mirror of
https://github.com/postgres/postgres.git
synced 2025-07-09 22:41:56 +03:00
Pre-beta mechanical code beautification.
Run pgindent, pgperltidy, and reformat-dat-files. This set of diffs is a bit larger than typical. We've updated to pg_bsd_indent 2.1.2, which properly indents variable declarations that have multi-line initialization expressions (the continuation lines are now indented one tab stop). We've also updated to perltidy version 20230309 and changed some of its settings, which reduces its desire to add whitespace to lines to make assignments etc. line up. Going forward, that should make for fewer random-seeming changes to existing code. Discussion: https://postgr.es/m/20230428092545.qfb3y5wcu4cm75ur@alvherre.pgsql
This commit is contained in:
@ -231,7 +231,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
|
||||
if (OidIsValid(namespaceId))
|
||||
{
|
||||
aclresult = object_aclcheck(NamespaceRelationId, namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
@ -1035,7 +1035,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(NamespaceRelationId, namespaceId, new_ownerId,
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
|
@ -270,8 +270,8 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e
|
||||
*/
|
||||
if (!IsBinaryUpgrade)
|
||||
{
|
||||
char *langtag = icu_language_tag(colliculocale,
|
||||
icu_validation_level);
|
||||
char *langtag = icu_language_tag(colliculocale,
|
||||
icu_validation_level);
|
||||
|
||||
if (langtag && strcmp(colliculocale, langtag) != 0)
|
||||
{
|
||||
@ -476,17 +476,18 @@ AlterCollation(AlterCollationStmt *stmt)
|
||||
Datum
|
||||
pg_collation_actual_version(PG_FUNCTION_ARGS)
|
||||
{
|
||||
Oid collid = PG_GETARG_OID(0);
|
||||
char provider;
|
||||
char *locale;
|
||||
char *version;
|
||||
Datum datum;
|
||||
Oid collid = PG_GETARG_OID(0);
|
||||
char provider;
|
||||
char *locale;
|
||||
char *version;
|
||||
Datum datum;
|
||||
|
||||
if (collid == DEFAULT_COLLATION_OID)
|
||||
{
|
||||
/* retrieve from pg_database */
|
||||
|
||||
HeapTuple dbtup = SearchSysCache1(DATABASEOID, ObjectIdGetDatum(MyDatabaseId));
|
||||
|
||||
if (!HeapTupleIsValid(dbtup))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
||||
@ -506,7 +507,8 @@ pg_collation_actual_version(PG_FUNCTION_ARGS)
|
||||
{
|
||||
/* retrieve from pg_collation */
|
||||
|
||||
HeapTuple colltp = SearchSysCache1(COLLOID, ObjectIdGetDatum(collid));
|
||||
HeapTuple colltp = SearchSysCache1(COLLOID, ObjectIdGetDatum(collid));
|
||||
|
||||
if (!HeapTupleIsValid(colltp))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_UNDEFINED_OBJECT),
|
||||
@ -657,11 +659,10 @@ create_collation_from_locale(const char *locale, int nspid,
|
||||
Oid collid;
|
||||
|
||||
/*
|
||||
* Some systems have locale names that don't consist entirely of
|
||||
* ASCII letters (such as "bokmål" or "français").
|
||||
* This is pretty silly, since we need the locale itself to
|
||||
* interpret the non-ASCII characters. We can't do much with
|
||||
* those, so we filter them out.
|
||||
* Some systems have locale names that don't consist entirely of ASCII
|
||||
* letters (such as "bokmål" or "français"). This is pretty
|
||||
* silly, since we need the locale itself to interpret the non-ASCII
|
||||
* characters. We can't do much with those, so we filter them out.
|
||||
*/
|
||||
if (!pg_is_ascii(locale))
|
||||
{
|
||||
@ -681,19 +682,18 @@ create_collation_from_locale(const char *locale, int nspid,
|
||||
return -1;
|
||||
}
|
||||
if (enc == PG_SQL_ASCII)
|
||||
return -1; /* C/POSIX are already in the catalog */
|
||||
return -1; /* C/POSIX are already in the catalog */
|
||||
|
||||
/* count valid locales found in operating system */
|
||||
(*nvalidp)++;
|
||||
|
||||
/*
|
||||
* Create a collation named the same as the locale, but quietly
|
||||
* doing nothing if it already exists. This is the behavior we
|
||||
* need even at initdb time, because some versions of "locale -a"
|
||||
* can report the same locale name more than once. And it's
|
||||
* convenient for later import runs, too, since you just about
|
||||
* always want to add on new locales without a lot of chatter
|
||||
* about existing ones.
|
||||
* Create a collation named the same as the locale, but quietly doing
|
||||
* nothing if it already exists. This is the behavior we need even at
|
||||
* initdb time, because some versions of "locale -a" can report the same
|
||||
* locale name more than once. And it's convenient for later import runs,
|
||||
* too, since you just about always want to add on new locales without a
|
||||
* lot of chatter about existing ones.
|
||||
*/
|
||||
collid = CollationCreate(locale, nspid, GetUserId(),
|
||||
COLLPROVIDER_LIBC, true, enc,
|
||||
@ -995,8 +995,8 @@ pg_import_system_collations(PG_FUNCTION_ARGS)
|
||||
param.nvalidp = &nvalid;
|
||||
|
||||
/*
|
||||
* Enumerate the locales that are either installed on or supported
|
||||
* by the OS.
|
||||
* Enumerate the locales that are either installed on or supported by
|
||||
* the OS.
|
||||
*/
|
||||
if (!EnumSystemLocalesEx(win32_read_locale, LOCALE_ALL,
|
||||
(LPARAM) ¶m, NULL))
|
||||
|
@ -259,7 +259,7 @@ ScanSourceDatabasePgClass(Oid tbid, Oid dbid, char *srcpath)
|
||||
List *rlocatorlist = NIL;
|
||||
LockRelId relid;
|
||||
Snapshot snapshot;
|
||||
SMgrRelation smgr;
|
||||
SMgrRelation smgr;
|
||||
BufferAccessStrategy bstrategy;
|
||||
|
||||
/* Get pg_class relfilenumber. */
|
||||
@ -1065,8 +1065,8 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
|
||||
*/
|
||||
if (!IsBinaryUpgrade && dbiculocale != src_iculocale)
|
||||
{
|
||||
char *langtag = icu_language_tag(dbiculocale,
|
||||
icu_validation_level);
|
||||
char *langtag = icu_language_tag(dbiculocale,
|
||||
icu_validation_level);
|
||||
|
||||
if (langtag && strcmp(dbiculocale, langtag) != 0)
|
||||
{
|
||||
@ -1219,7 +1219,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
|
||||
dst_deftablespace = get_tablespace_oid(tablespacename, false);
|
||||
/* check permissions */
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, dst_deftablespace, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
tablespacename);
|
||||
@ -1406,8 +1406,8 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
|
||||
* If we're going to be reading data for the to-be-created database into
|
||||
* shared_buffers, take a lock on it. Nobody should know that this
|
||||
* database exists yet, but it's good to maintain the invariant that an
|
||||
* AccessExclusiveLock on the database is sufficient to drop all
|
||||
* of its buffers without worrying about more being read later.
|
||||
* AccessExclusiveLock on the database is sufficient to drop all of its
|
||||
* buffers without worrying about more being read later.
|
||||
*
|
||||
* Note that we need to do this before entering the
|
||||
* PG_ENSURE_ERROR_CLEANUP block below, because createdb_failure_callback
|
||||
@ -1933,7 +1933,7 @@ movedb(const char *dbname, const char *tblspcname)
|
||||
* Permission checks
|
||||
*/
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, dst_tblspcoid, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
tblspcname);
|
||||
@ -3110,7 +3110,7 @@ dbase_redo(XLogReaderState *record)
|
||||
if (info == XLOG_DBASE_CREATE_FILE_COPY)
|
||||
{
|
||||
xl_dbase_create_file_copy_rec *xlrec =
|
||||
(xl_dbase_create_file_copy_rec *) XLogRecGetData(record);
|
||||
(xl_dbase_create_file_copy_rec *) XLogRecGetData(record);
|
||||
char *src_path;
|
||||
char *dst_path;
|
||||
char *parent_path;
|
||||
@ -3182,7 +3182,7 @@ dbase_redo(XLogReaderState *record)
|
||||
else if (info == XLOG_DBASE_CREATE_WAL_LOG)
|
||||
{
|
||||
xl_dbase_create_wal_log_rec *xlrec =
|
||||
(xl_dbase_create_wal_log_rec *) XLogRecGetData(record);
|
||||
(xl_dbase_create_wal_log_rec *) XLogRecGetData(record);
|
||||
char *dbpath;
|
||||
char *parent_path;
|
||||
|
||||
|
@ -493,6 +493,7 @@ does_not_exist_skipping(ObjectType objtype, Node *object)
|
||||
case OBJECT_TABLE:
|
||||
case OBJECT_TABLESPACE:
|
||||
case OBJECT_VIEW:
|
||||
|
||||
/*
|
||||
* These are handled elsewhere, so if someone gets here the code
|
||||
* is probably wrong or should be revisited.
|
||||
|
@ -1523,7 +1523,7 @@ ExplainNode(PlanState *planstate, List *ancestors,
|
||||
{
|
||||
BitmapIndexScan *bitmapindexscan = (BitmapIndexScan *) plan;
|
||||
const char *indexname =
|
||||
explain_get_index_name(bitmapindexscan->indexid);
|
||||
explain_get_index_name(bitmapindexscan->indexid);
|
||||
|
||||
if (es->format == EXPLAIN_FORMAT_TEXT)
|
||||
appendStringInfo(es->str, " on %s",
|
||||
@ -3008,7 +3008,7 @@ show_incremental_sort_info(IncrementalSortState *incrsortstate,
|
||||
for (n = 0; n < incrsortstate->shared_info->num_workers; n++)
|
||||
{
|
||||
IncrementalSortInfo *incsort_info =
|
||||
&incrsortstate->shared_info->sinfo[n];
|
||||
&incrsortstate->shared_info->sinfo[n];
|
||||
|
||||
/*
|
||||
* If a worker hasn't processed any sort groups at all, then
|
||||
@ -4212,7 +4212,7 @@ ExplainCustomChildren(CustomScanState *css, List *ancestors, ExplainState *es)
|
||||
{
|
||||
ListCell *cell;
|
||||
const char *label =
|
||||
(list_length(css->custom_ps) != 1 ? "children" : "child");
|
||||
(list_length(css->custom_ps) != 1 ? "children" : "child");
|
||||
|
||||
foreach(cell, css->custom_ps)
|
||||
ExplainNode((PlanState *) lfirst(cell), ancestors, label, NULL, es);
|
||||
|
@ -151,7 +151,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
|
||||
namespaceId = QualifiedNameGetCreationNamespace(returnType->names,
|
||||
&typname);
|
||||
aclresult = object_aclcheck(NamespaceRelationId, namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
@ -2117,7 +2117,7 @@ ExecuteDoStmt(ParseState *pstate, DoStmt *stmt, bool atomic)
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(LanguageRelationId, codeblock->langOid, GetUserId(),
|
||||
ACL_USAGE);
|
||||
ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_LANGUAGE,
|
||||
NameStr(languageStruct->lanname));
|
||||
|
@ -748,7 +748,7 @@ DefineIndex(Oid relationId,
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(NamespaceRelationId, namespaceId, root_save_userid,
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
@ -780,7 +780,7 @@ DefineIndex(Oid relationId,
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, tablespaceId, root_save_userid,
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(tablespaceId));
|
||||
@ -2708,7 +2708,7 @@ ExecReindex(ParseState *pstate, ReindexStmt *stmt, bool isTopLevel)
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, params.tablespaceOid,
|
||||
GetUserId(), ACL_CREATE);
|
||||
GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(params.tablespaceOid));
|
||||
@ -3066,11 +3066,12 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
|
||||
/*
|
||||
* The table can be reindexed if the user has been granted MAINTAIN on
|
||||
* the table or one of its partition ancestors or the user is a
|
||||
* superuser, the table owner, or the database/schema owner (but in the
|
||||
* latter case, only if it's not a shared relation). pg_class_aclcheck
|
||||
* includes the superuser case, and depending on objectKind we already
|
||||
* know that the user has permission to run REINDEX on this database or
|
||||
* schema per the permission checks at the beginning of this routine.
|
||||
* superuser, the table owner, or the database/schema owner (but in
|
||||
* the latter case, only if it's not a shared relation).
|
||||
* pg_class_aclcheck includes the superuser case, and depending on
|
||||
* objectKind we already know that the user has permission to run
|
||||
* REINDEX on this database or schema per the permission checks at the
|
||||
* beginning of this routine.
|
||||
*/
|
||||
if (classtuple->relisshared &&
|
||||
pg_class_aclcheck(relid, GetUserId(), ACL_MAINTAIN) != ACLCHECK_OK &&
|
||||
@ -3312,7 +3313,7 @@ ReindexMultipleInternal(List *relids, ReindexParams *params)
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, params->tablespaceOid,
|
||||
GetUserId(), ACL_CREATE);
|
||||
GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(params->tablespaceOid));
|
||||
|
@ -400,7 +400,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
|
||||
* no special case for them.
|
||||
*/
|
||||
aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
@ -604,9 +604,9 @@ CreateSubscription(ParseState *pstate, CreateSubscriptionStmt *stmt,
|
||||
PreventInTransactionBlock(isTopLevel, "CREATE SUBSCRIPTION ... WITH (create_slot = true)");
|
||||
|
||||
/*
|
||||
* We don't want to allow unprivileged users to be able to trigger attempts
|
||||
* to access arbitrary network destinations, so require the user to have
|
||||
* been specifically authorized to create subscriptions.
|
||||
* We don't want to allow unprivileged users to be able to trigger
|
||||
* attempts to access arbitrary network destinations, so require the user
|
||||
* to have been specifically authorized to create subscriptions.
|
||||
*/
|
||||
if (!has_privs_of_role(owner, ROLE_PG_CREATE_SUBSCRIPTION))
|
||||
ereport(ERROR,
|
||||
@ -631,10 +631,10 @@ CreateSubscription(ParseState *pstate, CreateSubscriptionStmt *stmt,
|
||||
* exempt a subscription from this requirement.
|
||||
*/
|
||||
if (!opts.passwordrequired && !superuser_arg(owner))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("password_required=false is superuser-only"),
|
||||
errhint("Subscriptions with the password_required option set to false may only be created or modified by the superuser.")));
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("password_required=false is superuser-only"),
|
||||
errhint("Subscriptions with the password_required option set to false may only be created or modified by the superuser.")));
|
||||
|
||||
/*
|
||||
* If built with appropriate switch, whine when regression-testing
|
||||
@ -1113,8 +1113,8 @@ AlterSubscription(ParseState *pstate, AlterSubscriptionStmt *stmt,
|
||||
if (!sub->passwordrequired && !superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("password_required=false is superuser-only"),
|
||||
errhint("Subscriptions with the password_required option set to false may only be created or modified by the superuser.")));
|
||||
errmsg("password_required=false is superuser-only"),
|
||||
errhint("Subscriptions with the password_required option set to false may only be created or modified by the superuser.")));
|
||||
|
||||
/* Lock the subscription so nobody else can do anything with it. */
|
||||
LockSharedObject(SubscriptionRelationId, subid, 0, AccessExclusiveLock);
|
||||
@ -1827,8 +1827,8 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
if (!form->subpasswordrequired && !superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("password_required=false is superuser-only"),
|
||||
errhint("Subscriptions with the password_required option set to false may only be created or modified by the superuser.")));
|
||||
errmsg("password_required=false is superuser-only"),
|
||||
errhint("Subscriptions with the password_required option set to false may only be created or modified by the superuser.")));
|
||||
|
||||
/* Must be able to become new owner */
|
||||
check_can_set_role(GetUserId(), newOwnerId);
|
||||
@ -1837,8 +1837,8 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
* current owner must have CREATE on database
|
||||
*
|
||||
* This is consistent with how ALTER SCHEMA ... OWNER TO works, but some
|
||||
* other object types behave differently (e.g. you can't give a table to
|
||||
* a user who lacks CREATE privileges on a schema).
|
||||
* other object types behave differently (e.g. you can't give a table to a
|
||||
* user who lacks CREATE privileges on a schema).
|
||||
*/
|
||||
aclresult = object_aclcheck(DatabaseRelationId, MyDatabaseId,
|
||||
GetUserId(), ACL_CREATE);
|
||||
|
@ -806,7 +806,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, tablespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(tablespaceId));
|
||||
@ -1931,7 +1931,7 @@ ExecuteTruncateGuts(List *explicit_rels,
|
||||
resultRelInfo = resultRelInfos;
|
||||
foreach(cell, rels)
|
||||
{
|
||||
UserContext ucxt;
|
||||
UserContext ucxt;
|
||||
|
||||
if (run_as_table_owner)
|
||||
SwitchToUntrustedUser(resultRelInfo->ri_RelationDesc->rd_rel->relowner,
|
||||
@ -2143,7 +2143,7 @@ ExecuteTruncateGuts(List *explicit_rels,
|
||||
resultRelInfo = resultRelInfos;
|
||||
foreach(cell, rels)
|
||||
{
|
||||
UserContext ucxt;
|
||||
UserContext ucxt;
|
||||
|
||||
if (run_as_table_owner)
|
||||
SwitchToUntrustedUser(resultRelInfo->ri_RelationDesc->rd_rel->relowner,
|
||||
@ -2635,7 +2635,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence,
|
||||
if (CompressionMethodIsValid(attribute->attcompression))
|
||||
{
|
||||
const char *compression =
|
||||
GetCompressionMethodName(attribute->attcompression);
|
||||
GetCompressionMethodName(attribute->attcompression);
|
||||
|
||||
if (def->compression == NULL)
|
||||
def->compression = pstrdup(compression);
|
||||
@ -13947,7 +13947,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
|
||||
|
||||
/* New owner must have CREATE privilege on namespace */
|
||||
aclresult = object_aclcheck(NamespaceRelationId, namespaceOid, newOwnerId,
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceOid));
|
||||
@ -14377,7 +14377,7 @@ ATExecSetRelOptions(Relation rel, List *defList, AlterTableType operation,
|
||||
if (check_option)
|
||||
{
|
||||
const char *view_updatable_error =
|
||||
view_query_is_auto_updatable(view_query, true);
|
||||
view_query_is_auto_updatable(view_query, true);
|
||||
|
||||
if (view_updatable_error)
|
||||
ereport(ERROR,
|
||||
@ -14656,7 +14656,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
|
||||
AclResult aclresult;
|
||||
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, new_tablespaceoid, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(new_tablespaceoid));
|
||||
@ -17134,7 +17134,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
|
||||
if (IsA(stmt, RenameStmt))
|
||||
{
|
||||
aclresult = object_aclcheck(NamespaceRelationId, classform->relnamespace,
|
||||
GetUserId(), ACL_CREATE);
|
||||
GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(classform->relnamespace));
|
||||
|
@ -1278,7 +1278,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source)
|
||||
|
||||
/* Check permissions, similarly complaining only if interactive */
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, curoid, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
{
|
||||
if (source >= PGC_S_INTERACTIVE)
|
||||
@ -1408,7 +1408,7 @@ PrepareTempTablespaces(void)
|
||||
|
||||
/* Check permissions similarly */
|
||||
aclresult = object_aclcheck(TableSpaceRelationId, curoid, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
continue;
|
||||
|
||||
|
@ -734,7 +734,7 @@ DefineDomain(CreateDomainStmt *stmt)
|
||||
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = object_aclcheck(NamespaceRelationId, domainNamespace, GetUserId(),
|
||||
ACL_CREATE);
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(domainNamespace));
|
||||
@ -3743,8 +3743,8 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype)
|
||||
|
||||
/* New owner must have CREATE privilege on namespace */
|
||||
aclresult = object_aclcheck(NamespaceRelationId, typTup->typnamespace,
|
||||
newOwnerId,
|
||||
ACL_CREATE);
|
||||
newOwnerId,
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(typTup->typnamespace));
|
||||
|
@ -86,7 +86,7 @@ typedef struct
|
||||
int Password_encryption = PASSWORD_TYPE_SCRAM_SHA_256;
|
||||
char *createrole_self_grant = "";
|
||||
bool createrole_self_grant_enabled = false;
|
||||
GrantRoleOptions createrole_self_grant_options;
|
||||
GrantRoleOptions createrole_self_grant_options;
|
||||
|
||||
/* Hook to check passwords in CreateRole() and AlterRole() */
|
||||
check_password_hook_type check_password_hook = NULL;
|
||||
@ -169,7 +169,7 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
|
||||
DefElem *dadminmembers = NULL;
|
||||
DefElem *dvalidUntil = NULL;
|
||||
DefElem *dbypassRLS = NULL;
|
||||
GrantRoleOptions popt;
|
||||
GrantRoleOptions popt;
|
||||
|
||||
/* The defaults can vary depending on the original statement type */
|
||||
switch (stmt->stmt_type)
|
||||
@ -535,8 +535,8 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
|
||||
*
|
||||
* The grantor of record for this implicit grant is the bootstrap
|
||||
* superuser, which means that the CREATEROLE user cannot revoke the
|
||||
* grant. They can however grant the created role back to themselves
|
||||
* with different options, since they enjoy ADMIN OPTION on it.
|
||||
* grant. They can however grant the created role back to themselves with
|
||||
* different options, since they enjoy ADMIN OPTION on it.
|
||||
*/
|
||||
if (!superuser())
|
||||
{
|
||||
@ -561,8 +561,8 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
|
||||
BOOTSTRAP_SUPERUSERID, &poptself);
|
||||
|
||||
/*
|
||||
* We must make the implicit grant visible to the code below, else
|
||||
* the additional grants will fail.
|
||||
* We must make the implicit grant visible to the code below, else the
|
||||
* additional grants will fail.
|
||||
*/
|
||||
CommandCounterIncrement();
|
||||
|
||||
@ -585,8 +585,8 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt)
|
||||
* Add the specified members to this new role. adminmembers get the admin
|
||||
* option, rolemembers don't.
|
||||
*
|
||||
* NB: No permissions check is required here. If you have enough rights
|
||||
* to create a role, you can add any members you like.
|
||||
* NB: No permissions check is required here. If you have enough rights to
|
||||
* create a role, you can add any members you like.
|
||||
*/
|
||||
AddRoleMems(currentUserId, stmt->role, roleid,
|
||||
rolemembers, roleSpecsToIds(rolemembers),
|
||||
@ -647,7 +647,7 @@ AlterRole(ParseState *pstate, AlterRoleStmt *stmt)
|
||||
DefElem *dbypassRLS = NULL;
|
||||
Oid roleid;
|
||||
Oid currentUserId = GetUserId();
|
||||
GrantRoleOptions popt;
|
||||
GrantRoleOptions popt;
|
||||
|
||||
check_rolespec_name(stmt->role,
|
||||
_("Cannot alter reserved roles."));
|
||||
@ -862,7 +862,7 @@ AlterRole(ParseState *pstate, AlterRoleStmt *stmt)
|
||||
*/
|
||||
if (dissuper)
|
||||
{
|
||||
bool should_be_super = boolVal(dissuper->arg);
|
||||
bool should_be_super = boolVal(dissuper->arg);
|
||||
|
||||
if (!should_be_super && roleid == BOOTSTRAP_SUPERUSERID)
|
||||
ereport(ERROR,
|
||||
@ -1021,9 +1021,9 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
|
||||
shdepLockAndCheckObject(AuthIdRelationId, roleid);
|
||||
|
||||
/*
|
||||
* To mess with a superuser you gotta be superuser; otherwise you
|
||||
* need CREATEROLE plus admin option on the target role; unless you're
|
||||
* just trying to change your own settings
|
||||
* To mess with a superuser you gotta be superuser; otherwise you need
|
||||
* CREATEROLE plus admin option on the target role; unless you're just
|
||||
* trying to change your own settings
|
||||
*/
|
||||
if (roleform->rolsuper)
|
||||
{
|
||||
@ -1037,7 +1037,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
|
||||
else
|
||||
{
|
||||
if ((!have_createrole_privilege() ||
|
||||
!is_admin_of_role(GetUserId(), roleid))
|
||||
!is_admin_of_role(GetUserId(), roleid))
|
||||
&& roleid != GetUserId())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
@ -1490,14 +1490,14 @@ GrantRole(ParseState *pstate, GrantRoleStmt *stmt)
|
||||
Oid grantor;
|
||||
List *grantee_ids;
|
||||
ListCell *item;
|
||||
GrantRoleOptions popt;
|
||||
GrantRoleOptions popt;
|
||||
Oid currentUserId = GetUserId();
|
||||
|
||||
/* Parse options list. */
|
||||
InitGrantRoleOptions(&popt);
|
||||
foreach(item, stmt->opt)
|
||||
{
|
||||
DefElem *opt = (DefElem *) lfirst(item);
|
||||
DefElem *opt = (DefElem *) lfirst(item);
|
||||
char *optval = defGetString(opt);
|
||||
|
||||
if (strcmp(opt->defname, "admin") == 0)
|
||||
@ -1546,8 +1546,8 @@ GrantRole(ParseState *pstate, GrantRoleStmt *stmt)
|
||||
/*
|
||||
* Step through all of the granted roles and add, update, or remove
|
||||
* entries in pg_auth_members as appropriate. If stmt->is_grant is true,
|
||||
* we are adding new grants or, if they already exist, updating options
|
||||
* on those grants. If stmt->is_grant is false, we are revoking grants or
|
||||
* we are adding new grants or, if they already exist, updating options on
|
||||
* those grants. If stmt->is_grant is false, we are revoking grants or
|
||||
* removing options from them.
|
||||
*/
|
||||
foreach(item, stmt->granted_roles)
|
||||
@ -1848,8 +1848,8 @@ AddRoleMems(Oid currentUserId, const char *rolename, Oid roleid,
|
||||
ObjectIdGetDatum(grantorId));
|
||||
|
||||
/*
|
||||
* If we found a tuple, update it with new option values, unless
|
||||
* there are no changes, in which case issue a WARNING.
|
||||
* If we found a tuple, update it with new option values, unless there
|
||||
* are no changes, in which case issue a WARNING.
|
||||
*
|
||||
* If we didn't find a tuple, just insert one.
|
||||
*/
|
||||
@ -1932,8 +1932,8 @@ AddRoleMems(Oid currentUserId, const char *rolename, Oid roleid,
|
||||
popt->inherit;
|
||||
else
|
||||
{
|
||||
HeapTuple mrtup;
|
||||
Form_pg_authid mrform;
|
||||
HeapTuple mrtup;
|
||||
Form_pg_authid mrform;
|
||||
|
||||
mrtup = SearchSysCache1(AUTHOID, memberid);
|
||||
if (!HeapTupleIsValid(mrtup))
|
||||
@ -2332,8 +2332,8 @@ plan_single_revoke(CatCList *memlist, RevokeRoleGrantAction *actions,
|
||||
/*
|
||||
* If popt.specified == 0, we're revoking the grant entirely; otherwise,
|
||||
* we expect just one bit to be set, and we're revoking the corresponding
|
||||
* option. As of this writing, there's no syntax that would allow for
|
||||
* an attempt to revoke multiple options at once, and the logic below
|
||||
* option. As of this writing, there's no syntax that would allow for an
|
||||
* attempt to revoke multiple options at once, and the logic below
|
||||
* wouldn't work properly if such syntax were added, so assert that our
|
||||
* caller isn't trying to do that.
|
||||
*/
|
||||
@ -2365,7 +2365,7 @@ plan_single_revoke(CatCList *memlist, RevokeRoleGrantAction *actions,
|
||||
}
|
||||
else
|
||||
{
|
||||
bool revoke_admin_option_only;
|
||||
bool revoke_admin_option_only;
|
||||
|
||||
/*
|
||||
* Revoking the grant entirely, or ADMIN option on a grant,
|
||||
@ -2572,7 +2572,7 @@ check_createrole_self_grant(char **newval, void **extra, GucSource source)
|
||||
void
|
||||
assign_createrole_self_grant(const char *newval, void *extra)
|
||||
{
|
||||
unsigned options = * (unsigned *) extra;
|
||||
unsigned options = *(unsigned *) extra;
|
||||
|
||||
createrole_self_grant_enabled = (options != 0);
|
||||
createrole_self_grant_options.specified = GRANT_ROLE_SPECIFIED_ADMIN
|
||||
|
@ -437,7 +437,7 @@ DefineView(ViewStmt *stmt, const char *queryString,
|
||||
if (check_option)
|
||||
{
|
||||
const char *view_updatable_error =
|
||||
view_query_is_auto_updatable(viewParse, true);
|
||||
view_query_is_auto_updatable(viewParse, true);
|
||||
|
||||
if (view_updatable_error)
|
||||
ereport(ERROR,
|
||||
|
Reference in New Issue
Block a user