PostgreSQL Source Code  git master
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/hashutils.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_has_privs_of (Oid roleid)
 
static Listroles_is_member_of (Oid roleid)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_privs_role = InvalidOid
 
static Listcached_privs_roles = NIL
 
static Oid cached_member_role = InvalidOid
 
static Listcached_membership_roles = NIL
 

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 428 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

429 {
430  Acl *result_acl;
431 
432  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
433 
434  memcpy(ACL_DAT(result_acl),
435  ACL_DAT(left_acl),
436  ACL_NUM(left_acl) * sizeof(AclItem));
437 
438  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
439  ACL_DAT(right_acl),
440  ACL_NUM(right_acl) * sizeof(AclItem));
441 
442  return result_acl;
443 }
static Acl * allocacl(int n)
Definition: acl.c:377
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1545 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

1546 {
1547  Acl *acl = PG_GETARG_ACL_P(0);
1548  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1549  AclItem *aidat;
1550  int i,
1551  num;
1552 
1553  check_acl(acl);
1554  num = ACL_NUM(acl);
1555  aidat = ACL_DAT(acl);
1556  for (i = 0; i < num; ++i)
1557  {
1558  if (aip->ai_grantee == aidat[i].ai_grantee &&
1559  aip->ai_grantor == aidat[i].ai_grantor &&
1560  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1561  PG_RETURN_BOOL(true);
1562  }
1563  PG_RETURN_BOOL(false);
1564 }
Oid ai_grantee
Definition: acl.h:56
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
Oid ai_grantor
Definition: acl.h:57
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
int i
static void check_acl(const Acl *acl)
Definition: acl.c:541

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 408 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

409 {
410  Acl *result_acl;
411 
412  result_acl = allocacl(ACL_NUM(orig_acl));
413 
414  memcpy(ACL_DAT(result_acl),
415  ACL_DAT(orig_acl),
416  ACL_NUM(orig_acl) * sizeof(AclItem));
417 
418  return result_acl;
419 }
static Acl * allocacl(int n)
Definition: acl.c:377
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 749 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

750 {
751  AclMode world_default;
752  AclMode owner_default;
753  int nacl;
754  Acl *acl;
755  AclItem *aip;
756 
757  switch (objtype)
758  {
759  case OBJECT_COLUMN:
760  /* by default, columns have no extra privileges */
761  world_default = ACL_NO_RIGHTS;
762  owner_default = ACL_NO_RIGHTS;
763  break;
764  case OBJECT_TABLE:
765  world_default = ACL_NO_RIGHTS;
766  owner_default = ACL_ALL_RIGHTS_RELATION;
767  break;
768  case OBJECT_SEQUENCE:
769  world_default = ACL_NO_RIGHTS;
770  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
771  break;
772  case OBJECT_DATABASE:
773  /* for backwards compatibility, grant some rights by default */
774  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
775  owner_default = ACL_ALL_RIGHTS_DATABASE;
776  break;
777  case OBJECT_FUNCTION:
778  /* Grant EXECUTE by default, for now */
779  world_default = ACL_EXECUTE;
780  owner_default = ACL_ALL_RIGHTS_FUNCTION;
781  break;
782  case OBJECT_LANGUAGE:
783  /* Grant USAGE by default, for now */
784  world_default = ACL_USAGE;
785  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
786  break;
787  case OBJECT_LARGEOBJECT:
788  world_default = ACL_NO_RIGHTS;
789  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
790  break;
791  case OBJECT_SCHEMA:
792  world_default = ACL_NO_RIGHTS;
793  owner_default = ACL_ALL_RIGHTS_SCHEMA;
794  break;
795  case OBJECT_TABLESPACE:
796  world_default = ACL_NO_RIGHTS;
797  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
798  break;
799  case OBJECT_FDW:
800  world_default = ACL_NO_RIGHTS;
801  owner_default = ACL_ALL_RIGHTS_FDW;
802  break;
804  world_default = ACL_NO_RIGHTS;
805  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
806  break;
807  case OBJECT_DOMAIN:
808  case OBJECT_TYPE:
809  world_default = ACL_USAGE;
810  owner_default = ACL_ALL_RIGHTS_TYPE;
811  break;
812  default:
813  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
814  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
815  owner_default = ACL_NO_RIGHTS;
816  break;
817  }
818 
819  nacl = 0;
820  if (world_default != ACL_NO_RIGHTS)
821  nacl++;
822  if (owner_default != ACL_NO_RIGHTS)
823  nacl++;
824 
825  acl = allocacl(nacl);
826  aip = ACL_DAT(acl);
827 
828  if (world_default != ACL_NO_RIGHTS)
829  {
830  aip->ai_grantee = ACL_ID_PUBLIC;
831  aip->ai_grantor = ownerId;
832  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
833  aip++;
834  }
835 
836  /*
837  * Note that the owner's entry shows all ordinary privileges but no grant
838  * options. This is because his grant options come "from the system" and
839  * not from his own efforts. (The SQL spec says that the owner's rights
840  * come from a "_SYSTEM" authid.) However, we do consider that the
841  * owner's ordinary privileges are self-granted; this lets him revoke
842  * them. We implement the owner's grant options without any explicit
843  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
844  * wherever we are testing grant options.
845  */
846  if (owner_default != ACL_NO_RIGHTS)
847  {
848  aip->ai_grantee = ownerId;
849  aip->ai_grantor = ownerId;
850  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
851  }
852 
853  return acl;
854 }
Oid ai_grantee
Definition: acl.h:56
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:162
static Acl * allocacl(int n)
Definition: acl.c:377
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:166
Oid ai_grantor
Definition: acl.h:57
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:163
uint32 AclMode
Definition: parsenodes.h:72
#define ERROR
Definition: elog.h:43
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:165
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:167
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_CONNECT
Definition: parsenodes.h:86
#define ACL_DAT(ACL)
Definition: acl.h:109
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:158
Definition: acl.h:54
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:164
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:159
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:161
#define ACL_EXECUTE
Definition: parsenodes.h:81
#define elog(elevel,...)
Definition: elog.h:228
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:157
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:160
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 862 of file acl.c.

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

863 {
864  char objtypec = PG_GETARG_CHAR(0);
865  Oid owner = PG_GETARG_OID(1);
866  ObjectType objtype = 0;
867 
868  switch (objtypec)
869  {
870  case 'c':
871  objtype = OBJECT_COLUMN;
872  break;
873  case 'r':
874  objtype = OBJECT_TABLE;
875  break;
876  case 's':
877  objtype = OBJECT_SEQUENCE;
878  break;
879  case 'd':
880  objtype = OBJECT_DATABASE;
881  break;
882  case 'f':
883  objtype = OBJECT_FUNCTION;
884  break;
885  case 'l':
886  objtype = OBJECT_LANGUAGE;
887  break;
888  case 'L':
889  objtype = OBJECT_LARGEOBJECT;
890  break;
891  case 'n':
892  objtype = OBJECT_SCHEMA;
893  break;
894  case 't':
895  objtype = OBJECT_TABLESPACE;
896  break;
897  case 'F':
898  objtype = OBJECT_FDW;
899  break;
900  case 'S':
901  objtype = OBJECT_FOREIGN_SERVER;
902  break;
903  case 'T':
904  objtype = OBJECT_TYPE;
905  break;
906  default:
907  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
908  }
909 
910  PG_RETURN_ACL_P(acldefault(objtype, owner));
911 }
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:749
unsigned int Oid
Definition: postgres_ext.h:31
#define ERROR
Definition: elog.h:43
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
ObjectType
Definition: parsenodes.h:1690
#define elog(elevel,...)
Definition: elog.h:228
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:268

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 510 of file acl.c.

References ACL_DAT, and ACL_NUM.

Referenced by get_user_default_acl(), and SetDefaultACL().

511 {
512  /* Check for cases where one or both are empty/null */
513  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
514  {
515  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
516  return true;
517  else
518  return false;
519  }
520  else
521  {
522  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
523  return false;
524  }
525 
526  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
527  return false;
528 
529  if (memcmp(ACL_DAT(left_acl),
530  ACL_DAT(right_acl),
531  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
532  return true;
533 
534  return false;
535 }
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1738 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

1739 {
1740  Acl *acl = PG_GETARG_ACL_P(0);
1741  FuncCallContext *funcctx;
1742  int *idx;
1743  AclItem *aidat;
1744 
1745  if (SRF_IS_FIRSTCALL())
1746  {
1747  TupleDesc tupdesc;
1748  MemoryContext oldcontext;
1749 
1750  check_acl(acl);
1751 
1752  funcctx = SRF_FIRSTCALL_INIT();
1753  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1754 
1755  /*
1756  * build tupdesc for result tuples (matches out parameters in pg_proc
1757  * entry)
1758  */
1759  tupdesc = CreateTemplateTupleDesc(4);
1760  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1761  OIDOID, -1, 0);
1762  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1763  OIDOID, -1, 0);
1764  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1765  TEXTOID, -1, 0);
1766  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1767  BOOLOID, -1, 0);
1768 
1769  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1770 
1771  /* allocate memory for user context */
1772  idx = (int *) palloc(sizeof(int[2]));
1773  idx[0] = 0; /* ACL array item index */
1774  idx[1] = -1; /* privilege type counter */
1775  funcctx->user_fctx = (void *) idx;
1776 
1777  MemoryContextSwitchTo(oldcontext);
1778  }
1779 
1780  funcctx = SRF_PERCALL_SETUP();
1781  idx = (int *) funcctx->user_fctx;
1782  aidat = ACL_DAT(acl);
1783 
1784  /* need test here in case acl has no items */
1785  while (idx[0] < ACL_NUM(acl))
1786  {
1787  AclItem *aidata;
1788  AclMode priv_bit;
1789 
1790  idx[1]++;
1791  if (idx[1] == N_ACL_RIGHTS)
1792  {
1793  idx[1] = 0;
1794  idx[0]++;
1795  if (idx[0] >= ACL_NUM(acl)) /* done */
1796  break;
1797  }
1798  aidata = &aidat[idx[0]];
1799  priv_bit = 1 << idx[1];
1800 
1801  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1802  {
1803  Datum result;
1804  Datum values[4];
1805  bool nulls[4];
1806  HeapTuple tuple;
1807 
1808  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1809  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1810  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1811  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1812 
1813  MemSet(nulls, 0, sizeof(nulls));
1814 
1815  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1816  result = HeapTupleGetDatum(tuple);
1817 
1818  SRF_RETURN_NEXT(funcctx, result);
1819  }
1820  }
1821 
1822  SRF_RETURN_DONE(funcctx);
1823 }
Oid ai_grantee
Definition: acl.h:56
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1688
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:44
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:282
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
#define MemSet(start, val, len)
Definition: c.h:962
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:263
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:286
Oid ai_grantor
Definition: acl.h:57
TupleDesc tuple_desc
Definition: funcapi.h:112
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:288
uint32 AclMode
Definition: parsenodes.h:72
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define ACL_NUM(ACL)
Definition: acl.h:108
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2052
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:603
uintptr_t Datum
Definition: postgres.h:367
#define ACL_DAT(ACL)
Definition: acl.h:109
#define BoolGetDatum(X)
Definition: postgres.h:402
Definition: acl.h:54
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:220
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
static Datum values[MAXATTR]
Definition: bootstrap.c:167
void * user_fctx
Definition: funcapi.h:82
void * palloc(Size size)
Definition: mcxt.c:949
#define CStringGetTextDatum(s)
Definition: builtins.h:83
int16 AttrNumber
Definition: attnum.h:21
static void check_acl(const Acl *acl)
Definition: acl.c:541
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:306
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:284

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1525 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1526 {
1527  ereport(ERROR,
1528  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1529  errmsg("aclinsert is no longer supported")));
1530 
1531  PG_RETURN_NULL(); /* keep compiler quiet */
1532 }
int errcode(int sqlerrcode)
Definition: elog.c:608
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:141
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 694 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

695 {
698  bool result;
699 
700  result = a1->ai_privs == a2->ai_privs &&
701  a1->ai_grantee == a2->ai_grantee &&
702  a1->ai_grantor == a2->ai_grantor;
703  PG_RETURN_BOOL(result);
704 }
Oid ai_grantee
Definition: acl.h:56
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
Oid ai_grantor
Definition: acl.h:57
AclMode ai_privs
Definition: acl.h:58
static const FormData_pg_attribute a2
Definition: heap.c:165
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
Definition: acl.h:54
static const FormData_pg_attribute a1
Definition: heap.c:151

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 659 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

660 {
661  return a1->ai_grantee == a2->ai_grantee &&
662  a1->ai_grantor == a2->ai_grantor;
663 }
Oid ai_grantee
Definition: acl.h:56
Oid ai_grantor
Definition: acl.h:57

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 670 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

671 {
672  const AclItem *a1 = (const AclItem *) arg1;
673  const AclItem *a2 = (const AclItem *) arg2;
674 
675  if (a1->ai_grantee > a2->ai_grantee)
676  return 1;
677  if (a1->ai_grantee < a2->ai_grantee)
678  return -1;
679  if (a1->ai_grantor > a2->ai_grantor)
680  return 1;
681  if (a1->ai_grantor < a2->ai_grantor)
682  return -1;
683  if (a1->ai_privs > a2->ai_privs)
684  return 1;
685  if (a1->ai_privs < a2->ai_privs)
686  return -1;
687  return 0;
688 }
Oid ai_grantee
Definition: acl.h:56
Oid ai_grantor
Definition: acl.h:57
AclMode ai_privs
Definition: acl.h:58
static const FormData_pg_attribute a2
Definition: heap.c:165
Definition: acl.h:54
static const FormData_pg_attribute a1
Definition: heap.c:151

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 566 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

567 {
568  const char *s = PG_GETARG_CSTRING(0);
569  AclItem *aip;
570 
571  aip = (AclItem *) palloc(sizeof(AclItem));
572  s = aclparse(s, aip);
573  while (isspace((unsigned char) *s))
574  ++s;
575  if (*s)
576  ereport(ERROR,
577  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
578  errmsg("extra garbage at the end of the ACL specification")));
579 
580  PG_RETURN_ACLITEM_P(aip);
581 }
int errcode(int sqlerrcode)
Definition: elog.c:608
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:141
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:239
Definition: acl.h:54
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
void * palloc(Size size)
Definition: mcxt.c:949
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:272

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 592 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

593 {
594  AclItem *aip = PG_GETARG_ACLITEM_P(0);
595  char *p;
596  char *out;
597  HeapTuple htup;
598  unsigned i;
599 
600  out = palloc(strlen("=/") +
601  2 * N_ACL_RIGHTS +
602  2 * (2 * NAMEDATALEN + 2) +
603  1);
604 
605  p = out;
606  *p = '\0';
607 
608  if (aip->ai_grantee != ACL_ID_PUBLIC)
609  {
611  if (HeapTupleIsValid(htup))
612  {
613  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
614  ReleaseSysCache(htup);
615  }
616  else
617  {
618  /* Generate numeric OID if we don't find an entry */
619  sprintf(p, "%u", aip->ai_grantee);
620  }
621  }
622  while (*p)
623  ++p;
624 
625  *p++ = '=';
626 
627  for (i = 0; i < N_ACL_RIGHTS; ++i)
628  {
629  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
630  *p++ = ACL_ALL_RIGHTS_STR[i];
631  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
632  *p++ = '*';
633  }
634 
635  *p++ = '/';
636  *p = '\0';
637 
639  if (HeapTupleIsValid(htup))
640  {
641  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
642  ReleaseSysCache(htup);
643  }
644  else
645  {
646  /* Generate numeric OID if we don't find an entry */
647  sprintf(p, "%u", aip->ai_grantor);
648  }
649 
650  PG_RETURN_CSTRING(out);
651 }
Oid ai_grantee
Definition: acl.h:56
static void putid(char *p, const char *s)
Definition: acl.c:190
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
NameData rolname
Definition: pg_authid.h:34
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
Oid ai_grantor
Definition: acl.h:57
#define NAMEDATALEN
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
#define sprintf
Definition: port.h:194
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1116
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
Definition: acl.h:54
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:352
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
void * palloc(Size size)
Definition: mcxt.c:949
int i
#define NameStr(name)
Definition: c.h:616
#define ACL_ID_PUBLIC
Definition: acl.h:46

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 496 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

497 {
498  if (acl != NULL && ACL_NUM(acl) > 1)
499  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
500 }
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
#define qsort(a, b, c, d)
Definition: port.h:491
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:670

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1321 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

1323 {
1324  AclMode result;
1326  AclItem *aidat;
1327  int i,
1328  num;
1329 
1330  /*
1331  * Null ACL should not happen, since caller should have inserted
1332  * appropriate default
1333  */
1334  if (acl == NULL)
1335  elog(ERROR, "null ACL");
1336 
1337  check_acl(acl);
1338 
1339  /* Quick exit for mask == 0 */
1340  if (mask == 0)
1341  return 0;
1342 
1343  result = 0;
1344 
1345  /* Owner always implicitly has all grant options */
1346  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1347  has_privs_of_role(roleid, ownerId))
1348  {
1349  result = mask & ACLITEM_ALL_GOPTION_BITS;
1350  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1351  return result;
1352  }
1353 
1354  num = ACL_NUM(acl);
1355  aidat = ACL_DAT(acl);
1356 
1357  /*
1358  * Check privileges granted directly to roleid or to public
1359  */
1360  for (i = 0; i < num; i++)
1361  {
1362  AclItem *aidata = &aidat[i];
1363 
1364  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1365  aidata->ai_grantee == roleid)
1366  {
1367  result |= aidata->ai_privs & mask;
1368  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1369  return result;
1370  }
1371  }
1372 
1373  /*
1374  * Check privileges granted indirectly via role memberships. We do this in
1375  * a separate pass to minimize expensive indirect membership tests. In
1376  * particular, it's worth testing whether a given ACL entry grants any
1377  * privileges still of interest before we perform the has_privs_of_role
1378  * test.
1379  */
1380  remaining = mask & ~result;
1381  for (i = 0; i < num; i++)
1382  {
1383  AclItem *aidata = &aidat[i];
1384 
1385  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1386  aidata->ai_grantee == roleid)
1387  continue; /* already checked it */
1388 
1389  if ((aidata->ai_privs & remaining) &&
1390  has_privs_of_role(roleid, aidata->ai_grantee))
1391  {
1392  result |= aidata->ai_privs & mask;
1393  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1394  return result;
1395  remaining = mask & ~result;
1396  }
1397  }
1398 
1399  return result;
1400 }
int remaining
Definition: informix.c:667
Oid ai_grantee
Definition: acl.h:56
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4900
AclMode ai_privs
Definition: acl.h:58
uint32 AclMode
Definition: parsenodes.h:72
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
#define elog(elevel,...)
Definition: elog.h:228
int i
#define ACL_ID_PUBLIC
Definition: acl.h:46
static void check_acl(const Acl *acl)
Definition: acl.c:541

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1410 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

1412 {
1413  AclMode result;
1414  AclItem *aidat;
1415  int i,
1416  num;
1417 
1418  /*
1419  * Null ACL should not happen, since caller should have inserted
1420  * appropriate default
1421  */
1422  if (acl == NULL)
1423  elog(ERROR, "null ACL");
1424 
1425  check_acl(acl);
1426 
1427  /* Quick exit for mask == 0 */
1428  if (mask == 0)
1429  return 0;
1430 
1431  result = 0;
1432 
1433  /* Owner always implicitly has all grant options */
1434  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1435  roleid == ownerId)
1436  {
1437  result = mask & ACLITEM_ALL_GOPTION_BITS;
1438  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1439  return result;
1440  }
1441 
1442  num = ACL_NUM(acl);
1443  aidat = ACL_DAT(acl);
1444 
1445  /*
1446  * Check privileges granted directly to roleid (and not to public)
1447  */
1448  for (i = 0; i < num; i++)
1449  {
1450  AclItem *aidata = &aidat[i];
1451 
1452  if (aidata->ai_grantee == roleid)
1453  {
1454  result |= aidata->ai_privs & mask;
1455  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1456  return result;
1457  }
1458  }
1459 
1460  return result;
1461 }
Oid ai_grantee
Definition: acl.h:56
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
AclMode ai_privs
Definition: acl.h:58
uint32 AclMode
Definition: parsenodes.h:72
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
#define elog(elevel,...)
Definition: elog.h:228
int i
static void check_acl(const Acl *acl)
Definition: acl.c:541

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1473 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), recordDependencyOnNewAcl(), and SetDefaultACL().

1474 {
1475  Oid *list;
1476  const AclItem *acldat;
1477  int i,
1478  j;
1479 
1480  if (acl == NULL || ACL_NUM(acl) == 0)
1481  {
1482  *roleids = NULL;
1483  return 0;
1484  }
1485 
1486  check_acl(acl);
1487 
1488  /* Allocate the worst-case space requirement */
1489  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1490  acldat = ACL_DAT(acl);
1491 
1492  /*
1493  * Walk the ACL collecting mentioned RoleIds.
1494  */
1495  j = 0;
1496  for (i = 0; i < ACL_NUM(acl); i++)
1497  {
1498  const AclItem *ai = &acldat[i];
1499 
1500  if (ai->ai_grantee != ACL_ID_PUBLIC)
1501  list[j++] = ai->ai_grantee;
1502  /* grantor is currently never PUBLIC, but let's check anyway */
1503  if (ai->ai_grantor != ACL_ID_PUBLIC)
1504  list[j++] = ai->ai_grantor;
1505  }
1506 
1507  /* Sort the array */
1508  qsort(list, j, sizeof(Oid), oid_cmp);
1509 
1510  /*
1511  * We could repalloc the array down to minimum size, but it's hardly worth
1512  * it since it's only transient memory.
1513  */
1514  *roleids = list;
1515 
1516  /* Remove duplicates from the array */
1517  return qunique(list, j, sizeof(Oid), oid_cmp);
1518 }
Oid ai_grantee
Definition: acl.h:56
unsigned int Oid
Definition: postgres_ext.h:31
Oid ai_grantor
Definition: acl.h:57
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21
void * palloc(Size size)
Definition: mcxt.c:949
int i
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define qsort(a, b, c, d)
Definition: port.h:491
static void check_acl(const Acl *acl)
Definition: acl.c:541

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 452 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

453 {
454  Acl *result_acl;
455  AclItem *aip;
456  int i,
457  num;
458 
459  /* Check for cases where one or both are empty/null */
460  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
461  {
462  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
463  return NULL;
464  else
465  return aclcopy(right_acl);
466  }
467  else
468  {
469  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
470  return aclcopy(left_acl);
471  }
472 
473  /* Merge them the hard way, one item at a time */
474  result_acl = aclcopy(left_acl);
475 
476  aip = ACL_DAT(right_acl);
477  num = ACL_NUM(right_acl);
478 
479  for (i = 0; i < num; i++, aip++)
480  {
481  Acl *tmp_acl;
482 
483  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
484  ownerId, DROP_RESTRICT);
485  pfree(result_acl);
486  result_acl = tmp_acl;
487  }
488 
489  return result_acl;
490 }
void pfree(void *pointer)
Definition: mcxt.c:1056
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_MODECHG_ADD
Definition: acl.h:129
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:408
int i
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:931

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1052 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

1053 {
1054  Acl *new_acl;
1055  AclItem *new_aip;
1056  AclItem *old_aip;
1057  AclItem *dst_aip;
1058  AclItem *src_aip;
1059  AclItem *targ_aip;
1060  bool newpresent = false;
1061  int dst,
1062  src,
1063  targ,
1064  num;
1065 
1066  check_acl(old_acl);
1067 
1068  /*
1069  * Make a copy of the given ACL, substituting new owner ID for old
1070  * wherever it appears as either grantor or grantee. Also note if the new
1071  * owner ID is already present.
1072  */
1073  num = ACL_NUM(old_acl);
1074  old_aip = ACL_DAT(old_acl);
1075  new_acl = allocacl(num);
1076  new_aip = ACL_DAT(new_acl);
1077  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1078  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1079  {
1080  if (dst_aip->ai_grantor == oldOwnerId)
1081  dst_aip->ai_grantor = newOwnerId;
1082  else if (dst_aip->ai_grantor == newOwnerId)
1083  newpresent = true;
1084  if (dst_aip->ai_grantee == oldOwnerId)
1085  dst_aip->ai_grantee = newOwnerId;
1086  else if (dst_aip->ai_grantee == newOwnerId)
1087  newpresent = true;
1088  }
1089 
1090  /*
1091  * If the old ACL contained any references to the new owner, then we may
1092  * now have generated an ACL containing duplicate entries. Find them and
1093  * merge them so that there are not duplicates. (This is relatively
1094  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1095  * be the normal case.)
1096  *
1097  * To simplify deletion of duplicate entries, we temporarily leave them in
1098  * the array but set their privilege masks to zero; when we reach such an
1099  * entry it's just skipped. (Thus, a side effect of this code will be to
1100  * remove privilege-free entries, should there be any in the input.) dst
1101  * is the next output slot, targ is the currently considered input slot
1102  * (always >= dst), and src scans entries to the right of targ looking for
1103  * duplicates. Once an entry has been emitted to dst it is known
1104  * duplicate-free and need not be considered anymore.
1105  */
1106  if (newpresent)
1107  {
1108  dst = 0;
1109  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1110  {
1111  /* ignore if deleted in an earlier pass */
1112  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1113  continue;
1114  /* find and merge any duplicates */
1115  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1116  src++, src_aip++)
1117  {
1118  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1119  continue;
1120  if (aclitem_match(targ_aip, src_aip))
1121  {
1122  ACLITEM_SET_RIGHTS(*targ_aip,
1123  ACLITEM_GET_RIGHTS(*targ_aip) |
1124  ACLITEM_GET_RIGHTS(*src_aip));
1125  /* mark the duplicate deleted */
1126  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1127  }
1128  }
1129  /* and emit to output */
1130  new_aip[dst] = *targ_aip;
1131  dst++;
1132  }
1133  /* Adjust array size to be 'dst' items */
1134  ARR_DIMS(new_acl)[0] = dst;
1135  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1136  }
1137 
1138  return new_acl;
1139 }
Oid ai_grantee
Definition: acl.h:56
static Acl * allocacl(int n)
Definition: acl.c:377
Oid ai_grantor
Definition: acl.h:57
#define ARR_DIMS(a)
Definition: array.h:282
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:659
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
#define ACL_N_SIZE(N)
Definition: acl.h:110
static void check_acl(const Acl *acl)
Definition: acl.c:541

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 239 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, elog, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), LOG, name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

240 {
241  AclMode privs,
242  goption,
243  read;
244  char name[NAMEDATALEN];
245  char name2[NAMEDATALEN];
246 
247  Assert(s && aip);
248 
249 #ifdef ACLDEBUG
250  elog(LOG, "aclparse: input = \"%s\"", s);
251 #endif
252  s = getid(s, name);
253  if (*s != '=')
254  {
255  /* we just read a keyword, not a name */
256  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
257  ereport(ERROR,
258  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
259  errmsg("unrecognized key word: \"%s\"", name),
260  errhint("ACL key word must be \"group\" or \"user\".")));
261  s = getid(s, name); /* move s to the name beyond the keyword */
262  if (name[0] == '\0')
263  ereport(ERROR,
264  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
265  errmsg("missing name"),
266  errhint("A name must follow the \"group\" or \"user\" key word.")));
267  }
268 
269  if (*s != '=')
270  ereport(ERROR,
271  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
272  errmsg("missing \"=\" sign")));
273 
274  privs = goption = ACL_NO_RIGHTS;
275 
276  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
277  {
278  switch (*s)
279  {
280  case '*':
281  goption |= read;
282  break;
283  case ACL_INSERT_CHR:
284  read = ACL_INSERT;
285  break;
286  case ACL_SELECT_CHR:
287  read = ACL_SELECT;
288  break;
289  case ACL_UPDATE_CHR:
290  read = ACL_UPDATE;
291  break;
292  case ACL_DELETE_CHR:
293  read = ACL_DELETE;
294  break;
295  case ACL_TRUNCATE_CHR:
296  read = ACL_TRUNCATE;
297  break;
298  case ACL_REFERENCES_CHR:
299  read = ACL_REFERENCES;
300  break;
301  case ACL_TRIGGER_CHR:
302  read = ACL_TRIGGER;
303  break;
304  case ACL_EXECUTE_CHR:
305  read = ACL_EXECUTE;
306  break;
307  case ACL_USAGE_CHR:
308  read = ACL_USAGE;
309  break;
310  case ACL_CREATE_CHR:
311  read = ACL_CREATE;
312  break;
313  case ACL_CREATE_TEMP_CHR:
314  read = ACL_CREATE_TEMP;
315  break;
316  case ACL_CONNECT_CHR:
317  read = ACL_CONNECT;
318  break;
319  case 'R': /* ignore old RULE privileges */
320  read = 0;
321  break;
322  default:
323  ereport(ERROR,
324  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
325  errmsg("invalid mode character: must be one of \"%s\"",
327  }
328 
329  privs |= read;
330  }
331 
332  if (name[0] == '\0')
333  aip->ai_grantee = ACL_ID_PUBLIC;
334  else
335  aip->ai_grantee = get_role_oid(name, false);
336 
337  /*
338  * XXX Allow a degree of backward compatibility by defaulting the grantor
339  * to the superuser.
340  */
341  if (*s == '/')
342  {
343  s = getid(s + 1, name2);
344  if (name2[0] == '\0')
345  ereport(ERROR,
346  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
347  errmsg("a name must follow the \"/\" sign")));
348  aip->ai_grantor = get_role_oid(name2, false);
349  }
350  else
351  {
352  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
354  (errcode(ERRCODE_INVALID_GRANTOR),
355  errmsg("defaulting grantor to user ID %u",
356  BOOTSTRAP_SUPERUSERID)));
357  }
358 
359  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
360 
361 #ifdef ACLDEBUG
362  elog(LOG, "aclparse: correctly read [%u %x %x]",
363  aip->ai_grantee, privs, goption);
364 #endif
365 
366  return s;
367 }
Oid ai_grantee
Definition: acl.h:56
#define ACL_INSERT_CHR
Definition: acl.h:137
int errhint(const char *fmt,...)
Definition: elog.c:1069
#define ACL_CONNECT_CHR
Definition: acl.h:148
#define ACL_DELETE_CHR
Definition: acl.h:140
int errcode(int sqlerrcode)
Definition: elog.c:608
#define ACL_DELETE
Definition: parsenodes.h:77
#define LOG
Definition: elog.h:26
Oid ai_grantor
Definition: acl.h:57
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5183
#define NAMEDATALEN
uint32 AclMode
Definition: parsenodes.h:72
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:84
static const char * getid(const char *s, char *n)
Definition: acl.c:138
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
#define ACL_TRIGGER
Definition: parsenodes.h:80
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
#define ACL_REFERENCES_CHR
Definition: acl.h:142
#define ACL_USAGE
Definition: parsenodes.h:82
#define ereport(elevel, rest)
Definition: elog.h:141
#define ACL_CONNECT
Definition: parsenodes.h:86
#define WARNING
Definition: elog.h:40
#define ACL_SELECT_CHR
Definition: acl.h:138
#define ACL_UPDATE
Definition: parsenodes.h:76
#define ACL_SELECT
Definition: parsenodes.h:75
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
#define ACL_USAGE_CHR
Definition: acl.h:145
#define ACL_REFERENCES
Definition: parsenodes.h:79
#define Assert(condition)
Definition: c.h:739
#define ACL_INSERT
Definition: parsenodes.h:74
#define ACL_UPDATE_CHR
Definition: acl.h:139
const char * name
Definition: encode.c:521
#define ACL_TRIGGER_CHR
Definition: acl.h:143
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define ACL_EXECUTE
Definition: parsenodes.h:81
#define elog(elevel,...)
Definition: elog.h:228
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
#define read(a, b, c)
Definition: win32.h:13
#define ACL_EXECUTE_CHR
Definition: acl.h:144
#define ACL_CREATE_CHR
Definition: acl.h:146
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1535 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1536 {
1537  ereport(ERROR,
1538  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1539  errmsg("aclremove is no longer supported")));
1540 
1541  PG_RETURN_NULL(); /* keep compiler quiet */
1542 }
int errcode(int sqlerrcode)
Definition: elog.c:608
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:141
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 931 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), memmove, recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

933 {
934  Acl *new_acl = NULL;
935  AclItem *old_aip,
936  *new_aip = NULL;
937  AclMode old_rights,
938  old_goptions,
939  new_rights,
940  new_goptions;
941  int dst,
942  num;
943 
944  /* Caller probably already checked old_acl, but be safe */
945  check_acl(old_acl);
946 
947  /* If granting grant options, check for circularity */
948  if (modechg != ACL_MODECHG_DEL &&
949  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
950  check_circularity(old_acl, mod_aip, ownerId);
951 
952  num = ACL_NUM(old_acl);
953  old_aip = ACL_DAT(old_acl);
954 
955  /*
956  * Search the ACL for an existing entry for this grantee and grantor. If
957  * one exists, just modify the entry in-place (well, in the same position,
958  * since we actually return a copy); otherwise, insert the new entry at
959  * the end.
960  */
961 
962  for (dst = 0; dst < num; ++dst)
963  {
964  if (aclitem_match(mod_aip, old_aip + dst))
965  {
966  /* found a match, so modify existing item */
967  new_acl = allocacl(num);
968  new_aip = ACL_DAT(new_acl);
969  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
970  break;
971  }
972  }
973 
974  if (dst == num)
975  {
976  /* need to append a new item */
977  new_acl = allocacl(num + 1);
978  new_aip = ACL_DAT(new_acl);
979  memcpy(new_aip, old_aip, num * sizeof(AclItem));
980 
981  /* initialize the new entry with no permissions */
982  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
983  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
984  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
986  num++; /* set num to the size of new_acl */
987  }
988 
989  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
990  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
991 
992  /* apply the specified permissions change */
993  switch (modechg)
994  {
995  case ACL_MODECHG_ADD:
996  ACLITEM_SET_RIGHTS(new_aip[dst],
997  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
998  break;
999  case ACL_MODECHG_DEL:
1000  ACLITEM_SET_RIGHTS(new_aip[dst],
1001  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1002  break;
1003  case ACL_MODECHG_EQL:
1004  ACLITEM_SET_RIGHTS(new_aip[dst],
1005  ACLITEM_GET_RIGHTS(*mod_aip));
1006  break;
1007  }
1008 
1009  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1010  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1011 
1012  /*
1013  * If the adjusted entry has no permissions, delete it from the list.
1014  */
1015  if (new_rights == ACL_NO_RIGHTS)
1016  {
1017  memmove(new_aip + dst,
1018  new_aip + dst + 1,
1019  (num - dst - 1) * sizeof(AclItem));
1020  /* Adjust array size to be 'num - 1' items */
1021  ARR_DIMS(new_acl)[0] = num - 1;
1022  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1023  }
1024 
1025  /*
1026  * Remove abandoned privileges (cascading revoke). Currently we can only
1027  * handle this when the grantee is not PUBLIC.
1028  */
1029  if ((old_goptions & ~new_goptions) != 0)
1030  {
1031  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1032  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1033  (old_goptions & ~new_goptions),
1034  ownerId, behavior);
1035  }
1036 
1037  return new_acl;
1038 }
Oid ai_grantee
Definition: acl.h:56
#define ACL_MODECHG_EQL
Definition: acl.h:131
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
static Acl * allocacl(int n)
Definition: acl.c:377
#define ACL_MODECHG_DEL
Definition: acl.h:130
#define ACL_SIZE(ACL)
Definition: acl.h:111
Oid ai_grantor
Definition: acl.h:57
uint32 AclMode
Definition: parsenodes.h:72
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1155
#define ARR_DIMS(a)
Definition: array.h:282
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
#define memmove(d, s, c)
Definition: c.h:1266
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
#define ACL_MODECHG_ADD
Definition: acl.h:129
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
#define Assert(condition)
Definition: c.h:739
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:659
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1235
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
#define ACL_N_SIZE(N)
Definition: acl.h:110
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
static void check_acl(const Acl *acl)
Definition: acl.c:541

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 377 of file acl.c.

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

378 {
379  Acl *new_acl;
380  Size size;
381 
382  if (n < 0)
383  elog(ERROR, "invalid size: %d", n);
384  size = ACL_N_SIZE(n);
385  new_acl = (Acl *) palloc0(size);
386  SET_VARSIZE(new_acl, size);
387  new_acl->ndim = 1;
388  new_acl->dataoffset = 0; /* we never put in any nulls */
389  new_acl->elemtype = ACLITEMOID;
390  ARR_LBOUND(new_acl)[0] = 1;
391  ARR_DIMS(new_acl)[0] = n;
392  return new_acl;
393 }
int32 dataoffset
Definition: array.h:84
#define ARR_LBOUND(a)
Definition: array.h:284
#define ERROR
Definition: elog.h:43
Oid elemtype
Definition: array.h:85
#define ARR_DIMS(a)
Definition: array.h:282
void * palloc0(Size size)
Definition: mcxt.c:980
size_t Size
Definition: c.h:467
#define elog(elevel,...)
Definition: elog.h:228
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
#define ACL_N_SIZE(N)
Definition: acl.h:110
int ndim
Definition: array.h:83

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 541 of file acl.c.

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

542 {
543  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
544  ereport(ERROR,
545  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
546  errmsg("ACL array contains wrong data type")));
547  if (ARR_NDIM(acl) != 1)
548  ereport(ERROR,
549  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
550  errmsg("ACL arrays must be one-dimensional")));
551  if (ARR_HASNULL(acl))
552  ereport(ERROR,
553  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
554  errmsg("ACL arrays must not contain null values")));
555 }
int errcode(int sqlerrcode)
Definition: elog.c:608
#define ERROR
Definition: elog.h:43
#define ARR_HASNULL(a)
Definition: array.h:279
#define ereport(elevel, rest)
Definition: elog.h:141
#define ARR_NDIM(a)
Definition: array.h:278
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define ARR_ELEMTYPE(a)
Definition: array.h:280

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1155 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

1157 {
1158  Acl *acl;
1159  AclItem *aip;
1160  int i,
1161  num;
1162  AclMode own_privs;
1163 
1164  check_acl(old_acl);
1165 
1166  /*
1167  * For now, grant options can only be granted to roles, not PUBLIC.
1168  * Otherwise we'd have to work a bit harder here.
1169  */
1170  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1171 
1172  /* The owner always has grant options, no need to check */
1173  if (mod_aip->ai_grantor == ownerId)
1174  return;
1175 
1176  /* Make a working copy */
1177  acl = allocacl(ACL_NUM(old_acl));
1178  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1179 
1180  /* Zap all grant options of target grantee, plus what depends on 'em */
1181 cc_restart:
1182  num = ACL_NUM(acl);
1183  aip = ACL_DAT(acl);
1184  for (i = 0; i < num; i++)
1185  {
1186  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1188  {
1189  Acl *new_acl;
1190 
1191  /* We'll actually zap ordinary privs too, but no matter */
1192  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1193  ownerId, DROP_CASCADE);
1194 
1195  pfree(acl);
1196  acl = new_acl;
1197 
1198  goto cc_restart;
1199  }
1200  }
1201 
1202  /* Now we can compute grantor's independently-derived privileges */
1203  own_privs = aclmask(acl,
1204  mod_aip->ai_grantor,
1205  ownerId,
1207  ACLMASK_ALL);
1208  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1209 
1210  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1211  ereport(ERROR,
1212  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1213  errmsg("grant options cannot be granted back to your own grantor")));
1214 
1215  pfree(acl);
1216 }
Oid ai_grantee
Definition: acl.h:56
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
static Acl * allocacl(int n)
Definition: acl.c:377
#define ACL_MODECHG_DEL
Definition: acl.h:130
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1321
#define ACL_SIZE(ACL)
Definition: acl.h:111
int errcode(int sqlerrcode)
Definition: elog.c:608
Oid ai_grantor
Definition: acl.h:57
uint32 AclMode
Definition: parsenodes.h:72
void pfree(void *pointer)
Definition: mcxt.c:1056
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:108
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
#define ereport(elevel, rest)
Definition: elog.h:141
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
#define ACL_DAT(ACL)
Definition: acl.h:109
Definition: acl.h:54
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
#define Assert(condition)
Definition: c.h:739
int errmsg(const char *fmt,...)
Definition: elog.c:822
int i
#define ACL_ID_PUBLIC
Definition: acl.h:46
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:931
static void check_acl(const Acl *acl)
Definition: acl.c:541

◆ check_is_member_of_role()

void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 4946 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

4947 {
4948  if (!is_member_of_role(member, role))
4949  ereport(ERROR,
4950  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4951  errmsg("must be member of role \"%s\"",
4952  GetUserNameFromId(role, false))));
4953 }
int errcode(int sqlerrcode)
Definition: elog.c:608
Oid member
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:141
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4924
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:795
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5322 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

5323 {
5324  if (!role)
5325  return;
5326 
5327  if (role->roletype != ROLESPEC_CSTRING)
5328  return;
5329 
5330  if (IsReservedName(role->rolename))
5331  {
5332  if (detail_msg)
5333  ereport(ERROR,
5334  (errcode(ERRCODE_RESERVED_NAME),
5335  errmsg("role name \"%s\" is reserved",
5336  role->rolename),
5337  errdetail("%s", detail_msg)));
5338  else
5339  ereport(ERROR,
5340  (errcode(ERRCODE_RESERVED_NAME),
5341  errmsg("role name \"%s\" is reserved",
5342  role->rolename)));
5343  }
5344 }
int errcode(int sqlerrcode)
Definition: elog.c:608
bool IsReservedName(const char *name)
Definition: catalog.c:213
#define ERROR
Definition: elog.h:43
int errdetail(const char *fmt,...)
Definition: elog.c:955
#define ereport(elevel, rest)
Definition: elog.h:141
RoleSpecType roletype
Definition: parsenodes.h:328
char * rolename
Definition: parsenodes.h:329
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2458 of file acl.c.

References ACLCHECK_OK, ATTNUM, GETSTRUCT, HeapTupleIsValid, Int16GetDatum, InvalidAttrNumber, ObjectIdGetDatum, pg_attribute_aclcheck(), pg_class_aclcheck(), ReleaseSysCache(), RELOID, SearchSysCache2(), and SearchSysCacheExists1.

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2460 {
2461  AclResult aclresult;
2462  HeapTuple attTuple;
2463  Form_pg_attribute attributeForm;
2464 
2465  /*
2466  * If convert_column_name failed, we can just return -1 immediately.
2467  */
2468  if (attnum == InvalidAttrNumber)
2469  return -1;
2470 
2471  /*
2472  * First check if we have the privilege at the table level. We check
2473  * existence of the pg_class row before risking calling pg_class_aclcheck.
2474  * Note: it might seem there's a race condition against concurrent DROP,
2475  * but really it's safe because there will be no syscache flush between
2476  * here and there. So if we see the row in the syscache, so will
2477  * pg_class_aclcheck.
2478  */
2480  return -1;
2481 
2482  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2483 
2484  if (aclresult == ACLCHECK_OK)
2485  return true;
2486 
2487  /*
2488  * No table privilege, so try per-column privileges. Again, we have to
2489  * check for dropped attribute first, and we rely on the syscache not to
2490  * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
2491  */
2492  attTuple = SearchSysCache2(ATTNUM,
2493  ObjectIdGetDatum(tableoid),
2495  if (!HeapTupleIsValid(attTuple))
2496  return -1;
2497  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2498  if (attributeForm->attisdropped)
2499  {
2500  ReleaseSysCache(attTuple);
2501  return -1;
2502  }
2503  ReleaseSysCache(attTuple);
2504 
2505  aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
2506 
2507  return (aclresult == ACLCHECK_OK);
2508 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
AclResult pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: aclchk.c:4515
#define Int16GetDatum(X)
Definition: postgres.h:451
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:200
AclResult
Definition: acl.h:177
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
int16 attnum
Definition: pg_attribute.h:79
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1127
#define InvalidAttrNumber
Definition: attnum.h:23
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4629

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1688 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

1689 {
1690  switch (aclright)
1691  {
1692  case ACL_INSERT:
1693  return "INSERT";
1694  case ACL_SELECT:
1695  return "SELECT";
1696  case ACL_UPDATE:
1697  return "UPDATE";
1698  case ACL_DELETE:
1699  return "DELETE";
1700  case ACL_TRUNCATE:
1701  return "TRUNCATE";
1702  case ACL_REFERENCES:
1703  return "REFERENCES";
1704  case ACL_TRIGGER:
1705  return "TRIGGER";
1706  case ACL_EXECUTE:
1707  return "EXECUTE";
1708  case ACL_USAGE:
1709  return "USAGE";
1710  case ACL_CREATE:
1711  return "CREATE";
1712  case ACL_CREATE_TEMP:
1713  return "TEMPORARY";
1714  case ACL_CONNECT:
1715  return "CONNECT";
1716  default:
1717  elog(ERROR, "unrecognized aclright: %d", aclright);
1718  return NULL;
1719  }
1720 }
#define ACL_DELETE
Definition: parsenodes.h:77
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:84
#define ACL_TRIGGER
Definition: parsenodes.h:80
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_CONNECT
Definition: parsenodes.h:86
#define ACL_UPDATE
Definition: parsenodes.h:76
#define ACL_SELECT
Definition: parsenodes.h:75
#define ACL_REFERENCES
Definition: parsenodes.h:79
#define ACL_INSERT
Definition: parsenodes.h:74
#define ACL_EXECUTE
Definition: parsenodes.h:81
#define elog(elevel,...)
Definition: elog.h:228
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1640 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

1642 {
1643  AclMode result = 0;
1644  char *priv_type = text_to_cstring(priv_type_text);
1645  char *chunk;
1646  char *next_chunk;
1647 
1648  /* We rely on priv_type being a private, modifiable string */
1649  for (chunk = priv_type; chunk; chunk = next_chunk)
1650  {
1651  int chunk_len;
1652  const priv_map *this_priv;
1653 
1654  /* Split string at commas */
1655  next_chunk = strchr(chunk, ',');
1656  if (next_chunk)
1657  *next_chunk++ = '\0';
1658 
1659  /* Drop leading/trailing whitespace in this chunk */
1660  while (*chunk && isspace((unsigned char) *chunk))
1661  chunk++;
1662  chunk_len = strlen(chunk);
1663  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1664  chunk_len--;
1665  chunk[chunk_len] = '\0';
1666 
1667  /* Match to the privileges list */
1668  for (this_priv = privileges; this_priv->name; this_priv++)
1669  {
1670  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1671  {
1672  result |= this_priv->value;
1673  break;
1674  }
1675  }
1676  if (!this_priv->name)
1677  ereport(ERROR,
1678  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1679  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1680  }
1681 
1682  pfree(priv_type);
1683  return result;
1684 }
Definition: acl.c:44
int errcode(int sqlerrcode)
Definition: elog.c:608
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
const char * name
Definition: acl.c:46
uint32 AclMode
Definition: parsenodes.h:72
void pfree(void *pointer)
Definition: mcxt.c:1056
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:141
AclMode value
Definition: acl.c:47
char * text_to_cstring(const text *t)
Definition: varlena.c:204
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2836 of file acl.c.

References ATTNAME, attnum, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum, pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

2837 {
2838  char *colname;
2839  HeapTuple attTuple;
2841 
2842  colname = text_to_cstring(column);
2843 
2844  /*
2845  * We don't use get_attnum() here because it will report that dropped
2846  * columns don't exist. We need to treat dropped columns differently from
2847  * nonexistent columns.
2848  */
2849  attTuple = SearchSysCache2(ATTNAME,
2850  ObjectIdGetDatum(tableoid),
2851  CStringGetDatum(colname));
2852  if (HeapTupleIsValid(attTuple))
2853  {
2854  Form_pg_attribute attributeForm;
2855 
2856  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2857  /* We want to return NULL for dropped columns */
2858  if (attributeForm->attisdropped)
2859  attnum = InvalidAttrNumber;
2860  else
2861  attnum = attributeForm->attnum;
2862  ReleaseSysCache(attTuple);
2863  }
2864  else
2865  {
2866  char *tablename = get_rel_name(tableoid);
2867 
2868  /*
2869  * If the table OID is bogus, or it's just been dropped, we'll get
2870  * NULL back. In such cases we want has_column_privilege to return
2871  * NULL too, so just return InvalidAttrNumber.
2872  */
2873  if (tablename != NULL)
2874  {
2875  /* tableoid exists, colname does not, so throw error */
2876  ereport(ERROR,
2877  (errcode(ERRCODE_UNDEFINED_COLUMN),
2878  errmsg("column \"%s\" of relation \"%s\" does not exist",
2879  colname, tablename)));
2880  }
2881  /* tableoid doesn't exist, so act like attisdropped case */
2882  attnum = InvalidAttrNumber;
2883  }
2884 
2885  pfree(colname);
2886  return attnum;
2887 }
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
int errcode(int sqlerrcode)
Definition: elog.c:608
void pfree(void *pointer)
Definition: mcxt.c:1056
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:578
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:200
#define ereport(elevel, rest)
Definition: elog.h:141
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
int16 attnum
Definition: pg_attribute.h:79
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1127
#define InvalidAttrNumber
Definition: attnum.h:23
char * text_to_cstring(const text *t)
Definition: varlena.c:204
int errmsg(const char *fmt,...)
Definition: elog.c:822
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1730
int16 AttrNumber
Definition: attnum.h:21

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2894 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2895 {
2896  static const priv_map column_priv_map[] = {
2897  {"SELECT", ACL_SELECT},
2898  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2899  {"INSERT", ACL_INSERT},
2900  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2901  {"UPDATE", ACL_UPDATE},
2902  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2903  {"REFERENCES", ACL_REFERENCES},
2904  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2905  {NULL, 0}
2906  };
2907 
2908  return convert_any_priv_string(priv_type_text, column_priv_map);
2909 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_UPDATE
Definition: parsenodes.h:76
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
#define ACL_SELECT
Definition: parsenodes.h:75
#define ACL_REFERENCES
Definition: parsenodes.h:79
#define ACL_INSERT
Definition: parsenodes.h:74

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3079 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

3080 {
3081  char *dbname = text_to_cstring(databasename);
3082 
3083  return get_database_oid(dbname, false);
3084 }
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2108
char * dbname
Definition: streamutil.c:50
char * text_to_cstring(const text *t)
Definition: varlena.c:204

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3091 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

3092 {
3093  static const priv_map database_priv_map[] = {
3094  {"CREATE", ACL_CREATE},
3095  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3096  {"TEMPORARY", ACL_CREATE_TEMP},
3097  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3098  {"TEMP", ACL_CREATE_TEMP},
3099  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3100  {"CONNECT", ACL_CONNECT},
3101  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3102  {NULL, 0}
3103  };
3104 
3105  return convert_any_priv_string(priv_type_text, database_priv_map);
3106 
3107 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_CREATE
Definition: parsenodes.h:84
#define ACL_CONNECT
Definition: parsenodes.h:86
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3277 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

3278 {
3279  char *fdwstr = text_to_cstring(fdwname);
3280 
3281  return get_foreign_data_wrapper_oid(fdwstr, false);
3282 }
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:691
char * text_to_cstring(const text *t)
Definition: varlena.c:204

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3289 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

3290 {
3291  static const priv_map foreign_data_wrapper_priv_map[] = {
3292  {"USAGE", ACL_USAGE},
3293  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3294  {NULL, 0}
3295  };
3296 
3297  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3298 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3468 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

3469 {
3470  char *funcname = text_to_cstring(functionname);
3471  Oid oid;
3472 
3474  CStringGetDatum(funcname)));
3475 
3476  if (!OidIsValid(oid))
3477  ereport(ERROR,
3478  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3479  errmsg("function \"%s\" does not exist", funcname)));
3480 
3481  return oid;
3482 }
#define DatumGetObjectId(X)
Definition: postgres.h:500
int errcode(int sqlerrcode)
Definition: elog.c:608
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:615
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:645
#define ERROR
Definition: elog.h:43
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:231
#define CStringGetDatum(X)
Definition: postgres.h:578
#define ereport(elevel, rest)
Definition: elog.h:141
char * text_to_cstring(const text *t)
Definition: varlena.c:204
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3489 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

3490 {
3491  static const priv_map function_priv_map[] = {
3492  {"EXECUTE", ACL_EXECUTE},
3493  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3494  {NULL, 0}
3495  };
3496 
3497  return convert_any_priv_string(priv_type_text, function_priv_map);
3498 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
#define ACL_EXECUTE
Definition: parsenodes.h:81

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3668 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

3669 {
3670  char *langname = text_to_cstring(languagename);
3671 
3672  return get_language_oid(langname, false);
3673 }
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:559
char * text_to_cstring(const text *t)
Definition: varlena.c:204

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3680 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

3681 {
3682  static const priv_map language_priv_map[] = {
3683  {"USAGE", ACL_USAGE},
3684  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3685  {NULL, 0}
3686  };
3687 
3688  return convert_any_priv_string(priv_type_text, language_priv_map);
3689 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_priv_string()

static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1590 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

1591 {
1592  char *priv_type = text_to_cstring(priv_type_text);
1593 
1594  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1595  return ACL_SELECT;
1596  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1597  return ACL_INSERT;
1598  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1599  return ACL_UPDATE;
1600  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1601  return ACL_DELETE;
1602  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1603  return ACL_TRUNCATE;
1604  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1605  return ACL_REFERENCES;
1606  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1607  return ACL_TRIGGER;
1608  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1609  return ACL_EXECUTE;
1610  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1611  return ACL_USAGE;
1612  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1613  return ACL_CREATE;
1614  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1615  return ACL_CREATE_TEMP;
1616  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1617  return ACL_CREATE_TEMP;
1618  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1619  return ACL_CONNECT;
1620  if (pg_strcasecmp(priv_type, "RULE") == 0)
1621  return 0; /* ignore old RULE privileges */
1622 
1623  ereport(ERROR,
1624  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1625  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1626  return ACL_NO_RIGHTS; /* keep compiler quiet */
1627 }
int errcode(int sqlerrcode)
Definition: elog.c:608
#define ACL_DELETE
Definition: parsenodes.h:77
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:84
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
#define ACL_TRIGGER
Definition: parsenodes.h:80
#define ACL_USAGE
Definition: parsenodes.h:82
#define ereport(elevel, rest)
Definition: elog.h:141
#define ACL_CONNECT
Definition: parsenodes.h:86
#define ACL_UPDATE
Definition: parsenodes.h:76
#define ACL_SELECT
Definition: parsenodes.h:75
#define ACL_REFERENCES
Definition: parsenodes.h:79
#define ACL_INSERT
Definition: parsenodes.h:74
char * text_to_cstring(const text *t)
Definition: varlena.c:204
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define ACL_EXECUTE
Definition: parsenodes.h:81
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4631 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

4632 {
4633  static const priv_map role_priv_map[] = {
4634  {"USAGE", ACL_USAGE},
4635  {"MEMBER", ACL_CREATE},
4636  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4637  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4638  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4639  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4640  {NULL, 0}
4641  };
4642 
4643  return convert_any_priv_string(priv_type_text, role_priv_map);
4644 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_CREATE
Definition: parsenodes.h:84
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3859 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

3860 {
3861  char *nspname = text_to_cstring(schemaname);
3862 
3863  return get_namespace_oid(nspname, false);
3864 }
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3035
char * text_to_cstring(const text *t)
Definition: varlena.c:204

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3871 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

3872 {
3873  static const priv_map schema_priv_map[] = {
3874  {"CREATE", ACL_CREATE},
3875  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3876  {"USAGE", ACL_USAGE},
3877  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3878  {NULL, 0}
3879  };
3880 
3881  return convert_any_priv_string(priv_type_text, schema_priv_map);
3882 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_CREATE
Definition: parsenodes.h:84
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2233 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

2234 {
2235  static const priv_map sequence_priv_map[] = {
2236  {"USAGE", ACL_USAGE},
2237  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2238  {"SELECT", ACL_SELECT},
2239  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2240  {"UPDATE", ACL_UPDATE},
2241  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2242  {NULL, 0}
2243  };
2244 
2245  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2246 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_UPDATE
Definition: parsenodes.h:76
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
#define ACL_SELECT
Definition: parsenodes.h:75

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4052 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

4053 {
4054  char *serverstr = text_to_cstring(servername);
4055 
4056  return get_foreign_server_oid(serverstr, false);
4057 }
char * text_to_cstring(const text *t)
Definition: varlena.c:204
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:714

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4064 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

4065 {
4066  static const priv_map server_priv_map[] = {
4067  {"USAGE", ACL_USAGE},
4068  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4069  {NULL, 0}
4070  };
4071 
4072  return convert_any_priv_string(priv_type_text, server_priv_map);
4073 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2010 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

2011 {
2012  static const priv_map table_priv_map[] = {
2013  {"SELECT", ACL_SELECT},
2014  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2015  {"INSERT", ACL_INSERT},
2016  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2017  {"UPDATE", ACL_UPDATE},
2018  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2019  {"DELETE", ACL_DELETE},
2020  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2021  {"TRUNCATE", ACL_TRUNCATE},
2022  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2023  {"REFERENCES", ACL_REFERENCES},
2024  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2025  {"TRIGGER", ACL_TRIGGER},
2026  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2027  {"RULE", 0}, /* ignore old RULE privileges */
2028  {"RULE WITH GRANT OPTION", 0},
2029  {NULL, 0}
2030  };
2031 
2032  return convert_any_priv_string(priv_type_text, table_priv_map);
2033 }
Definition: acl.c:44
#define ACL_DELETE
Definition: parsenodes.h:77
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_TRIGGER
Definition: parsenodes.h:80
#define ACL_UPDATE
Definition: parsenodes.h:76
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
#define ACL_SELECT
Definition: parsenodes.h:75
#define ACL_REFERENCES
Definition: parsenodes.h:79
#define ACL_INSERT
Definition: parsenodes.h:74
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4243 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

4244 {
4245  char *spcname = text_to_cstring(tablespacename);
4246 
4247  return get_tablespace_oid(spcname, false);
4248 }
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1416
char * text_to_cstring(const text *t)
Definition: varlena.c:204

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4255 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

4256 {
4257  static const priv_map tablespace_priv_map[] = {
4258  {"CREATE", ACL_CREATE},
4259  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4260  {NULL, 0}
4261  };
4262 
4263  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4264 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_CREATE
Definition: parsenodes.h:84
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4433 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

4434 {
4435  char *typname = text_to_cstring(typename);
4436  Oid oid;
4437 
4439  CStringGetDatum(typname)));
4440 
4441  if (!OidIsValid(oid))
4442  ereport(ERROR,
4443  (errcode(ERRCODE_UNDEFINED_OBJECT),
4444  errmsg("type \"%s\" does not exist", typname)));
4445 
4446  return oid;
4447 }
#define DatumGetObjectId(X)
Definition: postgres.h:500
int errcode(int sqlerrcode)
Definition: elog.c:608
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:615
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:645
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:578
#define ereport(elevel, rest)
Definition: elog.h:141
NameData typname
Definition: pg_type.h:41
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1061
char * text_to_cstring(const text *t)
Definition: varlena.c:204
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4454 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

4455 {
4456  static const priv_map type_priv_map[] = {
4457  {"USAGE", ACL_USAGE},
4458  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4459  {NULL, 0}
4460  };
4461 
4462  return convert_any_priv_string(priv_type_text, type_priv_map);
4463 }
Definition: acl.c:44
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1640
#define ACL_USAGE
Definition: parsenodes.h:82
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5068 of file acl.c.

Referenced by select_best_grantor().

5069 {
5070  int nbits = 0;
5071 
5072  /* this code relies on AclMode being an unsigned type */
5073  while (mask)
5074  {
5075  if (mask & 1)
5076  nbits++;
5077  mask >>= 1;
5078  }
5079  return nbits;
5080 }

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5183 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

5184 {
5185  Oid oid;
5186 
5187  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5189  if (!OidIsValid(oid) && !missing_ok)
5190  ereport(ERROR,
5191  (errcode(ERRCODE_UNDEFINED_OBJECT),
5192  errmsg("role \"%s\" does not exist", rolname)));
5193  return oid;
5194 }
NameData rolname
Definition: pg_authid.h:34
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:192
int errcode(int sqlerrcode)
Definition: elog.c:608
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:645
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:578
#define ereport(elevel, rest)
Definition: elog.h:141
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ get_role_oid_or_public()

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5300 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

5301 {
5302  HeapTuple tp;
5303  Form_pg_authid authForm;
5304  char *rolename;
5305 
5306  tp = get_rolespec_tuple(role);
5307  authForm = (Form_pg_authid) GETSTRUCT(tp);
5308  rolename = pstrdup(NameStr(authForm->rolname));
5309  ReleaseSysCache(tp);
5310 
5311  return rolename;
5312 }
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
char * pstrdup(const char *in)
Definition: mcxt.c:1186
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5255
#define NameStr(name)
Definition: c.h:616

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5217 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

5218 {
5219  Oid oid;
5220 
5221  switch (role->roletype)
5222  {
5223  case ROLESPEC_CSTRING:
5224  Assert(role->rolename);
5225  oid = get_role_oid(role->rolename, missing_ok);
5226  break;
5227 
5228  case ROLESPEC_CURRENT_USER:
5229  oid = GetUserId();
5230  break;
5231 
5232  case ROLESPEC_SESSION_USER:
5233  oid = GetSessionUserId();
5234  break;
5235 
5236  case ROLESPEC_PUBLIC:
5237  ereport(ERROR,
5238  (errcode(ERRCODE_UNDEFINED_OBJECT),
5239  errmsg("role \"%s\" does not exist", "public")));
5240  oid = InvalidOid; /* make compiler happy */
5241  break;
5242 
5243  default:
5244  elog(ERROR, "unexpected role type %d", role->roletype);
5245  }
5246 
5247  return oid;
5248 }
Oid GetUserId(void)
Definition: miscinit.c:380
int errcode(int sqlerrcode)
Definition: elog.c:608
unsigned int Oid
Definition: postgres_ext.h:31
Oid GetSessionUserId(void)
Definition: miscinit.c:414
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5183
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:141
RoleSpecType roletype
Definition: parsenodes.h:328
#define InvalidOid
Definition: postgres_ext.h:36
#define Assert(condition)
Definition: c.h:739
char * rolename
Definition: parsenodes.h:329
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define elog(elevel,...)
Definition: elog.h:228

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5255 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

5256 {
5257  HeapTuple tuple;
5258 
5259  switch (role->roletype)
5260  {
5261  case ROLESPEC_CSTRING:
5262  Assert(role->rolename);
5264  if (!HeapTupleIsValid(tuple))
5265  ereport(ERROR,
5266  (errcode(ERRCODE_UNDEFINED_OBJECT),
5267  errmsg("role \"%s\" does not exist", role->rolename)));
5268  break;
5269 
5270  case ROLESPEC_CURRENT_USER:
5271  tuple = SearchSysCache1(AUTHOID, GetUserId());
5272  if (!HeapTupleIsValid(tuple))
5273  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5274  break;
5275 
5276  case ROLESPEC_SESSION_USER:
5278  if (!HeapTupleIsValid(tuple))
5279  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5280  break;
5281 
5282  case ROLESPEC_PUBLIC:
5283  ereport(ERROR,
5284  (errcode(ERRCODE_UNDEFINED_OBJECT),
5285  errmsg("role \"%s\" does not exist", "public")));
5286  tuple = NULL; /* make compiler happy */
5287  break;
5288 
5289  default:
5290  elog(ERROR, "unexpected role type %d", role->roletype);
5291  }
5292 
5293  return tuple;
5294 }
Oid GetUserId(void)
Definition: miscinit.c:380
int errcode(int sqlerrcode)
Definition: elog.c:608
Oid GetSessionUserId(void)
Definition: miscinit.c:414
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:578
#define ereport(elevel, rest)
Definition: elog.h:141
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1116
RoleSpecType roletype
Definition: parsenodes.h:328
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
#define Assert(condition)
Definition: c.h:739
char * rolename
Definition: parsenodes.h:329
int errmsg(const char *fmt,...)
Definition: elog.c:822
#define elog(elevel,...)
Definition: elog.h:228

◆ getid()

static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 138 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

139 {
140  int len = 0;
141  bool in_quotes = false;
142 
143  Assert(s && n);
144 
145  while (isspace((unsigned char) *s))
146  s++;
147  /* This code had better match what putid() does, below */
148  for (;
149  *s != '\0' &&
150  (isalnum((unsigned char) *s) ||
151  *s == '_' ||
152  *s == '"' ||
153  in_quotes);
154  s++)
155  {
156  if (*s == '"')
157  {
158  /* safe to look at next char (could be '\0' though) */
159  if (*(s + 1) != '"')
160  {
161  in_quotes = !in_quotes;
162  continue;
163  }
164  /* it's an escaped double quote; skip the escaping char */
165  s++;
166  }
167 
168  /* Add the character to the string */
169  if (len >= NAMEDATALEN - 1)
170  ereport(ERROR,
171  (errcode(ERRCODE_NAME_TOO_LONG),
172  errmsg("identifier too long"),
173  errdetail("Identifier must be less than %d characters.",
174  NAMEDATALEN)));
175 
176  n[len++] = *s;
177  }
178  n[len] = '\0';
179  while (isspace((unsigned char) *s))
180  s++;
181  return s;
182 }
int errcode(int sqlerrcode)
Definition: elog.c:608
#define NAMEDATALEN
#define ERROR
Definition: elog.h:43
int errdetail(const char *fmt,...)
Definition: elog.c:955
#define ereport(elevel, rest)
Definition: elog.h:141
#define Assert(condition)
Definition: c.h:739
int errmsg(const char *fmt,...)
Definition: elog.c:822

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2355 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2356 {
2357  Oid tableoid = PG_GETARG_OID(0);
2358  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2359  Oid roleid;
2360  AclMode mode;
2361  AclResult aclresult;
2362 
2363  roleid = GetUserId();
2364  mode = convert_column_priv_string(priv_type_text);
2365 
2367  PG_RETURN_NULL();
2368 
2369  /* First check at table level, then examine each column if needed */
2370  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2371  if (aclresult != ACLCHECK_OK)
2372  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2373  ACLMASK_ANY);
2374 
2375  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2376 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4544
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4629
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2411 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2412 {
2413  Oid roleid = PG_GETARG_OID(0);
2414  Oid tableoid = PG_GETARG_OID(1);
2415  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2416  AclMode mode;
2417  AclResult aclresult;
2418 
2419  mode = convert_column_priv_string(priv_type_text);
2420 
2422  PG_RETURN_NULL();
2423 
2424  /* First check at table level, then examine each column if needed */
2425  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2426  if (aclresult != ACLCHECK_OK)
2427  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2428  ACLMASK_ANY);
2429 
2430  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2431 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4544
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4629
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2384 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2385 {
2386  Oid roleid = PG_GETARG_OID(0);
2387  text *tablename = PG_GETARG_TEXT_PP(1);
2388  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2389  Oid tableoid;
2390  AclMode mode;
2391  AclResult aclresult;
2392 
2393  tableoid = convert_table_name(tablename);
2394  mode = convert_column_priv_string(priv_type_text);
2395 
2396  /* First check at table level, then examine each column if needed */
2397  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2398  if (aclresult != ACLCHECK_OK)
2399  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2400  ACLMASK_ANY);
2401 
2402  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2403 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4544
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4629
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2296 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2297 {
2298  text *tablename = PG_GETARG_TEXT_PP(0);
2299  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2300  Oid roleid;
2301  Oid tableoid;
2302  AclMode mode;
2303  AclResult aclresult;
2304 
2305  roleid = GetUserId();
2306  tableoid = convert_table_name(tablename);
2307  mode = convert_column_priv_string(priv_type_text);
2308 
2309  /* First check at table level, then examine each column if needed */
2310  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2311  if (aclresult != ACLCHECK_OK)
2312  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2313  ACLMASK_ANY);
2314 
2315  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2316 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4544
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4629
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2324 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

2325 {
2327  Oid tableoid = PG_GETARG_OID(1);
2328  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2329  Oid roleid;
2330  AclMode mode;
2331  AclResult aclresult;
2332 
2333  roleid = get_role_oid_or_public(NameStr(*username));
2334  mode = convert_column_priv_string(priv_type_text);
2335 
2337  PG_RETURN_NULL();
2338 
2339  /* First check at table level, then examine each column if needed */
2340  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2341  if (aclresult != ACLCHECK_OK)
2342  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2343  ACLMASK_ANY);
2344 
2345  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2346 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
Definition: c.h:610
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static char * username
Definition: initdb.c:133
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4544
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4629
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
#define PG_RETURN_NULL()
Definition: fmgr.h:335
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2266 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2267 {
2268  Name rolename = PG_GETARG_NAME(0);
2269  text *tablename = PG_GETARG_TEXT_PP(1);
2270  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2271  Oid roleid;
2272  Oid tableoid;
2273  AclMode mode;
2274  AclResult aclresult;
2275 
2276  roleid = get_role_oid_or_public(NameStr(*rolename));
2277  tableoid = convert_table_name(tablename);
2278  mode = convert_column_priv_string(priv_type_text);
2279 
2280  /* First check at table level, then examine each column if needed */
2281  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2282  if (aclresult != ACLCHECK_OK)
2283  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2284  ACLMASK_ANY);
2285 
2286  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2287 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
Definition: c.h:610
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4544
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4629
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2808 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2809 {
2810  Oid tableoid = PG_GETARG_OID(0);
2811  AttrNumber colattnum = PG_GETARG_INT16(1);
2812  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2813  Oid roleid;
2814  AclMode mode;
2815  int privresult;
2816 
2817  roleid = GetUserId();
2818  mode = convert_column_priv_string(priv_type_text);
2819 
2820  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2821  if (privresult < 0)
2822  PG_RETURN_NULL();
2823  PG_RETURN_BOOL(privresult);
2824 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
#define PG_GETARG_INT16(n)
Definition: fmgr.h:266
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2701 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2702 {
2703  Oid roleid = PG_GETARG_OID(0);
2704  Oid tableoid = PG_GETARG_OID(1);
2705  AttrNumber colattnum = PG_GETARG_INT16(2);
2706  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2707  AclMode mode;
2708  int privresult;
2709 
2710  mode = convert_column_priv_string(priv_type_text);
2711 
2712  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2713  if (privresult < 0)
2714  PG_RETURN_NULL();
2715  PG_RETURN_BOOL(privresult);
2716 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
#define PG_GETARG_INT16(n)
Definition: fmgr.h:266
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2676 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2677 {
2678  Oid roleid = PG_GETARG_OID(0);
2679  Oid tableoid = PG_GETARG_OID(1);
2680  text *column = PG_GETARG_TEXT_PP(2);
2681  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2682  AttrNumber colattnum;
2683  AclMode mode;
2684  int privresult;
2685 
2686  colattnum = convert_column_name(tableoid, column);
2687  mode = convert_column_priv_string(priv_type_text);
2688 
2689  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2690  if (privresult < 0)
2691  PG_RETURN_NULL();
2692  PG_RETURN_BOOL(privresult);
2693 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2836
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2781 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2782 {
2783  Oid tableoid = PG_GETARG_OID(0);
2784  text *column = PG_GETARG_TEXT_PP(1);
2785  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2786  Oid roleid;
2787  AttrNumber colattnum;
2788  AclMode mode;
2789  int privresult;
2790 
2791  roleid = GetUserId();
2792  colattnum = convert_column_name(tableoid, column);
2793  mode = convert_column_priv_string(priv_type_text);
2794 
2795  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2796  if (privresult < 0)
2797  PG_RETURN_NULL();
2798  PG_RETURN_BOOL(privresult);
2799 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2836
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2651 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2652 {
2653  Oid roleid = PG_GETARG_OID(0);
2654  text *tablename = PG_GETARG_TEXT_PP(1);
2655  AttrNumber colattnum = PG_GETARG_INT16(2);
2656  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2657  Oid tableoid;
2658  AclMode mode;
2659  int privresult;
2660 
2661  tableoid = convert_table_name(tablename);
2662  mode = convert_column_priv_string(priv_type_text);
2663 
2664  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2665  if (privresult < 0)
2666  PG_RETURN_NULL();
2667  PG_RETURN_BOOL(privresult);
2668 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
#define PG_GETARG_INT16(n)
Definition: fmgr.h:266
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2624 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2625 {
2626  Oid roleid = PG_GETARG_OID(0);
2627  text *tablename = PG_GETARG_TEXT_PP(1);
2628  text *column = PG_GETARG_TEXT_PP(2);
2629  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2630  Oid tableoid;
2631  AttrNumber colattnum;
2632  AclMode mode;
2633  int privresult;
2634 
2635  tableoid = convert_table_name(tablename);
2636  colattnum = convert_column_name(tableoid, column);
2637  mode = convert_column_priv_string(priv_type_text);
2638 
2639  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2640  if (privresult < 0)
2641  PG_RETURN_NULL();
2642  PG_RETURN_BOOL(privresult);
2643 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2836
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2754 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2755 {
2756  text *tablename = PG_GETARG_TEXT_PP(0);
2757  AttrNumber colattnum = PG_GETARG_INT16(1);
2758  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2759  Oid roleid;
2760  Oid tableoid;
2761  AclMode mode;
2762  int privresult;
2763 
2764  roleid = GetUserId();
2765  tableoid = convert_table_name(tablename);
2766  mode = convert_column_priv_string(priv_type_text);
2767 
2768  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2769  if (privresult < 0)
2770  PG_RETURN_NULL();
2771  PG_RETURN_BOOL(privresult);
2772 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
#define PG_GETARG_INT16(n)
Definition: fmgr.h:266
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2599 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2600 {
2602  Oid tableoid = PG_GETARG_OID(1);
2603  AttrNumber colattnum = PG_GETARG_INT16(2);
2604  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2605  Oid roleid;
2606  AclMode mode;
2607  int privresult;
2608 
2609  roleid = get_role_oid_or_public(NameStr(*username));
2610  mode = convert_column_priv_string(priv_type_text);
2611 
2612  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2613  if (privresult < 0)
2614  PG_RETURN_NULL();
2615  PG_RETURN_BOOL(privresult);
2616 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
Definition: c.h:610
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
#define PG_GETARG_INT16(n)
Definition: fmgr.h:266
static char * username
Definition: initdb.c:133
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2572 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2573 {
2575  Oid tableoid = PG_GETARG_OID(1);
2576  text *column = PG_GETARG_TEXT_PP(2);
2577  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2578  Oid roleid;
2579  AttrNumber colattnum;
2580  AclMode mode;
2581  int privresult;
2582 
2583  roleid = get_role_oid_or_public(NameStr(*username));
2584  colattnum = convert_column_name(tableoid, column);
2585  mode = convert_column_priv_string(priv_type_text);
2586 
2587  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2588  if (privresult < 0)
2589  PG_RETURN_NULL();
2590  PG_RETURN_BOOL(privresult);
2591 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2836
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
Definition: c.h:610
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static char * username
Definition: initdb.c:133
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2725 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2726 {
2727  text *tablename = PG_GETARG_TEXT_PP(0);
2728  text *column = PG_GETARG_TEXT_PP(1);
2729  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2730  Oid roleid;
2731  Oid tableoid;
2732  AttrNumber colattnum;
2733  AclMode mode;
2734  int privresult;
2735 
2736  roleid = GetUserId();
2737  tableoid = convert_table_name(tablename);
2738  colattnum = convert_column_name(tableoid, column);
2739  mode = convert_column_priv_string(priv_type_text);
2740 
2741  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2742  if (privresult < 0)
2743  PG_RETURN_NULL();
2744  PG_RETURN_BOOL(privresult);
2745 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2836
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2545 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2546 {
2547  Name rolename = PG_GETARG_NAME(0);
2548  text *tablename = PG_GETARG_TEXT_PP(1);
2549  AttrNumber colattnum = PG_GETARG_INT16(2);
2550  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2551  Oid roleid;
2552  Oid tableoid;
2553  AclMode mode;
2554  int privresult;
2555 
2556  roleid = get_role_oid_or_public(NameStr(*rolename));
2557  tableoid = convert_table_name(tablename);
2558  mode = convert_column_priv_string(priv_type_text);
2559 
2560  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2561  if (privresult < 0)
2562  PG_RETURN_NULL();
2563  PG_RETURN_BOOL(privresult);
2564 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
Definition: c.h:610
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
#define PG_GETARG_INT16(n)
Definition: fmgr.h:266
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2516 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2517 {
2518  Name rolename = PG_GETARG_NAME(0);
2519  text *tablename = PG_GETARG_TEXT_PP(1);
2520  text *column = PG_GETARG_TEXT_PP(2);
2521  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2522  Oid roleid;
2523  Oid tableoid;
2524  AttrNumber colattnum;
2525  AclMode mode;
2526  int privresult;
2527 
2528  roleid = get_role_oid_or_public(NameStr(*rolename));
2529  tableoid = convert_table_name(tablename);
2530  colattnum = convert_column_name(tableoid, column);
2531  mode = convert_column_priv_string(priv_type_text);
2532 
2533  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2534  if (privresult < 0)
2535  PG_RETURN_NULL();
2536  PG_RETURN_BOOL(privresult);
2537 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2836
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
Definition: c.h:610
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2458
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2894
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:335
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3005 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3006 {
3007  Oid databaseoid = PG_GETARG_OID(0);
3008  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3009  Oid roleid;
3010  AclMode mode;
3011  AclResult aclresult;
3012 
3013  roleid = GetUserId();
3014  mode = convert_database_priv_string(priv_type_text);
3015 
3017  PG_RETURN_NULL();
3018 
3019  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3020 
3021  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3022 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3091
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4641
Definition: c.h:556
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3053 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3054 {
3055  Oid roleid = PG_GETARG_OID(0);
3056  Oid databaseoid = PG_GETARG_OID(1);
3057  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3058  AclMode mode;
3059  AclResult aclresult;
3060 
3061  mode = convert_database_priv_string(priv_type_text);
3062 
3064  PG_RETURN_NULL();
3065 
3066  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3067 
3068  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3069 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3091
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4641
Definition: c.h:556
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3030 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3031 {
3032  Oid roleid = PG_GETARG_OID(0);
3033  text *databasename = PG_GETARG_TEXT_PP(1);
3034  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3035  Oid databaseoid;
3036  AclMode mode;
3037  AclResult aclresult;
3038 
3039  databaseoid = convert_database_name(databasename);
3040  mode = convert_database_priv_string(priv_type_text);
3041 
3042  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3043 
3044  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3045 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
static Oid convert_database_name(text *databasename)
Definition: acl.c:3079
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3091
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4641
Definition: c.h:556

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2954 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2955 {
2956  text *databasename = PG_GETARG_TEXT_PP(0);
2957  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2958  Oid roleid;
2959  Oid databaseoid;
2960  AclMode mode;
2961  AclResult aclresult;
2962 
2963  roleid = GetUserId();
2964  databaseoid = convert_database_name(databasename);
2965  mode = convert_database_priv_string(priv_type_text);
2966 
2967  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2968 
2969  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2970 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
static Oid convert_database_name(text *databasename)
Definition: acl.c:3079
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3091
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4641
Definition: c.h:556

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2978 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

2979 {
2981  Oid databaseoid = PG_GETARG_OID(1);
2982  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2983  Oid roleid;
2984  AclMode mode;
2985  AclResult aclresult;
2986 
2987  roleid = get_role_oid_or_public(NameStr(*username));
2988  mode = convert_database_priv_string(priv_type_text);
2989 
2991  PG_RETURN_NULL();
2992 
2993  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2994 
2995  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2996 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
Definition: c.h:610
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3091
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static char * username
Definition: initdb.c:133
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4641
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
#define PG_RETURN_NULL()
Definition: fmgr.h:335
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2928 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

2929 {
2931  text *databasename = PG_GETARG_TEXT_PP(1);
2932  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2933  Oid roleid;
2934  Oid databaseoid;
2935  AclMode mode;
2936  AclResult aclresult;
2937 
2938  roleid = get_role_oid_or_public(NameStr(*username));
2939  databaseoid = convert_database_name(databasename);
2940  mode = convert_database_priv_string(priv_type_text);
2941 
2942  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2943 
2944  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2945 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
Definition: c.h:610
static Oid convert_database_name(text *databasename)
Definition: acl.c:3079
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3091
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static char * username
Definition: initdb.c:133
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4641
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3203 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3204 {
3205  Oid fdwid = PG_GETARG_OID(0);
3206  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3207  Oid roleid;
3208  AclMode mode;
3209  AclResult aclresult;
3210 
3211  roleid = GetUserId();
3212  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3213 
3215  PG_RETURN_NULL();
3216 
3217  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3218 
3219  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3220 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4716
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3289
Definition: c.h:556
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3251 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3252 {
3253  Oid roleid = PG_GETARG_OID(0);
3254  Oid fdwid = PG_GETARG_OID(1);
3255  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3256  AclMode mode;
3257  AclResult aclresult;
3258 
3259  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3260 
3262  PG_RETURN_NULL();
3263 
3264  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3265 
3266  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3267 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4716
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3289
Definition: c.h:556
#define PG_RETURN_NULL()
Definition: fmgr.h:335

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3228 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3229 {
3230  Oid roleid = PG_GETARG_OID(0);
3231  text *fdwname = PG_GETARG_TEXT_PP(1);
3232  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3233  Oid fdwid;
3234  AclMode mode;
3235  AclResult aclresult;
3236 
3237  fdwid = convert_foreign_data_wrapper_name(fdwname);
3238  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3239 
3240  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3241 
3242  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3243 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4716
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3277
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3289
Definition: c.h:556

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3152 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3153 {
3154  text *fdwname = PG_GETARG_TEXT_PP(0);
3155  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3156  Oid roleid;
3157  Oid fdwid;
3158  AclMode mode;
3159  AclResult aclresult;
3160 
3161  roleid = GetUserId();
3162  fdwid = convert_foreign_data_wrapper_name(fdwname);
3163  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3164 
3165  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3166 
3167  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3168 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid GetUserId(void)
Definition: miscinit.c:380
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4716
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3277
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3289
Definition: c.h:556

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3176 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

3177 {
3179  Oid fdwid = PG_GETARG_OID(1);
3180  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3181  Oid roleid;
3182  AclMode mode;
3183  AclResult aclresult;
3184 
3185  roleid = get_role_oid_or_public(NameStr(*username));
3186  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3187 
3189  PG_RETURN_NULL();
3190 
3191  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3192 
3193  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3194 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4716
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303
uint32 AclMode
Definition: parsenodes.h:72
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
Definition: c.h:610
#define PG_GETARG_OID(n)
Definition: fmgr.h:270
AclResult
Definition: acl.h:177
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:349
static char * username
Definition: initdb.c:133
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3289
#define NameStr(name)
Definition: c.h:616
Definition: c.h:556
#define PG_RETURN_NULL()
Definition: fmgr.h:335
#define PG_GETARG_NAME(n)
Definition: fmgr.h:273

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3126 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3127 {
3129  text *fdwname = PG_GETARG_TEXT_PP(1);
3130  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3131  Oid roleid;
3132  Oid fdwid;
3133  AclMode mode;
3134  AclResult aclresult;
3135 
3136  roleid = get_role_oid_or_public(NameStr(*username));
3137  fdwid = convert_foreign_data_wrapper_name(fdwname);
3138  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3139 
3140  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3141 
3142  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3143 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4716
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3277
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5201
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:303