database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-26 12:21:12 +03:00
Code Activity

Permission checking wasn't quite right for insert/update/delete rules,

Browse Source 
either :-(.
This commit is contained in:
Tom Lane
2001-05-03 21:16:48 +00:00
parent c434ae3539
commit d05b4bd7c6
1 changed files with 12 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/backend/rewrite/rewriteDefine.c
View File

@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.61 2001/03/23 04:49:54 momjian Exp $ * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.62 2001/05/03 21:16:48 tgl Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -377,7 +377,7 @@ DefineQueryRewrite(RuleStmt *stmt)
* We want the rule's table references to be checked as though by the * We want the rule's table references to be checked as though by the
* rule owner, not the user referencing the rule. Therefore, scan * rule owner, not the user referencing the rule. Therefore, scan
* through the rule's rtables and set the checkAsUser field on all * through the rule's rtables and set the checkAsUser field on all
* rtable entries (except *OLD* and *NEW*). * rtable entries.
*/ */
foreach(l, action) foreach(l, action)
{ {
@ -426,29 +426,28 @@ DefineQueryRewrite(RuleStmt *stmt)
/* /*
* setRuleCheckAsUser * setRuleCheckAsUser
* Recursively scan a query and set the checkAsUser field to the * Recursively scan a query and set the checkAsUser field to the
* given userid in all rtable entries except *OLD* and *NEW*. * given userid in all rtable entries.
*
* Note: for a view (ON SELECT rule), the checkAsUser field of the *OLD*
* RTE entry will be overridden when the view rule is expanded, and the
* checkAsUser field of the *NEW* entry is irrelevant because that entry's
* checkFor bits will never be set. However, for other types of rules it's
* important to set these fields to match the rule owner. So we just set
* them always.
*/ */
static void static void
setRuleCheckAsUser(Query *qry, Oid userid) setRuleCheckAsUser(Query *qry, Oid userid)
{ {
List *l; List *l;
/* Set all the RTEs in this query node, except OLD and NEW */ /* Set all the RTEs in this query node */
foreach(l, qry->rtable) foreach(l, qry->rtable)
{ {
RangeTblEntry *rte = (RangeTblEntry *) lfirst(l); RangeTblEntry *rte = (RangeTblEntry *) lfirst(l);
if (strcmp(rte->eref->relname, "*NEW*") == 0)
continue;
if (strcmp(rte->eref->relname, "*OLD*") == 0)
continue;
if (rte->subquery) if (rte->subquery)
{ {
/* Recurse into subquery in FROM */
/*
* Recurse into subquery in FROM
*/
setRuleCheckAsUser(rte->subquery, userid); setRuleCheckAsUser(rte->subquery, userid);
} }
else else