From c4cf7fb8146d89293c6667d1fcc295c45da52713 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 1 Aug 2003 00:15:26 +0000 Subject: [PATCH] Adjust 'permission denied' messages to be more useful and consistent. --- src/backend/catalog/aclchk.c | 71 +++++++++++++++++++--- src/backend/catalog/namespace.c | 7 ++- src/backend/catalog/pg_conversion.c | 7 +-- src/backend/catalog/pg_operator.c | 5 +- src/backend/catalog/pg_proc.c | 9 ++- src/backend/commands/aggregatecmds.c | 14 +++-- src/backend/commands/alter.c | 4 +- src/backend/commands/cluster.c | 26 +++----- src/backend/commands/comment.c | 35 +++++++---- src/backend/commands/conversioncmds.c | 17 ++++-- src/backend/commands/copy.c | 5 +- src/backend/commands/dbcommands.c | 23 ++++--- src/backend/commands/functioncmds.c | 23 ++++--- src/backend/commands/indexcmds.c | 14 ++--- src/backend/commands/lockcmds.c | 5 +- src/backend/commands/opclasscmds.c | 22 ++++--- src/backend/commands/operatorcmds.c | 8 ++- src/backend/commands/proclang.c | 4 +- src/backend/commands/schemacmds.c | 14 +++-- src/backend/commands/sequence.c | 13 ++-- src/backend/commands/tablecmds.c | 74 ++++++++++++++--------- src/backend/commands/trigger.c | 18 +++--- src/backend/commands/typecmds.c | 17 ++++-- src/backend/commands/user.c | 16 ++--- src/backend/commands/view.c | 5 +- src/backend/executor/execMain.c | 11 ++-- src/backend/executor/execQual.c | 4 +- src/backend/executor/nodeAgg.c | 5 +- src/backend/parser/analyze.c | 5 +- src/backend/rewrite/rewriteDefine.c | 5 +- src/backend/rewrite/rewriteRemove.c | 5 +- src/backend/tcop/fastpath.c | 8 ++- src/backend/tcop/utility.c | 18 +++--- src/backend/utils/init/miscinit.c | 4 +- src/backend/utils/misc/guc.c | 12 ++-- src/include/utils/acl.h | 21 ++++++- src/test/regress/expected/alter_table.out | 6 +- src/test/regress/expected/privileges.out | 60 +++++++++--------- 38 files changed, 377 insertions(+), 243 deletions(-) diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c index 21464fa126..77b1d3b2d7 100644 --- a/src/backend/catalog/aclchk.c +++ b/src/backend/catalog/aclchk.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.84 2003/07/21 01:59:07 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.85 2003/08/01 00:15:19 tgl Exp $ * * NOTES * See acl.h. @@ -223,7 +223,7 @@ ExecuteGrantStmt_Relation(GrantStmt *stmt) if (stmt->is_grant && !pg_class_ownercheck(relOid, GetUserId()) && pg_class_aclcheck(relOid, GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK) - aclcheck_error(ACLCHECK_NO_PRIV, relvar->relname); + aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS, relvar->relname); /* Not sensible to grant on an index */ if (pg_class_tuple->relkind == RELKIND_INDEX) @@ -329,7 +329,8 @@ ExecuteGrantStmt_Database(GrantStmt *stmt) if (stmt->is_grant && pg_database_tuple->datdba != GetUserId() && pg_database_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK) - aclcheck_error(ACLCHECK_NO_PRIV, NameStr(pg_database_tuple->datname)); + aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_DATABASE, + NameStr(pg_database_tuple->datname)); /* * If there's no ACL, create a default. @@ -424,7 +425,7 @@ ExecuteGrantStmt_Function(GrantStmt *stmt) if (stmt->is_grant && !pg_proc_ownercheck(oid, GetUserId()) && pg_proc_aclcheck(oid, GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK) - aclcheck_error(ACLCHECK_NO_PRIV, + aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_PROC, NameStr(pg_proc_tuple->proname)); /* @@ -525,7 +526,8 @@ ExecuteGrantStmt_Language(GrantStmt *stmt) if (stmt->is_grant && !superuser() && pg_language_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK) - aclcheck_error(ACLCHECK_NO_PRIV, NameStr(pg_language_tuple->lanname)); + aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE, + NameStr(pg_language_tuple->lanname)); /* * If there's no ACL, create a default. @@ -619,7 +621,8 @@ ExecuteGrantStmt_Namespace(GrantStmt *stmt) if (stmt->is_grant && !pg_namespace_ownercheck(HeapTupleGetOid(tuple), GetUserId()) && pg_namespace_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK) - aclcheck_error(ACLCHECK_NO_PRIV, nspname); + aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_NAMESPACE, + nspname); /* * If there's no ACL, create a default using the @@ -848,9 +851,59 @@ aclcheck(Acl *acl, AclId userid, AclMode mode) /* * Standardized reporting of aclcheck permissions failures. + * + * Note: we do not double-quote the %s's below, because many callers + * supply strings that might be already quoted. */ + +static const char * const no_priv_msg[MAX_ACL_KIND] = +{ + /* ACL_KIND_CLASS */ + gettext_noop("permission denied for relation %s"), + /* ACL_KIND_DATABASE */ + gettext_noop("permission denied for database %s"), + /* ACL_KIND_PROC */ + gettext_noop("permission denied for function %s"), + /* ACL_KIND_OPER */ + gettext_noop("permission denied for operator %s"), + /* ACL_KIND_TYPE */ + gettext_noop("permission denied for type %s"), + /* ACL_KIND_LANGUAGE */ + gettext_noop("permission denied for language %s"), + /* ACL_KIND_NAMESPACE */ + gettext_noop("permission denied for schema %s"), + /* ACL_KIND_OPCLASS */ + gettext_noop("permission denied for operator class %s"), + /* ACL_KIND_CONVERSION */ + gettext_noop("permission denied for conversion %s") +}; + +static const char * const not_owner_msg[MAX_ACL_KIND] = +{ + /* ACL_KIND_CLASS */ + gettext_noop("must be owner of relation %s"), + /* ACL_KIND_DATABASE */ + gettext_noop("must be owner of database %s"), + /* ACL_KIND_PROC */ + gettext_noop("must be owner of function %s"), + /* ACL_KIND_OPER */ + gettext_noop("must be owner of operator %s"), + /* ACL_KIND_TYPE */ + gettext_noop("must be owner of type %s"), + /* ACL_KIND_LANGUAGE */ + gettext_noop("must be owner of language %s"), + /* ACL_KIND_NAMESPACE */ + gettext_noop("must be owner of schema %s"), + /* ACL_KIND_OPCLASS */ + gettext_noop("must be owner of operator class %s"), + /* ACL_KIND_CONVERSION */ + gettext_noop("must be owner of conversion %s") +}; + + void -aclcheck_error(AclResult aclerr, const char *objectname) +aclcheck_error(AclResult aclerr, AclObjectKind objectkind, + const char *objectname) { switch (aclerr) { @@ -860,12 +913,12 @@ aclcheck_error(AclResult aclerr, const char *objectname) case ACLCHECK_NO_PRIV: ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied for \"%s\"", objectname))); + errmsg(no_priv_msg[objectkind], objectname))); break; case ACLCHECK_NOT_OWNER: ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("must be owner of \"%s\"", objectname))); + errmsg(not_owner_msg[objectkind], objectname))); break; default: elog(ERROR, "unrecognized AclResult: %d", (int) aclerr); diff --git a/src/backend/catalog/namespace.c b/src/backend/catalog/namespace.c index df1e53b6f0..28b9859677 100644 --- a/src/backend/catalog/namespace.c +++ b/src/backend/catalog/namespace.c @@ -13,7 +13,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.54 2003/07/21 01:59:09 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.55 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -1201,7 +1201,8 @@ LookupExplicitNamespace(const char *nspname) aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, nspname); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + nspname); return namespaceId; } @@ -1624,7 +1625,7 @@ InitTempTableNamespace(void) ACL_CREATE_TEMP) != ACLCHECK_OK) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("not authorized to create temp tables in database \"%s\"", + errmsg("permission denied to create temp tables in database \"%s\"", get_database_name(MyDatabaseId)))); snprintf(namespaceName, sizeof(namespaceName), "pg_temp_%d", MyBackendId); diff --git a/src/backend/catalog/pg_conversion.c b/src/backend/catalog/pg_conversion.c index ccd419767d..70bd294297 100644 --- a/src/backend/catalog/pg_conversion.c +++ b/src/backend/catalog/pg_conversion.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/catalog/pg_conversion.c,v 1.12 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/catalog/pg_conversion.c,v 1.13 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -146,9 +146,8 @@ ConversionDrop(Oid conversionOid, DropBehavior behavior) if (!superuser() && ((Form_pg_conversion) GETSTRUCT(tuple))->conowner != GetUserId()) - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION, + NameStr(((Form_pg_conversion) GETSTRUCT(tuple))->conname)); ReleaseSysCache(tuple); diff --git a/src/backend/catalog/pg_operator.c b/src/backend/catalog/pg_operator.c index 2af44c01f7..da3e2a4692 100644 --- a/src/backend/catalog/pg_operator.c +++ b/src/backend/catalog/pg_operator.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.80 2003/07/21 01:59:11 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.81 2003/08/01 00:15:19 tgl Exp $ * * NOTES * these routines moved here from commands/define.c and somewhat cleaned up. @@ -732,7 +732,8 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId, aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(otherNamespace)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(otherNamespace)); other_oid = OperatorShellMake(otherName, otherNamespace, diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c index 60fc4505a9..d8ff4a5225 100644 --- a/src/backend/catalog/pg_proc.c +++ b/src/backend/catalog/pg_proc.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/catalog/pg_proc.c,v 1.101 2003/07/21 01:59:11 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/catalog/pg_proc.c,v 1.102 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -27,6 +27,7 @@ #include "parser/parse_expr.h" #include "parser/parse_type.h" #include "tcop/tcopprot.h" +#include "utils/acl.h" #include "utils/builtins.h" #include "utils/lsyscache.h" #include "utils/sets.h" @@ -219,10 +220,8 @@ ProcedureCreate(const char *procedureName, errmsg("function \"%s\" already exists with same argument types", procedureName))); if (GetUserId() != oldproc->proowner && !superuser()) - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("you do not have permission to replace function \"%s\"", - procedureName))); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + procedureName); /* * Not okay to change the return type of the existing proc, since diff --git a/src/backend/commands/aggregatecmds.c b/src/backend/commands/aggregatecmds.c index 088a9bf6e5..1d9b25b5b0 100644 --- a/src/backend/commands/aggregatecmds.c +++ b/src/backend/commands/aggregatecmds.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.11 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.12 2003/08/01 00:15:19 tgl Exp $ * * DESCRIPTION * The "DefineFoo" routines take the parse tree and pick out the @@ -64,7 +64,8 @@ DefineAggregate(List *names, List *parameters) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(aggNamespace)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(aggNamespace)); foreach(pl, parameters) { @@ -191,7 +192,8 @@ RemoveAggregate(RemoveAggrStmt *stmt) if (!pg_proc_ownercheck(procOid, GetUserId()) && !pg_namespace_ownercheck(((Form_pg_proc) GETSTRUCT(tup))->pronamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(aggName)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + NameListToString(aggName)); /* find_aggregate_func already checked it is an aggregate */ @@ -269,12 +271,14 @@ RenameAggregate(List *name, TypeName *basetype, const char *newname) /* must be owner */ if (!pg_proc_ownercheck(procOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + NameListToString(name)); /* must have CREATE privilege on namespace */ aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceOid)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceOid)); /* rename */ namestrcpy(&(((Form_pg_proc) GETSTRUCT(tup))->proname), newname); diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c index 7c49e40d5c..b377635099 100644 --- a/src/backend/commands/alter.c +++ b/src/backend/commands/alter.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/alter.c,v 1.3 2003/07/22 19:00:07 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/alter.c,v 1.4 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -102,7 +102,7 @@ ExecRenameStmt(RenameStmt *stmt) GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, get_namespace_name(namespaceId)); renamerel(relid, stmt->newname); diff --git a/src/backend/commands/cluster.c b/src/backend/commands/cluster.c index 17080fd020..18f6bfcf6b 100644 --- a/src/backend/commands/cluster.c +++ b/src/backend/commands/cluster.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/cluster.c,v 1.111 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/cluster.c,v 1.112 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -69,7 +69,6 @@ static void copy_heap_data(Oid OIDNewHeap, Oid OIDOldHeap, Oid OIDOldIndex); static List *get_indexattr_list(Relation OldHeap, Oid OldIndex); static void rebuild_indexes(Oid OIDOldHeap, List *indexes); static void swap_relfilenodes(Oid r1, Oid r2); -static bool check_cluster_permitted(Oid relOid); static List *get_tables_to_cluster(MemoryContext cluster_context); @@ -115,10 +114,9 @@ cluster(ClusterStmt *stmt) tableOid = RelationGetRelid(rel); /* Check permissions */ - if (!check_cluster_permitted(tableOid)) - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + if (!pg_class_ownercheck(tableOid, GetUserId())) + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (stmt->indexname == NULL) { @@ -279,7 +277,7 @@ cluster_rel(RelToCluster *rvtc, bool recheck) return; /* Check that the user still owns the relation */ - if (!check_cluster_permitted(rvtc->tableOid)) + if (!pg_class_ownercheck(rvtc->tableOid, GetUserId())) return; /* @@ -850,17 +848,6 @@ swap_relfilenodes(Oid r1, Oid r2) heap_close(relRelation, RowExclusiveLock); } -/* - * Checks if the user is allowed to cluster (ie, owns) the relation. - * Superusers are allowed to cluster any table. - */ -static bool -check_cluster_permitted(Oid relOid) -{ - /* Superusers bypass this check */ - return pg_class_ownercheck(relOid, GetUserId()); -} - /* * Get a list of tables that the current user owns and * have indisclustered set. Return the list in a List * of rvsToCluster @@ -894,7 +881,8 @@ get_tables_to_cluster(MemoryContext cluster_context) while ((indexTuple = heap_getnext(scan, ForwardScanDirection)) != NULL) { index = (Form_pg_index) GETSTRUCT(indexTuple); - if (!check_cluster_permitted(index->indrelid)) + + if (!pg_class_ownercheck(index->indrelid, GetUserId())) continue; /* diff --git a/src/backend/commands/comment.c b/src/backend/commands/comment.c index 62c09e3fce..ecd50bdb36 100644 --- a/src/backend/commands/comment.c +++ b/src/backend/commands/comment.c @@ -7,7 +7,7 @@ * Copyright (c) 1996-2001, PostgreSQL Global Development Group * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/comment.c,v 1.66 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/comment.c,v 1.67 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -295,7 +295,8 @@ CommentRelation(int objtype, List *relname, char *comment) /* Check object security */ if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(relation)); /* Next, verify that the relation type matches the intent */ @@ -373,7 +374,8 @@ CommentAttribute(List *qualname, char *comment) /* Check object security */ if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(relation)); /* Now, fetch the attribute number from the system cache */ @@ -449,7 +451,8 @@ CommentDatabase(List *qualname, char *comment) /* Check object security */ if (!pg_database_ownercheck(oid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, database); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + database); /* Create the comment with the pg_database oid */ CreateComments(oid, RelOid_pg_database, 0, comment); @@ -487,7 +490,8 @@ CommentNamespace(List *qualname, char *comment) /* Check object security */ if (!pg_namespace_ownercheck(oid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, namespace); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE, + namespace); /* pg_namespace doesn't have a hard-coded OID, so must look it up */ classoid = get_system_catalog_relid(NamespaceRelationName); @@ -600,7 +604,8 @@ CommentRule(List *qualname, char *comment) /* Check object security */ aclcheck = pg_class_aclcheck(reloid, GetUserId(), ACL_RULE); if (aclcheck != ACLCHECK_OK) - aclcheck_error(aclcheck, rulename); + aclcheck_error(aclcheck, ACL_KIND_CLASS, + get_rel_name(reloid)); /* pg_rewrite doesn't have a hard-coded OID, so must look it up */ classoid = get_system_catalog_relid(RewriteRelationName); @@ -638,7 +643,8 @@ CommentType(List *typename, char *comment) /* Check object security */ if (!pg_type_ownercheck(oid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(tname)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, + TypeNameToString(tname)); /* Call CreateComments() to create/drop the comments */ @@ -673,7 +679,8 @@ CommentAggregate(List *aggregate, List *arguments, char *comment) /* Next, validate the user's attempt to comment */ if (!pg_proc_ownercheck(oid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(aggregate)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + NameListToString(aggregate)); /* Call CreateComments() to create/drop the comments */ @@ -701,7 +708,8 @@ CommentProc(List *function, List *arguments, char *comment) /* Now, validate the user's ability to comment on this function */ if (!pg_proc_ownercheck(oid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(function)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + NameListToString(function)); /* Call CreateComments() to create/drop the comments */ @@ -731,7 +739,8 @@ CommentOperator(List *opername, List *arguments, char *comment) /* Valid user's ability to comment on this operator */ if (!pg_oper_ownercheck(oid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(opername)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + NameListToString(opername)); /* pg_operator doesn't have a hard-coded OID, so must look it up */ classoid = get_system_catalog_relid(OperatorRelationName); @@ -777,7 +786,8 @@ CommentTrigger(List *qualname, char *comment) /* Check object security */ if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(relation)); /* * Fetch the trigger tuple from pg_trigger. There can be only one @@ -854,7 +864,8 @@ CommentConstraint(List *qualname, char *comment) /* Check object security */ if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(relation)); /* * Fetch the constraint tuple from pg_constraint. There may be more diff --git a/src/backend/commands/conversioncmds.c b/src/backend/commands/conversioncmds.c index a502e9b0a0..b917c527ac 100644 --- a/src/backend/commands/conversioncmds.c +++ b/src/backend/commands/conversioncmds.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/conversioncmds.c,v 1.8 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/conversioncmds.c,v 1.9 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -55,7 +55,8 @@ CreateConversionCommand(CreateConversionStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceId)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceId)); /* Check the encoding names */ from_encoding = pg_char_to_encoding(from_encoding_name); @@ -82,7 +83,8 @@ CreateConversionCommand(CreateConversionStmt *stmt) /* Check we have EXECUTE rights for the function */ aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, NameListToString(func_name)); + aclcheck_error(aclresult, ACL_KIND_PROC, + NameListToString(func_name)); /* * All seem ok, go ahead (possible failure would be a duplicate @@ -150,13 +152,16 @@ RenameConversion(List *name, const char *newname) newname, get_namespace_name(namespaceOid)))); /* must be owner */ - if (!superuser() && ((Form_pg_conversion) GETSTRUCT(tup))->conowner != GetUserId()) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name)); + if (!superuser() && + ((Form_pg_conversion) GETSTRUCT(tup))->conowner != GetUserId()) + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION, + NameListToString(name)); /* must have CREATE privilege on namespace */ aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceOid)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceOid)); /* rename */ namestrcpy(&(((Form_pg_conversion) GETSTRUCT(tup))->conname), newname); diff --git a/src/backend/commands/copy.c b/src/backend/commands/copy.c index 976fdaa861..fa91439a57 100644 --- a/src/backend/commands/copy.c +++ b/src/backend/commands/copy.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.204 2003/07/22 19:00:07 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.205 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -730,7 +730,8 @@ DoCopy(const CopyStmt *stmt) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), required_access); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, RelationGetRelationName(rel)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!pipe && !superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c index 93701c2a59..70678b26b0 100644 --- a/src/backend/commands/dbcommands.c +++ b/src/backend/commands/dbcommands.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.118 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.119 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -180,7 +180,7 @@ createdb(const CreatedbStmt *stmt) if (!superuser() && !have_createdb_privilege()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("permission denied to create database"))); } else { @@ -189,7 +189,7 @@ createdb(const CreatedbStmt *stmt) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to create database for another user"))); } /* don't call this in a transaction block */ @@ -239,7 +239,7 @@ createdb(const CreatedbStmt *stmt) if (!superuser() && GetUserId() != src_owner) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission to copy \"%s\" denied", + errmsg("permission denied to copy database \"%s\"", dbtemplate))); } @@ -481,9 +481,8 @@ dropdb(const char *dbname) errmsg("database \"%s\" does not exist", dbname))); if (GetUserId() != db_owner && !superuser()) - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + dbname); /* * Disallow dropping a DB that is marked istemplate. This is just to @@ -633,13 +632,14 @@ RenameDatabase(const char *oldname, const char *newname) /* must be owner */ if (!pg_database_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, oldname); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + oldname); /* must have createdb */ if (!have_createdb_privilege()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("permission denied to rename database"))); /* rename */ newtup = heap_copytuple(tup); @@ -690,9 +690,8 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt) if (!(superuser() || ((Form_pg_database) GETSTRUCT(tuple))->datdba == GetUserId())) - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + stmt->dbname); MemSet(repl_repl, ' ', sizeof(repl_repl)); repl_repl[Anum_pg_database_datconfig - 1] = 'r'; diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c index 9f17eff84f..7a6a3775d6 100644 --- a/src/backend/commands/functioncmds.c +++ b/src/backend/commands/functioncmds.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/functioncmds.c,v 1.30 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/functioncmds.c,v 1.31 2003/08/01 00:15:19 tgl Exp $ * * DESCRIPTION * These routines take the parse tree and pick out the @@ -118,7 +118,8 @@ compute_return_type(TypeName *returnType, Oid languageOid, aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceId)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceId)); rettype = TypeShellMake(typname, namespaceId); Assert(OidIsValid(rettype)); } @@ -414,7 +415,8 @@ CreateFunction(CreateFunctionStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceId)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceId)); /* defaults attributes */ isStrict = false; @@ -447,13 +449,15 @@ CreateFunction(CreateFunctionStmt *stmt) aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, NameStr(languageStruct->lanname)); + aclcheck_error(aclresult, ACL_KIND_LANGUAGE, + NameStr(languageStruct->lanname)); } else { /* if untrusted language, must be superuser */ if (!superuser()) - aclcheck_error(ACLCHECK_NO_PRIV, NameStr(languageStruct->lanname)); + aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE, + NameStr(languageStruct->lanname)); } languageValidator = languageStruct->lanvalidator; @@ -546,7 +550,8 @@ RemoveFunction(RemoveFuncStmt *stmt) if (!pg_proc_ownercheck(funcOid, GetUserId()) && !pg_namespace_ownercheck(((Form_pg_proc) GETSTRUCT(tup))->pronamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(functionName)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + NameListToString(functionName)); if (((Form_pg_proc) GETSTRUCT(tup))->proisagg) ereport(ERROR, @@ -681,12 +686,14 @@ RenameFunction(List *name, List *argtypes, const char *newname) /* must be owner */ if (!pg_proc_ownercheck(procOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + NameListToString(name)); /* must have CREATE privilege on namespace */ aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceOid)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceOid)); /* rename */ namestrcpy(&(procForm->proname), newname); diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c index 0f6a9e28f0..4cd66fd1b5 100644 --- a/src/backend/commands/indexcmds.c +++ b/src/backend/commands/indexcmds.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.102 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.103 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -135,7 +135,8 @@ DefineIndex(RangeVar *heapRelation, aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceId)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceId)); } /* @@ -621,13 +622,13 @@ ReindexIndex(RangeVar *indexRelation, bool force /* currently unused */ ) if (!allowSystemTableMods) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system index", + errmsg("permission denied: \"%s\" is a system index", indexRelation->relname), errhint("Do REINDEX in standalone postgres with -O -P options."))); if (!IsIgnoringSystemIndexes()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system index", + errmsg("permission denied: \"%s\" is a system index", indexRelation->relname), errhint("Do REINDEX in standalone postgres with -P -O options."))); } @@ -710,9 +711,8 @@ ReindexDatabase(const char *dbname, bool force, bool all) errmsg("can only reindex the currently open database"))); if (!pg_database_ownercheck(MyDatabaseId, GetUserId())) - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, + dbname); if (!allowSystemTableMods) ereport(ERROR, diff --git a/src/backend/commands/lockcmds.c b/src/backend/commands/lockcmds.c index a2dfb6d805..13a9c3a52b 100644 --- a/src/backend/commands/lockcmds.c +++ b/src/backend/commands/lockcmds.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/lockcmds.c,v 1.5 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/lockcmds.c,v 1.6 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -56,7 +56,8 @@ LockTableCommand(LockStmt *lockstmt) ACL_UPDATE | ACL_DELETE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_rel_name(reloid)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + get_rel_name(reloid)); rel = relation_open(reloid, lockstmt->mode); diff --git a/src/backend/commands/opclasscmds.c b/src/backend/commands/opclasscmds.c index ca2d929894..60b041466f 100644 --- a/src/backend/commands/opclasscmds.c +++ b/src/backend/commands/opclasscmds.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/opclasscmds.c,v 1.14 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/opclasscmds.c,v 1.15 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -78,7 +78,8 @@ DefineOpClass(CreateOpClassStmt *stmt) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceoid)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceoid)); /* Get necessary info about access method */ tup = SearchSysCache(AMNAME, @@ -117,7 +118,8 @@ DefineOpClass(CreateOpClassStmt *stmt) /* XXX this is unnecessary given the superuser check above */ /* Check we have ownership of the datatype */ if (!pg_type_ownercheck(typeoid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, format_type_be(typeoid)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, + format_type_be(typeoid)); #endif /* Storage datatype is optional */ @@ -178,7 +180,8 @@ DefineOpClass(CreateOpClassStmt *stmt) aclresult = pg_proc_aclcheck(funcOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_func_name(funcOid)); + aclcheck_error(aclresult, ACL_KIND_PROC, + get_func_name(funcOid)); operators[item->number - 1] = operOid; recheck[item->number - 1] = item->recheck; break; @@ -200,7 +203,8 @@ DefineOpClass(CreateOpClassStmt *stmt) aclresult = pg_proc_aclcheck(funcOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_func_name(funcOid)); + aclcheck_error(aclresult, ACL_KIND_PROC, + get_func_name(funcOid)); procedures[item->number - 1] = funcOid; break; case OPCLASS_ITEM_STORAGETYPE: @@ -536,7 +540,7 @@ RemoveOpClass(RemoveOpClassStmt *stmt) if (!pg_opclass_ownercheck(opcID, GetUserId()) && !pg_namespace_ownercheck(((Form_pg_opclass) GETSTRUCT(tuple))->opcnamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS, NameListToString(stmt->opclassname)); ReleaseSysCache(tuple); @@ -699,12 +703,14 @@ RenameOpClass(List *name, const char *access_method, const char *newname) /* must be owner */ if (!pg_opclass_ownercheck(opcOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS, + NameListToString(name)); /* must have CREATE privilege on namespace */ aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceOid)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceOid)); /* rename */ namestrcpy(&(((Form_pg_opclass) GETSTRUCT(tup))->opcname), newname); diff --git a/src/backend/commands/operatorcmds.c b/src/backend/commands/operatorcmds.c index bc4724f473..6a4d479c12 100644 --- a/src/backend/commands/operatorcmds.c +++ b/src/backend/commands/operatorcmds.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/operatorcmds.c,v 1.9 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/operatorcmds.c,v 1.10 2003/08/01 00:15:19 tgl Exp $ * * DESCRIPTION * The "DefineFoo" routines take the parse tree and pick out the @@ -87,7 +87,8 @@ DefineOperator(List *names, List *parameters) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(oprNamespace)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(oprNamespace)); /* * loop over the definition list and extract the information we need. @@ -224,7 +225,8 @@ RemoveOperator(RemoveOperStmt *stmt) if (!pg_oper_ownercheck(operOid, GetUserId()) && !pg_namespace_ownercheck(((Form_pg_operator) GETSTRUCT(tup))->oprnamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(operatorName)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER, + NameListToString(operatorName)); ReleaseSysCache(tup); diff --git a/src/backend/commands/proclang.c b/src/backend/commands/proclang.c index ea7c5c6570..69000b29bc 100644 --- a/src/backend/commands/proclang.c +++ b/src/backend/commands/proclang.c @@ -7,7 +7,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/proclang.c,v 1.46 2003/07/18 23:20:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/proclang.c,v 1.47 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -266,7 +266,7 @@ RenameLanguage(const char *oldname, const char *newname) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to rename procedural language"))); /* rename */ namestrcpy(&(((Form_pg_language) GETSTRUCT(tup))->lanname), newname); diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c index 808401c48f..5ad81634f4 100644 --- a/src/backend/commands/schemacmds.c +++ b/src/backend/commands/schemacmds.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/schemacmds.c,v 1.13 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/schemacmds.c,v 1.14 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -91,7 +91,8 @@ CreateSchemaCommand(CreateSchemaStmt *stmt) */ aclresult = pg_database_aclcheck(MyDatabaseId, saved_userid, ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_database_name(MyDatabaseId)); + aclcheck_error(aclresult, ACL_KIND_DATABASE, + get_database_name(MyDatabaseId)); if (!allowSystemTableMods && IsReservedName(schemaName)) ereport(ERROR, @@ -181,7 +182,8 @@ RemoveSchema(List *names, DropBehavior behavior) /* Permission check */ if (!pg_namespace_ownercheck(namespaceId, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, namespaceName); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE, + namespaceName); /* * Do the deletion. Objects contained in the schema are removed by @@ -255,12 +257,14 @@ RenameSchema(const char *oldname, const char *newname) /* must be owner */ if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, oldname); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE, + oldname); /* must have CREATE privilege on database */ aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_database_name(MyDatabaseId)); + aclcheck_error(aclresult, ACL_KIND_DATABASE, + get_database_name(MyDatabaseId)); if (!allowSystemTableMods && IsReservedName(newname)) ereport(ERROR, diff --git a/src/backend/commands/sequence.c b/src/backend/commands/sequence.c index cb2106a360..7ce7810fbc 100644 --- a/src/backend/commands/sequence.c +++ b/src/backend/commands/sequence.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/sequence.c,v 1.98 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/sequence.c,v 1.99 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -314,9 +314,10 @@ AlterSequence(AlterSeqStmt *stmt) /* open and AccessShareLock sequence */ init_sequence(stmt->sequence, &elm, &seqrel); - /* Allow DROP to sequence owner only*/ + /* allow DROP to sequence owner only */ if (!pg_class_ownercheck(elm->relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, stmt->sequence->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + stmt->sequence->relname); /* lock page' buffer and read tuple into new sequence structure */ seq = read_info(elm, seqrel, &buf); @@ -417,7 +418,7 @@ nextval(PG_FUNCTION_ARGS) if (pg_class_aclcheck(elm->relid, GetUserId(), ACL_UPDATE) != ACLCHECK_OK) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("%s.nextval: permission denied", + errmsg("permission denied for sequence %s", sequence->relname))); if (elm->last != elm->cached) /* some numbers were cached */ @@ -609,7 +610,7 @@ currval(PG_FUNCTION_ARGS) if (pg_class_aclcheck(elm->relid, GetUserId(), ACL_SELECT) != ACLCHECK_OK) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("%s.currval: permission denied", + errmsg("permission denied for sequence %s", sequence->relname))); if (elm->increment == 0) /* nextval/read_info were not called */ @@ -652,7 +653,7 @@ do_setval(RangeVar *sequence, int64 next, bool iscalled) if (pg_class_aclcheck(elm->relid, GetUserId(), ACL_UPDATE) != ACLCHECK_OK) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("%s.setval: permission denied", + errmsg("permission denied for sequence %s", sequence->relname))); /* lock page' buffer and read tuple */ diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c index 11b93759b8..b3108053d9 100644 --- a/src/backend/commands/tablecmds.c +++ b/src/backend/commands/tablecmds.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/tablecmds.c,v 1.75 2003/07/20 21:56:32 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/tablecmds.c,v 1.76 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -162,7 +162,8 @@ DefineRelation(CreateStmt *stmt, char relkind) aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceId)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceId)); } /* @@ -382,12 +383,13 @@ TruncateRelation(const RangeVar *relation) /* Permissions checks */ if (!pg_class_ownercheck(relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -576,7 +578,7 @@ MergeAttributes(List *schema, List *supers, bool istemp, * demand that creator of a child table own the parent. */ if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, RelationGetRelationName(relation)); /* @@ -1139,12 +1141,12 @@ renameatt(Oid myrelid, * normally, only the owner of a class can change its schema. */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, RelationGetRelationName(targetrelation)); if (!allowSystemTableMods && IsSystemRelation(targetrelation)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(targetrelation)))); /* @@ -1349,7 +1351,7 @@ renamerel(Oid myrelid, const char *newrelname) if (!allowSystemTableMods && IsSystemRelation(targetrelation)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(targetrelation)))); relkind = targetrelation->rd_rel->relkind; @@ -1681,12 +1683,13 @@ AlterTableAddColumn(Oid myrelid, * normally, only the owner of a class can change its schema. */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -1966,12 +1969,13 @@ AlterTableAlterColumnDropNotNull(Oid myrelid, bool recurse, /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -2109,12 +2113,13 @@ AlterTableAlterColumnSetNotNull(Oid myrelid, bool recurse, /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -2236,12 +2241,13 @@ AlterTableAlterColumnDefault(Oid myrelid, bool recurse, /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -2341,7 +2347,8 @@ AlterTableAlterColumnFlags(Oid myrelid, bool recurse, /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); /* * we allow statistics case for system tables @@ -2349,7 +2356,7 @@ AlterTableAlterColumnFlags(Oid myrelid, bool recurse, if (*flagType != 'S' && !allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -2506,12 +2513,13 @@ AlterTableAlterOids(Oid myrelid, bool recurse, bool setOid) /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -2639,12 +2647,13 @@ AlterTableDropColumn(Oid myrelid, bool recurse, bool recursing, /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -2819,12 +2828,13 @@ AlterTableAddConstraint(Oid myrelid, bool recurse, /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); if (recurse) @@ -3120,18 +3130,20 @@ AlterTableAddForeignKeyConstraint(Relation rel, FkConstraint *fkconstraint) aclresult = pg_class_aclcheck(RelationGetRelid(pkrel), GetUserId(), ACL_REFERENCES); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, RelationGetRelationName(pkrel)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + RelationGetRelationName(pkrel)); if (!allowSystemTableMods && IsSystemRelation(pkrel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(pkrel)))); aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_REFERENCES); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, RelationGetRelationName(rel)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (isTempNamespace(RelationGetNamespace(pkrel)) && !isTempNamespace(RelationGetNamespace(rel))) @@ -3804,12 +3816,13 @@ AlterTableDropConstraint(Oid myrelid, bool recurse, /* Permissions checks */ if (!pg_class_ownercheck(myrelid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* @@ -4071,7 +4084,8 @@ AlterTableCreateToastTable(Oid relOid, bool silent) /* Permissions checks */ if (!pg_class_ownercheck(relOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); /* * Toast table is shared if and only if its parent is. diff --git a/src/backend/commands/trigger.c b/src/backend/commands/trigger.c index 9cfa852aa8..6e5b38804f 100644 --- a/src/backend/commands/trigger.c +++ b/src/backend/commands/trigger.c @@ -7,7 +7,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.152 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.153 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -146,7 +146,7 @@ CreateTrigger(CreateTrigStmt *stmt, bool forConstraint) if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* permission checks */ @@ -158,13 +158,15 @@ CreateTrigger(CreateTrigStmt *stmt, bool forConstraint) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_REFERENCES); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, RelationGetRelationName(rel)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + RelationGetRelationName(rel)); if (constrrelid != InvalidOid) { aclresult = pg_class_aclcheck(constrrelid, GetUserId(), ACL_REFERENCES); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_rel_name(constrrelid)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + get_rel_name(constrrelid)); } } else @@ -173,7 +175,8 @@ CreateTrigger(CreateTrigStmt *stmt, bool forConstraint) aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(), ACL_TRIGGER); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, RelationGetRelationName(rel)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + RelationGetRelationName(rel)); } /* @@ -481,7 +484,8 @@ DropTrigger(Oid relid, const char *trigname, DropBehavior behavior) trigname, get_rel_name(relid)))); if (!pg_class_ownercheck(relid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, get_rel_name(relid)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + get_rel_name(relid)); object.classId = RelationGetRelid(tgrel); object.objectId = HeapTupleGetOid(tup); @@ -544,7 +548,7 @@ RemoveTriggerById(Oid trigOid) if (!allowSystemTableMods && IsSystemRelation(rel)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", RelationGetRelationName(rel)))); /* diff --git a/src/backend/commands/typecmds.c b/src/backend/commands/typecmds.c index 9aa7f02bfd..275143c151 100644 --- a/src/backend/commands/typecmds.c +++ b/src/backend/commands/typecmds.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/typecmds.c,v 1.39 2003/07/20 21:56:33 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/typecmds.c,v 1.40 2003/08/01 00:15:19 tgl Exp $ * * DESCRIPTION * The "DefineFoo" routines take the parse tree and pick out the @@ -121,7 +121,8 @@ DefineType(List *names, List *parameters) /* Check we have creation rights in target namespace */ aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(typeNamespace)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(typeNamespace)); /* * Type names must be one character shorter than other names, allowing @@ -416,7 +417,8 @@ RemoveType(List *names, DropBehavior behavior) if (!pg_type_ownercheck(typeoid, GetUserId()) && !pg_namespace_ownercheck(((Form_pg_type) GETSTRUCT(tup))->typnamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(typename)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, + TypeNameToString(typename)); ReleaseSysCache(tup); @@ -501,7 +503,8 @@ DefineDomain(CreateDomainStmt *stmt) aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(domainNamespace)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(domainNamespace)); /* * Domainnames, unlike typenames don't need to account for the '_' @@ -789,7 +792,8 @@ RemoveDomain(List *names, DropBehavior behavior) if (!pg_type_ownercheck(typeoid, GetUserId()) && !pg_namespace_ownercheck(((Form_pg_type) GETSTRUCT(tup))->typnamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(typename)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, + TypeNameToString(typename)); /* Check that this is actually a domain */ typtype = ((Form_pg_type) GETSTRUCT(tup))->typtype; @@ -1726,7 +1730,8 @@ domainOwnerCheck(HeapTuple tup, TypeName *typename) /* Permission check: must own type */ if (!pg_type_ownercheck(HeapTupleGetOid(tup), GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(typename)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, + TypeNameToString(typename)); } /* diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index 7f85f0581b..36416a5232 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -6,7 +6,7 @@ * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $Header: /cvsroot/pgsql/src/backend/commands/user.c,v 1.121 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/user.c,v 1.122 2003/08/01 00:15:19 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -601,7 +601,7 @@ CreateUser(CreateUserStmt *stmt) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to create users"))); if (strcmp(stmt->user, "public") == 0) ereport(ERROR, @@ -1023,7 +1023,7 @@ DropUser(DropUserStmt *stmt) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to drop users"))); /* * Scan the pg_shadow relation to find the usesysid of the user to be @@ -1194,7 +1194,7 @@ RenameUser(const char *oldname, const char *newname) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to rename users"))); /* rename */ namestrcpy(&(((Form_pg_shadow) GETSTRUCT(tup))->usename), newname); @@ -1307,7 +1307,7 @@ CreateGroup(CreateGroupStmt *stmt) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to create groups"))); if (strcmp(stmt->name, "public") == 0) ereport(ERROR, @@ -1434,7 +1434,7 @@ AlterGroup(AlterGroupStmt *stmt, const char *tag) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to alter groups"))); /* * Secure exclusive lock to protect our update of the flat group file. @@ -1678,7 +1678,7 @@ DropGroup(DropGroupStmt *stmt) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to drop groups"))); /* * Secure exclusive lock to protect our update of the flat group file. @@ -1742,7 +1742,7 @@ RenameGroup(const char *oldname, const char *newname) if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to rename groups"))); /* rename */ namestrcpy(&(((Form_pg_group) GETSTRUCT(tup))->groname), newname); diff --git a/src/backend/commands/view.c b/src/backend/commands/view.c index 2319e400f1..e12ae0af68 100644 --- a/src/backend/commands/view.c +++ b/src/backend/commands/view.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/view.c,v 1.74 2003/07/20 21:56:34 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/view.c,v 1.75 2003/08/01 00:15:20 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -114,7 +114,8 @@ DefineVirtualRelation(const RangeVar *relation, List *tlist, bool replace) RelationGetRelationName(rel)))); if (!pg_class_ownercheck(viewOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel)); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + RelationGetRelationName(rel)); /* * Create a tuple descriptor to compare against the existing view, diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c index 7a0ba7d296..ded748d5bf 100644 --- a/src/backend/executor/execMain.c +++ b/src/backend/executor/execMain.c @@ -26,7 +26,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.211 2003/07/28 00:09:14 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.212 2003/08/01 00:15:20 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -387,7 +387,8 @@ ExecCheckRTEPerms(RangeTblEntry *rte, CmdType operation) { aclcheck_result = CHECK(ACL_SELECT); if (aclcheck_result != ACLCHECK_OK) - aclcheck_error(aclcheck_result, get_rel_name(relOid)); + aclcheck_error(aclcheck_result, ACL_KIND_CLASS, + get_rel_name(relOid)); } if (rte->checkForWrite) @@ -416,7 +417,8 @@ ExecCheckRTEPerms(RangeTblEntry *rte, CmdType operation) break; } if (aclcheck_result != ACLCHECK_OK) - aclcheck_error(aclcheck_result, get_rel_name(relOid)); + aclcheck_error(aclcheck_result, ACL_KIND_CLASS, + get_rel_name(relOid)); } } @@ -774,7 +776,8 @@ InitPlan(QueryDesc *queryDesc, bool explainOnly) aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(namespaceId)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(namespaceId)); /* * have to copy tupType to get rid of constraints diff --git a/src/backend/executor/execQual.c b/src/backend/executor/execQual.c index d2efab0e36..891019f0ae 100644 --- a/src/backend/executor/execQual.c +++ b/src/backend/executor/execQual.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/executor/execQual.c,v 1.137 2003/07/30 19:02:18 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/executor/execQual.c,v 1.138 2003/08/01 00:15:21 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -612,7 +612,7 @@ init_fcache(Oid foid, FuncExprState *fcache, MemoryContext fcacheCxt) /* Check permission to call function */ aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_func_name(foid)); + aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid)); /* Safety check (should never fail, as parser should check sooner) */ if (length(fcache->args) > FUNC_MAX_ARGS) diff --git a/src/backend/executor/nodeAgg.c b/src/backend/executor/nodeAgg.c index 9c3481379a..f0537cf5d9 100644 --- a/src/backend/executor/nodeAgg.c +++ b/src/backend/executor/nodeAgg.c @@ -45,7 +45,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.111 2003/07/21 17:05:09 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.112 2003/08/01 00:15:21 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -1241,7 +1241,8 @@ ExecInitAgg(Agg *node, EState *estate) aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_func_name(aggref->aggfnoid)); + aclcheck_error(aclresult, ACL_KIND_PROC, + get_func_name(aggref->aggfnoid)); peraggstate->transfn_oid = transfn_oid = aggform->aggtransfn; peraggstate->finalfn_oid = finalfn_oid = aggform->aggfinalfn; diff --git a/src/backend/parser/analyze.c b/src/backend/parser/analyze.c index 1ba1bf5146..ef8fa510ab 100644 --- a/src/backend/parser/analyze.c +++ b/src/backend/parser/analyze.c @@ -6,7 +6,7 @@ * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.282 2003/07/28 00:09:15 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.283 2003/08/01 00:15:22 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -1193,7 +1193,8 @@ transformInhRelation(ParseState *pstate, CreateStmtContext *cxt, aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(), ACL_SELECT); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, RelationGetRelationName(relation)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + RelationGetRelationName(relation)); tupleDesc = RelationGetDescr(relation); constr = tupleDesc->constr; diff --git a/src/backend/rewrite/rewriteDefine.c b/src/backend/rewrite/rewriteDefine.c index df4e563eeb..e7039e8515 100644 --- a/src/backend/rewrite/rewriteDefine.c +++ b/src/backend/rewrite/rewriteDefine.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.83 2003/07/25 00:01:08 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.84 2003/08/01 00:15:22 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -213,7 +213,8 @@ DefineQueryRewrite(RuleStmt *stmt) */ aclresult = pg_class_aclcheck(ev_relid, GetUserId(), ACL_RULE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, RelationGetRelationName(event_relation)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + RelationGetRelationName(event_relation)); /* * No rule actions that modify OLD or NEW diff --git a/src/backend/rewrite/rewriteRemove.c b/src/backend/rewrite/rewriteRemove.c index 25cc119af6..88c4339112 100644 --- a/src/backend/rewrite/rewriteRemove.c +++ b/src/backend/rewrite/rewriteRemove.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteRemove.c,v 1.54 2003/07/25 00:01:09 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteRemove.c,v 1.55 2003/08/01 00:15:22 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -66,7 +66,8 @@ RemoveRewriteRule(Oid owningRel, const char *ruleName, DropBehavior behavior) Assert(eventRelationOid == owningRel); aclresult = pg_class_aclcheck(eventRelationOid, GetUserId(), ACL_RULE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_rel_name(eventRelationOid)); + aclcheck_error(aclresult, ACL_KIND_CLASS, + get_rel_name(eventRelationOid)); /* * Do the deletion diff --git a/src/backend/tcop/fastpath.c b/src/backend/tcop/fastpath.c index 7ab856d613..b86d657ea2 100644 --- a/src/backend/tcop/fastpath.c +++ b/src/backend/tcop/fastpath.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.65 2003/07/22 19:00:11 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.66 2003/08/01 00:15:22 tgl Exp $ * * NOTES * This cruft is the server side of PQfn. @@ -326,11 +326,13 @@ HandleFunctionRequest(StringInfo msgBuf) */ aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_namespace_name(fip->namespace)); + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(fip->namespace)); aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, get_func_name(fid)); + aclcheck_error(aclresult, ACL_KIND_PROC, + get_func_name(fid)); /* * Set up a query snapshot in case function needs one. diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c index 068ae2a724..ec9e7a4cec 100644 --- a/src/backend/tcop/utility.c +++ b/src/backend/tcop/utility.c @@ -10,7 +10,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.202 2003/07/22 19:00:12 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.203 2003/08/01 00:15:23 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -153,12 +153,13 @@ CheckDropPermissions(RangeVar *rel, char rightkind) /* Allow DROP to either table owner or schema owner */ if (!pg_class_ownercheck(relOid, GetUserId()) && !pg_namespace_ownercheck(classform->relnamespace, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, rel->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + rel->relname); if (!allowSystemTableMods && IsSystemClass(classform)) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", rel->relname))); ReleaseSysCache(tuple); @@ -184,7 +185,8 @@ CheckRelationOwnership(RangeVar *rel, bool noCatalogs) elog(ERROR, "cache lookup failed for relation %u", relOid); if (!pg_class_ownercheck(relOid, GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, rel->relname); + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, + rel->relname); if (noCatalogs) { @@ -192,7 +194,7 @@ CheckRelationOwnership(RangeVar *rel, bool noCatalogs) IsSystemClass((Form_pg_class) GETSTRUCT(tuple))) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\" is a system catalog", + errmsg("permission denied: \"%s\" is a system catalog", rel->relname))); } @@ -589,7 +591,7 @@ ProcessUtility(Node *parsetree, if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to alter owner"))); /* get_usesysid raises an error if no such user */ AlterTableOwner(relid, get_usesysid(stmt->name)); @@ -651,7 +653,7 @@ ProcessUtility(Node *parsetree, if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to alter owner"))); /* get_usesysid raises an error if no such user */ AlterTypeOwner(stmt->typename, get_usesysid(stmt->name)); @@ -972,7 +974,7 @@ ProcessUtility(Node *parsetree, if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("must be superuser to do CHECKPOINT"))); CreateCheckPoint(false, false); break; diff --git a/src/backend/utils/init/miscinit.c b/src/backend/utils/init/miscinit.c index 4c4a7f61df..ea38b94973 100644 --- a/src/backend/utils/init/miscinit.c +++ b/src/backend/utils/init/miscinit.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.109 2003/07/31 18:36:25 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.110 2003/08/01 00:15:23 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -620,7 +620,7 @@ SetSessionAuthorization(AclId userid, bool is_superuser) !AuthenticatedUserIsSuperuser) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied"))); + errmsg("permission denied to set session authorization"))); SetSessionUserId(userid); SetUserId(userid); diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c index a7eb4f5ed1..cd7de81ed5 100644 --- a/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c @@ -10,7 +10,7 @@ * Written by Peter Eisentraut . * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.144 2003/07/29 00:03:18 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.145 2003/08/01 00:15:23 tgl Exp $ * *-------------------------------------------------------------------- */ @@ -2484,7 +2484,7 @@ set_config_option(const char *name, const char *value, { ereport(elevel, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\": permission denied", + errmsg("permission denied to set option \"%s\"", name))); return false; } @@ -2554,7 +2554,7 @@ set_config_option(const char *name, const char *value, { ereport(elevel, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\": permission denied", + errmsg("permission denied to set option \"%s\"", name), errhint("Must be superuser to change this value to false."))); return false; @@ -2651,7 +2651,7 @@ set_config_option(const char *name, const char *value, { ereport(elevel, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\": permission denied", + errmsg("permission denied to set option \"%s\"", name), errhint("Must be superuser to increase this value or set it to zero."))); return false; @@ -2747,7 +2747,7 @@ set_config_option(const char *name, const char *value, { ereport(elevel, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\": permission denied", + errmsg("permission denied to set option \"%s\"", name), errhint("Must be superuser to increase this value."))); return false; @@ -2845,7 +2845,7 @@ set_config_option(const char *name, const char *value, { ereport(elevel, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("\"%s\": permission denied", + errmsg("permission denied to set option \"%s\"", name), errhint("Must be superuser to increase this value."))); return false; diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h index ed0d4ec703..3849cf2e85 100644 --- a/src/include/utils/acl.h +++ b/src/include/utils/acl.h @@ -7,7 +7,7 @@ * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $Id: acl.h,v 1.57 2003/07/21 01:59:11 tgl Exp $ + * $Id: acl.h,v 1.58 2003/08/01 00:15:25 tgl Exp $ * * NOTES * For backward-compatibility purposes we have to allow there @@ -176,6 +176,22 @@ typedef enum ACLCHECK_NOT_OWNER } AclResult; +/* this enum covers all object types that can have privilege errors */ +/* currently it's only used to tell aclcheck_error what to say */ +typedef enum AclObjectKind +{ + ACL_KIND_CLASS, /* pg_class */ + ACL_KIND_DATABASE, /* pg_database */ + ACL_KIND_PROC, /* pg_proc */ + ACL_KIND_OPER, /* pg_operator */ + ACL_KIND_TYPE, /* pg_type */ + ACL_KIND_LANGUAGE, /* pg_language */ + ACL_KIND_NAMESPACE, /* pg_namespace */ + ACL_KIND_OPCLASS, /* pg_opclass */ + ACL_KIND_CONVERSION, /* pg_conversion */ + MAX_ACL_KIND /* MUST BE LAST */ +} AclObjectKind; + /* * routines used internally */ @@ -207,7 +223,8 @@ extern AclResult pg_proc_aclcheck(Oid proc_oid, AclId userid, AclMode mode); extern AclResult pg_language_aclcheck(Oid lang_oid, AclId userid, AclMode mode); extern AclResult pg_namespace_aclcheck(Oid nsp_oid, AclId userid, AclMode mode); -extern void aclcheck_error(AclResult aclerr, const char *objectname); +extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind, + const char *objectname); /* ownercheck routines just return true (owner) or false (not) */ extern bool pg_class_ownercheck(Oid class_oid, AclId userid); diff --git a/src/test/regress/expected/alter_table.out b/src/test/regress/expected/alter_table.out index c7f35e5fa1..c74f87576e 100644 --- a/src/test/regress/expected/alter_table.out +++ b/src/test/regress/expected/alter_table.out @@ -617,9 +617,9 @@ drop table atacc1; -- alter table / alter column [set/drop] not null tests -- try altering system catalogs, should fail alter table pg_class alter column relname drop not null; -ERROR: "pg_class" is a system catalog +ERROR: permission denied: "pg_class" is a system catalog alter table pg_class alter relname set not null; -ERROR: "pg_class" is a system catalog +ERROR: permission denied: "pg_class" is a system catalog -- try altering non-existent table, should fail alter table non_existent alter column bar set not null; ERROR: relation "non_existent" does not exist @@ -744,7 +744,7 @@ drop table def_test; -- alter table / drop column tests -- try altering system catalogs, should fail alter table pg_class drop column relname; -ERROR: "pg_class" is a system catalog +ERROR: permission denied: "pg_class" is a system catalog -- try altering non-existent table, should fail alter table foo drop column bar; ERROR: relation "foo" does not exist diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out index c3d283a768..0a7b8e81a2 100644 --- a/src/test/regress/expected/privileges.out +++ b/src/test/regress/expected/privileges.out @@ -69,11 +69,11 @@ SELECT * FROM atest2; -- ok INSERT INTO atest1 VALUES (2, 'two'); -- ok INSERT INTO atest2 VALUES ('foo', true); -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 INSERT INTO atest1 SELECT 1, b FROM atest1; -- ok UPDATE atest1 SET a = 1 WHERE a = 2; -- ok UPDATE atest2 SET col2 = NOT col2; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 SELECT * FROM atest1 FOR UPDATE; -- ok a | b ---+----- @@ -82,15 +82,15 @@ SELECT * FROM atest1 FOR UPDATE; -- ok (2 rows) SELECT * FROM atest2 FOR UPDATE; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 DELETE FROM atest2; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 COPY atest2 FROM stdin; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 GRANT ALL ON atest1 TO PUBLIC; -- fail -ERROR: permission denied for "atest1" +ERROR: permission denied for relation atest1 -- checks in subquery, both ok SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) ); a | b @@ -117,33 +117,33 @@ SELECT * FROM atest1; -- ok (2 rows) SELECT * FROM atest2; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 INSERT INTO atest1 VALUES (2, 'two'); -- fail -ERROR: permission denied for "atest1" +ERROR: permission denied for relation atest1 INSERT INTO atest2 VALUES ('foo', true); -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 INSERT INTO atest1 SELECT 1, b FROM atest1; -- fail -ERROR: permission denied for "atest1" +ERROR: permission denied for relation atest1 UPDATE atest1 SET a = 1 WHERE a = 2; -- fail -ERROR: permission denied for "atest1" +ERROR: permission denied for relation atest1 UPDATE atest2 SET col2 = NULL; -- ok UPDATE atest2 SET col2 = NOT col2; -- fails; requires SELECT on atest2 -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 UPDATE atest2 SET col2 = true WHERE atest1.a = 5; -- ok SELECT * FROM atest1 FOR UPDATE; -- fail -ERROR: permission denied for "atest1" +ERROR: permission denied for relation atest1 SELECT * FROM atest2 FOR UPDATE; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 DELETE FROM atest2; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- ok COPY atest2 FROM stdin; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 -- checks in subquery, both fail SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) ); -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) ); -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 SET SESSION AUTHORIZATION regressuser4; COPY atest2 FROM stdin; -- ok SELECT * FROM atest1; -- ok @@ -159,7 +159,7 @@ CREATE TABLE atest3 (one int, two int, three int); GRANT DELETE ON atest3 TO GROUP regressgroup2; SET SESSION AUTHORIZATION regressuser1; SELECT * FROM atest3; -- fail -ERROR: permission denied for "atest3" +ERROR: permission denied for relation atest3 DELETE FROM atest3; -- ok -- views SET SESSION AUTHORIZATION regressuser3; @@ -175,7 +175,7 @@ SELECT * FROM atestv1; -- ok (2 rows) SELECT * FROM atestv2; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 GRANT SELECT ON atestv1, atestv3 TO regressuser4; GRANT SELECT ON atestv2 TO regressuser2; SET SESSION AUTHORIZATION regressuser4; @@ -187,7 +187,7 @@ SELECT * FROM atestv1; -- ok (2 rows) SELECT * FROM atestv2; -- fail -ERROR: permission denied for "atestv2" +ERROR: permission denied for relation atestv2 SELECT * FROM atestv3; -- ok one | two | three -----+-----+------- @@ -203,7 +203,7 @@ GRANT SELECT ON atestv4 TO regressuser2; SET SESSION AUTHORIZATION regressuser2; -- Two complex cases: SELECT * FROM atestv3; -- fail -ERROR: permission denied for "atestv3" +ERROR: permission denied for relation atestv3 SELECT * FROM atestv4; -- ok (even though regressuser2 cannot access underlying atestv3) one | two | three -----+-----+------- @@ -216,7 +216,7 @@ SELECT * FROM atest2; -- ok (1 row) SELECT * FROM atestv2; -- fail (even though regressuser2 can access underlying atest2) -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 -- privileges on functions, languages -- switch to superuser \c - @@ -226,7 +226,7 @@ GRANT USAGE ON LANGUAGE c TO PUBLIC; -- fail ERROR: language "c" is not trusted SET SESSION AUTHORIZATION regressuser1; GRANT USAGE ON LANGUAGE sql TO regressuser2; -- fail -ERROR: permission denied for "sql" +ERROR: permission denied for language sql CREATE FUNCTION testfunc1(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; CREATE FUNCTION testfunc2(int) RETURNS int AS 'select 3 * $1;' LANGUAGE sql; REVOKE ALL ON FUNCTION testfunc1(int), testfunc2(int) FROM PUBLIC; @@ -248,12 +248,12 @@ SELECT testfunc1(5), testfunc2(5); -- ok (1 row) CREATE FUNCTION testfunc3(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; -- fail -ERROR: permission denied for "sql" +ERROR: permission denied for language sql SET SESSION AUTHORIZATION regressuser3; SELECT testfunc1(5); -- fail -ERROR: permission denied for "testfunc1" +ERROR: permission denied for function testfunc1 SELECT col1 FROM atest2 WHERE col2 = true; -- fail -ERROR: permission denied for "atest2" +ERROR: permission denied for relation atest2 SELECT testfunc4(true); -- ok testfunc4 ----------- @@ -268,7 +268,7 @@ SELECT testfunc1(5); -- ok (1 row) DROP FUNCTION testfunc1(int); -- fail -ERROR: must be owner of "testfunc1" +ERROR: must be owner of function testfunc1 \c - DROP FUNCTION testfunc1(int); -- ok -- restore to sanity @@ -551,7 +551,7 @@ ERROR: grant options can only be granted to individual users SET SESSION AUTHORIZATION regressuser2; GRANT SELECT ON atest4 TO regressuser3; GRANT UPDATE ON atest4 TO regressuser3; -- fail -ERROR: permission denied for "atest4" +ERROR: permission denied for relation atest4 SET SESSION AUTHORIZATION regressuser1; REVOKE SELECT ON atest4 FROM regressuser3; -- does nothing SELECT has_table_privilege('regressuser3', 'atest4', 'SELECT'); -- true