database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-10-24 01:29:19 +03:00
Code Activity

Handle policies during DROP OWNED BY

Browse Source 
DROP OWNED BY handled GRANT-based ACLs but was not removing roles from
policies.  Fix that by having DROP OWNED BY remove the role specified
from the list of roles the policy (or policies) apply to, or the entire
policy (or policies) if it only applied to the role specified.

As with ACLs, the DROP OWNED BY caller must have permission to modify
the policy or a WARNING is thrown and no change is made to the policy.
This commit is contained in:
Stephen Frost
2015-12-11 16:12:25 -05:00
parent 4fcf48450d
commit 833728d4c8
5 changed files with 303 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/include/commands/policy.h
View File

@@ -23,6 +23,8 @@ extern void RelationBuildRowSecurity(Relation relation);
extern void RemovePolicyById(Oid policy_id);
extern bool RemoveRoleFromObjectPolicy(Oid roleid, Oid classid, Oid objid);
extern ObjectAddress CreatePolicy(CreatePolicyStmt *stmt);
extern ObjectAddress AlterPolicy(AlterPolicyStmt *stmt);