database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-06 07:49:08 +03:00
Code Activity

Patch from Massimo Dal Zotto <dz@cs.unitn.it>

Browse Source 
The first patch changes the behavior of aclcheck for groups. Currently an user
can access a table only if he has the required permission for ALL the groups
defined for that table. With my patch he can access a table if he has the
permission for ONE of the groups, which seems to me a more useful thing.
If you think this should be the correct behavior of the acl group check feel
free to remove the #ifdef, if not please add a commented line to config.h.
This commit is contained in:
Marc G. Fournier
1997-01-23 19:33:31 +00:00
parent fa937b5e6b
commit 1e5755cf73
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/backend/tcop/aclchk.c
View File

@@ -7,7 +7,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/tcop/Attic/aclchk.c,v 1.5 1996/11/30 18:06:45 momjian Exp $ * $Header: /cvsroot/pgsql/src/backend/tcop/Attic/aclchk.c,v 1.6 1997/01/23 19:33:31 scrappy Exp $
* *
* NOTES * NOTES
* See acl.h. * See acl.h.
@@ -291,6 +291,12 @@ aclcheck(Acl *acl, AclId id, AclIdType idtype, AclMode mode)
i < num && aip->ai_idtype == ACL_IDTYPE_GID; i < num && aip->ai_idtype == ACL_IDTYPE_GID;
++i, ++aip) { ++i, ++aip) {
if (in_group(id, aip->ai_id)) { if (in_group(id, aip->ai_id)) {
#ifdef ACLGROUP_PATCH
if (aip->ai_mode & mode) {
found_group = 1;
break;
}
#else
if (aip->ai_mode & mode) if (aip->ai_mode & mode)
++found_group; ++found_group;
else { else {
@@ -300,6 +306,7 @@ aclcheck(Acl *acl, AclId id, AclIdType idtype, AclMode mode)
#endif #endif
return(0); return(0);
} }
#endif
} }
} }
if (found_group) { if (found_group) {