database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-09 06:21:09 +03:00
Code Activity

Cause ALTER OWNER commands to update the object's ACL, replacing references

Browse Source 
to the old owner with the new owner.  This is not necessarily right, but
it's sure a lot more likely to be what the user wants than doing nothing.
Christopher Kings-Lynne, some rework by Tom Lane.
This commit is contained in:
Tom Lane
2004-08-01 20:30:49 +00:00
parent 35ff782d71
commit d6f8a76cf2
7 changed files with 295 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/backend/commands/dbcommands.c
View File

@@ -9,7 +9,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.138 2004/08/01 06:19:22 momjian Exp $
* $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.139 2004/08/01 20:30:48 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -768,8 +768,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
void
AlterDatabaseOwner(const char *dbname, AclId newOwnerSysId)
{
HeapTuple tuple,
newtuple;
HeapTuple tuple;
Relation rel;
ScanKeyData scankey;
SysScanDesc scan;
@@ -788,8 +787,7 @@ AlterDatabaseOwner(const char *dbname, AclId newOwnerSysId)
(errcode(ERRCODE_UNDEFINED_DATABASE),
errmsg("database \"%s\" does not exist", dbname)));
newtuple = heap_copytuple(tuple);
datForm = (Form_pg_database) GETSTRUCT(newtuple);
datForm = (Form_pg_database) GETSTRUCT(tuple);
/*
* If the new owner is the same as the existing owner, consider the
@@ -797,6 +795,14 @@ AlterDatabaseOwner(const char *dbname, AclId newOwnerSysId)
*/
if (datForm->datdba != newOwnerSysId)
{
Datum repl_val[Natts_pg_database];
char repl_null[Natts_pg_database];
char repl_repl[Natts_pg_database];
Acl *newAcl;
Datum aclDatum;
bool isNull;
HeapTuple newtuple;
/* changing owner's database for someone else: must be superuser */
/* note that the someone else need not have any permissions */
if (!superuser())
@@ -804,10 +810,33 @@ AlterDatabaseOwner(const char *dbname, AclId newOwnerSysId)
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg("must be superuser to change owner")));
/* change owner */
datForm->datdba = newOwnerSysId;
memset(repl_null, ' ', sizeof(repl_null));
memset(repl_repl, ' ', sizeof(repl_repl));
repl_repl[Anum_pg_database_datdba - 1] = 'r';
repl_val[Anum_pg_database_datdba - 1] = Int32GetDatum(newOwnerSysId);
/*
* Determine the modified ACL for the new owner. This is only
* necessary when the ACL is non-null.
*/
aclDatum = heap_getattr(tuple,
Anum_pg_database_datacl,
RelationGetDescr(rel),
&isNull);
if (!isNull)
{
newAcl = aclnewowner(DatumGetAclP(aclDatum),
datForm->datdba, newOwnerSysId);
repl_repl[Anum_pg_database_datacl - 1] = 'r';
repl_val[Anum_pg_database_datacl - 1] = PointerGetDatum(newAcl);
}
newtuple = heap_modifytuple(tuple, rel, repl_val, repl_null, repl_repl);
simple_heap_update(rel, &newtuple->t_self, newtuple);
CatalogUpdateIndexes(rel, newtuple);
heap_freetuple(newtuple);
}
systable_endscan(scan);

43
src/backend/commands/functioncmds.c
View File

@@ -10,7 +10,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/commands/functioncmds.c,v 1.49 2004/06/25 21:55:53 tgl Exp $
* $PostgreSQL: pgsql/src/backend/commands/functioncmds.c,v 1.50 2004/08/01 20:30:48 tgl Exp $
*
* DESCRIPTION
* These routines take the parse tree and pick out the
@@ -738,7 +738,7 @@ AlterFunctionOwner(List *name, List *argtypes, AclId newOwnerSysId)
procOid = LookupFuncNameTypeNames(name, argtypes, false);
tup = SearchSysCacheCopy(PROCOID,
tup = SearchSysCache(PROCOID,
ObjectIdGetDatum(procOid),
0, 0, 0);
if (!HeapTupleIsValid(tup)) /* should not happen */
@@ -758,22 +758,51 @@ AlterFunctionOwner(List *name, List *argtypes, AclId newOwnerSysId)
*/
if (procForm->proowner != newOwnerSysId)
{
Datum repl_val[Natts_pg_proc];
char repl_null[Natts_pg_proc];
char repl_repl[Natts_pg_proc];
Acl *newAcl;
Datum aclDatum;
bool isNull;
HeapTuple newtuple;
/* Otherwise, must be superuser to change object ownership */
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg("must be superuser to change owner")));
/* Modify the owner --- okay to scribble on tup because it's a copy */
procForm->proowner = newOwnerSysId;
memset(repl_null, ' ', sizeof(repl_null));
memset(repl_repl, ' ', sizeof(repl_repl));
simple_heap_update(rel, &tup->t_self, tup);
repl_repl[Anum_pg_proc_proowner - 1] = 'r';
repl_val[Anum_pg_proc_proowner - 1] = Int32GetDatum(newOwnerSysId);
CatalogUpdateIndexes(rel, tup);
/*
* Determine the modified ACL for the new owner. This is only
* necessary when the ACL is non-null.
*/
aclDatum = SysCacheGetAttr(PROCOID, tup,
Anum_pg_proc_proacl,
&isNull);
if (!isNull)
{
newAcl = aclnewowner(DatumGetAclP(aclDatum),
procForm->proowner, newOwnerSysId);
repl_repl[Anum_pg_proc_proacl - 1] = 'r';
repl_val[Anum_pg_proc_proacl - 1] = PointerGetDatum(newAcl);
}
newtuple = heap_modifytuple(tup, rel, repl_val, repl_null, repl_repl);
simple_heap_update(rel, &newtuple->t_self, newtuple);
CatalogUpdateIndexes(rel, newtuple);
heap_freetuple(newtuple);
}
ReleaseSysCache(tup);
heap_close(rel, NoLock);
heap_freetuple(tup);
}

45
src/backend/commands/schemacmds.c
View File

@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/commands/schemacmds.c,v 1.20 2004/06/25 21:55:53 tgl Exp $
* $PostgreSQL: pgsql/src/backend/commands/schemacmds.c,v 1.21 2004/08/01 20:30:48 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -320,7 +320,7 @@ AlterSchemaOwner(const char *name, AclId newOwnerSysId)
rel = heap_openr(NamespaceRelationName, RowExclusiveLock);
tup = SearchSysCacheCopy(NAMESPACENAME,
tup = SearchSysCache(NAMESPACENAME,
CStringGetDatum(name),
0, 0, 0);
if (!HeapTupleIsValid(tup))
@@ -335,20 +335,49 @@ AlterSchemaOwner(const char *name, AclId newOwnerSysId)
*/
if (nspForm->nspowner != newOwnerSysId)
{
Datum repl_val[Natts_pg_namespace];
char repl_null[Natts_pg_namespace];
char repl_repl[Natts_pg_namespace];
Acl *newAcl;
Datum aclDatum;
bool isNull;
HeapTuple newtuple;
/* Otherwise, must be superuser to change object ownership */
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg("must be superuser to change owner")));
/* Modify the owner --- okay to scribble on tup because it's a copy */
nspForm->nspowner = newOwnerSysId;
memset(repl_null, ' ', sizeof(repl_null));
memset(repl_repl, ' ', sizeof(repl_repl));
simple_heap_update(rel, &tup->t_self, tup);
repl_repl[Anum_pg_namespace_nspowner - 1] = 'r';
repl_val[Anum_pg_namespace_nspowner - 1] = Int32GetDatum(newOwnerSysId);
CatalogUpdateIndexes(rel, tup);
/*
* Determine the modified ACL for the new owner. This is only
* necessary when the ACL is non-null.
*/
aclDatum = SysCacheGetAttr(NAMESPACENAME, tup,
Anum_pg_namespace_nspacl,
&isNull);
if (!isNull)
{
newAcl = aclnewowner(DatumGetAclP(aclDatum),
nspForm->nspowner, newOwnerSysId);
repl_repl[Anum_pg_namespace_nspacl - 1] = 'r';
repl_val[Anum_pg_namespace_nspacl - 1] = PointerGetDatum(newAcl);
}
newtuple = heap_modifytuple(tup, rel, repl_val, repl_null, repl_repl);
simple_heap_update(rel, &newtuple->t_self, newtuple);
CatalogUpdateIndexes(rel, newtuple);
heap_freetuple(newtuple);
}
ReleaseSysCache(tup);
heap_close(rel, NoLock);
heap_freetuple(tup);
}

48
src/backend/commands/tablecmds.c
View File

@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/commands/tablecmds.c,v 1.122 2004/07/21 22:31:21 tgl Exp $
* $PostgreSQL: pgsql/src/backend/commands/tablecmds.c,v 1.123 2004/08/01 20:30:48 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -5115,7 +5115,7 @@ ATExecChangeOwner(Oid relationOid, int32 newOwnerSysId)
/* Get its pg_class tuple, too */
class_rel = heap_openr(RelationRelationName, RowExclusiveLock);
tuple = SearchSysCacheCopy(RELOID,
tuple = SearchSysCache(RELOID,
ObjectIdGetDatum(relationOid),
0, 0, 0);
if (!HeapTupleIsValid(tuple))
@@ -5145,21 +5145,47 @@ ATExecChangeOwner(Oid relationOid, int32 newOwnerSysId)
*/
if (tuple_class->relowner != newOwnerSysId)
{
Datum repl_val[Natts_pg_class];
char repl_null[Natts_pg_class];
char repl_repl[Natts_pg_class];
Acl *newAcl;
Datum aclDatum;
bool isNull;
HeapTuple newtuple;
/* Otherwise, check that we are the superuser */
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg("must be superuser to change owner")));
/*
* Okay, this is a valid tuple: change its ownership and write to the
* heap.
*/
tuple_class->relowner = newOwnerSysId;
simple_heap_update(class_rel, &tuple->t_self, tuple);
memset(repl_null, ' ', sizeof(repl_null));
memset(repl_repl, ' ', sizeof(repl_repl));
/* Keep the catalog indexes up to date */
CatalogUpdateIndexes(class_rel, tuple);
repl_repl[Anum_pg_class_relowner - 1] = 'r';
repl_val[Anum_pg_class_relowner - 1] = Int32GetDatum(newOwnerSysId);
/*
* Determine the modified ACL for the new owner. This is only
* necessary when the ACL is non-null.
*/
aclDatum = SysCacheGetAttr(RELOID, tuple,
Anum_pg_class_relacl,
&isNull);
if (!isNull)
{
newAcl = aclnewowner(DatumGetAclP(aclDatum),
tuple_class->relowner, newOwnerSysId);
repl_repl[Anum_pg_class_relacl - 1] = 'r';
repl_val[Anum_pg_class_relacl - 1] = PointerGetDatum(newAcl);
}
newtuple = heap_modifytuple(tuple, class_rel, repl_val, repl_null, repl_repl);
simple_heap_update(class_rel, &newtuple->t_self, newtuple);
CatalogUpdateIndexes(class_rel, newtuple);
heap_freetuple(newtuple);
/*
* If we are operating on a table, also change the ownership of any
@@ -5190,7 +5216,7 @@ ATExecChangeOwner(Oid relationOid, int32 newOwnerSysId)
}
}
heap_freetuple(tuple);
ReleaseSysCache(tuple);
heap_close(class_rel, RowExclusiveLock);
relation_close(target_rel, NoLock);
}

42
src/backend/commands/tablespace.c
View File

@@ -45,7 +45,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/commands/tablespace.c,v 1.6 2004/07/11 19:52:49 tgl Exp $
* $PostgreSQL: pgsql/src/backend/commands/tablespace.c,v 1.7 2004/08/01 20:30:48 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -757,7 +757,6 @@ AlterTableSpaceOwner(const char *name, AclId newOwnerSysId)
HeapScanDesc scandesc;
Form_pg_tablespace spcForm;
HeapTuple tup;
HeapTuple newtuple;
/* Search pg_tablespace */
rel = heap_openr(TableSpaceRelationName, RowExclusiveLock);
@@ -773,8 +772,7 @@ AlterTableSpaceOwner(const char *name, AclId newOwnerSysId)
(errcode(ERRCODE_UNDEFINED_OBJECT),
errmsg("tablespace \"%s\" does not exist", name)));
newtuple = heap_copytuple(tup);
spcForm = (Form_pg_tablespace) GETSTRUCT(newtuple);
spcForm = (Form_pg_tablespace) GETSTRUCT(tup);
/*
* If the new owner is the same as the existing owner, consider the
@@ -782,16 +780,48 @@ AlterTableSpaceOwner(const char *name, AclId newOwnerSysId)
*/
if (spcForm->spcowner != newOwnerSysId)
{
Datum repl_val[Natts_pg_tablespace];
char repl_null[Natts_pg_tablespace];
char repl_repl[Natts_pg_tablespace];
Acl *newAcl;
Datum aclDatum;
bool isNull;
HeapTuple newtuple;
/* Otherwise, must be superuser to change object ownership */
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
errmsg("must be superuser to change owner")));
/* Modify the owner */
spcForm->spcowner = newOwnerSysId;
memset(repl_null, ' ', sizeof(repl_null));
memset(repl_repl, ' ', sizeof(repl_repl));
repl_repl[Anum_pg_tablespace_spcowner - 1] = 'r';
repl_val[Anum_pg_tablespace_spcowner - 1] = Int32GetDatum(newOwnerSysId);
/*
* Determine the modified ACL for the new owner. This is only
* necessary when the ACL is non-null.
*/
aclDatum = heap_getattr(tup,
Anum_pg_tablespace_spcacl,
RelationGetDescr(rel),
&isNull);
if (!isNull)
{
newAcl = aclnewowner(DatumGetAclP(aclDatum),
spcForm->spcowner, newOwnerSysId);
repl_repl[Anum_pg_tablespace_spcacl - 1] = 'r';
repl_val[Anum_pg_tablespace_spcacl - 1] = PointerGetDatum(newAcl);
}
newtuple = heap_modifytuple(tup, rel, repl_val, repl_null, repl_repl);
simple_heap_update(rel, &newtuple->t_self, newtuple);
CatalogUpdateIndexes(rel, newtuple);
heap_freetuple(newtuple);
}
heap_endscan(scandesc);