mirror of
https://github.com/postgres/postgres.git
synced 2025-07-31 22:04:40 +03:00
Replace AclObjectKind with ObjectType
AclObjectKind was basically just another enumeration for object types, and we already have a preferred one for that. It's only used in aclcheck_error. By using ObjectType instead, we can also give some more precise error messages, for example "index" instead of "relation". Reviewed-by: Michael Paquier <michael.paquier@gmail.com>
This commit is contained in:
Peter Eisentraut
@ -103,7 +103,7 @@ DefineAggregate(ParseState *pstate, List *name, List *args, bool oldstyle, List
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(aggNamespace));
|
||||
|
||||
/* Deconstruct the output of the aggr_args grammar production */
|
||||
|
||||
@ -171,7 +171,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
|
||||
AttrNumber Anum_name = get_object_attnum_name(classId);
|
||||
AttrNumber Anum_namespace = get_object_attnum_namespace(classId);
|
||||
AttrNumber Anum_owner = get_object_attnum_owner(classId);
|
||||
AclObjectKind acl_kind = get_object_aclkind(classId);
|
||||
ObjectType objtype = get_object_type(classId, objectId);
|
||||
HeapTuple oldtup;
|
||||
HeapTuple newtup;
|
||||
Datum datum;
|
||||
@ -223,7 +223,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
|
||||
ownerId = DatumGetObjectId(datum);
|
||||
|
||||
if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId)))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, old_name);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name);
|
||||
|
||||
/* User must have CREATE privilege on the namespace */
|
||||
if (OidIsValid(namespaceId))
|
||||
@ -231,7 +231,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
}
|
||||
}
|
||||
@ -663,7 +663,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
|
||||
AttrNumber Anum_name = get_object_attnum_name(classId);
|
||||
AttrNumber Anum_namespace = get_object_attnum_namespace(classId);
|
||||
AttrNumber Anum_owner = get_object_attnum_owner(classId);
|
||||
AclObjectKind acl_kind = get_object_aclkind(classId);
|
||||
ObjectType objtype = get_object_type(classId, objid);
|
||||
Oid oldNspOid;
|
||||
Datum name,
|
||||
namespace;
|
||||
@ -719,13 +719,13 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid)
|
||||
ownerId = DatumGetObjectId(owner);
|
||||
|
||||
if (!has_privs_of_role(GetUserId(), ownerId))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
|
||||
NameStr(*(DatumGetName(name))));
|
||||
|
||||
/* User must have CREATE privilege on new namespace */
|
||||
aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(nspOid));
|
||||
}
|
||||
|
||||
@ -942,7 +942,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
|
||||
/* Superusers can bypass permission checks */
|
||||
if (!superuser())
|
||||
{
|
||||
AclObjectKind aclkind = get_object_aclkind(classId);
|
||||
ObjectType objtype = get_object_type(classId, objectId);
|
||||
|
||||
/* must be owner */
|
||||
if (!has_privs_of_role(GetUserId(), old_ownerId))
|
||||
@ -963,7 +963,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
|
||||
HeapTupleGetOid(oldtup));
|
||||
objname = namebuf;
|
||||
}
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, aclkind, objname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname);
|
||||
}
|
||||
/* Must be able to become new owner */
|
||||
check_is_member_of_role(GetUserId(), new_ownerId);
|
||||
@ -976,7 +976,7 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId)
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId,
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
}
|
||||
}
|
||||
|
||||
@ -74,7 +74,7 @@ DefineCollation(ParseState *pstate, List *names, List *parameters, bool if_not_e
|
||||
|
||||
aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(collNamespace));
|
||||
|
||||
foreach(pl, parameters)
|
||||
@ -278,7 +278,7 @@ AlterCollation(AlterCollationStmt *stmt)
|
||||
collOid = get_collation_oid(stmt->collname, false);
|
||||
|
||||
if (!pg_collation_ownercheck(collOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_COLLATION,
|
||||
NameListToString(stmt->collname));
|
||||
|
||||
tup = SearchSysCacheCopy1(COLLOID, ObjectIdGetDatum(collOid));
|
||||
|
||||
@ -55,7 +55,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
|
||||
/* Check the encoding names */
|
||||
@ -90,7 +90,7 @@ CreateConversionCommand(CreateConversionStmt *stmt)
|
||||
/* Check we have EXECUTE rights for the function */
|
||||
aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION,
|
||||
NameListToString(func_name));
|
||||
|
||||
/*
|
||||
|
||||
@ -422,7 +422,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt)
|
||||
aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
tablespacename);
|
||||
|
||||
/* pg_global must never be the default tablespace */
|
||||
@ -822,7 +822,7 @@ dropdb(const char *dbname, bool missing_ok)
|
||||
* Permission checks
|
||||
*/
|
||||
if (!pg_database_ownercheck(db_id, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
dbname);
|
||||
|
||||
/* DROP hook for the database being removed */
|
||||
@ -997,7 +997,7 @@ RenameDatabase(const char *oldname, const char *newname)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_database_ownercheck(db_id, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
oldname);
|
||||
|
||||
/* must have createdb rights */
|
||||
@ -1112,7 +1112,7 @@ movedb(const char *dbname, const char *tblspcname)
|
||||
* Permission checks
|
||||
*/
|
||||
if (!pg_database_ownercheck(db_id, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
dbname);
|
||||
|
||||
/*
|
||||
@ -1134,7 +1134,7 @@ movedb(const char *dbname, const char *tblspcname)
|
||||
aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
tblspcname);
|
||||
|
||||
/*
|
||||
@ -1515,7 +1515,7 @@ AlterDatabase(ParseState *pstate, AlterDatabaseStmt *stmt, bool isTopLevel)
|
||||
dboid = HeapTupleGetOid(tuple);
|
||||
|
||||
if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
stmt->dbname);
|
||||
|
||||
/*
|
||||
@ -1583,7 +1583,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
|
||||
shdepLockAndCheckObject(DatabaseRelationId, datid);
|
||||
|
||||
if (!pg_database_ownercheck(datid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
stmt->dbname);
|
||||
|
||||
AlterSetting(datid, InvalidOid, stmt->setstmt);
|
||||
@ -1646,7 +1646,7 @@ AlterDatabaseOwner(const char *dbname, Oid newOwnerId)
|
||||
|
||||
/* Otherwise, must be owner of the existing object */
|
||||
if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
dbname);
|
||||
|
||||
/* Must be able to become new owner */
|
||||
|
||||
@ -519,7 +519,7 @@ AlterEventTrigger(AlterEventTrigStmt *stmt)
|
||||
trigoid = HeapTupleGetOid(tup);
|
||||
|
||||
if (!pg_event_trigger_ownercheck(trigoid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
|
||||
stmt->trigname);
|
||||
|
||||
/* tuple is a copy, so we can modify it below */
|
||||
@ -610,7 +610,7 @@ AlterEventTriggerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
return;
|
||||
|
||||
if (!pg_event_trigger_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
|
||||
NameStr(form->evtname));
|
||||
|
||||
/* New owner must be a superuser */
|
||||
|
||||
@ -2704,13 +2704,13 @@ AlterExtensionNamespace(const char *extensionName, const char *newschema, Oid *o
|
||||
* check ownership of the individual member objects ...
|
||||
*/
|
||||
if (!pg_extension_ownercheck(extensionOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
|
||||
extensionName);
|
||||
|
||||
/* Permission check: must have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE, newschema);
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA, newschema);
|
||||
|
||||
/*
|
||||
* If the schema is currently a member of the extension, disallow moving
|
||||
@ -2924,7 +2924,7 @@ ExecAlterExtensionStmt(ParseState *pstate, AlterExtensionStmt *stmt)
|
||||
|
||||
/* Permission check: must own extension */
|
||||
if (!pg_extension_ownercheck(extensionOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
|
||||
stmt->extname);
|
||||
|
||||
/*
|
||||
@ -3182,7 +3182,7 @@ ExecAlterExtensionContentsStmt(AlterExtensionContentsStmt *stmt,
|
||||
|
||||
/* Permission check: must own extension */
|
||||
if (!pg_extension_ownercheck(extension.objectId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
|
||||
stmt->extname);
|
||||
|
||||
/*
|
||||
|
||||
@ -358,7 +358,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
|
||||
/* Must be owner */
|
||||
if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
|
||||
NameStr(form->srvname));
|
||||
|
||||
/* Must be able to become new owner */
|
||||
@ -370,7 +370,7 @@ AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
{
|
||||
ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw);
|
||||
|
||||
aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
|
||||
aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
|
||||
}
|
||||
}
|
||||
|
||||
@ -907,7 +907,7 @@ CreateForeignServer(CreateForeignServerStmt *stmt)
|
||||
|
||||
aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
|
||||
aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
|
||||
|
||||
/*
|
||||
* Insert tuple into pg_foreign_server.
|
||||
@ -1010,7 +1010,7 @@ AlterForeignServer(AlterForeignServerStmt *stmt)
|
||||
* Only owner or a superuser can ALTER a SERVER.
|
||||
*/
|
||||
if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
|
||||
stmt->servername);
|
||||
|
||||
memset(repl_val, 0, sizeof(repl_val));
|
||||
@ -1119,10 +1119,10 @@ user_mapping_ddl_aclcheck(Oid umuserid, Oid serverid, const char *servername)
|
||||
|
||||
aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, servername);
|
||||
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername);
|
||||
}
|
||||
else
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
|
||||
servername);
|
||||
}
|
||||
}
|
||||
@ -1477,7 +1477,7 @@ CreateForeignTable(CreateForeignTableStmt *stmt, Oid relid)
|
||||
server = GetForeignServerByName(stmt->servername, false);
|
||||
aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
|
||||
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
|
||||
|
||||
fdw = GetForeignDataWrapper(server->fdwid);
|
||||
|
||||
@ -1536,7 +1536,7 @@ ImportForeignSchema(ImportForeignSchemaStmt *stmt)
|
||||
server = GetForeignServerByName(stmt->server_name, false);
|
||||
aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
|
||||
aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
|
||||
|
||||
/* Check that the schema exists and we have CREATE permissions on it */
|
||||
(void) LookupCreationNamespace(stmt->local_schema);
|
||||
|
||||
@ -146,7 +146,7 @@ compute_return_type(TypeName *returnType, Oid languageOid,
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
address = TypeShellMake(typname, namespaceId, GetUserId());
|
||||
rettype = address.objectId;
|
||||
@ -953,7 +953,7 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
|
||||
/* default attributes */
|
||||
@ -995,14 +995,14 @@ CreateFunction(ParseState *pstate, CreateFunctionStmt *stmt)
|
||||
|
||||
aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
|
||||
aclcheck_error(aclresult, OBJECT_LANGUAGE,
|
||||
NameStr(languageStruct->lanname));
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if untrusted language, must be superuser */
|
||||
if (!superuser())
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
|
||||
NameStr(languageStruct->lanname));
|
||||
}
|
||||
|
||||
@ -1254,7 +1254,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt)
|
||||
|
||||
/* Permission check: must own function */
|
||||
if (!pg_proc_ownercheck(funcOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype,
|
||||
NameListToString(stmt->func->objname));
|
||||
|
||||
if (procForm->proisagg)
|
||||
@ -1911,7 +1911,7 @@ CreateTransform(CreateTransformStmt *stmt)
|
||||
|
||||
aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_LANGUAGE, stmt->lang);
|
||||
aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang);
|
||||
|
||||
/*
|
||||
* Get the functions
|
||||
@ -1921,11 +1921,11 @@ CreateTransform(CreateTransformStmt *stmt)
|
||||
fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false);
|
||||
|
||||
if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
|
||||
|
||||
aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
|
||||
|
||||
tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(fromsqlfuncid));
|
||||
if (!HeapTupleIsValid(tuple))
|
||||
@ -1947,11 +1947,11 @@ CreateTransform(CreateTransformStmt *stmt)
|
||||
tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false);
|
||||
|
||||
if (!pg_proc_ownercheck(tosqlfuncid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
|
||||
|
||||
aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
|
||||
|
||||
tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(tosqlfuncid));
|
||||
if (!HeapTupleIsValid(tuple))
|
||||
@ -2209,14 +2209,14 @@ ExecuteDoStmt(DoStmt *stmt)
|
||||
aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(),
|
||||
ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
|
||||
aclcheck_error(aclresult, OBJECT_LANGUAGE,
|
||||
NameStr(languageStruct->lanname));
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if untrusted language, must be superuser */
|
||||
if (!superuser())
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
|
||||
NameStr(languageStruct->lanname));
|
||||
}
|
||||
|
||||
@ -2270,7 +2270,7 @@ ExecuteCallStmt(ParseState *pstate, CallStmt *stmt)
|
||||
|
||||
aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fexpr->funcid));
|
||||
aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid));
|
||||
InvokeFunctionExecuteHook(fexpr->funcid);
|
||||
|
||||
nargs = list_length(fexpr->args);
|
||||
|
||||
@ -474,7 +474,7 @@ DefineIndex(Oid relationId,
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceId));
|
||||
}
|
||||
|
||||
@ -501,7 +501,7 @@ DefineIndex(Oid relationId,
|
||||
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(tablespaceId));
|
||||
}
|
||||
|
||||
@ -2048,7 +2048,7 @@ RangeVarCallbackForReindexIndex(const RangeVar *relation,
|
||||
|
||||
/* Check permissions */
|
||||
if (!pg_class_ownercheck(relId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, relation->relname);
|
||||
|
||||
/* Lock heap before index to avoid deadlock. */
|
||||
if (relId != oldRelId)
|
||||
@ -2127,7 +2127,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
|
||||
objectOid = get_namespace_oid(objectName, false);
|
||||
|
||||
if (!pg_namespace_ownercheck(objectOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
|
||||
objectName);
|
||||
}
|
||||
else
|
||||
@ -2139,7 +2139,7 @@ ReindexMultipleTables(const char *objectName, ReindexObjectType objectKind,
|
||||
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
||||
errmsg("can only reindex the currently open database")));
|
||||
if (!pg_database_ownercheck(objectOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
objectName);
|
||||
}
|
||||
|
||||
|
||||
@ -96,7 +96,7 @@ RangeVarCallbackForLockTable(const RangeVar *rv, Oid relid, Oid oldrelid,
|
||||
/* Check permissions. */
|
||||
aclresult = LockTableAclCheck(relid, lockmode);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS, rv->relname);
|
||||
aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -127,7 +127,7 @@ LockTableRecurse(Oid reloid, LOCKMODE lockmode, bool nowait)
|
||||
|
||||
if (!relname)
|
||||
continue; /* child concurrently dropped, just skip it */
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS, relname);
|
||||
aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(childreloid)), relname);
|
||||
}
|
||||
|
||||
/* We have enough rights to lock the relation; do so. */
|
||||
|
||||
@ -353,7 +353,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceoid));
|
||||
|
||||
/* Get necessary info about access method */
|
||||
@ -497,11 +497,11 @@ DefineOpClass(CreateOpClassStmt *stmt)
|
||||
/* XXX this is unnecessary given the superuser check above */
|
||||
/* Caller must own operator and its underlying function */
|
||||
if (!pg_oper_ownercheck(operOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
|
||||
get_opname(operOid));
|
||||
funcOid = get_opcode(operOid);
|
||||
if (!pg_proc_ownercheck(funcOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
get_func_name(funcOid));
|
||||
#endif
|
||||
|
||||
@ -525,7 +525,7 @@ DefineOpClass(CreateOpClassStmt *stmt)
|
||||
/* XXX this is unnecessary given the superuser check above */
|
||||
/* Caller must own function */
|
||||
if (!pg_proc_ownercheck(funcOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
get_func_name(funcOid));
|
||||
#endif
|
||||
|
||||
@ -730,7 +730,7 @@ DefineOpFamily(CreateOpFamilyStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceoid));
|
||||
|
||||
/* Get access method OID, throwing an error if it doesn't exist. */
|
||||
@ -871,11 +871,11 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
|
||||
/* XXX this is unnecessary given the superuser check above */
|
||||
/* Caller must own operator and its underlying function */
|
||||
if (!pg_oper_ownercheck(operOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
|
||||
get_opname(operOid));
|
||||
funcOid = get_opcode(operOid);
|
||||
if (!pg_proc_ownercheck(funcOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
get_func_name(funcOid));
|
||||
#endif
|
||||
|
||||
@ -899,7 +899,7 @@ AlterOpFamilyAdd(AlterOpFamilyStmt *stmt, Oid amoid, Oid opfamilyoid,
|
||||
/* XXX this is unnecessary given the superuser check above */
|
||||
/* Caller must own function */
|
||||
if (!pg_proc_ownercheck(funcOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
get_func_name(funcOid));
|
||||
#endif
|
||||
|
||||
|
||||
@ -95,7 +95,7 @@ DefineOperator(List *names, List *parameters)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(oprNamespace));
|
||||
|
||||
/*
|
||||
@ -215,7 +215,7 @@ DefineOperator(List *names, List *parameters)
|
||||
*/
|
||||
aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION,
|
||||
NameListToString(functionName));
|
||||
|
||||
rettype = get_func_rettype(functionOid);
|
||||
@ -281,7 +281,7 @@ ValidateRestrictionEstimator(List *restrictionName)
|
||||
/* Require EXECUTE rights for the estimator */
|
||||
aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION,
|
||||
NameListToString(restrictionName));
|
||||
|
||||
return restrictionOid;
|
||||
@ -327,7 +327,7 @@ ValidateJoinEstimator(List *joinName)
|
||||
/* Require EXECUTE rights for the estimator */
|
||||
aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION,
|
||||
NameListToString(joinName));
|
||||
|
||||
return joinOid;
|
||||
@ -457,7 +457,7 @@ AlterOperator(AlterOperatorStmt *stmt)
|
||||
|
||||
/* Check permissions. Must be owner. */
|
||||
if (!pg_oper_ownercheck(oprId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
|
||||
NameStr(oprForm->oprname));
|
||||
|
||||
/*
|
||||
|
||||
@ -78,7 +78,7 @@ RangeVarCallbackForPolicy(const RangeVar *rv, Oid relid, Oid oldrelid,
|
||||
|
||||
/* Must own relation. */
|
||||
if (!pg_class_ownercheck(relid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
|
||||
|
||||
/* No system table modifications unless explicitly allowed. */
|
||||
if (!allowSystemTableMods && IsSystemClass(relid, classform))
|
||||
|
||||
@ -97,7 +97,7 @@ CreateProceduralLanguage(CreatePLangStmt *stmt)
|
||||
errmsg("must be superuser to create procedural language \"%s\"",
|
||||
stmt->plname)));
|
||||
if (!pg_database_ownercheck(MyDatabaseId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
}
|
||||
|
||||
@ -366,7 +366,7 @@ create_proc_lang(const char *languageName, bool replace,
|
||||
(errcode(ERRCODE_DUPLICATE_OBJECT),
|
||||
errmsg("language \"%s\" already exists", languageName)));
|
||||
if (!pg_language_ownercheck(HeapTupleGetOid(oldtup), languageOwner))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_LANGUAGE,
|
||||
languageName);
|
||||
|
||||
/*
|
||||
|
||||
@ -150,7 +150,7 @@ CreatePublication(CreatePublicationStmt *stmt)
|
||||
/* must have CREATE privilege on database */
|
||||
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_DATABASE,
|
||||
aclcheck_error(aclresult, OBJECT_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
||||
/* FOR ALL TABLES requires superuser */
|
||||
@ -403,7 +403,7 @@ AlterPublication(AlterPublicationStmt *stmt)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
|
||||
stmt->pubname);
|
||||
|
||||
if (stmt->options)
|
||||
@ -582,7 +582,7 @@ PublicationAddTables(Oid pubid, List *rels, bool if_not_exists,
|
||||
|
||||
/* Must be owner of the table or superuser. */
|
||||
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
obj = publication_add_relation(pubid, rel, if_not_exists);
|
||||
@ -649,7 +649,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
|
||||
/* Must be owner */
|
||||
if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
|
||||
NameStr(form->pubname));
|
||||
|
||||
/* Must be able to become new owner */
|
||||
@ -658,7 +658,7 @@ AlterPublicationOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
/* New owner must have CREATE privilege on database */
|
||||
aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_DATABASE,
|
||||
aclcheck_error(aclresult, OBJECT_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
||||
if (form->puballtables && !superuser_arg(newOwnerId))
|
||||
|
||||
@ -94,7 +94,7 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
|
||||
*/
|
||||
aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_DATABASE,
|
||||
aclcheck_error(aclresult, OBJECT_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
||||
check_is_member_of_role(saved_uid, owner_uid);
|
||||
@ -265,13 +265,13 @@ RenameSchema(const char *oldname, const char *newname)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
|
||||
oldname);
|
||||
|
||||
/* must have CREATE privilege on database */
|
||||
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_DATABASE,
|
||||
aclcheck_error(aclresult, OBJECT_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
||||
if (!allowSystemTableMods && IsReservedName(newname))
|
||||
@ -373,7 +373,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
|
||||
|
||||
/* Otherwise, must be owner of the existing object */
|
||||
if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
|
||||
NameStr(nspForm->nspname));
|
||||
|
||||
/* Must be able to become new owner */
|
||||
@ -391,7 +391,7 @@ AlterSchemaOwner_internal(HeapTuple tup, Relation rel, Oid newOwnerId)
|
||||
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_DATABASE,
|
||||
aclcheck_error(aclresult, OBJECT_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
||||
memset(repl_null, false, sizeof(repl_null));
|
||||
|
||||
@ -141,7 +141,7 @@ CreateStatistics(CreateStatsStmt *stmt)
|
||||
|
||||
/* You must own the relation to create stats on it */
|
||||
if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
|
||||
RelationGetRelationName(rel));
|
||||
}
|
||||
|
||||
|
||||
@ -635,7 +635,7 @@ AlterSubscription(AlterSubscriptionStmt *stmt)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
|
||||
stmt->subname);
|
||||
|
||||
subid = HeapTupleGetOid(tup);
|
||||
@ -854,7 +854,7 @@ DropSubscription(DropSubscriptionStmt *stmt, bool isTopLevel)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_subscription_ownercheck(subid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
|
||||
stmt->subname);
|
||||
|
||||
/* DROP hook for the subscription being removed */
|
||||
@ -1022,7 +1022,7 @@ AlterSubscriptionOwner_internal(Relation rel, HeapTuple tup, Oid newOwnerId)
|
||||
return;
|
||||
|
||||
if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
|
||||
NameStr(form->subname));
|
||||
|
||||
/* New owner must be a superuser */
|
||||
|
||||
@ -601,7 +601,7 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId,
|
||||
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(tablespaceId));
|
||||
}
|
||||
|
||||
@ -1255,7 +1255,7 @@ RangeVarCallbackForDropRelation(const RangeVar *rel, Oid relOid, Oid oldRelOid,
|
||||
/* Allow DROP to either table owner or schema owner */
|
||||
if (!pg_class_ownercheck(relOid, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)),
|
||||
rel->relname);
|
||||
|
||||
if (!allowSystemTableMods && IsSystemClass(relOid, classform))
|
||||
@ -1438,7 +1438,7 @@ ExecuteTruncate(TruncateStmt *stmt)
|
||||
|
||||
/* This check must match AlterSequence! */
|
||||
if (!pg_class_ownercheck(seq_relid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SEQUENCE,
|
||||
RelationGetRelationName(seq_rel));
|
||||
|
||||
seq_relids = lappend_oid(seq_relids, seq_relid);
|
||||
@ -1626,7 +1626,7 @@ truncate_check_rel(Relation rel)
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
|
||||
ACL_TRUNCATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
@ -1912,7 +1912,7 @@ MergeAttributes(List *schema, List *supers, char relpersistence,
|
||||
* demand that creator of a child table own the parent.
|
||||
*/
|
||||
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(relation->rd_rel->relkind),
|
||||
RelationGetRelationName(relation));
|
||||
|
||||
/*
|
||||
@ -2600,7 +2600,7 @@ renameatt_check(Oid myrelid, Form_pg_class classform, bool recursing)
|
||||
* permissions checking. only the owner of a class can change its schema.
|
||||
*/
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(myrelid)),
|
||||
NameStr(classform->relname));
|
||||
if (!allowSystemTableMods && IsSystemClass(myrelid, classform))
|
||||
ereport(ERROR,
|
||||
@ -4837,7 +4837,7 @@ ATSimplePermissions(Relation rel, int allowed_targets)
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
@ -6283,7 +6283,7 @@ ATPrepSetStatistics(Relation rel, const char *colName, int16 colNum, Node *newVa
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
|
||||
RelationGetRelationName(rel));
|
||||
}
|
||||
|
||||
@ -8209,7 +8209,7 @@ checkFkeyPermissions(Relation rel, int16 *attnums, int natts)
|
||||
aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i],
|
||||
roleid, ACL_REFERENCES);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
|
||||
RelationGetRelationName(rel));
|
||||
}
|
||||
}
|
||||
@ -10129,7 +10129,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
|
||||
|
||||
/* Otherwise, must be owner of the existing object */
|
||||
if (!pg_class_ownercheck(relationOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relationOid)),
|
||||
RelationGetRelationName(target_rel));
|
||||
|
||||
/* Must be able to become new owner */
|
||||
@ -10139,7 +10139,7 @@ ATExecChangeOwner(Oid relationOid, Oid newOwnerId, bool recursing, LOCKMODE lock
|
||||
aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId,
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceOid));
|
||||
}
|
||||
}
|
||||
@ -10437,7 +10437,7 @@ ATPrepSetTableSpace(AlteredTableInfo *tab, Relation rel, const char *tablespacen
|
||||
|
||||
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_TABLESPACE, tablespacename);
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename);
|
||||
}
|
||||
|
||||
/* Save info for Phase 3 to do the real work */
|
||||
@ -10872,7 +10872,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
|
||||
aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE,
|
||||
get_tablespace_name(new_tablespaceoid));
|
||||
}
|
||||
|
||||
@ -10944,7 +10944,7 @@ AlterTableMoveAll(AlterTableMoveAllStmt *stmt)
|
||||
* Caller must be considered an owner on the table to move it.
|
||||
*/
|
||||
if (!pg_class_ownercheck(relOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)),
|
||||
NameStr(relForm->relname));
|
||||
|
||||
if (stmt->nowait &&
|
||||
@ -13162,7 +13162,7 @@ RangeVarCallbackOwnsTable(const RangeVar *relation,
|
||||
|
||||
/* Check permissions */
|
||||
if (!pg_class_ownercheck(relId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)), relation->relname);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -13184,7 +13184,7 @@ RangeVarCallbackOwnsRelation(const RangeVar *relation,
|
||||
elog(ERROR, "cache lookup failed for relation %u", relId);
|
||||
|
||||
if (!pg_class_ownercheck(relId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)),
|
||||
relation->relname);
|
||||
|
||||
if (!allowSystemTableMods &&
|
||||
@ -13220,7 +13220,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
|
||||
|
||||
/* Must own relation. */
|
||||
if (!pg_class_ownercheck(relid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
|
||||
|
||||
/* No system table modifications unless explicitly allowed. */
|
||||
if (!allowSystemTableMods && IsSystemClass(relid, classform))
|
||||
@ -13240,7 +13240,7 @@ RangeVarCallbackForAlterRelation(const RangeVar *rv, Oid relid, Oid oldrelid,
|
||||
aclresult = pg_namespace_aclcheck(classform->relnamespace,
|
||||
GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(classform->relnamespace));
|
||||
reltype = ((RenameStmt *) stmt)->renameType;
|
||||
}
|
||||
|
||||
@ -444,13 +444,13 @@ DropTableSpace(DropTableSpaceStmt *stmt)
|
||||
|
||||
/* Must be tablespace owner */
|
||||
if (!pg_tablespace_ownercheck(tablespaceoid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
|
||||
tablespacename);
|
||||
|
||||
/* Disallow drop of the standard tablespaces, even by superuser */
|
||||
if (tablespaceoid == GLOBALTABLESPACE_OID ||
|
||||
tablespaceoid == DEFAULTTABLESPACE_OID)
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE,
|
||||
tablespacename);
|
||||
|
||||
/* DROP hook for the tablespace being removed */
|
||||
@ -941,7 +941,7 @@ RenameTableSpace(const char *oldname, const char *newname)
|
||||
|
||||
/* Must be owner */
|
||||
if (!pg_tablespace_ownercheck(HeapTupleGetOid(newtuple), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, oldname);
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, oldname);
|
||||
|
||||
/* Validate new name */
|
||||
if (!allowSystemTableMods && IsReservedName(newname))
|
||||
@ -1017,7 +1017,7 @@ AlterTableSpaceOptions(AlterTableSpaceOptionsStmt *stmt)
|
||||
|
||||
/* Must be owner of the existing object */
|
||||
if (!pg_tablespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
|
||||
stmt->tablespacename);
|
||||
|
||||
/* Generate new proposed spcoptions (text array) */
|
||||
@ -1232,7 +1232,7 @@ check_temp_tablespaces(char **newval, void **extra, GucSource source)
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
{
|
||||
if (source >= PGC_S_INTERACTIVE)
|
||||
aclcheck_error(aclresult, ACL_KIND_TABLESPACE, curname);
|
||||
aclcheck_error(aclresult, OBJECT_TABLESPACE, curname);
|
||||
continue;
|
||||
}
|
||||
|
||||
|
||||
@ -284,7 +284,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
|
||||
ACL_TRIGGER);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (OidIsValid(constrrelid))
|
||||
@ -292,7 +292,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
|
||||
aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
|
||||
ACL_TRIGGER);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(constrrelid)),
|
||||
get_rel_name(constrrelid));
|
||||
}
|
||||
}
|
||||
@ -592,7 +592,7 @@ CreateTrigger(CreateTrigStmt *stmt, const char *queryString,
|
||||
{
|
||||
aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION,
|
||||
NameListToString(stmt->funcname));
|
||||
}
|
||||
funcrettype = get_func_rettype(funcoid);
|
||||
@ -1422,7 +1422,7 @@ RangeVarCallbackForRenameTrigger(const RangeVar *rv, Oid relid, Oid oldrelid,
|
||||
|
||||
/* you must own the table to rename one of its triggers */
|
||||
if (!pg_class_ownercheck(relid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
|
||||
if (!allowSystemTableMods && IsSystemClass(relid, form))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
|
||||
@ -428,7 +428,7 @@ DefineTSDictionary(List *names, List *parameters)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceoid));
|
||||
|
||||
/*
|
||||
@ -549,7 +549,7 @@ AlterTSDictionary(AlterTSDictionaryStmt *stmt)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_ts_dict_ownercheck(dictId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSDICTIONARY,
|
||||
NameListToString(stmt->dictname));
|
||||
|
||||
/* deserialize the existing set of options */
|
||||
@ -980,7 +980,7 @@ DefineTSConfiguration(List *names, List *parameters, ObjectAddress *copied)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(namespaceoid));
|
||||
|
||||
/*
|
||||
@ -1189,7 +1189,7 @@ AlterTSConfiguration(AlterTSConfigurationStmt *stmt)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_ts_config_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSCONFIGURATION,
|
||||
NameListToString(stmt->cfgname));
|
||||
|
||||
relMap = heap_open(TSConfigMapRelationId, RowExclusiveLock);
|
||||
|
||||
@ -190,7 +190,7 @@ DefineType(ParseState *pstate, List *names, List *parameters)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(typeNamespace));
|
||||
#endif
|
||||
|
||||
@ -526,25 +526,25 @@ DefineType(ParseState *pstate, List *names, List *parameters)
|
||||
#ifdef NOT_USED
|
||||
/* XXX this is unnecessary given the superuser check above */
|
||||
if (inputOid && !pg_proc_ownercheck(inputOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
NameListToString(inputName));
|
||||
if (outputOid && !pg_proc_ownercheck(outputOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
NameListToString(outputName));
|
||||
if (receiveOid && !pg_proc_ownercheck(receiveOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
NameListToString(receiveName));
|
||||
if (sendOid && !pg_proc_ownercheck(sendOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
NameListToString(sendName));
|
||||
if (typmodinOid && !pg_proc_ownercheck(typmodinOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
NameListToString(typmodinName));
|
||||
if (typmodoutOid && !pg_proc_ownercheck(typmodoutOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
NameListToString(typmodoutName));
|
||||
if (analyzeOid && !pg_proc_ownercheck(analyzeOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
|
||||
NameListToString(analyzeName));
|
||||
#endif
|
||||
|
||||
@ -772,7 +772,7 @@ DefineDomain(CreateDomainStmt *stmt)
|
||||
aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(domainNamespace));
|
||||
|
||||
/*
|
||||
@ -1171,7 +1171,7 @@ DefineEnum(CreateEnumStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(enumNamespace));
|
||||
|
||||
/*
|
||||
@ -1398,7 +1398,7 @@ DefineRange(CreateRangeStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(typeNamespace));
|
||||
|
||||
/*
|
||||
@ -2042,7 +2042,7 @@ findRangeCanonicalFunction(List *procname, Oid typeOid)
|
||||
/* Also, range type's creator must have permission to call function */
|
||||
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
|
||||
|
||||
return procOid;
|
||||
}
|
||||
@ -2085,7 +2085,7 @@ findRangeSubtypeDiffFunction(List *procname, Oid subtype)
|
||||
/* Also, range type's creator must have permission to call function */
|
||||
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
|
||||
aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
|
||||
|
||||
return procOid;
|
||||
}
|
||||
@ -3380,7 +3380,7 @@ AlterTypeOwner(List *names, Oid newOwnerId, ObjectType objecttype)
|
||||
newOwnerId,
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
aclcheck_error(aclresult, OBJECT_SCHEMA,
|
||||
get_namespace_name(typTup->typnamespace));
|
||||
}
|
||||
|
||||
|
||||
@ -939,7 +939,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
|
||||
* ALTER DATABASE ... SET, so use the same permission check.
|
||||
*/
|
||||
if (!pg_database_ownercheck(databaseid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
|
||||
stmt->database);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user