Allow functions to be executed with the privileges of the function owner.

I took the opportunity to remove the pg_proc.proistrusted field.
2025-12-07 12:02:30 +03:00 · 2002-05-18 13:48:01 +00:00
parent 51fd22abdd
commit e8ac187c68
16 changed files with 1491 additions and 1376 deletions
--- a/src/test/regress/expected/opr_sanity.out
+++ b/src/test/regress/expected/opr_sanity.out
@@ -55,7 +55,7 @@ WHERE p1.oid != p2.oid AND
    p1.prolang = 12 AND p2.prolang = 12 AND
    (p1.prolang != p2.prolang OR
     p1.proisagg != p2.proisagg OR
-     p1.proistrusted != p2.proistrusted OR
+     p1.prosecdef != p2.prosecdef OR
     p1.proisstrict != p2.proisstrict OR
     p1.proretset != p2.proretset OR
     p1.provolatile != p2.provolatile OR
--- a/src/test/regress/expected/privileges.out
+++ b/src/test/regress/expected/privileges.out
@@ -206,6 +206,10 @@ ERROR:  invalid privilege type USAGE for function object
 GRANT ALL PRIVILEGES ON FUNCTION testfunc1(int) TO regressuser4;
 GRANT ALL PRIVILEGES ON FUNCTION testfunc_nosuch(int) TO regressuser4;
 ERROR:  GRANT: function testfunc_nosuch(integer) does not exist
+CREATE FUNCTION testfunc4(boolean) RETURNS text
+  AS 'select col1 from atest2 where col2 = $1;'
+  LANGUAGE sql SECURITY DEFINER;
+GRANT EXECUTE ON FUNCTION testfunc4(boolean) TO regressuser3;
 SET SESSION AUTHORIZATION regressuser2;
 SELECT testfunc1(5), testfunc2(5); -- ok
 testfunc1 | testfunc2 
@@ -218,6 +222,14 @@ ERROR:  sql: permission denied
 SET SESSION AUTHORIZATION regressuser3;
 SELECT testfunc1(5); -- fail
 ERROR:  testfunc1: permission denied
+SELECT col1 FROM atest2 WHERE col2 = true; -- fail
+ERROR:  atest2: permission denied
+SELECT testfunc4(true); -- ok
+ testfunc4 
+-----------
+ bar
+(1 row)
+
 SET SESSION AUTHORIZATION regressuser4;
 SELECT testfunc1(5); -- ok
 testfunc1 
@@ -501,6 +513,8 @@ from (select oid from pg_class where relname = 'atest1') as t1;

 -- clean up
 \c regression
+DROP FUNCTION testfunc2(int);
+DROP FUNCTION testfunc4(boolean);
 DROP TABLE atest1;
 DROP TABLE atest2;
 DROP TABLE atest3;
--- a/src/test/regress/sql/opr_sanity.sql
+++ b/src/test/regress/sql/opr_sanity.sql
@@ -54,7 +54,7 @@ WHERE p1.oid != p2.oid AND
    p1.prolang = 12 AND p2.prolang = 12 AND
    (p1.prolang != p2.prolang OR
     p1.proisagg != p2.proisagg OR
-     p1.proistrusted != p2.proistrusted OR
+     p1.prosecdef != p2.prosecdef OR
     p1.proisstrict != p2.proisstrict OR
     p1.proretset != p2.proretset OR
     p1.provolatile != p2.provolatile OR
--- a/src/test/regress/sql/privileges.sql
+++ b/src/test/regress/sql/privileges.sql
@@ -144,12 +144,19 @@ GRANT USAGE ON FUNCTION testfunc1(int) TO regressuser3; -- semantic error
 GRANT ALL PRIVILEGES ON FUNCTION testfunc1(int) TO regressuser4;
 GRANT ALL PRIVILEGES ON FUNCTION testfunc_nosuch(int) TO regressuser4;

+CREATE FUNCTION testfunc4(boolean) RETURNS text
+  AS 'select col1 from atest2 where col2 = $1;'
+  LANGUAGE sql SECURITY DEFINER;
+GRANT EXECUTE ON FUNCTION testfunc4(boolean) TO regressuser3;
+
 SET SESSION AUTHORIZATION regressuser2;
 SELECT testfunc1(5), testfunc2(5); -- ok
 CREATE FUNCTION testfunc3(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; -- fail

 SET SESSION AUTHORIZATION regressuser3;
 SELECT testfunc1(5); -- fail
+SELECT col1 FROM atest2 WHERE col2 = true; -- fail
+SELECT testfunc4(true); -- ok

 SET SESSION AUTHORIZATION regressuser4;
 SELECT testfunc1(5); -- ok
@@ -265,6 +272,9 @@ from (select oid from pg_class where relname = 'atest1') as t1;
 -- clean up

 \c regression
+DROP FUNCTION testfunc2(int);
+DROP FUNCTION testfunc4(boolean);
+
 DROP TABLE atest1;
 DROP TABLE atest2;
 DROP TABLE atest3;