database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-23 14:01:44 +03:00
Code Activity

Code cleanup of user name and user id handling in the backend. The current

Browse Source 
user is now defined in terms of the user id, the user name is only computed
upon request (for display purposes). This is kind of the opposite of the
previous state, which would maintain the user name and compute the user id
for permission checks.

Besides perhaps saving a few cycles (integer vs string), this now creates a
single point of attack for changing the user id during a connection, for
purposes of "setuid" functions, etc.
This commit is contained in:
Peter Eisentraut
2000-09-06 14:15:31 +00:00
parent daf1e3a702
commit 6dc249610a
28 changed files with 220 additions and 281 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/backend/commands/indexcmds.c
View File

@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.37 2000/08/20 00:44:19 tgl Exp $
* $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.38 2000/09/06 14:15:16 petere Exp $
*
*-------------------------------------------------------------------------
*/
@ -697,15 +697,11 @@ ReindexDatabase(const char *dbname, bool force, bool all)
{
Relation relation,
relationRelation;
HeapTuple usertuple,
dbtuple,
HeapTuple dbtuple,
tuple;
HeapScanDesc scan;
int4 user_id,
db_owner;
bool superuser;
int4 db_owner;
Oid db_id;
char *username;
ScanKeyData scankey;
MemoryContext private_context;
MemoryContext old;
@ -717,14 +713,6 @@ ReindexDatabase(const char *dbname, bool force, bool all)
AssertArg(dbname);
username = GetPgUserName();
usertuple = SearchSysCacheTuple(SHADOWNAME, PointerGetDatum(username),
0, 0, 0);
if (!HeapTupleIsValid(usertuple))
elog(ERROR, "Current user \"%s\" is invalid.", username);
user_id = ((Form_pg_shadow) GETSTRUCT(usertuple))->usesysid;
superuser = ((Form_pg_shadow) GETSTRUCT(usertuple))->usesuper;
relation = heap_openr(DatabaseRelationName, AccessShareLock);
ScanKeyEntryInitialize(&scankey, 0, Anum_pg_database_datname,
F_NAMEEQ, NameGetDatum(dbname));
@ -737,7 +725,7 @@ ReindexDatabase(const char *dbname, bool force, bool all)
heap_endscan(scan);
heap_close(relation, NoLock);
if (user_id != db_owner && !superuser)
if (GetUserId() != db_owner && !superuser())
elog(ERROR, "REINDEX DATABASE: Permission denied.");
if (db_id != MyDatabaseId)