Add context info to OAT_POST_CREATE security hook

... and have sepgsql use it to determine whether to check permissions during certain operations. Indexes that are being created as a result of REINDEX, for instance, do not need to have their permissions checked; they were already checked when the index was created. Author: KaiGai Kohei, slightly revised by me
2025-07-28 23:42:10 +03:00 · 2012-10-23 18:07:26 -03:00
parent 4c9d0901f1
commit f4c4335a4a
16 changed files with 336 additions and 116 deletions
--- a/src/backend/bootstrap/bootparse.y
+++ b/src/backend/bootstrap/bootparse.y
@ -247,7 +247,8 @@ Boot_CreateStmt:
 													  ONCOMMIT_NOOP,
 													  (Datum) 0,
 													  false,
-													  true);
+													  true,
+													  false);
 						elog(DEBUG4, "relation created with OID %u", id);
 					}
 					do_end();
--- a/src/backend/catalog/heap.c
+++ b/src/backend/catalog/heap.c
@ -985,7 +985,8 @@ heap_create_with_catalog(const char *relname,
 						 OnCommitAction oncommit,
 						 Datum reloptions,
 						 bool use_user_acl,
-						 bool allow_system_table_mods)
+						 bool allow_system_table_mods,
+						 bool is_internal)
 {
 	Relation	pg_class_desc;
 	Relation	new_rel_desc;
@ -1275,8 +1276,15 @@ heap_create_with_catalog(const char *relname,
 	}

 	/* Post creation hook for new relation */
-	InvokeObjectAccessHook(OAT_POST_CREATE,
-						   RelationRelationId, relid, 0, NULL);
+	if (object_access_hook)
+	{
+		ObjectAccessPostCreate	post_create_args;
+
+		memset(&post_create_args, 0, sizeof(ObjectAccessPostCreate));
+		post_create_args.is_internal = is_internal;
+		(*object_access_hook)(OAT_POST_CREATE, RelationRelationId,
+							  relid, 0, &post_create_args);
+    }

 	/*
 	 * Store any supplied constraints and defaults.
--- a/src/backend/catalog/index.c
+++ b/src/backend/catalog/index.c
@ -33,6 +33,7 @@
 #include "catalog/dependency.h"
 #include "catalog/heap.h"
 #include "catalog/index.h"
+#include "catalog/objectaccess.h"
 #include "catalog/pg_collation.h"
 #include "catalog/pg_constraint.h"
 #include "catalog/pg_operator.h"
@ -686,7 +687,8 @@ index_create(Relation heapRelation,
 			 bool initdeferred,
 			 bool allow_system_table_mods,
 			 bool skip_build,
-			 bool concurrent)
+			 bool concurrent,
+			 bool is_internal)
 {
 	Oid			heapRelationId = RelationGetRelid(heapRelation);
 	Relation	pg_class;
@ -1018,6 +1020,17 @@ index_create(Relation heapRelation,
 		Assert(!initdeferred);
 	}

+	/* Post creation hook for new index */
+	if (object_access_hook)
+	{
+		ObjectAccessPostCreate	post_create_args;
+
+		memset(&post_create_args, 0, sizeof(ObjectAccessPostCreate));
+		post_create_args.is_internal = is_internal;
+		(*object_access_hook)(OAT_POST_CREATE, RelationRelationId,
+							  indexRelationId, 0, &post_create_args);
+	}
+
 	/*
 	 * Advance the command counter so that we can see the newly-entered
 	 * catalog tuples for the index.
--- a/src/backend/catalog/toasting.c
+++ b/src/backend/catalog/toasting.c
@ -226,6 +226,7 @@ create_toast_table(Relation rel, Oid toastOid, Oid toastIndexOid, Datum reloptio
 										   ONCOMMIT_NOOP,
 										   reloptions,
 										   false,
+										   true,
 										   true);
 	Assert(toast_relid != InvalidOid);

@ -279,7 +280,7 @@ create_toast_table(Relation rel, Oid toastOid, Oid toastIndexOid, Datum reloptio
 				 rel->rd_rel->reltablespace,
 				 collationObjectId, classObjectId, coloptions, (Datum) 0,
 				 true, false, false, false,
-				 true, false, false);
+				 true, false, false, true);

 	heap_close(toast_rel, NoLock);

--- a/src/backend/commands/cluster.c
+++ b/src/backend/commands/cluster.c
@ -643,6 +643,7 @@ make_new_heap(Oid OIDOldHeap, Oid NewTableSpace)
 										  ONCOMMIT_NOOP,
 										  reloptions,
 										  false,
+										  true,
 										  true);
 	Assert(OIDNewHeap != InvalidOid);

--- a/src/backend/commands/indexcmds.c
+++ b/src/backend/commands/indexcmds.c
@ -596,7 +596,7 @@ DefineIndex(IndexStmt *stmt,
 					 stmt->isconstraint, stmt->deferrable, stmt->initdeferred,
 					 allowSystemTableMods,
 					 skip_build || stmt->concurrent,
-					 stmt->concurrent);
+					 stmt->concurrent, !check_rights);

 	/* Add any requested comment */
 	if (stmt->idxcomment != NULL)
--- a/src/backend/commands/tablecmds.c
+++ b/src/backend/commands/tablecmds.c
@ -630,7 +630,8 @@ DefineRelation(CreateStmt *stmt, char relkind, Oid ownerId)
 										  stmt->oncommit,
 										  reloptions,
 										  true,
-										  allowSystemTableMods);
+										  allowSystemTableMods,
+										  false);

 	/* Store inheritance information for new rel. */
 	StoreCatalogInheritance(relationId, inheritOids);
--- a/src/include/catalog/heap.h
+++ b/src/include/catalog/heap.h
@ -66,7 +66,8 @@ extern Oid heap_create_with_catalog(const char *relname,
 						 OnCommitAction oncommit,
 						 Datum reloptions,
 						 bool use_user_acl,
-						 bool allow_system_table_mods);
+						 bool allow_system_table_mods,
+						 bool is_internal);

 extern void heap_create_init_fork(Relation rel);

--- a/src/include/catalog/index.h
+++ b/src/include/catalog/index.h
@ -50,7 +50,8 @@ extern Oid index_create(Relation heapRelation,
 			 bool initdeferred,
 			 bool allow_system_table_mods,
 			 bool skip_build,
-			 bool concurrent);
+			 bool concurrent,
+			 bool is_internal);

 extern void index_constraint_create(Relation heapRelation,
 						Oid indexRelationId,
--- a/src/include/catalog/objectaccess.h
+++ b/src/include/catalog/objectaccess.h
@ -30,6 +30,19 @@ typedef enum ObjectAccessType
 	OAT_DROP,
 } ObjectAccessType;

+/*
+ * Arguments of OAT_POST_CREATE event
+ */
+typedef struct
+{
+	/*
+	 * This flag informs extensions whether the context of this creation
+	 * is invoked by user's operations, or not. E.g, it shall be dealt
+	 * as internal stuff on toast tables or indexes due to type changes.
+	 */
+	bool		is_internal;
+} ObjectAccessPostCreate;
+
 /*
 * Arguments of OAT_DROP event
 */