mirror of
https://github.com/postgres/postgres.git
synced 2025-07-27 12:41:57 +03:00
Use has_privs_for_roles for predefined role checks: round 2
Similar to commit 6198420ad
, replace is_member_of_role with
has_privs_for_role for predefined role access checks in recently
committed basebackup code. In passing fix a double-word error
in a nearby comment.
Discussion: https://postgr.es/m/flat/CAGB+Vh4Zv_TvKt2tv3QNS6tUM_F_9icmuj0zjywwcgVi4PAhFA@mail.gmail.com
This commit is contained in:
@ -90,7 +90,7 @@ _PG_init(void)
|
||||
}
|
||||
|
||||
/*
|
||||
* We choose to defer sanity sanity checking until shell_get_sink(), and so
|
||||
* We choose to defer sanity checking until shell_get_sink(), and so
|
||||
* just pass the target detail through without doing anything. However, we do
|
||||
* permissions checks here, before any real work has been done.
|
||||
*/
|
||||
@ -103,7 +103,7 @@ shell_check_detail(char *target, char *target_detail)
|
||||
|
||||
StartTransactionCommand();
|
||||
roleid = get_role_oid(shell_required_role, true);
|
||||
if (!is_member_of_role(GetUserId(), roleid))
|
||||
if (!has_privs_of_role(GetUserId(), roleid))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied to use basebackup_to_shell")));
|
||||
|
Reference in New Issue
Block a user