database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-27 12:41:57 +03:00
Code Activity

Add context info to OAT_POST_CREATE security hook

Browse Source 
... and have sepgsql use it to determine whether to check permissions
during certain operations.  Indexes that are being created as a result
of REINDEX, for instance, do not need to have their permissions checked;
they were already checked when the index was created.

Author: KaiGai Kohei, slightly revised by me
This commit is contained in:
Alvaro Herrera
2012-10-23 18:07:26 -03:00
parent 4c9d0901f1
commit f4c4335a4a
16 changed files with 336 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
contrib/sepgsql/sql/ddl.sql
View File

@ -59,6 +59,18 @@ CREATE FUNCTION regtest_func_2(int) RETURNS bool LANGUAGE plpgsql
RESET SESSION AUTHORIZATION;
--
-- ALTER and CREATE/DROP extra attribute permissions
--
CREATE TABLE regtest_table_4 (x int primary key, y int, z int);
CREATE INDEX regtest_index_tbl4_y ON regtest_table_4(y);
CREATE INDEX regtest_index_tbl4_z ON regtest_table_4(z);
ALTER TABLE regtest_table_4 ALTER COLUMN y TYPE float;
DROP INDEX regtest_index_tbl4_y;
ALTER TABLE regtest_table_4
ADD CONSTRAINT regtest_tbl4_con EXCLUDE USING btree (z WITH =);
DROP TABLE regtest_table_4 CASCADE;
--
-- DROP Permission checks (with clean-up)
--