Cause '*' and 'foo.*' notations to mark the referenced RTE(s) as

requiring read permissions. Up till now there was no possible case in which the RTEs wouldn't already have ACL_SELECT set ... but now that you can say something like 'INSERT INTO foo ... RETURNING *' this is an essential step. With this commit, a RETURNING clause adds the requirement for SELECT permissions on the target table if and only if the clause actually reads the value of at least one target-table column.
2025-06-14 18:42:34 +03:00 · 2006-08-14 23:39:32 +00:00
parent 65b2f93b58
commit 58538a0ffc
2 changed files with 11 additions and 4 deletions
--- a/src/backend/parser/parse_target.c
+++ b/src/backend/parser/parse_target.c
@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.147 2006/08/02 01:59:47 joe Exp $
+ *	  $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.148 2006/08/14 23:39:32 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -889,6 +889,9 @@ ExpandColumnRefStar(ParseState *pstate, ColumnRef *cref,
 			rte = addImplicitRTE(pstate, makeRangeVar(schemaname, relname),
 								 cref->location);

+		/* Require read access --- see comments in setTargetTable() */
+		rte->requiredPerms |= ACL_SELECT;
+
 		rtindex = RTERangeTablePosn(pstate, rte, &sublevels_up);

 		if (targetlist)
@ -930,6 +933,9 @@ ExpandAllTables(ParseState *pstate)
 		RangeTblEntry *rte = (RangeTblEntry *) lfirst(l);
 		int			rtindex = RTERangeTablePosn(pstate, rte, NULL);

+		/* Require read access --- see comments in setTargetTable() */
+		rte->requiredPerms |= ACL_SELECT;
+
 		target = list_concat(target,
 							 expandRelAttrs(pstate, rte, rtindex, 0));
 	}