sepgsql: Enforce db_schema:search permission.

KaiGai Kohei, with comment and doc wordsmithing by me

src/backend/catalog/objectaccess.c

@@ -11,6 +11,7 @@
 #include "postgres.h"
 
 #include "catalog/objectaccess.h"
+#include "catalog/pg_namespace.h"
 
 /*
  * Hook on object accesses.  This is intended as infrastructure for security
@@ -84,3 +85,27 @@ RunObjectPostAlterHook(Oid classId, Oid objectId, int subId,
 						  classId, objectId, subId,
 						  (void *) &pa_arg);
 }
+
+/*
+ * RunNamespaceSearchHook
+ *
+ * It is entrypoint of OAT_NAMESPACE_SEARCH event
+ */
+bool
+RunNamespaceSearchHook(Oid objectId, bool ereport_on_violation)
+{
+	ObjectAccessNamespaceSearch	ns_arg;
+
+	/* XXX - should be checked at caller side */
+	Assert(object_access_hook != NULL);
+
+	memset(&ns_arg, 0, sizeof(ObjectAccessNamespaceSearch));
+	ns_arg.ereport_on_violation = ereport_on_violation;
+	ns_arg.result = true;
+
+	(*object_access_hook)(OAT_NAMESPACE_SEARCH,
+						  NamespaceRelationId, objectId, 0,
+						  (void *) &ns_arg);
+
+	return ns_arg.result;
+}