Privileges on functions and procedural languages

2025-11-12 05:01:15 +03:00 · 2002-02-18 23:11:58 +00:00
parent 5e03503126
commit 8adf56f77a
35 changed files with 2325 additions and 1534 deletions
--- a/src/backend/utils/Gen_fmgrtab.sh
+++ b/src/backend/utils/Gen_fmgrtab.sh
@@ -9,7 +9,7 @@
 #
 #
 # IDENTIFICATION
-#    $Header: /cvsroot/pgsql/src/backend/utils/Attic/Gen_fmgrtab.sh,v 1.20 2001/05/22 12:06:51 momjian Exp $
+#    $Header: /cvsroot/pgsql/src/backend/utils/Attic/Gen_fmgrtab.sh,v 1.21 2002/02/18 23:11:20 petere Exp $
 #
 #-------------------------------------------------------------------------

@@ -164,7 +164,7 @@ FuNkYfMgRsTuFf
 tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' < $RAWFILE | \
 $AWK '
 BEGIN	{ OFS = ""; }
-	{ if (seenit[$(NF-1)]++ == 0) print "#define F_", $(NF-1), " ", $1; }' >> "$$-$OIDSFILE"
+	{ if (seenit[$(NF-2)]++ == 0) print "#define F_", $(NF-2), " ", $1; }' >> "$$-$OIDSFILE"

 if [ $? -ne 0 ]; then
    cleanup
@@ -209,7 +209,7 @@ cat > "$$-$TABLEFILE" <<FuNkYfMgRtAbStUfF

 FuNkYfMgRtAbStUfF

-$AWK '{ print "extern Datum", $(NF-1), "(PG_FUNCTION_ARGS);"; }' $RAWFILE >> "$$-$TABLEFILE"
+$AWK '{ print "extern Datum", $(NF-2), "(PG_FUNCTION_ARGS);"; }' $RAWFILE >> "$$-$TABLEFILE"

 if [ $? -ne 0 ]; then
    cleanup
@@ -232,7 +232,7 @@ $AWK 'BEGIN {
    Bool["f"] = "false"
 }
 { printf ("  { %d, \"%s\", %d, %s, %s, %s },\n"), \
-	$1, $(NF-1), $9, Bool[$8], Bool[$10], $(NF-1)
+	$1, $(NF-2), $9, Bool[$8], Bool[$10], $(NF-2)
 }' $RAWFILE >> "$$-$TABLEFILE"

 if [ $? -ne 0 ]; then
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.66 2001/11/16 23:30:35 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.67 2002/02/18 23:11:22 petere Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -373,7 +373,7 @@ aclitemgt(const AclItem *a1, const AclItem *a2)
 * newly-created tables (or any table with a NULL acl entry in pg_class)
 */
 Acl *
-acldefault(const char *relname, AclId ownerid)
+acldefault(AclId ownerid)
 {
 	Acl		   *acl;
 	AclItem    *aip;
@@ -381,16 +381,18 @@ acldefault(const char *relname, AclId ownerid)
 #define ACL_WORLD_DEFAULT		(ACL_NO)
 #define ACL_OWNER_DEFAULT		(ACL_INSERT|ACL_SELECT|ACL_UPDATE|ACL_DELETE|ACL_RULE|ACL_REFERENCES|ACL_TRIGGER)

-	acl = makeacl(2);
+	acl = makeacl(ownerid ? 2 : 1);
 	aip = ACL_DAT(acl);
 	aip[0].ai_idtype = ACL_IDTYPE_WORLD;
 	aip[0].ai_id = ACL_ID_WORLD;
-	aip[0].ai_mode = (IsSystemRelationName(relname) &&
-					  !IsToastRelationName(relname)) ? ACL_SELECT
-		: ACL_WORLD_DEFAULT;
-	aip[1].ai_idtype = ACL_IDTYPE_UID;
-	aip[1].ai_id = ownerid;
-	aip[1].ai_mode = ACL_OWNER_DEFAULT;
+	aip[0].ai_mode = ACL_WORLD_DEFAULT;
+	/* FIXME: The owner's default should vary with the object type. */
+	if (ownerid)
+	{
+		aip[1].ai_idtype = ACL_IDTYPE_UID;
+		aip[1].ai_id = ownerid;
+		aip[1].ai_mode = ACL_OWNER_DEFAULT;
+	}
 	return acl;
 }

--- a/src/backend/utils/adt/sets.c
+++ b/src/backend/utils/adt/sets.c
@@ -10,7 +10,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/Attic/sets.c,v 1.39 2001/10/02 21:39:35 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/Attic/sets.c,v 1.40 2002/02/18 23:11:23 petere Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -20,6 +20,7 @@
 #include "access/heapam.h"
 #include "catalog/catname.h"
 #include "catalog/indexing.h"
+#include "catalog/pg_language.h"
 #include "catalog/pg_proc.h"
 #include "executor/executor.h"
 #include "utils/fcache.h"
@@ -54,7 +55,7 @@ SetDefine(char *querystr, char *typename)
 							 false,		/* don't replace */
 							 true,		/* returnsSet */
 							 typename,	/* returnTypeName */
-							 "sql",		/* languageName */
+							 SQLlanguageId,	/* language */
 							 querystr,	/* sourceCode */
 							 fileName,	/* fileName */
 							 true,		/* trusted */
--- a/src/backend/utils/cache/fcache.c
+++ b/src/backend/utils/cache/fcache.c
@@ -8,12 +8,14 @@
 * Portions Copyright (c) 1994, Regents of the University of California
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/cache/Attic/fcache.c,v 1.41 2001/10/06 23:21:44 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/cache/Attic/fcache.c,v 1.42 2002/02/18 23:11:25 petere Exp $
 *
 *-------------------------------------------------------------------------
 */
 #include "postgres.h"

+#include "miscadmin.h"
+#include "utils/acl.h"
 #include "utils/fcache.h"


@@ -40,5 +42,7 @@ init_fcache(Oid foid, int nargs, MemoryContext fcacheCxt)
 	/* Initialize additional info */
 	retval->setArgsValid = false;

+	retval->permission_ok = pg_proc_aclcheck(foid, GetUserId()) == ACLCHECK_OK;
+
 	return retval;
 }
--- a/src/backend/utils/misc/superuser.c
+++ b/src/backend/utils/misc/superuser.c
@@ -10,7 +10,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/superuser.c,v 1.19 2001/09/08 15:24:00 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/superuser.c,v 1.20 2002/02/18 23:11:26 petere Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -30,16 +30,23 @@
 */
 bool
 superuser(void)
+{
+	return superuser_arg(GetUserId());
+}
+
+
+bool
+superuser_arg(Oid userid)
 {
 	bool		result = false;
 	HeapTuple	utup;

 	/* Special escape path in case you deleted all your users. */
-	if (!IsUnderPostmaster && GetUserId() == BOOTSTRAP_USESYSID)
+	if (!IsUnderPostmaster && userid == BOOTSTRAP_USESYSID)
 		return true;

 	utup = SearchSysCache(SHADOWSYSID,
-						  ObjectIdGetDatum(GetUserId()),
+						  ObjectIdGetDatum(userid),
 						  0, 0, 0);
 	if (HeapTupleIsValid(utup))
 	{
@@ -49,6 +56,7 @@ superuser(void)
 	return result;
 }

+
 /*
 * The Postgres user running this command is the owner of the specified
 * database.