mirror of
https://github.com/postgres/postgres.git
synced 2025-11-12 05:01:15 +03:00
Restructure aclcheck error reporting to make permission-failure
messages more uniform and internationalizable: the global array aclcheck_error_strings[] is gone in favor of a subroutine aclcheck_error(). Partial implementation of namespace-related permission checks --- not all done yet.
This commit is contained in:
Tom Lane
@@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.72 2002/04/26 01:24:08 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.73 2002/04/27 03:45:03 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@@ -664,7 +664,7 @@ has_table_privilege_name_name(PG_FUNCTION_ARGS)
|
||||
int32 usesysid;
|
||||
Oid reloid;
|
||||
AclMode mode;
|
||||
int32 aclresult;
|
||||
AclResult aclresult;
|
||||
|
||||
/*
|
||||
* Lookup userid based on username
|
||||
@@ -709,7 +709,7 @@ has_table_privilege_name(PG_FUNCTION_ARGS)
|
||||
int32 usesysid;
|
||||
Oid reloid;
|
||||
AclMode mode;
|
||||
int32 aclresult;
|
||||
AclResult aclresult;
|
||||
|
||||
usesysid = GetUserId();
|
||||
|
||||
@@ -750,7 +750,7 @@ has_table_privilege_name_id(PG_FUNCTION_ARGS)
|
||||
text *priv_type_text = PG_GETARG_TEXT_P(2);
|
||||
int32 usesysid;
|
||||
AclMode mode;
|
||||
int32 aclresult;
|
||||
AclResult aclresult;
|
||||
|
||||
/*
|
||||
* Lookup userid based on username
|
||||
@@ -789,7 +789,7 @@ has_table_privilege_id(PG_FUNCTION_ARGS)
|
||||
text *priv_type_text = PG_GETARG_TEXT_P(1);
|
||||
int32 usesysid;
|
||||
AclMode mode;
|
||||
int32 aclresult;
|
||||
AclResult aclresult;
|
||||
|
||||
usesysid = GetUserId();
|
||||
|
||||
@@ -825,7 +825,7 @@ has_table_privilege_id_name(PG_FUNCTION_ARGS)
|
||||
text *priv_type_text = PG_GETARG_TEXT_P(2);
|
||||
Oid reloid;
|
||||
AclMode mode;
|
||||
int32 aclresult;
|
||||
AclResult aclresult;
|
||||
|
||||
/*
|
||||
* Lookup rel OID based on relname
|
||||
@@ -863,7 +863,7 @@ has_table_privilege_id_id(PG_FUNCTION_ARGS)
|
||||
Oid reloid = PG_GETARG_OID(1);
|
||||
text *priv_type_text = PG_GETARG_TEXT_P(2);
|
||||
AclMode mode;
|
||||
int32 aclresult;
|
||||
AclResult aclresult;
|
||||
|
||||
/*
|
||||
* Convert priv_type_text to an AclMode
|
||||
|
||||
11
src/backend/utils/cache/fcache.c
vendored
11
src/backend/utils/cache/fcache.c
vendored
@@ -8,7 +8,7 @@
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/cache/Attic/fcache.c,v 1.43 2002/04/21 00:26:43 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/cache/Attic/fcache.c,v 1.44 2002/04/27 03:45:03 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@@ -17,6 +17,7 @@
|
||||
#include "miscadmin.h"
|
||||
#include "utils/acl.h"
|
||||
#include "utils/fcache.h"
|
||||
#include "utils/lsyscache.h"
|
||||
|
||||
|
||||
/*
|
||||
@@ -26,6 +27,12 @@ FunctionCachePtr
|
||||
init_fcache(Oid foid, int nargs, MemoryContext fcacheCxt)
|
||||
{
|
||||
FunctionCachePtr retval;
|
||||
AclResult aclresult;
|
||||
|
||||
/* Check permission to call function */
|
||||
aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_func_name(foid));
|
||||
|
||||
/* Safety check (should never fail, as parser should check sooner) */
|
||||
if (nargs > FUNC_MAX_ARGS)
|
||||
@@ -42,7 +49,5 @@ init_fcache(Oid foid, int nargs, MemoryContext fcacheCxt)
|
||||
/* Initialize additional info */
|
||||
retval->setArgsValid = false;
|
||||
|
||||
retval->permission_ok = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE) == ACLCHECK_OK;
|
||||
|
||||
return retval;
|
||||
}
|
||||
|
||||
29
src/backend/utils/cache/lsyscache.c
vendored
29
src/backend/utils/cache/lsyscache.c
vendored
@@ -7,7 +7,7 @@
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/cache/lsyscache.c,v 1.70 2002/04/16 23:08:11 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/cache/lsyscache.c,v 1.71 2002/04/27 03:45:03 tgl Exp $
|
||||
*
|
||||
* NOTES
|
||||
* Eventually, the index information should go through here, too.
|
||||
@@ -564,6 +564,33 @@ get_oprjoin(Oid opno)
|
||||
|
||||
/* ---------- FUNCTION CACHE ---------- */
|
||||
|
||||
/*
|
||||
* get_func_name
|
||||
* returns the name of the function with the given funcid
|
||||
*
|
||||
* Note: returns a palloc'd copy of the string, or NULL if no such function.
|
||||
*/
|
||||
char *
|
||||
get_func_name(Oid funcid)
|
||||
{
|
||||
HeapTuple tp;
|
||||
|
||||
tp = SearchSysCache(PROCOID,
|
||||
ObjectIdGetDatum(funcid),
|
||||
0, 0, 0);
|
||||
if (HeapTupleIsValid(tp))
|
||||
{
|
||||
Form_pg_proc functup = (Form_pg_proc) GETSTRUCT(tp);
|
||||
char *result;
|
||||
|
||||
result = pstrdup(NameStr(functup->proname));
|
||||
ReleaseSysCache(tp);
|
||||
return result;
|
||||
}
|
||||
else
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
* get_func_rettype
|
||||
* Given procedure id, return the function's result type.
|
||||
|
||||
Reference in New Issue
Block a user