mirror of
https://github.com/postgres/postgres.git
synced 2025-07-08 11:42:09 +03:00
Disallow dropping rules on system tables by default
This was previously not covered by allow_system_table_mods, but now it is. The impact in practice is probably low, but this makes it consistent with most other DDL commands. Reviewed-by: Robert Haas <robertmhaas@gmail.com> Discussion: https://www.postgresql.org/message-id/flat/ee9df1af-c0d8-7c82-5be7-39ce4e3b0a9d%402ndquadrant.com
This commit is contained in:
@ -18,6 +18,7 @@
|
||||
#include "access/htup_details.h"
|
||||
#include "access/sysattr.h"
|
||||
#include "access/table.h"
|
||||
#include "catalog/catalog.h"
|
||||
#include "catalog/dependency.h"
|
||||
#include "catalog/indexing.h"
|
||||
#include "catalog/namespace.h"
|
||||
@ -28,6 +29,7 @@
|
||||
#include "utils/fmgroids.h"
|
||||
#include "utils/inval.h"
|
||||
#include "utils/lsyscache.h"
|
||||
#include "utils/rel.h"
|
||||
#include "utils/syscache.h"
|
||||
|
||||
/*
|
||||
@ -72,6 +74,12 @@ RemoveRewriteRuleById(Oid ruleOid)
|
||||
eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(tuple))->ev_class;
|
||||
event_relation = table_open(eventRelationOid, AccessExclusiveLock);
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(event_relation))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(event_relation))));
|
||||
|
||||
/*
|
||||
* Now delete the pg_rewrite tuple for the rule
|
||||
*/
|
||||
|
Reference in New Issue
Block a user