Make default ACL be consistent --- ie, starting point for ChangeAcl

is the same as the access permissions granted when a relation's relacl field is NULL, ie, owner=all rights, world=no rights.
2025-07-28 23:42:10 +03:00 · 2000-10-02 04:49:28 +00:00
parent 46cf925728
commit 7215f74b89
3 changed files with 68 additions and 117 deletions
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.48 2000/07/31 22:39:09 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.49 2000/10/02 04:49:27 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -334,12 +334,23 @@ aclitemgt(AclItem *a1, AclItem *a2)
 			(a1->ai_idtype == a2->ai_idtype && a1->ai_id > a2->ai_id));
 }

+
+/*
+ * acldefault()  --- create an ACL describing default access permissions
+ *
+ * Change this routine if you want to alter the default access policy for
+ * newly-created tables (or any table with a NULL acl entry in pg_class)
+ */
 Acl *
-aclownerdefault(char *relname, AclId ownerid)
+acldefault(char *relname, AclId ownerid)
 {
 	Acl		   *acl;
 	AclItem    *aip;

+#define ACL_WORLD_DEFAULT		(ACL_NO)
+/* #define		ACL_WORLD_DEFAULT		(ACL_RD|ACL_WR|ACL_AP|ACL_RU) */
+#define ACL_OWNER_DEFAULT		(ACL_RD|ACL_WR|ACL_AP|ACL_RU)
+
 	acl = makeacl(2);
 	aip = ACL_DAT(acl);
 	aip[0].ai_idtype = ACL_IDTYPE_WORLD;
@ -351,19 +362,6 @@ aclownerdefault(char *relname, AclId ownerid)
 	return acl;
 }

-Acl *
-acldefault(char *relname)
-{
-	Acl		   *acl;
-	AclItem    *aip;
-
-	acl = makeacl(1);
-	aip = ACL_DAT(acl);
-	aip[0].ai_idtype = ACL_IDTYPE_WORLD;
-	aip[0].ai_id = ACL_ID_WORLD;
-	aip[0].ai_mode = IsSystemRelationName(relname) ? ACL_RD : ACL_WORLD_DEFAULT;
-	return acl;
-}

 /*
 * Add or replace an item in an ACL array.