ACL_KIND_NAMESPACE, + OBJECT_SCHEMA, true }, { @@ -338,7 +338,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_class_relnamespace, Anum_pg_class_relowner, Anum_pg_class_relacl, - ACL_KIND_CLASS, + OBJECT_TABLE, true }, { @@ -350,7 +350,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_tablespace_spcowner, Anum_pg_tablespace_spcacl, - ACL_KIND_TABLESPACE, + OBJECT_TABLESPACE, true }, { @@ -392,7 +392,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_event_trigger_evtowner, InvalidAttrNumber, - ACL_KIND_EVENT_TRIGGER, + OBJECT_EVENT_TRIGGER, true }, { @@ -404,7 +404,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_ts_config_cfgnamespace, Anum_pg_ts_config_cfgowner, InvalidAttrNumber, - ACL_KIND_TSCONFIGURATION, + OBJECT_TSCONFIGURATION, true }, { @@ -416,7 +416,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_ts_dict_dictnamespace, Anum_pg_ts_dict_dictowner, InvalidAttrNumber, - ACL_KIND_TSDICTIONARY, + OBJECT_TSDICTIONARY, true }, { @@ -452,7 +452,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_type_typnamespace, Anum_pg_type_typowner, Anum_pg_type_typacl, - ACL_KIND_TYPE, + OBJECT_TYPE, true }, { @@ -464,7 +464,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_publication_pubowner, InvalidAttrNumber, - ACL_KIND_PUBLICATION, + OBJECT_PUBLICATION, true }, { @@ -476,7 +476,7 @@ static const ObjectPropertyType ObjectProperty[] = InvalidAttrNumber, Anum_pg_subscription_subowner, InvalidAttrNumber, - ACL_KIND_SUBSCRIPTION, + OBJECT_SUBSCRIPTION, true }, { @@ -488,7 +488,7 @@ static const ObjectPropertyType ObjectProperty[] = Anum_pg_statistic_ext_stxnamespace, Anum_pg_statistic_ext_stxowner, InvalidAttrNumber, /* no ACL (same as relation) */ - ACL_KIND_STATISTICS, + OBJECT_STATISTIC_EXT, true } }; @@ -2242,12 +2242,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address, case OBJECT_POLICY: case OBJECT_TABCONSTRAINT: if (!pg_class_ownercheck(RelationGetRelid(relation), roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, RelationGetRelationName(relation)); break; case OBJECT_DATABASE: if (!pg_database_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_TYPE: @@ -2262,62 +2262,62 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address, case OBJECT_PROCEDURE: case OBJECT_ROUTINE: if (!pg_proc_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString((castNode(ObjectWithArgs, object))->objname)); break; case OBJECT_OPERATOR: if (!pg_oper_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString((castNode(ObjectWithArgs, object))->objname)); break; case OBJECT_SCHEMA: if (!pg_namespace_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_COLLATION: if (!pg_collation_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString(castNode(List, object))); break; case OBJECT_CONVERSION: if (!pg_conversion_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString(castNode(List, object))); break; case OBJECT_EXTENSION: if (!pg_extension_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_FDW: if (!pg_foreign_data_wrapper_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FDW, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_FOREIGN_SERVER: if (!pg_foreign_server_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_EVENT_TRIGGER: if (!pg_event_trigger_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_LANGUAGE: if (!pg_language_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_OPCLASS: if (!pg_opclass_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString(castNode(List, object))); break; case OBJECT_OPFAMILY: if (!pg_opfamily_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPFAMILY, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString(castNode(List, object))); break; case OBJECT_LARGEOBJECT: @@ -2347,12 +2347,12 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address, break; case OBJECT_PUBLICATION: if (!pg_publication_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_SUBSCRIPTION: if (!pg_subscription_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_TRANSFORM: @@ -2366,17 +2366,17 @@ check_object_ownership(Oid roleid, ObjectType objtype, ObjectAddress address, break; case OBJECT_TABLESPACE: if (!pg_tablespace_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, strVal((Value *) object)); break; case OBJECT_TSDICTIONARY: if (!pg_ts_dict_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString(castNode(List, object))); break; case OBJECT_TSCONFIGURATION: if (!pg_ts_config_ownercheck(address.objectId, roleid)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameListToString(castNode(List, object))); break; case OBJECT_ROLE: @@ -2540,12 +2540,22 @@ get_object_attnum_acl(Oid class_id) return prop->attnum_acl; } -AclObjectKind -get_object_aclkind(Oid class_id) +ObjectType +get_object_type(Oid class_id, Oid object_id) { const ObjectPropertyType *prop = get_object_property_data(class_id); - return prop->acl_kind; + if (prop->objtype == OBJECT_TABLE) + { + /* + * If the property data says it's a table, dig a little deeper to get + * the real relation kind, so that callers can produce more precise + * error messages. + */ + return get_relkind_objtype(get_rel_relkind(object_id)); + } + else + return prop->objtype; } bool @@ -5099,3 +5109,28 @@ strlist_to_textarray(List *list) return arr; } + +ObjectType +get_relkind_objtype(char relkind) +{ + switch (relkind) + { + case RELKIND_RELATION: + case RELKIND_PARTITIONED_TABLE: + return OBJECT_TABLE; + case RELKIND_INDEX: + return OBJECT_INDEX; + case RELKIND_SEQUENCE: + return OBJECT_SEQUENCE; + case RELKIND_VIEW: + return OBJECT_VIEW; + case RELKIND_MATVIEW: + return OBJECT_MATVIEW; + case RELKIND_FOREIGN_TABLE: + return OBJECT_FOREIGN_TABLE; + /* other relkinds are not supported here because they don't map to OBJECT_* values */ + default: + elog(ERROR, "unexpected relkind: %d", relkind); + return 0; + } +} diff --git a/src/backend/catalog/pg_aggregate.c b/src/backend/catalog/pg_aggregate.c index e801c1ed5c..f14ea26fcb 100644 --- a/src/backend/catalog/pg_aggregate.c +++ b/src/backend/catalog/pg_aggregate.c @@ -865,7 +865,7 @@ lookup_agg_function(List *fnName, /* Check aggregate creator has permission to call the function */ aclresult = pg_proc_aclcheck(fnOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fnOid)); + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(fnOid)); return fnOid; } diff --git a/src/backend/catalog/pg_operator.c b/src/backend/catalog/pg_operator.c index c96f336b7a..051602d820 100644 --- a/src/backend/catalog/pg_operator.c +++ b/src/backend/catalog/pg_operator.c @@ -425,7 +425,7 @@ OperatorCreate(const char *operatorName, */ if (OidIsValid(operatorObjectId) && !pg_oper_ownercheck(operatorObjectId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR, operatorName); /* @@ -445,7 +445,7 @@ OperatorCreate(const char *operatorName, /* Permission check: must own other operator */ if (OidIsValid(commutatorId) && !pg_oper_ownercheck(commutatorId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR, NameListToString(commutatorName)); /* @@ -470,7 +470,7 @@ OperatorCreate(const char *operatorName, /* Permission check: must own other operator */ if (OidIsValid(negatorId) && !pg_oper_ownercheck(negatorId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR, NameListToString(negatorName)); } else @@ -618,7 +618,7 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId, aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(otherNamespace)); other_oid = OperatorShellMake(otherName, diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c index dd674113ba..b59fadbf76 100644 --- a/src/backend/catalog/pg_proc.c +++ b/src/backend/catalog/pg_proc.c @@ -400,7 +400,7 @@ ProcedureCreate(const char *procedureName, errmsg("function \"%s\" already exists with same argument types", procedureName))); if (!pg_proc_ownercheck(HeapTupleGetOid(oldtup), proowner)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, procedureName); /* diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c index fd63ea8cd1..660ac5b7c9 100644 --- a/src/backend/catalog/pg_type.c +++ b/src/backend/catalog/pg_type.c @@ -413,7 +413,7 @@ TypeCreate(Oid newTypeOid, * shell type must have been created by same owner */ if (((Form_pg_type) GETSTRUCT(tup))->typowner != ownerId) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, typeName); + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TYPE, typeName); /* trouble if caller wanted to force the OID */ if (OidIsValid(newTypeOid)) diff --git a/src/backend/commands/aggregatecmds.c b/src/backend/commands/aggregatecmds.c index 15378a9d4d..1779ba7bcb 100644 --- a/src/backend/commands/aggregatecmds.c +++ b/src/backend/commands/aggregatecmds.c @@ -103,7 +103,7 @@ DefineAggregate(ParseState *pstate, List *name, List *args, bool oldstyle, List /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(aggNamespace)); /* Deconstruct the output of the aggr_args grammar production */ diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c index 3995c5ef3d..0d63866fb0 100644 --- a/src/backend/commands/alter.c +++ b/src/backend/commands/alter.c @@ -171,7 +171,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name) AttrNumber Anum_name = get_object_attnum_name(classId); AttrNumber Anum_namespace = get_object_attnum_namespace(classId); AttrNumber Anum_owner = get_object_attnum_owner(classId); - AclObjectKind acl_kind = get_object_aclkind(classId); + ObjectType objtype = get_object_type(classId, objectId); HeapTuple oldtup; HeapTuple newtup; Datum datum; @@ -223,7 +223,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name) ownerId = DatumGetObjectId(datum); if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId))) - aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, old_name); + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name); /* User must have CREATE privilege on the namespace */ if (OidIsValid(namespaceId)) @@ -231,7 +231,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name) aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceId)); } } @@ -663,7 +663,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid) AttrNumber Anum_name = get_object_attnum_name(classId); AttrNumber Anum_namespace = get_object_attnum_namespace(classId); AttrNumber Anum_owner = get_object_attnum_owner(classId); - AclObjectKind acl_kind = get_object_aclkind(classId); + ObjectType objtype = get_object_type(classId, objid); Oid oldNspOid; Datum name, namespace; @@ -719,13 +719,13 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid) ownerId = DatumGetObjectId(owner); if (!has_privs_of_role(GetUserId(), ownerId)) - aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, NameStr(*(DatumGetName(name)))); /* User must have CREATE privilege on new namespace */ aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(nspOid)); } @@ -942,7 +942,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId) /* Superusers can bypass permission checks */ if (!superuser()) { - AclObjectKind aclkind = get_object_aclkind(classId); + ObjectType objtype = get_object_type(classId, objectId); /* must be owner */ if (!has_privs_of_role(GetUserId(), old_ownerId)) @@ -963,7 +963,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId) HeapTupleGetOid(oldtup)); objname = namebuf; } - aclcheck_error(ACLCHECK_NOT_OWNER, aclkind, objname); + aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname); } /* Must be able to become new owner */ check_is_member_of_role(GetUserId(), new_ownerId); @@ -976,7 +976,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId) aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId, ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceId)); } } diff --git a/src/backend/commands/collationcmds.c b/src/backend/commands/collationcmds.c index 6c6877395f..fdfb3dcd2c 100644 --- a/src/backend/commands/collationcmds.c +++ b/src/backend/commands/collationcmds.c @@ -74,7 +74,7 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(collNamespace)); foreach(pl, parameters) @@ -278,7 +278,7 @@ AlterCollation(AlterCollationStmt *stmt) collOid = get_collation_oid(stmt->collname, false); if (!pg_collation_ownercheck(collOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_COLLATION, NameListToString(stmt->collname)); tup = SearchSysCacheCopy1(COLLOID, ObjectIdGetDatum(collOid)); diff --git a/src/backend/commands/conversioncmds.c b/src/backend/commands/conversioncmds.c index 294143c522..01a02484a2 100644 --- a/src/backend/commands/conversioncmds.c +++ b/src/backend/commands/conversioncmds.c @@ -55,7 +55,7 @@ CreateConversionCommand(CreateConversionStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceId)); /* Check the encoding names */ @@ -90,7 +90,7 @@ CreateConversionCommand(CreateConversionStmt *stmt) /* Check we have EXECUTE rights for the function */ aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(func_name)); /* diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c index 0b111fc5cf..d2020d07cf 100644 --- a/src/backend/commands/dbcommands.c +++ b/src/backend/commands/dbcommands.c @@ -422,7 +422,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt) aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, + aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename); /* pg_global must never be the default tablespace */ @@ -822,7 +822,7 @@ dropdb(const char *dbname, bool missing_ok) * Permission checks */ if (!pg_database_ownercheck(db_id, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, dbname); /* DROP hook for the database being removed */ @@ -997,7 +997,7 @@ RenameDatabase(const char *oldname, const char *newname) /* must be owner */ if (!pg_database_ownercheck(db_id, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, oldname); /* must have createdb rights */ @@ -1112,7 +1112,7 @@ movedb(const char *dbname, const char *tblspcname) * Permission checks */ if (!pg_database_ownercheck(db_id, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, dbname); /* @@ -1134,7 +1134,7 @@ movedb(const char *dbname, const char *tblspcname) aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, + aclcheck_error(aclresult, OBJECT_TABLESPACE, tblspcname); /* @@ -1515,7 +1515,7 @@ AlterDatabase(ParseState *pstate, AlterDatabaseStmt *stmt, bool isTopLevel) dboid = HeapTupleGetOid(tuple); if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, stmt->dbname); /* @@ -1583,7 +1583,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt) shdepLockAndCheckObject(DatabaseRelationId, datid); if (!pg_database_ownercheck(datid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, stmt->dbname); AlterSetting(datid, InvalidOid, stmt->setstmt); @@ -1646,7 +1646,7 @@ AlterDatabaseOwner(const char *dbname, Oid newOwnerId) /* Otherwise, must be owner of the existing object */ if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, dbname); /* Must be able to become new owner */ diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c index 82c7b6a0ba..549c7ea51d 100644 --- a/src/backend/commands/event_trigger.c +++ b/src/backend/commands/event_trigger.c @@ -519,7 +519,7 @@ AlterEventTrigger(AlterEventTrigStmt *stmt) trigoid = HeapTupleGetOid(tup); if (!pg_event_trigger_ownercheck(trigoid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER, stmt->trigname); /* tuple is a copy, so we can modify it below */ @@ -610,7 +610,7 @@ AlterEventTriggerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId) return; if (!pg_event_trigger_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER, NameStr(form->evtname)); /* New owner must be a superuser */ diff --git a/src/backend/commands/extension.c b/src/backend/commands/extension.c index c0c933583f..2e4538146d 100644 --- a/src/backend/commands/extension.c +++ b/src/backend/commands/extension.c @@ -2704,13 +2704,13 @@ AlterExtensionNamespace(const char *extensionName, const char *newschema, Oid *o * check ownership of the individual member objects ... */ if (!pg_extension_ownercheck(extensionOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION, extensionName); /* Permission check: must have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, newschema); + aclcheck_error(aclresult, OBJECT_SCHEMA, newschema); /* * If the schema is currently a member of the extension, disallow moving @@ -2924,7 +2924,7 @@ ExecAlterExtensionStmt(ParseState *pstate, AlterExtensionStmt *stmt) /* Permission check: must own extension */ if (!pg_extension_ownercheck(extensionOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION, stmt->extname); /* @@ -3182,7 +3182,7 @@ ExecAlterExtensionContentsStmt(AlterExtensionContentsStmt *stmt, /* Permission check: must own extension */ if (!pg_extension_ownercheck(extension.objectId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION, stmt->extname); /* diff --git a/src/backend/commands/foreigncmds.c b/src/backend/commands/foreigncmds.c index 44f3da9b51..5c53aeeaeb 100644 --- a/src/backend/commands/foreigncmds.c +++ b/src/backend/commands/foreigncmds.c @@ -358,7 +358,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId) /* Must be owner */ if (!pg_foreign_server_ownercheck(srvId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER, NameStr(form->srvname)); /* Must be able to become new owner */ @@ -370,7 +370,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId) { ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw); - aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname); + aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname); } } @@ -907,7 +907,7 @@ CreateForeignServer(CreateForeignServerStmt *stmt) aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname); + aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname); /* * Insert tuple into pg_foreign_server. @@ -1010,7 +1010,7 @@ AlterForeignServer(AlterForeignServerStmt *stmt) * Only owner or a superuser can ALTER a SERVER. */ if (!pg_foreign_server_ownercheck(srvId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER, stmt->servername); memset(repl_val, 0, sizeof(repl_val)); @@ -1119,10 +1119,10 @@ user_mapping_ddl_aclcheck(Oid umuserid, Oid serverid, const char *servername) aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, servername); + aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername); } else - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER, servername); } } @@ -1477,7 +1477,7 @@ CreateForeignTable(CreateForeignTableStmt *stmt, Oid relid) server = GetForeignServerByName(stmt->servername, false); aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername); + aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername); fdw = GetForeignDataWrapper(server->fdwid); @@ -1536,7 +1536,7 @@ ImportForeignSchema(ImportForeignSchemaStmt *stmt) server = GetForeignServerByName(stmt->server_name, false); aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername); + aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername); /* Check that the schema exists and we have CREATE permissions on it */ (void) LookupCreationNamespace(stmt->local_schema); diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c index 12ab33f418..ea08c3237c 100644 --- a/src/backend/commands/functioncmds.c +++ b/src/backend/commands/functioncmds.c @@ -146,7 +146,7 @@ compute_return_type(TypeName *returnType, Oid languageOid, aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceId)); address = TypeShellMake(typname, namespaceId, GetUserId()); rettype = address.objectId; @@ -953,7 +953,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceId)); /* default attributes */ @@ -995,14 +995,14 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt) aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_LANGUAGE, + aclcheck_error(aclresult, OBJECT_LANGUAGE, NameStr(languageStruct->lanname)); } else { /* if untrusted language, must be superuser */ if (!superuser()) - aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE, + aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE, NameStr(languageStruct->lanname)); } @@ -1254,7 +1254,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt) /* Permission check: must own function */ if (!pg_proc_ownercheck(funcOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype, NameListToString(stmt->func->objname)); if (procForm->proisagg) @@ -1911,7 +1911,7 @@ CreateTransform(CreateTransformStmt *stmt) aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_LANGUAGE, stmt->lang); + aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang); /* * Get the functions @@ -1921,11 +1921,11 @@ CreateTransform(CreateTransformStmt *stmt) fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false); if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname)); + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname)); aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname)); + aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname)); tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(fromsqlfuncid)); if (!HeapTupleIsValid(tuple)) @@ -1947,11 +1947,11 @@ CreateTransform(CreateTransformStmt *stmt) tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false); if (!pg_proc_ownercheck(tosqlfuncid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->tosql->objname)); + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname)); aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->tosql->objname)); + aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname)); tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(tosqlfuncid)); if (!HeapTupleIsValid(tuple)) @@ -2209,14 +2209,14 @@ ExecuteDoStmt(DoStmt *stmt) aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_LANGUAGE, + aclcheck_error(aclresult, OBJECT_LANGUAGE, NameStr(languageStruct->lanname)); } else { /* if untrusted language, must be superuser */ if (!superuser()) - aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE, + aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE, NameStr(languageStruct->lanname)); } @@ -2270,7 +2270,7 @@ ExecuteCallStmt(ParseState *pstate, CallStmt *stmt) aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fexpr->funcid)); + aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid)); InvokeFunctionExecuteHook(fexpr->funcid); nargs = list_length(fexpr->args); diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c index 8118a39a7b..a9461a4b06 100644 --- a/src/backend/commands/indexcmds.c +++ b/src/backend/commands/indexcmds.c @@ -474,7 +474,7 @@ DefineIndex(Oid relationId, aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceId)); } @@ -501,7 +501,7 @@ DefineIndex(Oid relationId, aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, + aclcheck_error(aclresult, OBJECT_TABLESPACE, get_tablespace_name(tablespaceId)); } @@ -2048,7 +2048,7 @@ RangeVarCallbackForReindexIndex(const RangeVar *relation, /* Check permissions */ if (!pg_class_ownercheck(relId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, relation->relname); /* Lock heap before index to avoid deadlock. */ if (relId != oldRelId) @@ -2127,7 +2127,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind, objectOid = get_namespace_oid(objectName, false); if (!pg_namespace_ownercheck(objectOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA, objectName); } else @@ -2139,7 +2139,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind, (errcode(ERRCODE_FEATURE_NOT_SUPPORTED), errmsg("can only reindex the currently open database"))); if (!pg_database_ownercheck(objectOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, objectName); } diff --git a/src/backend/commands/lockcmds.c b/src/backend/commands/lockcmds.c index c587edc209..6479dcb31b 100644 --- a/src/backend/commands/lockcmds.c +++ b/src/backend/commands/lockcmds.c @@ -96,7 +96,7 @@ RangeVarCallbackForLockTable(const RangeVar *rv, Oid relid, Oid oldrelid, /* Check permissions. */ aclresult = LockTableAclCheck(relid, lockmode); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, rv->relname); + aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(relid)), rv->relname); } /* @@ -127,7 +127,7 @@ LockTableRecurse(Oid reloid, LOCKMODE lockmode, bool nowait) if (!relname) continue; /* child concurrently dropped, just skip it */ - aclcheck_error(aclresult, ACL_KIND_CLASS, relname); + aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(childreloid)), relname); } /* We have enough rights to lock the relation; do so. */ diff --git a/src/backend/commands/opclasscmds.c b/src/backend/commands/opclasscmds.c index 7fb7b3976c..1768140a83 100644 --- a/src/backend/commands/opclasscmds.c +++ b/src/backend/commands/opclasscmds.c @@ -353,7 +353,7 @@ DefineOpClass(CreateOpClassStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceoid)); /* Get necessary info about access method */ @@ -497,11 +497,11 @@ DefineOpClass(CreateOpClassStmt *stmt) /* XXX this is unnecessary given the superuser check above */ /* Caller must own operator and its underlying function */ if (!pg_oper_ownercheck(operOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR, get_opname(operOid)); funcOid = get_opcode(operOid); if (!pg_proc_ownercheck(funcOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, get_func_name(funcOid)); #endif @@ -525,7 +525,7 @@ DefineOpClass(CreateOpClassStmt *stmt) /* XXX this is unnecessary given the superuser check above */ /* Caller must own function */ if (!pg_proc_ownercheck(funcOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, get_func_name(funcOid)); #endif @@ -730,7 +730,7 @@ DefineOpFamily(CreateOpFamilyStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceoid)); /* Get access method OID, throwing an error if it doesn't exist. */ @@ -871,11 +871,11 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid, /* XXX this is unnecessary given the superuser check above */ /* Caller must own operator and its underlying function */ if (!pg_oper_ownercheck(operOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR, get_opname(operOid)); funcOid = get_opcode(operOid); if (!pg_proc_ownercheck(funcOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, get_func_name(funcOid)); #endif @@ -899,7 +899,7 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid, /* XXX this is unnecessary given the superuser check above */ /* Caller must own function */ if (!pg_proc_ownercheck(funcOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, get_func_name(funcOid)); #endif diff --git a/src/backend/commands/operatorcmds.c b/src/backend/commands/operatorcmds.c index 81ef532184..35404ac39a 100644 --- a/src/backend/commands/operatorcmds.c +++ b/src/backend/commands/operatorcmds.c @@ -95,7 +95,7 @@ DefineOperator(List *names, List *parameters) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(oprNamespace)); /* @@ -215,7 +215,7 @@ DefineOperator(List *names, List *parameters) */ aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(functionName)); rettype = get_func_rettype(functionOid); @@ -281,7 +281,7 @@ ValidateRestrictionEstimator(List *restrictionName) /* Require EXECUTE rights for the estimator */ aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(restrictionName)); return restrictionOid; @@ -327,7 +327,7 @@ ValidateJoinEstimator(List *joinName) /* Require EXECUTE rights for the estimator */ aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(joinName)); return joinOid; @@ -457,7 +457,7 @@ AlterOperator(AlterOperatorStmt *stmt) /* Check permissions. Must be owner. */ if (!pg_oper_ownercheck(oprId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR, NameStr(oprForm->oprname)); /* diff --git a/src/backend/commands/policy.c b/src/backend/commands/policy.c index 396d4c3449..280a14a101 100644 --- a/src/backend/commands/policy.c +++ b/src/backend/commands/policy.c @@ -78,7 +78,7 @@ RangeVarCallbackForPolicy(const RangeVar *rv, Oid relid, Oid oldrelid, /* Must own relation. */ if (!pg_class_ownercheck(relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname); /* No system table modifications unless explicitly allowed. */ if (!allowSystemTableMods && IsSystemClass(relid, classform)) diff --git a/src/backend/commands/proclang.c b/src/backend/commands/proclang.c index 9783a162d7..2ec96242ae 100644 --- a/src/backend/commands/proclang.c +++ b/src/backend/commands/proclang.c @@ -97,7 +97,7 @@ CreateProceduralLanguage(CreatePLangStmt *stmt) errmsg("must be superuser to create procedural language \"%s\"", stmt->plname))); if (!pg_database_ownercheck(MyDatabaseId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, get_database_name(MyDatabaseId)); } @@ -366,7 +366,7 @@ create_proc_lang(const char *languageName, bool replace, (errcode(ERRCODE_DUPLICATE_OBJECT), errmsg("language \"%s\" already exists", languageName))); if (!pg_language_ownercheck(HeapTupleGetOid(oldtup), languageOwner)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_LANGUAGE, languageName); /* diff --git a/src/backend/commands/publicationcmds.c b/src/backend/commands/publicationcmds.c index 91338e8d49..9c5aa9ebc2 100644 --- a/src/backend/commands/publicationcmds.c +++ b/src/backend/commands/publicationcmds.c @@ -150,7 +150,7 @@ CreatePublication(CreatePublicationStmt *stmt) /* must have CREATE privilege on database */ aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_DATABASE, + aclcheck_error(aclresult, OBJECT_DATABASE, get_database_name(MyDatabaseId)); /* FOR ALL TABLES requires superuser */ @@ -403,7 +403,7 @@ AlterPublication(AlterPublicationStmt *stmt) /* must be owner */ if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION, stmt->pubname); if (stmt->options) @@ -582,7 +582,7 @@ PublicationAddTables(Oid pubid, List *rels, bool if_not_exists, /* Must be owner of the table or superuser. */ if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); obj = publication_add_relation(pubid, rel, if_not_exists); @@ -649,7 +649,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId) /* Must be owner */ if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION, NameStr(form->pubname)); /* Must be able to become new owner */ @@ -658,7 +658,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId) /* New owner must have CREATE privilege on database */ aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_DATABASE, + aclcheck_error(aclresult, OBJECT_DATABASE, get_database_name(MyDatabaseId)); if (form->puballtables && !superuser_arg(newOwnerId)) diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c index 16b6e8f111..dc6cb46e4e 100644 --- a/src/backend/commands/schemacmds.c +++ b/src/backend/commands/schemacmds.c @@ -94,7 +94,7 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString, */ aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_DATABASE, + aclcheck_error(aclresult, OBJECT_DATABASE, get_database_name(MyDatabaseId)); check_is_member_of_role(saved_uid, owner_uid); @@ -265,13 +265,13 @@ RenameSchema(const char *oldname, const char *newname) /* must be owner */ if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA, oldname); /* must have CREATE privilege on database */ aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_DATABASE, + aclcheck_error(aclresult, OBJECT_DATABASE, get_database_name(MyDatabaseId)); if (!allowSystemTableMods && IsReservedName(newname)) @@ -373,7 +373,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId) /* Otherwise, must be owner of the existing object */ if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA, NameStr(nspForm->nspname)); /* Must be able to become new owner */ @@ -391,7 +391,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId) aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_DATABASE, + aclcheck_error(aclresult, OBJECT_DATABASE, get_database_name(MyDatabaseId)); memset(repl_null, false, sizeof(repl_null)); diff --git a/src/backend/commands/statscmds.c b/src/backend/commands/statscmds.c index 5773a8fd03..e90a14273b 100644 --- a/src/backend/commands/statscmds.c +++ b/src/backend/commands/statscmds.c @@ -141,7 +141,7 @@ CreateStatistics(CreateStatsStmt *stmt) /* You must own the relation to create stats on it */ if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner)) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); } diff --git a/src/backend/commands/subscriptioncmds.c b/src/backend/commands/subscriptioncmds.c index bd25ec2401..9de5969302 100644 --- a/src/backend/commands/subscriptioncmds.c +++ b/src/backend/commands/subscriptioncmds.c @@ -635,7 +635,7 @@ AlterSubscription(AlterSubscriptionStmt *stmt) /* must be owner */ if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION, stmt->subname); subid = HeapTupleGetOid(tup); @@ -854,7 +854,7 @@ DropSubscription(DropSubscriptionStmt *stmt, bool isTopLevel) /* must be owner */ if (!pg_subscription_ownercheck(subid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION, stmt->subname); /* DROP hook for the subscription being removed */ @@ -1022,7 +1022,7 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId) return; if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION, NameStr(form->subname)); /* New owner must be a superuser */ diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c index 57ee112653..2e768dd5e4 100644 --- a/src/backend/commands/tablecmds.c +++ b/src/backend/commands/tablecmds.c @@ -601,7 +601,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId, aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, + aclcheck_error(aclresult, OBJECT_TABLESPACE, get_tablespace_name(tablespaceId)); } @@ -1255,7 +1255,7 @@ RangeVarCallbackForDropRelation(const RangeVar *rel, Oid relOid, Oid oldRelOid, /* Allow DROP to either table owner or schema owner */ if (!pg_class_ownercheck(relOid, GetUserId()) && !pg_namespace_ownercheck(classform->relnamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)), rel->relname); if (!allowSystemTableMods && IsSystemClass(relOid, classform)) @@ -1438,7 +1438,7 @@ ExecuteTruncate(TruncateStmt *stmt) /* This check must match AlterSequence! */ if (!pg_class_ownercheck(seq_relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SEQUENCE, RelationGetRelationName(seq_rel)); seq_relids = lappend_oid(seq_relids, seq_relid); @@ -1626,7 +1626,7 @@ truncate_check_rel(Relation rel) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_TRUNCATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) @@ -1912,7 +1912,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence, * demand that creator of a child table own the parent. */ if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(relation->rd_rel->relkind), RelationGetRelationName(relation)); /* @@ -2600,7 +2600,7 @@ renameatt_check(Oid myrelid, Form_pg_class classform, bool recursing) * permissions checking. only the owner of a class can change its schema. */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(myrelid)), NameStr(classform->relname)); if (!allowSystemTableMods && IsSystemClass(myrelid, classform)) ereport(ERROR, @@ -4837,7 +4837,7 @@ ATSimplePermissions(Relation rel, int allowed_targets) /* Permissions checks */ if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) @@ -6283,7 +6283,7 @@ ATPrepSetStatistics(Relation rel, const char *colName, int16 colNum, Node *newVa /* Permissions checks */ if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); } @@ -8209,7 +8209,7 @@ checkFkeyPermissions(Relation rel, int16 *attnums, int natts) aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i], roleid, ACL_REFERENCES); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); } } @@ -10129,7 +10129,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock /* Otherwise, must be owner of the existing object */ if (!pg_class_ownercheck(relationOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relationOid)), RelationGetRelationName(target_rel)); /* Must be able to become new owner */ @@ -10139,7 +10139,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId, ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceOid)); } } @@ -10437,7 +10437,7 @@ ATPrepSetTableSpace(AlteredTableInfo *tab, Relation rel, const char *tablespacen aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, tablespacename); + aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename); } /* Save info for Phase 3 to do the real work */ @@ -10872,7 +10872,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt) aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, + aclcheck_error(aclresult, OBJECT_TABLESPACE, get_tablespace_name(new_tablespaceoid)); } @@ -10944,7 +10944,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt) * Caller must be considered an owner on the table to move it. */ if (!pg_class_ownercheck(relOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)), NameStr(relForm->relname)); if (stmt->nowait && @@ -13162,7 +13162,7 @@ RangeVarCallbackOwnsTable(const RangeVar *relation, /* Check permissions */ if (!pg_class_ownercheck(relId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)), relation->relname); } /* @@ -13184,7 +13184,7 @@ RangeVarCallbackOwnsRelation(const RangeVar *relation, elog(ERROR, "cache lookup failed for relation %u", relId); if (!pg_class_ownercheck(relId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)), relation->relname); if (!allowSystemTableMods && @@ -13220,7 +13220,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid, /* Must own relation. */ if (!pg_class_ownercheck(relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname); /* No system table modifications unless explicitly allowed. */ if (!allowSystemTableMods && IsSystemClass(relid, classform)) @@ -13240,7 +13240,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid, aclresult = pg_namespace_aclcheck(classform->relnamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(classform->relnamespace)); reltype = ((RenameStmt *) stmt)->renameType; } diff --git a/src/backend/commands/tablespace.c b/src/backend/commands/tablespace.c index 8cb834c271..5c450caa4e 100644 --- a/src/backend/commands/tablespace.c +++ b/src/backend/commands/tablespace.c @@ -444,13 +444,13 @@ DropTableSpace(DropTableSpaceStmt *stmt) /* Must be tablespace owner */ if (!pg_tablespace_ownercheck(tablespaceoid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE, tablespacename); /* Disallow drop of the standard tablespaces, even by superuser */ if (tablespaceoid == GLOBALTABLESPACE_OID || tablespaceoid == DEFAULTTABLESPACE_OID) - aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, + aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, tablespacename); /* DROP hook for the tablespace being removed */ @@ -941,7 +941,7 @@ RenameTableSpace(const char *oldname, const char *newname) /* Must be owner */ if (!pg_tablespace_ownercheck(HeapTupleGetOid(newtuple), GetUserId())) - aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, oldname); + aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, oldname); /* Validate new name */ if (!allowSystemTableMods && IsReservedName(newname)) @@ -1017,7 +1017,7 @@ AlterTableSpaceOptions(AlterTableSpaceOptionsStmt *stmt) /* Must be owner of the existing object */ if (!pg_tablespace_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE, stmt->tablespacename); /* Generate new proposed spcoptions (text array) */ @@ -1232,7 +1232,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source) if (aclresult != ACLCHECK_OK) { if (source >= PGC_S_INTERACTIVE) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, curname); + aclcheck_error(aclresult, OBJECT_TABLESPACE, curname); continue; } diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c index 1c488c338a..b45c30161f 100644 --- a/src/backend/commands/trigger.c +++ b/src/backend/commands/trigger.c @@ -284,7 +284,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString, aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_TRIGGER); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); if (OidIsValid(constrrelid)) @@ -292,7 +292,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString, aclresult = pg_class_aclcheck(constrrelid, GetUserId(), ACL_TRIGGER); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(constrrelid)), get_rel_name(constrrelid)); } } @@ -592,7 +592,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString, { aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->funcname)); } funcrettype = get_func_rettype(funcoid); @@ -1422,7 +1422,7 @@ RangeVarCallbackForRenameTrigger(const RangeVar *rv, Oid relid, Oid oldrelid, /* you must own the table to rename one of its triggers */ if (!pg_class_ownercheck(relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname); if (!allowSystemTableMods && IsSystemClass(relid, form)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), diff --git a/src/backend/commands/tsearchcmds.c b/src/backend/commands/tsearchcmds.c index bf06ed9318..bdf3857ce4 100644 --- a/src/backend/commands/tsearchcmds.c +++ b/src/backend/commands/tsearchcmds.c @@ -428,7 +428,7 @@ DefineTSDictionary(List *names, List *parameters) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceoid)); /* @@ -549,7 +549,7 @@ AlterTSDictionary(AlterTSDictionaryStmt *stmt) /* must be owner */ if (!pg_ts_dict_ownercheck(dictId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSDICTIONARY, NameListToString(stmt->dictname)); /* deserialize the existing set of options */ @@ -980,7 +980,7 @@ DefineTSConfiguration(List *names, List *parameters, ObjectAddress *copied) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(namespaceoid)); /* @@ -1189,7 +1189,7 @@ AlterTSConfiguration(AlterTSConfigurationStmt *stmt) /* must be owner */ if (!pg_ts_config_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSCONFIGURATION, NameListToString(stmt->cfgname)); relMap = heap_open(TSConfigMapRelationId, RowExclusiveLock); diff --git a/src/backend/commands/typecmds.c b/src/backend/commands/typecmds.c index a40b3cf752..74eb430f96 100644 --- a/src/backend/commands/typecmds.c +++ b/src/backend/commands/typecmds.c @@ -190,7 +190,7 @@ DefineType(ParseState *pstate, List *names, List *parameters) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(typeNamespace)); #endif @@ -526,25 +526,25 @@ DefineType(ParseState *pstate, List *names, List *parameters) #ifdef NOT_USED /* XXX this is unnecessary given the superuser check above */ if (inputOid && !pg_proc_ownercheck(inputOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(inputName)); if (outputOid && !pg_proc_ownercheck(outputOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(outputName)); if (receiveOid && !pg_proc_ownercheck(receiveOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(receiveName)); if (sendOid && !pg_proc_ownercheck(sendOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(sendName)); if (typmodinOid && !pg_proc_ownercheck(typmodinOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(typmodinName)); if (typmodoutOid && !pg_proc_ownercheck(typmodoutOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(typmodoutName)); if (analyzeOid && !pg_proc_ownercheck(analyzeOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(analyzeName)); #endif @@ -772,7 +772,7 @@ DefineDomain(CreateDomainStmt *stmt) aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(domainNamespace)); /* @@ -1171,7 +1171,7 @@ DefineEnum(CreateEnumStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(enumNamespace)); /* @@ -1398,7 +1398,7 @@ DefineRange(CreateRangeStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(typeNamespace)); /* @@ -2042,7 +2042,7 @@ findRangeCanonicalFunction(List *procname, Oid typeOid) /* Also, range type's creator must have permission to call function */ aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid)); + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid)); return procOid; } @@ -2085,7 +2085,7 @@ findRangeSubtypeDiffFunction(List *procname, Oid subtype) /* Also, range type's creator must have permission to call function */ aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid)); + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid)); return procOid; } @@ -3380,7 +3380,7 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype) newOwnerId, ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(typTup->typnamespace)); } diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index d559c29d24..71c5caa41b 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -939,7 +939,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt) * ALTER DATABASE ... SET, so use the same permission check. */ if (!pg_database_ownercheck(databaseid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, stmt->database); } } diff --git a/src/backend/executor/execExpr.c b/src/backend/executor/execExpr.c index 794573803d..883a29f0a7 100644 --- a/src/backend/executor/execExpr.c +++ b/src/backend/executor/execExpr.c @@ -955,7 +955,7 @@ ExecInitExprRec(Expr *node, ExprState *state, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(opexpr->opfuncid)); InvokeFunctionExecuteHook(opexpr->opfuncid); @@ -2162,7 +2162,7 @@ ExecInitFunc(ExprEvalStep *scratch, Expr *node, List *args, Oid funcid, /* Check permission to call function */ aclresult = pg_proc_aclcheck(funcid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(funcid)); + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(funcid)); InvokeFunctionExecuteHook(funcid); /* diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c index 16822e962a..410921cc40 100644 --- a/src/backend/executor/execMain.c +++ b/src/backend/executor/execMain.c @@ -579,7 +579,7 @@ ExecCheckRTPerms(List *rangeTable, bool ereport_on_violation) { Assert(rte->rtekind == RTE_RELATION); if (ereport_on_violation) - aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NO_PRIV, get_relkind_objtype(get_rel_relkind(rte->relid)), get_rel_name(rte->relid)); return false; } diff --git a/src/backend/executor/execSRF.c b/src/backend/executor/execSRF.c index 8e521288a9..b97b8d797e 100644 --- a/src/backend/executor/execSRF.c +++ b/src/backend/executor/execSRF.c @@ -682,7 +682,7 @@ init_sexpr(Oid foid, Oid input_collation, Expr *node, /* Check permission to call function */ aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid)); + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(foid)); InvokeFunctionExecuteHook(foid); /* diff --git a/src/backend/executor/nodeAgg.c b/src/backend/executor/nodeAgg.c index 061acad80f..ec62e7fb38 100644 --- a/src/backend/executor/nodeAgg.c +++ b/src/backend/executor/nodeAgg.c @@ -2548,7 +2548,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags) aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_AGGREGATE, get_func_name(aggref->aggfnoid)); InvokeFunctionExecuteHook(aggref->aggfnoid); @@ -2638,7 +2638,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags) aclresult = pg_proc_aclcheck(transfn_oid, aggOwner, ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(transfn_oid)); InvokeFunctionExecuteHook(transfn_oid); if (OidIsValid(finalfn_oid)) @@ -2646,7 +2646,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags) aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner, ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(finalfn_oid)); InvokeFunctionExecuteHook(finalfn_oid); } @@ -2655,7 +2655,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags) aclresult = pg_proc_aclcheck(serialfn_oid, aggOwner, ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(serialfn_oid)); InvokeFunctionExecuteHook(serialfn_oid); } @@ -2664,7 +2664,7 @@ ExecInitAgg(Agg *node, EState *estate, int eflags) aclresult = pg_proc_aclcheck(deserialfn_oid, aggOwner, ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(deserialfn_oid)); InvokeFunctionExecuteHook(deserialfn_oid); } diff --git a/src/backend/executor/nodeWindowAgg.c b/src/backend/executor/nodeWindowAgg.c index 5492fb3369..0afb1c83d3 100644 --- a/src/backend/executor/nodeWindowAgg.c +++ b/src/backend/executor/nodeWindowAgg.c @@ -1928,7 +1928,7 @@ ExecInitWindowAgg(WindowAgg *node, EState *estate, int eflags) aclresult = pg_proc_aclcheck(wfunc->winfnoid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(wfunc->winfnoid)); InvokeFunctionExecuteHook(wfunc->winfnoid); @@ -2189,7 +2189,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc, aclresult = pg_proc_aclcheck(transfn_oid, aggOwner, ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(transfn_oid)); InvokeFunctionExecuteHook(transfn_oid); @@ -2198,7 +2198,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc, aclresult = pg_proc_aclcheck(invtransfn_oid, aggOwner, ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(invtransfn_oid)); InvokeFunctionExecuteHook(invtransfn_oid); } @@ -2208,7 +2208,7 @@ initialize_peragg(WindowAggState *winstate, WindowFunc *wfunc, aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner, ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(finalfn_oid)); InvokeFunctionExecuteHook(finalfn_oid); } diff --git a/src/backend/parser/parse_utilcmd.c b/src/backend/parser/parse_utilcmd.c index 90bb356df8..5afb363096 100644 --- a/src/backend/parser/parse_utilcmd.c +++ b/src/backend/parser/parse_utilcmd.c @@ -951,7 +951,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla aclresult = pg_type_aclcheck(relation->rd_rel->reltype, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TYPE, + aclcheck_error(aclresult, OBJECT_TYPE, RelationGetRelationName(relation)); } else @@ -959,7 +959,7 @@ transformTableLikeClause(CreateStmtContext *cxt, TableLikeClause *table_like_cla aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(), ACL_SELECT); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(relation->rd_rel->relkind), RelationGetRelationName(relation)); } diff --git a/src/backend/rewrite/rewriteDefine.c b/src/backend/rewrite/rewriteDefine.c index abf45fa82b..f3a9b639a8 100644 --- a/src/backend/rewrite/rewriteDefine.c +++ b/src/backend/rewrite/rewriteDefine.c @@ -276,7 +276,7 @@ DefineQueryRewrite(const char *rulename, * Check user has permission to apply rules to this relation. */ if (!pg_class_ownercheck(event_relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(event_relation->rd_rel->relkind), RelationGetRelationName(event_relation)); /* @@ -864,7 +864,7 @@ EnableDisableRule(Relation rel, const char *rulename, eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(ruletup))->ev_class; Assert(eventRelationOid == owningRel); if (!pg_class_ownercheck(eventRelationOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(eventRelationOid)), get_rel_name(eventRelationOid)); /* @@ -927,7 +927,7 @@ RangeVarCallbackForRenameRule(const RangeVar *rv, Oid relid, Oid oldrelid, /* you must own the table to rename one of its rules */ if (!pg_class_ownercheck(relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname); ReleaseSysCache(tuple); } diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c index 3e531977db..d16ba5ec92 100644 --- a/src/backend/tcop/fastpath.c +++ b/src/backend/tcop/fastpath.c @@ -315,13 +315,13 @@ HandleFunctionRequest(StringInfo msgBuf) */ aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + aclcheck_error(aclresult, OBJECT_SCHEMA, get_namespace_name(fip->namespace)); InvokeNamespaceSearchHook(fip->namespace, true); aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, + aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(fid)); InvokeFunctionExecuteHook(fid); diff --git a/src/backend/utils/adt/dbsize.c b/src/backend/utils/adt/dbsize.c index 60f417f1b2..834a10485f 100644 --- a/src/backend/utils/adt/dbsize.c +++ b/src/backend/utils/adt/dbsize.c @@ -97,7 +97,7 @@ calculate_database_size(Oid dbOid) if (aclresult != ACLCHECK_OK && !is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS)) { - aclcheck_error(aclresult, ACL_KIND_DATABASE, + aclcheck_error(aclresult, OBJECT_DATABASE, get_database_name(dbOid)); } @@ -183,7 +183,7 @@ calculate_tablespace_size(Oid tblspcOid) { aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_TABLESPACE, + aclcheck_error(aclresult, OBJECT_TABLESPACE, get_tablespace_name(tblspcOid)); } diff --git a/src/backend/utils/adt/tid.c b/src/backend/utils/adt/tid.c index 5ed5fdaffe..41d540b46e 100644 --- a/src/backend/utils/adt/tid.c +++ b/src/backend/utils/adt/tid.c @@ -343,7 +343,7 @@ currtid_byreloid(PG_FUNCTION_ARGS) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_SELECT); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); if (rel->rd_rel->relkind == RELKIND_VIEW) @@ -377,7 +377,7 @@ currtid_byrelname(PG_FUNCTION_ARGS) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_SELECT); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_CLASS, + aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), RelationGetRelationName(rel)); if (rel->rd_rel->relkind == RELKIND_VIEW) diff --git a/src/backend/utils/fmgr/fmgr.c b/src/backend/utils/fmgr/fmgr.c index 8968a9fde8..25f4c34901 100644 --- a/src/backend/utils/fmgr/fmgr.c +++ b/src/backend/utils/fmgr/fmgr.c @@ -2124,7 +2124,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid) aclresult = pg_language_aclcheck(procStruct->prolang, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_LANGUAGE, + aclcheck_error(aclresult, OBJECT_LANGUAGE, NameStr(langStruct->lanname)); /* @@ -2134,7 +2134,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid) */ aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, NameStr(procStruct->proname)); + aclcheck_error(aclresult, OBJECT_FUNCTION, NameStr(procStruct->proname)); ReleaseSysCache(procTup); ReleaseSysCache(langTup); diff --git a/src/include/catalog/objectaddress.h b/src/include/catalog/objectaddress.h index 834554ec17..6a9b1eec73 100644 --- a/src/include/catalog/objectaddress.h +++ b/src/include/catalog/objectaddress.h @@ -62,7 +62,7 @@ extern AttrNumber get_object_attnum_name(Oid class_id); extern AttrNumber get_object_attnum_namespace(Oid class_id); extern AttrNumber get_object_attnum_owner(Oid class_id); extern AttrNumber get_object_attnum_acl(Oid class_id); -extern AclObjectKind get_object_aclkind(Oid class_id); +extern ObjectType get_object_type(Oid class_id, Oid object_id); extern bool get_object_namensp_unique(Oid class_id); extern HeapTuple get_catalog_object_by_oid(Relation catalog, @@ -78,4 +78,6 @@ extern char *getObjectIdentityParts(const ObjectAddress *address, List **objname, List **objargs); extern ArrayType *strlist_to_textarray(List *list); +extern ObjectType get_relkind_objtype(char relkind); + #endif /* OBJECTADDRESS_H */ diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h index 7db1606b8f..f4d4be8d0d 100644 --- a/src/include/utils/acl.h +++ b/src/include/utils/acl.h @@ -182,37 +182,6 @@ typedef enum ACLCHECK_NOT_OWNER } AclResult; -/* this enum covers all object types that can have privilege errors */ -/* currently it's only used to tell aclcheck_error what to say */ -typedef enum AclObjectKind -{ - ACL_KIND_COLUMN, /* pg_attribute */ - ACL_KIND_CLASS, /* pg_class */ - ACL_KIND_SEQUENCE, /* pg_sequence */ - ACL_KIND_DATABASE, /* pg_database */ - ACL_KIND_PROC, /* pg_proc */ - ACL_KIND_OPER, /* pg_operator */ - ACL_KIND_TYPE, /* pg_type */ - ACL_KIND_LANGUAGE, /* pg_language */ - ACL_KIND_LARGEOBJECT, /* pg_largeobject */ - ACL_KIND_NAMESPACE, /* pg_namespace */ - ACL_KIND_OPCLASS, /* pg_opclass */ - ACL_KIND_OPFAMILY, /* pg_opfamily */ - ACL_KIND_COLLATION, /* pg_collation */ - ACL_KIND_CONVERSION, /* pg_conversion */ - ACL_KIND_STATISTICS, /* pg_statistic_ext */ - ACL_KIND_TABLESPACE, /* pg_tablespace */ - ACL_KIND_TSDICTIONARY, /* pg_ts_dict */ - ACL_KIND_TSCONFIGURATION, /* pg_ts_config */ - ACL_KIND_FDW, /* pg_foreign_data_wrapper */ - ACL_KIND_FOREIGN_SERVER, /* pg_foreign_server */ - ACL_KIND_EVENT_TRIGGER, /* pg_event_trigger */ - ACL_KIND_EXTENSION, /* pg_extension */ - ACL_KIND_PUBLICATION, /* pg_publication */ - ACL_KIND_SUBSCRIPTION, /* pg_subscription */ - MAX_ACL_KIND /* MUST BE LAST */ -} AclObjectKind; - /* * routines used internally @@ -301,10 +270,10 @@ extern AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMo extern AclResult pg_foreign_server_aclcheck(Oid srv_oid, Oid roleid, AclMode mode); extern AclResult pg_type_aclcheck(Oid type_oid, Oid roleid, AclMode mode); -extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind, +extern void aclcheck_error(AclResult aclerr, ObjectType objtype, const char *objectname); -extern void aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind, +extern void aclcheck_error_col(AclResult aclerr, ObjectType objtype, const char *objectname, const char *colname); extern void aclcheck_error_type(AclResult aclerr, Oid typeOid); diff --git a/src/pl/tcl/pltcl.c b/src/pl/tcl/pltcl.c index 8069784151..8f5847c4ff 100644 --- a/src/pl/tcl/pltcl.c +++ b/src/pl/tcl/pltcl.c @@ -618,7 +618,7 @@ call_pltcl_start_proc(Oid prolang, bool pltrusted) /* Current user must have permission to call function */ aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_PROC, start_proc); + aclcheck_error(aclresult, OBJECT_FUNCTION, start_proc); /* Get the function's pg_proc entry */ procTup = SearchSysCache1(PROCOID, ObjectIdGetDatum(procOid)); diff --git a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out index 77bdc9345d..b2d898a7d1 100644 --- a/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out +++ b/src/test/modules/dummy_seclabel/expected/dummy_seclabel.out @@ -30,14 +30,14 @@ SECURITY LABEL FOR 'dummy' ON TABLE dummy_seclabel_tbl1 IS 'unclassified'; -- OK SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified'; -- fail ERROR: security label provider "unknown_seclabel" is not loaded SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified'; -- fail (not owner) -ERROR: must be owner of relation dummy_seclabel_tbl2 +ERROR: must be owner of table dummy_seclabel_tbl2 SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret'; -- fail (not superuser) ERROR: only superuser can set 'secret' label SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified'; -- fail (not found) ERROR: relation "dummy_seclabel_tbl3" does not exist SET SESSION AUTHORIZATION regress_dummy_seclabel_user2; SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified'; -- fail -ERROR: must be owner of relation dummy_seclabel_tbl1 +ERROR: must be owner of table dummy_seclabel_tbl1 SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified'; -- OK -- -- Test for shared database object diff --git a/src/test/regress/expected/alter_table.out b/src/test/regress/expected/alter_table.out index 517fb080bd..e9a1d37f6f 100644 --- a/src/test/regress/expected/alter_table.out +++ b/src/test/regress/expected/alter_table.out @@ -1,5 +1,12 @@ -- -- ALTER_TABLE +-- +-- Clean up in case a prior regression run failed +SET client_min_messages TO 'warning'; +DROP ROLE IF EXISTS regress_alter_user1; +RESET client_min_messages; +CREATE USER regress_alter_user1; +-- -- add attribute -- CREATE TABLE tmp (initial int4); @@ -209,9 +216,17 @@ ALTER INDEX IF EXISTS __tmp_onek_unique1 RENAME TO onek_unique1; NOTICE: relation "__tmp_onek_unique1" does not exist, skipping ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1; ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1; +SET ROLE regress_alter_user1; +ALTER INDEX onek_unique1 RENAME TO fail; -- permission denied +ERROR: must be owner of index onek_unique1 +RESET ROLE; -- renaming views CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1; ALTER TABLE tmp_view RENAME TO tmp_view_new; +SET ROLE regress_alter_user1; +ALTER VIEW tmp_view_new RENAME TO fail; -- permission denied +ERROR: must be owner of view tmp_view_new +RESET ROLE; -- hack to ensure we get an indexscan here set enable_seqscan to off; set enable_bitmapscan to off; @@ -3364,7 +3379,7 @@ CREATE TABLE owned_by_me ( a int ) PARTITION BY LIST (a); ALTER TABLE owned_by_me ATTACH PARTITION not_owned_by_me FOR VALUES IN (1); -ERROR: must be owner of relation not_owned_by_me +ERROR: must be owner of table not_owned_by_me RESET SESSION AUTHORIZATION; DROP TABLE owned_by_me, not_owned_by_me; DROP ROLE regress_test_not_me; @@ -3883,3 +3898,4 @@ ALTER TABLE tmp ALTER COLUMN i SET (n_distinct = 1, n_distinct_inherited = 2); ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited); ANALYZE tmp; DROP TABLE tmp; +DROP USER regress_alter_user1; diff --git a/src/test/regress/expected/copy2.out b/src/test/regress/expected/copy2.out index 65e9c626b3..e606a5fda4 100644 --- a/src/test/regress/expected/copy2.out +++ b/src/test/regress/expected/copy2.out @@ -521,12 +521,12 @@ RESET SESSION AUTHORIZATION; SET SESSION AUTHORIZATION regress_rls_copy_user_colperms; -- attempt all columns (should fail) COPY rls_t1 TO stdout; -ERROR: permission denied for relation rls_t1 +ERROR: permission denied for table rls_t1 COPY rls_t1 (a, b, c) TO stdout; -ERROR: permission denied for relation rls_t1 +ERROR: permission denied for table rls_t1 -- try to copy column with no privileges (should fail) COPY rls_t1 (c) TO stdout; -ERROR: permission denied for relation rls_t1 +ERROR: permission denied for table rls_t1 -- subset of columns (should succeed) COPY rls_t1 (a) TO stdout; 2 diff --git a/src/test/regress/expected/create_procedure.out b/src/test/regress/expected/create_procedure.out index e627d8ebbc..ccad5c87d5 100644 --- a/src/test/regress/expected/create_procedure.out +++ b/src/test/regress/expected/create_procedure.out @@ -82,7 +82,7 @@ GRANT INSERT ON cp_test TO regress_user1; REVOKE EXECUTE ON PROCEDURE ptest1(text) FROM PUBLIC; SET ROLE regress_user1; CALL ptest1('a'); -- error -ERROR: permission denied for function ptest1 +ERROR: permission denied for procedure ptest1 RESET ROLE; GRANT EXECUTE ON PROCEDURE ptest1(text) TO regress_user1; SET ROLE regress_user1; diff --git a/src/test/regress/expected/lock.out b/src/test/regress/expected/lock.out index fd27344503..74a434d24d 100644 --- a/src/test/regress/expected/lock.out +++ b/src/test/regress/expected/lock.out @@ -45,7 +45,7 @@ GRANT UPDATE ON TABLE lock_tbl1 TO regress_rol_lock1; SET ROLE regress_rol_lock1; BEGIN; LOCK TABLE lock_tbl1 * IN ACCESS EXCLUSIVE MODE; -ERROR: permission denied for relation lock_tbl2 +ERROR: permission denied for table lock_tbl2 ROLLBACK; BEGIN; LOCK TABLE ONLY lock_tbl1; diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out index e6994f0490..cf53b37383 100644 --- a/src/test/regress/expected/privileges.out +++ b/src/test/regress/expected/privileges.out @@ -92,11 +92,11 @@ SELECT * FROM atest2; -- ok INSERT INTO atest1 VALUES (2, 'two'); -- ok INSERT INTO atest2 VALUES ('foo', true); -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 INSERT INTO atest1 SELECT 1, b FROM atest1; -- ok UPDATE atest1 SET a = 1 WHERE a = 2; -- ok UPDATE atest2 SET col2 = NOT col2; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 SELECT * FROM atest1 FOR UPDATE; -- ok a | b ---+----- @@ -105,17 +105,17 @@ SELECT * FROM atest1 FOR UPDATE; -- ok (2 rows) SELECT * FROM atest2 FOR UPDATE; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 DELETE FROM atest2; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 TRUNCATE atest2; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 BEGIN; LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 COMMIT; COPY atest2 FROM stdin; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 GRANT ALL ON atest1 TO PUBLIC; -- fail WARNING: no privileges were granted for "atest1" -- checks in subquery, both ok @@ -144,37 +144,37 @@ SELECT * FROM atest1; -- ok (2 rows) SELECT * FROM atest2; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 INSERT INTO atest1 VALUES (2, 'two'); -- fail -ERROR: permission denied for relation atest1 +ERROR: permission denied for table atest1 INSERT INTO atest2 VALUES ('foo', true); -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 INSERT INTO atest1 SELECT 1, b FROM atest1; -- fail -ERROR: permission denied for relation atest1 +ERROR: permission denied for table atest1 UPDATE atest1 SET a = 1 WHERE a = 2; -- fail -ERROR: permission denied for relation atest1 +ERROR: permission denied for table atest1 UPDATE atest2 SET col2 = NULL; -- ok UPDATE atest2 SET col2 = NOT col2; -- fails; requires SELECT on atest2 -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 UPDATE atest2 SET col2 = true FROM atest1 WHERE atest1.a = 5; -- ok SELECT * FROM atest1 FOR UPDATE; -- fail -ERROR: permission denied for relation atest1 +ERROR: permission denied for table atest1 SELECT * FROM atest2 FOR UPDATE; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 DELETE FROM atest2; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 TRUNCATE atest2; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 BEGIN; LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- ok COMMIT; COPY atest2 FROM stdin; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 -- checks in subquery, both fail SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) ); -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) ); -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 SET SESSION AUTHORIZATION regress_user4; COPY atest2 FROM stdin; -- ok SELECT * FROM atest1; -- ok @@ -234,7 +234,7 @@ CREATE OPERATOR >>> (procedure = leak2, leftarg = integer, rightarg = integer, restrict = scalargtsel); -- This should not show any "leak" notices before failing. EXPLAIN (COSTS OFF) SELECT * FROM atest12 WHERE a >>> 0; -ERROR: permission denied for relation atest12 +ERROR: permission denied for table atest12 -- This plan should use hashjoin, as it will expect many rows to be selected. EXPLAIN (COSTS OFF) SELECT * FROM atest12v x, atest12v y WHERE x.a = y.b; QUERY PLAN @@ -287,7 +287,7 @@ CREATE TABLE atest3 (one int, two int, three int); GRANT DELETE ON atest3 TO GROUP regress_group2; SET SESSION AUTHORIZATION regress_user1; SELECT * FROM atest3; -- fail -ERROR: permission denied for relation atest3 +ERROR: permission denied for table atest3 DELETE FROM atest3; -- ok -- views SET SESSION AUTHORIZATION regress_user3; @@ -305,7 +305,7 @@ SELECT * FROM atestv1; -- ok (2 rows) SELECT * FROM atestv2; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 GRANT SELECT ON atestv1, atestv3 TO regress_user4; GRANT SELECT ON atestv2 TO regress_user2; SET SESSION AUTHORIZATION regress_user4; @@ -317,28 +317,28 @@ SELECT * FROM atestv1; -- ok (2 rows) SELECT * FROM atestv2; -- fail -ERROR: permission denied for relation atestv2 +ERROR: permission denied for view atestv2 SELECT * FROM atestv3; -- ok one | two | three -----+-----+------- (0 rows) SELECT * FROM atestv0; -- fail -ERROR: permission denied for relation atestv0 +ERROR: permission denied for view atestv0 -- Appendrels excluded by constraints failed to check permissions in 8.4-9.2. select * from ((select a.q1 as x from int8_tbl a offset 0) union all (select b.q2 as x from int8_tbl b offset 0)) ss where false; -ERROR: permission denied for relation int8_tbl +ERROR: permission denied for table int8_tbl set constraint_exclusion = on; select * from ((select a.q1 as x, random() from int8_tbl a where q1 > 0) union all (select b.q2 as x, random() from int8_tbl b where q2 > 0)) ss where x < 0; -ERROR: permission denied for relation int8_tbl +ERROR: permission denied for table int8_tbl reset constraint_exclusion; CREATE VIEW atestv4 AS SELECT * FROM atestv3; -- nested view SELECT * FROM atestv4; -- ok @@ -350,7 +350,7 @@ GRANT SELECT ON atestv4 TO regress_user2; SET SESSION AUTHORIZATION regress_user2; -- Two complex cases: SELECT * FROM atestv3; -- fail -ERROR: permission denied for relation atestv3 +ERROR: permission denied for view atestv3 SELECT * FROM atestv4; -- ok (even though regress_user2 cannot access underlying atestv3) one | two | three -----+-----+------- @@ -363,7 +363,7 @@ SELECT * FROM atest2; -- ok (1 row) SELECT * FROM atestv2; -- fail (even though regress_user2 can access underlying atest2) -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 -- Test column level permissions SET SESSION AUTHORIZATION regress_user1; CREATE TABLE atest5 (one int, two int unique, three int, four int unique); @@ -373,7 +373,7 @@ GRANT ALL (one) ON atest5 TO regress_user3; INSERT INTO atest5 VALUES (1,2,3); SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atest5; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT one FROM atest5; -- ok one ----- @@ -383,13 +383,13 @@ SELECT one FROM atest5; -- ok COPY atest5 (one) TO stdout; -- ok 1 SELECT two FROM atest5; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 COPY atest5 (two) TO stdout; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT atest5 FROM atest5; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 COPY atest5 (one,two) TO stdout; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT 1 FROM atest5; -- ok ?column? ---------- @@ -403,15 +403,15 @@ SELECT 1 FROM atest5 a JOIN atest5 b USING (one); -- ok (1 row) SELECT 1 FROM atest5 a JOIN atest5 b USING (two); -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT 1 FROM atest5 a NATURAL JOIN atest5 b; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT (j.*) IS NULL FROM (atest5 a JOIN atest5 b USING (one)) j; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT 1 FROM atest5 WHERE two = 2; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT * FROM atest1, atest5; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT atest1.* FROM atest1, atest5; -- ok a | b ---+----- @@ -427,7 +427,7 @@ SELECT atest1.*,atest5.one FROM atest1, atest5; -- ok (2 rows) SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.two); -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); -- ok a | b | one ---+-----+----- @@ -436,12 +436,12 @@ SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); - (2 rows) SELECT one, two FROM atest5; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SET SESSION AUTHORIZATION regress_user1; GRANT SELECT (one,two) ON atest6 TO regress_user4; SET SESSION AUTHORIZATION regress_user4; SELECT one, two FROM atest5 NATURAL JOIN atest6; -- fail still -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SET SESSION AUTHORIZATION regress_user1; GRANT SELECT (two) ON atest5 TO regress_user4; SET SESSION AUTHORIZATION regress_user4; @@ -453,23 +453,23 @@ SELECT one, two FROM atest5 NATURAL JOIN atest6; -- ok now -- test column-level privileges for INSERT and UPDATE INSERT INTO atest5 (two) VALUES (3); -- ok COPY atest5 FROM stdin; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 COPY atest5 (two) FROM stdin; -- ok INSERT INTO atest5 (three) VALUES (4); -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 INSERT INTO atest5 VALUES (5,5,5); -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 UPDATE atest5 SET three = 10; -- ok UPDATE atest5 SET one = 8; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 UPDATE atest5 SET three = 5, one = 2; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 -- Check that column level privs are enforced in RETURNING -- Ok. INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10; -- Error. No SELECT on column three. INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.three; -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 -- Ok. May SELECT on column "one": INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.one; one @@ -482,21 +482,21 @@ INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RE INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.one; -- Error. No select rights on three INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.three; -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set one = 8; -- fails (due to UPDATE) -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 INSERT INTO atest5(three) VALUES (4) ON CONFLICT (two) DO UPDATE set three = 10; -- fails (due to INSERT) -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 -- Check that the columns in the inference require select privileges INSERT INTO atest5(four) VALUES (4); -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SET SESSION AUTHORIZATION regress_user1; GRANT INSERT (four) ON atest5 TO regress_user4; SET SESSION AUTHORIZATION regress_user4; INSERT INTO atest5(four) VALUES (4) ON CONFLICT (four) DO UPDATE set three = 3; -- fails (due to SELECT) -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 INSERT INTO atest5(four) VALUES (4) ON CONFLICT ON CONSTRAINT atest5_four_key DO UPDATE set three = 3; -- fails (due to SELECT) -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 INSERT INTO atest5(four) VALUES (4); -- ok SET SESSION AUTHORIZATION regress_user1; GRANT SELECT (four) ON atest5 TO regress_user4; @@ -508,9 +508,9 @@ REVOKE ALL (one) ON atest5 FROM regress_user4; GRANT SELECT (one,two,blue) ON atest6 TO regress_user4; SET SESSION AUTHORIZATION regress_user4; SELECT one FROM atest5; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 UPDATE atest5 SET one = 1; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SELECT atest6 FROM atest6; -- ok atest6 -------- @@ -557,9 +557,9 @@ REVOKE ALL (one) ON atest5 FROM regress_user3; GRANT SELECT (one) ON atest5 TO regress_user4; SET SESSION AUTHORIZATION regress_user4; SELECT atest6 FROM atest6; -- fail -ERROR: permission denied for relation atest6 +ERROR: permission denied for table atest6 SELECT one FROM atest5 NATURAL JOIN atest6; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 SET SESSION AUTHORIZATION regress_user1; ALTER TABLE atest6 DROP COLUMN three; SET SESSION AUTHORIZATION regress_user4; @@ -578,12 +578,12 @@ ALTER TABLE atest6 DROP COLUMN two; REVOKE SELECT (one,blue) ON atest6 FROM regress_user4; SET SESSION AUTHORIZATION regress_user4; SELECT * FROM atest6; -- fail -ERROR: permission denied for relation atest6 +ERROR: permission denied for table atest6 SELECT 1 FROM atest6; -- fail -ERROR: permission denied for relation atest6 +ERROR: permission denied for table atest6 SET SESSION AUTHORIZATION regress_user3; DELETE FROM atest5 WHERE one = 1; -- fail -ERROR: permission denied for relation atest5 +ERROR: permission denied for table atest5 DELETE FROM atest5 WHERE two = 2; -- ok -- check inheritance cases SET SESSION AUTHORIZATION regress_user1; @@ -614,7 +614,7 @@ SELECT oid FROM atestp2; -- ok (0 rows) SELECT fy FROM atestc; -- fail -ERROR: permission denied for relation atestc +ERROR: permission denied for table atestc SET SESSION AUTHORIZATION regress_user1; GRANT SELECT(fy,oid) ON atestc TO regress_user2; SET SESSION AUTHORIZATION regress_user2; @@ -694,11 +694,11 @@ SET SESSION AUTHORIZATION regress_user3; SELECT testfunc1(5); -- fail ERROR: permission denied for function testfunc1 SELECT testagg1(x) FROM (VALUES (1), (2), (3)) _(x); -- fail -ERROR: permission denied for function testagg1 +ERROR: permission denied for aggregate testagg1 CALL testproc1(6); -- fail -ERROR: permission denied for function testproc1 +ERROR: permission denied for procedure testproc1 SELECT col1 FROM atest2 WHERE col2 = true; -- fail -ERROR: permission denied for relation atest2 +ERROR: permission denied for table atest2 SELECT testfunc4(true); -- ok testfunc4 ----------- @@ -722,9 +722,9 @@ CALL testproc1(6); -- ok DROP FUNCTION testfunc1(int); -- fail ERROR: must be owner of function testfunc1 DROP AGGREGATE testagg1(int); -- fail -ERROR: must be owner of function testagg1 +ERROR: must be owner of aggregate testagg1 DROP PROCEDURE testproc1(int); -- fail -ERROR: must be owner of function testproc1 +ERROR: must be owner of procedure testproc1 \c - DROP FUNCTION testfunc1(int); -- ok -- restore to sanity @@ -849,7 +849,7 @@ DROP DOMAIN testdomain1; -- ok SET SESSION AUTHORIZATION regress_user5; TRUNCATE atest2; -- ok TRUNCATE atest3; -- fail -ERROR: permission denied for relation atest3 +ERROR: permission denied for table atest3 -- has_table_privilege function -- bad-input checks select has_table_privilege(NULL,'pg_authid','select'); @@ -1435,7 +1435,7 @@ SELECT * FROM pg_largeobject LIMIT 0; SET SESSION AUTHORIZATION regress_user1; SELECT * FROM pg_largeobject LIMIT 0; -- to be denied -ERROR: permission denied for relation pg_largeobject +ERROR: permission denied for table pg_largeobject -- test default ACLs \c - CREATE SCHEMA testns; @@ -1899,14 +1899,14 @@ GRANT SELECT ON lock_table TO regress_locktable_user; SET SESSION AUTHORIZATION regress_locktable_user; BEGIN; LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should fail -ERROR: permission denied for relation lock_table +ERROR: permission denied for table lock_table ROLLBACK; BEGIN; LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should pass COMMIT; BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail -ERROR: permission denied for relation lock_table +ERROR: permission denied for table lock_table ROLLBACK; \c REVOKE SELECT ON lock_table FROM regress_locktable_user; @@ -1918,11 +1918,11 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; BEGIN; LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail -ERROR: permission denied for relation lock_table +ERROR: permission denied for table lock_table ROLLBACK; BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail -ERROR: permission denied for relation lock_table +ERROR: permission denied for table lock_table ROLLBACK; \c REVOKE INSERT ON lock_table FROM regress_locktable_user; @@ -1934,7 +1934,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; BEGIN; LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail -ERROR: permission denied for relation lock_table +ERROR: permission denied for table lock_table ROLLBACK; BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass @@ -1949,7 +1949,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; BEGIN; LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail -ERROR: permission denied for relation lock_table +ERROR: permission denied for table lock_table ROLLBACK; BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass @@ -1964,7 +1964,7 @@ LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should pass COMMIT; BEGIN; LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail -ERROR: permission denied for relation lock_table +ERROR: permission denied for table lock_table ROLLBACK; BEGIN; LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass diff --git a/src/test/regress/expected/publication.out b/src/test/regress/expected/publication.out index b101331d69..0c86c647bc 100644 --- a/src/test/regress/expected/publication.out +++ b/src/test/regress/expected/publication.out @@ -198,7 +198,7 @@ GRANT CREATE ON DATABASE regression TO regress_publication_user2; SET ROLE regress_publication_user2; CREATE PUBLICATION testpub2; -- ok ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1; -- fail -ERROR: must be owner of relation testpub_tbl1 +ERROR: must be owner of table testpub_tbl1 SET ROLE regress_publication_user; GRANT regress_publication_user TO regress_publication_user2; SET ROLE regress_publication_user2; diff --git a/src/test/regress/expected/rowsecurity.out b/src/test/regress/expected/rowsecurity.out index b8dcf51a30..f1ae40df61 100644 --- a/src/test/regress/expected/rowsecurity.out +++ b/src/test/regress/expected/rowsecurity.out @@ -361,7 +361,7 @@ INSERT INTO document VALUES (100, 55, 1, 'regress_rls_dave', 'testing sorting of ERROR: new row violates row-level security policy "p2r" for table "document" -- only owner can change policies ALTER POLICY p1 ON document USING (true); --fail -ERROR: must be owner of relation document +ERROR: must be owner of table document DROP POLICY p1 ON document; --fail ERROR: must be owner of relation document SET SESSION AUTHORIZATION regress_rls_alice; @@ -1192,7 +1192,7 @@ EXPLAIN (COSTS OFF) SELECT * FROM part_document WHERE f_leak(dtitle); -- only owner can change policies ALTER POLICY pp1 ON part_document USING (true); --fail -ERROR: must be owner of relation part_document +ERROR: must be owner of table part_document DROP POLICY pp1 ON part_document; --fail ERROR: must be owner of relation part_document SET SESSION AUTHORIZATION regress_rls_alice; @@ -2446,9 +2446,9 @@ EXPLAIN (COSTS OFF) SELECT * FROM rls_view; -- Query as role that is not the owner of the table or view without permissions. SET SESSION AUTHORIZATION regress_rls_carol; SELECT * FROM rls_view; --fail - permission denied. -ERROR: permission denied for relation rls_view +ERROR: permission denied for view rls_view EXPLAIN (COSTS OFF) SELECT * FROM rls_view; --fail - permission denied. -ERROR: permission denied for relation rls_view +ERROR: permission denied for view rls_view -- Query as role that is not the owner of the table or view with permissions. SET SESSION AUTHORIZATION regress_rls_bob; GRANT SELECT ON rls_view TO regress_rls_carol; @@ -3235,7 +3235,7 @@ COPY (SELECT * FROM copy_t ORDER BY a ASC) TO STDOUT WITH DELIMITER ','; --fail ERROR: query would be affected by row-level security policy for table "copy_t" SET row_security TO ON; COPY (SELECT * FROM copy_t ORDER BY a ASC) TO STDOUT WITH DELIMITER ','; --fail - permission denied -ERROR: permission denied for relation copy_t +ERROR: permission denied for table copy_t -- Check COPY relation TO; keep it just one row to avoid reordering issues RESET SESSION AUTHORIZATION; SET row_security TO ON; @@ -3271,10 +3271,10 @@ COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --ok SET SESSION AUTHORIZATION regress_rls_carol; SET row_security TO OFF; COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied -ERROR: permission denied for relation copy_rel_to +ERROR: permission denied for table copy_rel_to SET row_security TO ON; COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied -ERROR: permission denied for relation copy_rel_to +ERROR: permission denied for table copy_rel_to -- Check COPY FROM as Superuser/owner. RESET SESSION AUTHORIZATION; SET row_security TO OFF; @@ -3298,10 +3298,10 @@ COPY copy_t FROM STDIN; --ok SET SESSION AUTHORIZATION regress_rls_carol; SET row_security TO OFF; COPY copy_t FROM STDIN; --fail - permission denied. -ERROR: permission denied for relation copy_t +ERROR: permission denied for table copy_t SET row_security TO ON; COPY copy_t FROM STDIN; --fail - permission denied. -ERROR: permission denied for relation copy_t +ERROR: permission denied for table copy_t RESET SESSION AUTHORIZATION; DROP TABLE copy_t; DROP TABLE copy_rel_to CASCADE; diff --git a/src/test/regress/expected/select_into.out b/src/test/regress/expected/select_into.out index 5d54bbf3b0..ef7cfd6f29 100644 --- a/src/test/regress/expected/select_into.out +++ b/src/test/regress/expected/select_into.out @@ -22,15 +22,15 @@ GRANT ALL ON SCHEMA selinto_schema TO public; SET SESSION AUTHORIZATION regress_selinto_user; SELECT * INTO TABLE selinto_schema.tmp1 FROM pg_class WHERE relname like '%a%'; -- Error -ERROR: permission denied for relation tmp1 +ERROR: permission denied for table tmp1 SELECT oid AS clsoid, relname, relnatts + 10 AS x INTO selinto_schema.tmp2 FROM pg_class WHERE relname like '%b%'; -- Error -ERROR: permission denied for relation tmp2 +ERROR: permission denied for table tmp2 CREATE TABLE selinto_schema.tmp3 (a,b,c) AS SELECT oid,relname,relacl FROM pg_class WHERE relname like '%c%'; -- Error -ERROR: permission denied for relation tmp3 +ERROR: permission denied for table tmp3 RESET SESSION AUTHORIZATION; ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user GRANT INSERT ON TABLES TO regress_selinto_user; diff --git a/src/test/regress/expected/sequence.out b/src/test/regress/expected/sequence.out index 2384b7dd81..ca5ea063fa 100644 --- a/src/test/regress/expected/sequence.out +++ b/src/test/regress/expected/sequence.out @@ -785,7 +785,7 @@ ROLLBACK; BEGIN; SET LOCAL SESSION AUTHORIZATION regress_seq_user; ALTER SEQUENCE sequence_test2 START WITH 1; -ERROR: must be owner of relation sequence_test2 +ERROR: must be owner of sequence sequence_test2 ROLLBACK; -- Sequences should get wiped out as well: DROP TABLE serialTest1, serialTest2; diff --git a/src/test/regress/expected/updatable_views.out b/src/test/regress/expected/updatable_views.out index 2090a411fe..964c115b14 100644 --- a/src/test/regress/expected/updatable_views.out +++ b/src/test/regress/expected/updatable_views.out @@ -990,26 +990,26 @@ SELECT * FROM rw_view2; -- ok (2 rows) INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl INSERT INTO rw_view1 VALUES ('Row 3', 3.0, 3); -- not allowed -ERROR: permission denied for relation rw_view1 +ERROR: permission denied for view rw_view1 INSERT INTO rw_view2 VALUES ('Row 3', 3.0, 3); -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl UPDATE base_tbl SET a=a, c=c; -- ok UPDATE base_tbl SET b=b; -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl UPDATE rw_view1 SET bb=bb, cc=cc; -- ok UPDATE rw_view1 SET aa=aa; -- not allowed -ERROR: permission denied for relation rw_view1 +ERROR: permission denied for view rw_view1 UPDATE rw_view2 SET aa=aa, cc=cc; -- ok UPDATE rw_view2 SET bb=bb; -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl DELETE FROM base_tbl; -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl DELETE FROM rw_view1; -- not allowed -ERROR: permission denied for relation rw_view1 +ERROR: permission denied for view rw_view1 DELETE FROM rw_view2; -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl RESET SESSION AUTHORIZATION; SET SESSION AUTHORIZATION regress_view_user1; GRANT INSERT, DELETE ON base_tbl TO regress_view_user2; @@ -1017,11 +1017,11 @@ RESET SESSION AUTHORIZATION; SET SESSION AUTHORIZATION regress_view_user2; INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- ok INSERT INTO rw_view1 VALUES ('Row 4', 4.0, 4); -- not allowed -ERROR: permission denied for relation rw_view1 +ERROR: permission denied for view rw_view1 INSERT INTO rw_view2 VALUES ('Row 4', 4.0, 4); -- ok DELETE FROM base_tbl WHERE a=1; -- ok DELETE FROM rw_view1 WHERE aa=2; -- not allowed -ERROR: permission denied for relation rw_view1 +ERROR: permission denied for view rw_view1 DELETE FROM rw_view2 WHERE aa=2; -- ok SELECT * FROM base_tbl; a | b | c @@ -1037,15 +1037,15 @@ GRANT INSERT, DELETE ON rw_view1 TO regress_view_user2; RESET SESSION AUTHORIZATION; SET SESSION AUTHORIZATION regress_view_user2; INSERT INTO base_tbl VALUES (5, 'Row 5', 5.0); -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl INSERT INTO rw_view1 VALUES ('Row 5', 5.0, 5); -- ok INSERT INTO rw_view2 VALUES ('Row 6', 6.0, 6); -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl DELETE FROM base_tbl WHERE a=3; -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl DELETE FROM rw_view1 WHERE aa=3; -- ok DELETE FROM rw_view2 WHERE aa=4; -- not allowed -ERROR: permission denied for relation base_tbl +ERROR: permission denied for table base_tbl SELECT * FROM base_tbl; a | b | c ---+-------+--- diff --git a/src/test/regress/sql/alter_table.sql b/src/test/regress/sql/alter_table.sql index af25ee9e77..b27e8f6777 100644 --- a/src/test/regress/sql/alter_table.sql +++ b/src/test/regress/sql/alter_table.sql @@ -1,5 +1,15 @@ -- -- ALTER_TABLE +-- + +-- Clean up in case a prior regression run failed +SET client_min_messages TO 'warning'; +DROP ROLE IF EXISTS regress_alter_user1; +RESET client_min_messages; + +CREATE USER regress_alter_user1; + +-- -- add attribute -- @@ -209,10 +219,19 @@ ALTER INDEX IF EXISTS __tmp_onek_unique1 RENAME TO onek_unique1; ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1; ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1; + +SET ROLE regress_alter_user1; +ALTER INDEX onek_unique1 RENAME TO fail; -- permission denied +RESET ROLE; + -- renaming views CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1; ALTER TABLE tmp_view RENAME TO tmp_view_new; +SET ROLE regress_alter_user1; +ALTER VIEW tmp_view_new RENAME TO fail; -- permission denied +RESET ROLE; + -- hack to ensure we get an indexscan here set enable_seqscan to off; set enable_bitmapscan to off; @@ -2546,3 +2565,5 @@ ALTER TABLE tmp ALTER COLUMN i SET (n_distinct = 1, n_distinct_inherited = 2); ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited); ANALYZE tmp; DROP TABLE tmp; + +DROP USER regress_alter_user1;