Code cleanup of user name and user id handling in the backend. The current

user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc.
2025-06-27 23:21:58 +03:00 · 2000-09-06 14:15:31 +00:00
parent daf1e3a702
commit 6dc249610a
28 changed files with 220 additions and 281 deletions
--- a/src/backend/executor/execMain.c
+++ b/src/backend/executor/execMain.c
@ -27,7 +27,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.124 2000/08/22 04:06:19 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.125 2000/09/06 14:15:17 petere Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -571,8 +571,8 @@ ExecCheckRTEPerms(RangeTblEntry *rte, CmdType operation,
 				  bool isResultRelation, bool resultIsScanned)
 {
 	char	   *relName;
-	char	   *userName;
 	int32		aclcheck_result;
+	Oid		userid;

 	if (rte->skipAcl)
 	{
@ -588,14 +588,14 @@ ExecCheckRTEPerms(RangeTblEntry *rte, CmdType operation,
 	relName = rte->relname;

 	/*
-	 * Note: GetPgUserName is presently fast enough that there's no harm
+	 * Note: GetUserId() is presently fast enough that there's no harm
 	 * in calling it separately for each RTE.  If that stops being true,
-	 * we could call it once in ExecCheckQueryPerms and pass the userName
+	 * we could call it once in ExecCheckQueryPerms and pass the userid
 	 * down from there.  But for now, no need for the extra clutter.
 	 */
-	userName = GetPgUserName();
+	userid = GetUserId();

-#define CHECK(MODE)		pg_aclcheck(relName, userName, MODE)
+#define CHECK(MODE)		pg_aclcheck(relName, userid, MODE)

 	if (isResultRelation)
 	{