PostgreSQL Source Code  git master
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_database.h"
#include "catalog/pg_parameter_acl.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/guc.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Enumerations

enum  RoleRecurseType { ROLERECURSE_PRIVS = 0 , ROLERECURSE_MEMBERS = 1 }
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_parameter_priv_string (text *priv_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
static bool has_param_priv_byname (Oid roleid, const text *parameter, AclMode priv)
 
Datum has_parameter_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_is_member_of (Oid roleid, enum RoleRecurseType type, Oid admin_of, bool *is_admin)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_role [] = {InvalidOid, InvalidOid}
 
static Listcached_roles [] = {NIL, NIL}
 
static uint32 cached_db_hash
 

Enumeration Type Documentation

◆ RoleRecurseType

Enumerator
ROLERECURSE_PRIVS 
ROLERECURSE_MEMBERS 

Definition at line 67 of file acl.c.

68 {
69  ROLERECURSE_PRIVS = 0, /* recurse if rolinherit */
70  ROLERECURSE_MEMBERS = 1 /* recurse unconditionally */
71 };
@ ROLERECURSE_PRIVS
Definition: acl.c:69
@ ROLERECURSE_MEMBERS
Definition: acl.c:70

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 422 of file acl.c.

423 {
424  Acl *result_acl;
425 
426  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
427 
428  memcpy(ACL_DAT(result_acl),
429  ACL_DAT(left_acl),
430  ACL_NUM(left_acl) * sizeof(AclItem));
431 
432  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
433  ACL_DAT(right_acl),
434  ACL_NUM(right_acl) * sizeof(AclItem));
435 
436  return result_acl;
437 }
static Acl * allocacl(int n)
Definition: acl.c:371
#define ACL_DAT(ACL)
Definition: acl.h:109
#define ACL_NUM(ACL)
Definition: acl.h:108
Definition: acl.h:55

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1546 of file acl.c.

1547 {
1548  Acl *acl = PG_GETARG_ACL_P(0);
1549  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1550  AclItem *aidat;
1551  int i,
1552  num;
1553 
1554  check_acl(acl);
1555  num = ACL_NUM(acl);
1556  aidat = ACL_DAT(acl);
1557  for (i = 0; i < num; ++i)
1558  {
1559  if (aip->ai_grantee == aidat[i].ai_grantee &&
1560  aip->ai_grantor == aidat[i].ai_grantor &&
1561  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1562  PG_RETURN_BOOL(true);
1563  }
1564  PG_RETURN_BOOL(false);
1565 }
static void check_acl(const Acl *acl)
Definition: acl.c:535
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
int i
Definition: isn.c:73
Oid ai_grantee
Definition: acl.h:56
Oid ai_grantor
Definition: acl.h:57

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 402 of file acl.c.

403 {
404  Acl *result_acl;
405 
406  result_acl = allocacl(ACL_NUM(orig_acl));
407 
408  memcpy(ACL_DAT(result_acl),
409  ACL_DAT(orig_acl),
410  ACL_NUM(orig_acl) * sizeof(AclItem));
411 
412  return result_acl;
413 }

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 743 of file acl.c.

744 {
745  AclMode world_default;
746  AclMode owner_default;
747  int nacl;
748  Acl *acl;
749  AclItem *aip;
750 
751  switch (objtype)
752  {
753  case OBJECT_COLUMN:
754  /* by default, columns have no extra privileges */
755  world_default = ACL_NO_RIGHTS;
756  owner_default = ACL_NO_RIGHTS;
757  break;
758  case OBJECT_TABLE:
759  world_default = ACL_NO_RIGHTS;
760  owner_default = ACL_ALL_RIGHTS_RELATION;
761  break;
762  case OBJECT_SEQUENCE:
763  world_default = ACL_NO_RIGHTS;
764  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
765  break;
766  case OBJECT_DATABASE:
767  /* for backwards compatibility, grant some rights by default */
768  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
769  owner_default = ACL_ALL_RIGHTS_DATABASE;
770  break;
771  case OBJECT_FUNCTION:
772  /* Grant EXECUTE by default, for now */
773  world_default = ACL_EXECUTE;
774  owner_default = ACL_ALL_RIGHTS_FUNCTION;
775  break;
776  case OBJECT_LANGUAGE:
777  /* Grant USAGE by default, for now */
778  world_default = ACL_USAGE;
779  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
780  break;
781  case OBJECT_LARGEOBJECT:
782  world_default = ACL_NO_RIGHTS;
783  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
784  break;
785  case OBJECT_SCHEMA:
786  world_default = ACL_NO_RIGHTS;
787  owner_default = ACL_ALL_RIGHTS_SCHEMA;
788  break;
789  case OBJECT_TABLESPACE:
790  world_default = ACL_NO_RIGHTS;
791  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
792  break;
793  case OBJECT_FDW:
794  world_default = ACL_NO_RIGHTS;
795  owner_default = ACL_ALL_RIGHTS_FDW;
796  break;
798  world_default = ACL_NO_RIGHTS;
799  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
800  break;
801  case OBJECT_DOMAIN:
802  case OBJECT_TYPE:
803  world_default = ACL_USAGE;
804  owner_default = ACL_ALL_RIGHTS_TYPE;
805  break;
807  world_default = ACL_NO_RIGHTS;
808  owner_default = ACL_ALL_RIGHTS_PARAMETER_ACL;
809  break;
810  default:
811  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
812  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
813  owner_default = ACL_NO_RIGHTS;
814  break;
815  }
816 
817  nacl = 0;
818  if (world_default != ACL_NO_RIGHTS)
819  nacl++;
820  if (owner_default != ACL_NO_RIGHTS)
821  nacl++;
822 
823  acl = allocacl(nacl);
824  aip = ACL_DAT(acl);
825 
826  if (world_default != ACL_NO_RIGHTS)
827  {
828  aip->ai_grantee = ACL_ID_PUBLIC;
829  aip->ai_grantor = ownerId;
830  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
831  aip++;
832  }
833 
834  /*
835  * Note that the owner's entry shows all ordinary privileges but no grant
836  * options. This is because his grant options come "from the system" and
837  * not from his own efforts. (The SQL spec says that the owner's rights
838  * come from a "_SYSTEM" authid.) However, we do consider that the
839  * owner's ordinary privileges are self-granted; this lets him revoke
840  * them. We implement the owner's grant options without any explicit
841  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
842  * wherever we are testing grant options.
843  */
844  if (owner_default != ACL_NO_RIGHTS)
845  {
846  aip->ai_grantee = ownerId;
847  aip->ai_grantor = ownerId;
848  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
849  }
850 
851  return acl;
852 }
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:163
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:169
#define ACL_ALL_RIGHTS_PARAMETER_ACL
Definition: acl.h:167
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:168
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:160
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:161
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:164
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:165
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:170
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:162
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:159
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:166
#define ERROR
Definition: elog.h:33
#define elog(elevel,...)
Definition: elog.h:218
#define ACL_CREATE_TEMP
Definition: parsenodes.h:92
#define ACL_USAGE
Definition: parsenodes.h:90
#define ACL_NO_RIGHTS
Definition: parsenodes.h:97
@ OBJECT_FDW
Definition: parsenodes.h:2150
@ OBJECT_SCHEMA
Definition: parsenodes.h:2170
@ OBJECT_DOMAIN
Definition: parsenodes.h:2146
@ OBJECT_COLUMN
Definition: parsenodes.h:2140
@ OBJECT_TABLESPACE
Definition: parsenodes.h:2176
@ OBJECT_LARGEOBJECT
Definition: parsenodes.h:2156
@ OBJECT_DATABASE
Definition: parsenodes.h:2143
@ OBJECT_SEQUENCE
Definition: parsenodes.h:2171
@ OBJECT_LANGUAGE
Definition: parsenodes.h:2155
@ OBJECT_FOREIGN_SERVER
Definition: parsenodes.h:2151
@ OBJECT_TABLE
Definition: parsenodes.h:2175
@ OBJECT_PARAMETER_ACL
Definition: parsenodes.h:2161
@ OBJECT_TYPE
Definition: parsenodes.h:2183
@ OBJECT_FUNCTION
Definition: parsenodes.h:2153
#define ACL_CONNECT
Definition: parsenodes.h:93
uint32 AclMode
Definition: parsenodes.h:80
#define ACL_EXECUTE
Definition: parsenodes.h:89

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_PARAMETER_ACL, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), buildDefaultACLCommands(), dumpACL(), dumpRoleGUCPrivs(), dumpTable(), dumpTablespaces(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Parameter(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask_ext(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 860 of file acl.c.

861 {
862  char objtypec = PG_GETARG_CHAR(0);
863  Oid owner = PG_GETARG_OID(1);
864  ObjectType objtype = 0;
865 
866  switch (objtypec)
867  {
868  case 'c':
869  objtype = OBJECT_COLUMN;
870  break;
871  case 'r':
872  objtype = OBJECT_TABLE;
873  break;
874  case 's':
875  objtype = OBJECT_SEQUENCE;
876  break;
877  case 'd':
878  objtype = OBJECT_DATABASE;
879  break;
880  case 'f':
881  objtype = OBJECT_FUNCTION;
882  break;
883  case 'l':
884  objtype = OBJECT_LANGUAGE;
885  break;
886  case 'L':
887  objtype = OBJECT_LARGEOBJECT;
888  break;
889  case 'n':
890  objtype = OBJECT_SCHEMA;
891  break;
892  case 'p':
893  objtype = OBJECT_PARAMETER_ACL;
894  break;
895  case 't':
896  objtype = OBJECT_TABLESPACE;
897  break;
898  case 'F':
899  objtype = OBJECT_FDW;
900  break;
901  case 'S':
902  objtype = OBJECT_FOREIGN_SERVER;
903  break;
904  case 'T':
905  objtype = OBJECT_TYPE;
906  break;
907  default:
908  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
909  }
910 
911  PG_RETURN_ACL_P(acldefault(objtype, owner));
912 }
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:743
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273
ObjectType
Definition: parsenodes.h:2133
unsigned int Oid
Definition: postgres_ext.h:31

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 504 of file acl.c.

505 {
506  /* Check for cases where one or both are empty/null */
507  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
508  {
509  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
510  return true;
511  else
512  return false;
513  }
514  else
515  {
516  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
517  return false;
518  }
519 
520  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
521  return false;
522 
523  if (memcmp(ACL_DAT(left_acl),
524  ACL_DAT(right_acl),
525  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
526  return true;
527 
528  return false;
529 }

References ACL_DAT, and ACL_NUM.

Referenced by ExecGrant_Parameter(), get_user_default_acl(), and SetDefaultACL().

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1747 of file acl.c.

1748 {
1749  Acl *acl = PG_GETARG_ACL_P(0);
1750  FuncCallContext *funcctx;
1751  int *idx;
1752  AclItem *aidat;
1753 
1754  if (SRF_IS_FIRSTCALL())
1755  {
1756  TupleDesc tupdesc;
1757  MemoryContext oldcontext;
1758 
1759  check_acl(acl);
1760 
1761  funcctx = SRF_FIRSTCALL_INIT();
1762  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1763 
1764  /*
1765  * build tupdesc for result tuples (matches out parameters in pg_proc
1766  * entry)
1767  */
1768  tupdesc = CreateTemplateTupleDesc(4);
1769  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1770  OIDOID, -1, 0);
1771  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1772  OIDOID, -1, 0);
1773  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1774  TEXTOID, -1, 0);
1775  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1776  BOOLOID, -1, 0);
1777 
1778  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1779 
1780  /* allocate memory for user context */
1781  idx = (int *) palloc(sizeof(int[2]));
1782  idx[0] = 0; /* ACL array item index */
1783  idx[1] = -1; /* privilege type counter */
1784  funcctx->user_fctx = (void *) idx;
1785 
1786  MemoryContextSwitchTo(oldcontext);
1787  }
1788 
1789  funcctx = SRF_PERCALL_SETUP();
1790  idx = (int *) funcctx->user_fctx;
1791  aidat = ACL_DAT(acl);
1792 
1793  /* need test here in case acl has no items */
1794  while (idx[0] < ACL_NUM(acl))
1795  {
1796  AclItem *aidata;
1797  AclMode priv_bit;
1798 
1799  idx[1]++;
1800  if (idx[1] == N_ACL_RIGHTS)
1801  {
1802  idx[1] = 0;
1803  idx[0]++;
1804  if (idx[0] >= ACL_NUM(acl)) /* done */
1805  break;
1806  }
1807  aidata = &aidat[idx[0]];
1808  priv_bit = 1 << idx[1];
1809 
1810  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1811  {
1812  Datum result;
1813  Datum values[4];
1814  bool nulls[4];
1815  HeapTuple tuple;
1816 
1817  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1818  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1820  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1821 
1822  MemSet(nulls, 0, sizeof(nulls));
1823 
1824  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1825  result = HeapTupleGetDatum(tuple);
1826 
1827  SRF_RETURN_NEXT(funcctx, result);
1828  }
1829  }
1830 
1831  SRF_RETURN_DONE(funcctx);
1832 }
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1693
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
int16 AttrNumber
Definition: attnum.h:21
static Datum values[MAXATTR]
Definition: bootstrap.c:156
#define CStringGetTextDatum(s)
Definition: builtins.h:85
#define MemSet(start, val, len)
Definition: c.h:1008
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2071
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:299
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:303
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:220
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:305
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:301
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:323
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
void * palloc(Size size)
Definition: mcxt.c:1068
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
#define N_ACL_RIGHTS
Definition: parsenodes.h:96
uintptr_t Datum
Definition: postgres.h:411
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
#define BoolGetDatum(X)
Definition: postgres.h:446
void * user_fctx
Definition: funcapi.h:82
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
TupleDesc tuple_desc
Definition: funcapi.h:112
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:45
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:583

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1526 of file acl.c.

1527 {
1528  ereport(ERROR,
1529  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1530  errmsg("aclinsert is no longer supported")));
1531 
1532  PG_RETURN_NULL(); /* keep compiler quiet */
1533 }
int errcode(int sqlerrcode)
Definition: elog.c:693
int errmsg(const char *fmt,...)
Definition: elog.c:904
#define ereport(elevel,...)
Definition: elog.h:143
#define PG_RETURN_NULL()
Definition: fmgr.h:345

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 688 of file acl.c.

689 {
692  bool result;
693 
694  result = a1->ai_privs == a2->ai_privs &&
695  a1->ai_grantee == a2->ai_grantee &&
696  a1->ai_grantor == a2->ai_grantor;
697  PG_RETURN_BOOL(result);
698 }
static const FormData_pg_attribute a1
Definition: heap.c:141
static const FormData_pg_attribute a2
Definition: heap.c:155

References a1, a2, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 653 of file acl.c.

654 {
655  return a1->ai_grantee == a2->ai_grantee &&
656  a1->ai_grantor == a2->ai_grantor;
657 }

References a1, and a2.

Referenced by aclnewowner(), and aclupdate().

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 664 of file acl.c.

665 {
666  const AclItem *a1 = (const AclItem *) arg1;
667  const AclItem *a2 = (const AclItem *) arg2;
668 
669  if (a1->ai_grantee > a2->ai_grantee)
670  return 1;
671  if (a1->ai_grantee < a2->ai_grantee)
672  return -1;
673  if (a1->ai_grantor > a2->ai_grantor)
674  return 1;
675  if (a1->ai_grantor < a2->ai_grantor)
676  return -1;
677  if (a1->ai_privs > a2->ai_privs)
678  return 1;
679  if (a1->ai_privs < a2->ai_privs)
680  return -1;
681  return 0;
682 }

References a1, and a2.

Referenced by aclitemsort().

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 560 of file acl.c.

561 {
562  const char *s = PG_GETARG_CSTRING(0);
563  AclItem *aip;
564 
565  aip = (AclItem *) palloc(sizeof(AclItem));
566  s = aclparse(s, aip);
567  while (isspace((unsigned char) *s))
568  ++s;
569  if (*s)
570  ereport(ERROR,
571  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
572  errmsg("extra garbage at the end of the ACL specification")));
573 
574  PG_RETURN_ACLITEM_P(aip);
575 }
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:235
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 586 of file acl.c.

587 {
588  AclItem *aip = PG_GETARG_ACLITEM_P(0);
589  char *p;
590  char *out;
591  HeapTuple htup;
592  unsigned i;
593 
594  out = palloc(strlen("=/") +
595  2 * N_ACL_RIGHTS +
596  2 * (2 * NAMEDATALEN + 2) +
597  1);
598 
599  p = out;
600  *p = '\0';
601 
602  if (aip->ai_grantee != ACL_ID_PUBLIC)
603  {
605  if (HeapTupleIsValid(htup))
606  {
607  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
608  ReleaseSysCache(htup);
609  }
610  else
611  {
612  /* Generate numeric OID if we don't find an entry */
613  sprintf(p, "%u", aip->ai_grantee);
614  }
615  }
616  while (*p)
617  ++p;
618 
619  *p++ = '=';
620 
621  for (i = 0; i < N_ACL_RIGHTS; ++i)
622  {
623  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
624  *p++ = ACL_ALL_RIGHTS_STR[i];
625  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
626  *p++ = '*';
627  }
628 
629  *p++ = '/';
630  *p = '\0';
631 
633  if (HeapTupleIsValid(htup))
634  {
635  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
636  ReleaseSysCache(htup);
637  }
638  else
639  {
640  /* Generate numeric OID if we don't find an entry */
641  sprintf(p, "%u", aip->ai_grantor);
642  }
643 
644  PG_RETURN_CSTRING(out);
645 }
static void putid(char *p, const char *s)
Definition: acl.c:186
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:153
#define NameStr(name)
Definition: c.h:681
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
#define GETSTRUCT(TUP)
Definition: htup_details.h:649
NameData rolname
Definition: pg_authid.h:34
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
#define NAMEDATALEN
#define sprintf
Definition: port.h:227
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1221
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1173
@ AUTHOID
Definition: syscache.h:45

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 490 of file acl.c.

491 {
492  if (acl != NULL && ACL_NUM(acl) > 1)
493  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
494 }
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:664
#define qsort(a, b, c, d)
Definition: port.h:495

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1322 of file acl.c.

1324 {
1325  AclMode result;
1327  AclItem *aidat;
1328  int i,
1329  num;
1330 
1331  /*
1332  * Null ACL should not happen, since caller should have inserted
1333  * appropriate default
1334  */
1335  if (acl == NULL)
1336  elog(ERROR, "null ACL");
1337 
1338  check_acl(acl);
1339 
1340  /* Quick exit for mask == 0 */
1341  if (mask == 0)
1342  return 0;
1343 
1344  result = 0;
1345 
1346  /* Owner always implicitly has all grant options */
1347  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1348  has_privs_of_role(roleid, ownerId))
1349  {
1350  result = mask & ACLITEM_ALL_GOPTION_BITS;
1351  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1352  return result;
1353  }
1354 
1355  num = ACL_NUM(acl);
1356  aidat = ACL_DAT(acl);
1357 
1358  /*
1359  * Check privileges granted directly to roleid or to public
1360  */
1361  for (i = 0; i < num; i++)
1362  {
1363  AclItem *aidata = &aidat[i];
1364 
1365  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1366  aidata->ai_grantee == roleid)
1367  {
1368  result |= aidata->ai_privs & mask;
1369  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1370  return result;
1371  }
1372  }
1373 
1374  /*
1375  * Check privileges granted indirectly via role memberships. We do this in
1376  * a separate pass to minimize expensive indirect membership tests. In
1377  * particular, it's worth testing whether a given ACL entry grants any
1378  * privileges still of interest before we perform the has_privs_of_role
1379  * test.
1380  */
1381  remaining = mask & ~result;
1382  for (i = 0; i < num; i++)
1383  {
1384  AclItem *aidata = &aidat[i];
1385 
1386  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1387  aidata->ai_grantee == roleid)
1388  continue; /* already checked it */
1389 
1390  if ((aidata->ai_privs & remaining) &&
1391  has_privs_of_role(roleid, aidata->ai_grantee))
1392  {
1393  result |= aidata->ai_privs & mask;
1394  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1395  return result;
1396  remaining = mask & ~result;
1397  }
1398  }
1399 
1400  return result;
1401 }
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4951
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
@ ACLMASK_ALL
Definition: acl.h:175
int remaining
Definition: informix.c:667
AclMode ai_privs
Definition: acl.h:58

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask_ext(), pg_class_aclmask_ext(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1411 of file acl.c.

1413 {
1414  AclMode result;
1415  AclItem *aidat;
1416  int i,
1417  num;
1418 
1419  /*
1420  * Null ACL should not happen, since caller should have inserted
1421  * appropriate default
1422  */
1423  if (acl == NULL)
1424  elog(ERROR, "null ACL");
1425 
1426  check_acl(acl);
1427 
1428  /* Quick exit for mask == 0 */
1429  if (mask == 0)
1430  return 0;
1431 
1432  result = 0;
1433 
1434  /* Owner always implicitly has all grant options */
1435  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1436  roleid == ownerId)
1437  {
1438  result = mask & ACLITEM_ALL_GOPTION_BITS;
1439  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1440  return result;
1441  }
1442 
1443  num = ACL_NUM(acl);
1444  aidat = ACL_DAT(acl);
1445 
1446  /*
1447  * Check privileges granted directly to roleid (and not to public)
1448  */
1449  for (i = 0; i < num; i++)
1450  {
1451  AclItem *aidata = &aidat[i];
1452 
1453  if (aidata->ai_grantee == roleid)
1454  {
1455  result |= aidata->ai_privs & mask;
1456  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1457  return result;
1458  }
1459  }
1460 
1461  return result;
1462 }

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1474 of file acl.c.

1475 {
1476  Oid *list;
1477  const AclItem *acldat;
1478  int i,
1479  j;
1480 
1481  if (acl == NULL || ACL_NUM(acl) == 0)
1482  {
1483  *roleids = NULL;
1484  return 0;
1485  }
1486 
1487  check_acl(acl);
1488 
1489  /* Allocate the worst-case space requirement */
1490  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1491  acldat = ACL_DAT(acl);
1492 
1493  /*
1494  * Walk the ACL collecting mentioned RoleIds.
1495  */
1496  j = 0;
1497  for (i = 0; i < ACL_NUM(acl); i++)
1498  {
1499  const AclItem *ai = &acldat[i];
1500 
1501  if (ai->ai_grantee != ACL_ID_PUBLIC)
1502  list[j++] = ai->ai_grantee;
1503  /* grantor is currently never PUBLIC, but let's check anyway */
1504  if (ai->ai_grantor != ACL_ID_PUBLIC)
1505  list[j++] = ai->ai_grantor;
1506  }
1507 
1508  /* Sort the array */
1509  qsort(list, j, sizeof(Oid), oid_cmp);
1510 
1511  /*
1512  * We could repalloc the array down to minimum size, but it's hardly worth
1513  * it since it's only transient memory.
1514  */
1515  *roleids = list;
1516 
1517  /* Remove duplicates from the array */
1518  return qunique(list, j, sizeof(Oid), oid_cmp);
1519 }
int j
Definition: isn.c:74
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, j, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Parameter(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), recordDependencyOnNewAcl(), and SetDefaultACL().

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 446 of file acl.c.

447 {
448  Acl *result_acl;
449  AclItem *aip;
450  int i,
451  num;
452 
453  /* Check for cases where one or both are empty/null */
454  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
455  {
456  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
457  return NULL;
458  else
459  return aclcopy(right_acl);
460  }
461  else
462  {
463  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
464  return aclcopy(left_acl);
465  }
466 
467  /* Merge them the hard way, one item at a time */
468  result_acl = aclcopy(left_acl);
469 
470  aip = ACL_DAT(right_acl);
471  num = ACL_NUM(right_acl);
472 
473  for (i = 0; i < num; i++, aip++)
474  {
475  Acl *tmp_acl;
476 
477  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
478  ownerId, DROP_RESTRICT);
479  pfree(result_acl);
480  result_acl = tmp_acl;
481  }
482 
483  return result_acl;
484 }
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:932
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:402
#define ACL_MODECHG_ADD
Definition: acl.h:129
void pfree(void *pointer)
Definition: mcxt.c:1175
@ DROP_RESTRICT
Definition: parsenodes.h:2207

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1053 of file acl.c.

1054 {
1055  Acl *new_acl;
1056  AclItem *new_aip;
1057  AclItem *old_aip;
1058  AclItem *dst_aip;
1059  AclItem *src_aip;
1060  AclItem *targ_aip;
1061  bool newpresent = false;
1062  int dst,
1063  src,
1064  targ,
1065  num;
1066 
1067  check_acl(old_acl);
1068 
1069  /*
1070  * Make a copy of the given ACL, substituting new owner ID for old
1071  * wherever it appears as either grantor or grantee. Also note if the new
1072  * owner ID is already present.
1073  */
1074  num = ACL_NUM(old_acl);
1075  old_aip = ACL_DAT(old_acl);
1076  new_acl = allocacl(num);
1077  new_aip = ACL_DAT(new_acl);
1078  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1079  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1080  {
1081  if (dst_aip->ai_grantor == oldOwnerId)
1082  dst_aip->ai_grantor = newOwnerId;
1083  else if (dst_aip->ai_grantor == newOwnerId)
1084  newpresent = true;
1085  if (dst_aip->ai_grantee == oldOwnerId)
1086  dst_aip->ai_grantee = newOwnerId;
1087  else if (dst_aip->ai_grantee == newOwnerId)
1088  newpresent = true;
1089  }
1090 
1091  /*
1092  * If the old ACL contained any references to the new owner, then we may
1093  * now have generated an ACL containing duplicate entries. Find them and
1094  * merge them so that there are not duplicates. (This is relatively
1095  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1096  * be the normal case.)
1097  *
1098  * To simplify deletion of duplicate entries, we temporarily leave them in
1099  * the array but set their privilege masks to zero; when we reach such an
1100  * entry it's just skipped. (Thus, a side effect of this code will be to
1101  * remove privilege-free entries, should there be any in the input.) dst
1102  * is the next output slot, targ is the currently considered input slot
1103  * (always >= dst), and src scans entries to the right of targ looking for
1104  * duplicates. Once an entry has been emitted to dst it is known
1105  * duplicate-free and need not be considered anymore.
1106  */
1107  if (newpresent)
1108  {
1109  dst = 0;
1110  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1111  {
1112  /* ignore if deleted in an earlier pass */
1113  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1114  continue;
1115  /* find and merge any duplicates */
1116  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1117  src++, src_aip++)
1118  {
1119  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1120  continue;
1121  if (aclitem_match(targ_aip, src_aip))
1122  {
1123  ACLITEM_SET_RIGHTS(*targ_aip,
1124  ACLITEM_GET_RIGHTS(*targ_aip) |
1125  ACLITEM_GET_RIGHTS(*src_aip));
1126  /* mark the duplicate deleted */
1127  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1128  }
1129  }
1130  /* and emit to output */
1131  new_aip[dst] = *targ_aip;
1132  dst++;
1133  }
1134  /* Adjust array size to be 'dst' items */
1135  ARR_DIMS(new_acl)[0] = dst;
1136  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1137  }
1138 
1139  return new_acl;
1140 }
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:653
#define ACL_N_SIZE(N)
Definition: acl.h:110
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
#define ARR_DIMS(a)
Definition: array.h:287
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:342

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 235 of file acl.c.

236 {
237  AclMode privs,
238  goption,
239  read;
240  char name[NAMEDATALEN];
241  char name2[NAMEDATALEN];
242 
243  Assert(s && aip);
244 
245  s = getid(s, name);
246  if (*s != '=')
247  {
248  /* we just read a keyword, not a name */
249  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
250  ereport(ERROR,
251  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
252  errmsg("unrecognized key word: \"%s\"", name),
253  errhint("ACL key word must be \"group\" or \"user\".")));
254  s = getid(s, name); /* move s to the name beyond the keyword */
255  if (name[0] == '\0')
256  ereport(ERROR,
257  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
258  errmsg("missing name"),
259  errhint("A name must follow the \"group\" or \"user\" key word.")));
260  }
261 
262  if (*s != '=')
263  ereport(ERROR,
264  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
265  errmsg("missing \"=\" sign")));
266 
267  privs = goption = ACL_NO_RIGHTS;
268 
269  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
270  {
271  switch (*s)
272  {
273  case '*':
274  goption |= read;
275  break;
276  case ACL_INSERT_CHR:
277  read = ACL_INSERT;
278  break;
279  case ACL_SELECT_CHR:
280  read = ACL_SELECT;
281  break;
282  case ACL_UPDATE_CHR:
283  read = ACL_UPDATE;
284  break;
285  case ACL_DELETE_CHR:
286  read = ACL_DELETE;
287  break;
288  case ACL_TRUNCATE_CHR:
289  read = ACL_TRUNCATE;
290  break;
291  case ACL_REFERENCES_CHR:
293  break;
294  case ACL_TRIGGER_CHR:
295  read = ACL_TRIGGER;
296  break;
297  case ACL_EXECUTE_CHR:
298  read = ACL_EXECUTE;
299  break;
300  case ACL_USAGE_CHR:
301  read = ACL_USAGE;
302  break;
303  case ACL_CREATE_CHR:
304  read = ACL_CREATE;
305  break;
306  case ACL_CREATE_TEMP_CHR:
308  break;
309  case ACL_CONNECT_CHR:
310  read = ACL_CONNECT;
311  break;
312  case ACL_SET_CHR:
313  read = ACL_SET;
314  break;
317  break;
318  case 'R': /* ignore old RULE privileges */
319  read = 0;
320  break;
321  default:
322  ereport(ERROR,
323  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
324  errmsg("invalid mode character: must be one of \"%s\"",
326  }
327 
328  privs |= read;
329  }
330 
331  if (name[0] == '\0')
332  aip->ai_grantee = ACL_ID_PUBLIC;
333  else
334  aip->ai_grantee = get_role_oid(name, false);
335 
336  /*
337  * XXX Allow a degree of backward compatibility by defaulting the grantor
338  * to the superuser.
339  */
340  if (*s == '/')
341  {
342  s = getid(s + 1, name2);
343  if (name2[0] == '\0')
344  ereport(ERROR,
345  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
346  errmsg("a name must follow the \"/\" sign")));
347  aip->ai_grantor = get_role_oid(name2, false);
348  }
349  else
350  {
351  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
353  (errcode(ERRCODE_INVALID_GRANTOR),
354  errmsg("defaulting grantor to user ID %u",
355  BOOTSTRAP_SUPERUSERID)));
356  }
357 
358  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
359 
360  return s;
361 }
static const char * getid(const char *s, char *n)
Definition: acl.c:134
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5177
#define ACL_CREATE_CHR
Definition: acl.h:146
#define ACL_SET_CHR
Definition: acl.h:149
#define ACL_REFERENCES_CHR
Definition: acl.h:142
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
#define ACL_SELECT_CHR
Definition: acl.h:138
#define ACL_EXECUTE_CHR
Definition: acl.h:144
#define ACL_DELETE_CHR
Definition: acl.h:140
#define ACL_INSERT_CHR
Definition: acl.h:137
#define ACL_UPDATE_CHR
Definition: acl.h:139
#define ACL_ALTER_SYSTEM_CHR
Definition: acl.h:150
#define ACL_USAGE_CHR
Definition: acl.h:145
#define ACL_CONNECT_CHR
Definition: acl.h:148
#define ACL_TRIGGER_CHR
Definition: acl.h:143
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
int errhint(const char *fmt,...)
Definition: elog.c:1151
#define WARNING
Definition: elog.h:30
const char * name
Definition: encode.c:561
#define read(a, b, c)
Definition: win32.h:13
Assert(fmt[strlen(fmt) - 1] !='\n')
#define ACL_SET
Definition: parsenodes.h:94
#define ACL_DELETE
Definition: parsenodes.h:85
#define ACL_INSERT
Definition: parsenodes.h:82
#define ACL_UPDATE
Definition: parsenodes.h:84
#define ACL_ALTER_SYSTEM
Definition: parsenodes.h:95
#define ACL_REFERENCES
Definition: parsenodes.h:87
#define ACL_SELECT
Definition: parsenodes.h:83
#define ACL_TRUNCATE
Definition: parsenodes.h:86
#define ACL_CREATE
Definition: parsenodes.h:91
#define ACL_TRIGGER
Definition: parsenodes.h:88

References ACL_ALL_RIGHTS_STR, ACL_ALTER_SYSTEM, ACL_ALTER_SYSTEM_CHR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_SET, ACL_SET_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert(), ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1536 of file acl.c.

1537 {
1538  ereport(ERROR,
1539  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1540  errmsg("aclremove is no longer supported")));
1541 
1542  PG_RETURN_NULL(); /* keep compiler quiet */
1543 }

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 932 of file acl.c.

934 {
935  Acl *new_acl = NULL;
936  AclItem *old_aip,
937  *new_aip = NULL;
938  AclMode old_rights,
939  old_goptions,
940  new_rights,
941  new_goptions;
942  int dst,
943  num;
944 
945  /* Caller probably already checked old_acl, but be safe */
946  check_acl(old_acl);
947 
948  /* If granting grant options, check for circularity */
949  if (modechg != ACL_MODECHG_DEL &&
950  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
951  check_circularity(old_acl, mod_aip, ownerId);
952 
953  num = ACL_NUM(old_acl);
954  old_aip = ACL_DAT(old_acl);
955 
956  /*
957  * Search the ACL for an existing entry for this grantee and grantor. If
958  * one exists, just modify the entry in-place (well, in the same position,
959  * since we actually return a copy); otherwise, insert the new entry at
960  * the end.
961  */
962 
963  for (dst = 0; dst < num; ++dst)
964  {
965  if (aclitem_match(mod_aip, old_aip + dst))
966  {
967  /* found a match, so modify existing item */
968  new_acl = allocacl(num);
969  new_aip = ACL_DAT(new_acl);
970  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
971  break;
972  }
973  }
974 
975  if (dst == num)
976  {
977  /* need to append a new item */
978  new_acl = allocacl(num + 1);
979  new_aip = ACL_DAT(new_acl);
980  memcpy(new_aip, old_aip, num * sizeof(AclItem));
981 
982  /* initialize the new entry with no permissions */
983  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
984  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
985  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
987  num++; /* set num to the size of new_acl */
988  }
989 
990  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
991  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
992 
993  /* apply the specified permissions change */
994  switch (modechg)
995  {
996  case ACL_MODECHG_ADD:
997  ACLITEM_SET_RIGHTS(new_aip[dst],
998  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
999  break;
1000  case ACL_MODECHG_DEL:
1001  ACLITEM_SET_RIGHTS(new_aip[dst],
1002  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1003  break;
1004  case ACL_MODECHG_EQL:
1005  ACLITEM_SET_RIGHTS(new_aip[dst],
1006  ACLITEM_GET_RIGHTS(*mod_aip));
1007  break;
1008  }
1009 
1010  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1011  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1012 
1013  /*
1014  * If the adjusted entry has no permissions, delete it from the list.
1015  */
1016  if (new_rights == ACL_NO_RIGHTS)
1017  {
1018  memmove(new_aip + dst,
1019  new_aip + dst + 1,
1020  (num - dst - 1) * sizeof(AclItem));
1021  /* Adjust array size to be 'num - 1' items */
1022  ARR_DIMS(new_acl)[0] = num - 1;
1023  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1024  }
1025 
1026  /*
1027  * Remove abandoned privileges (cascading revoke). Currently we can only
1028  * handle this when the grantee is not PUBLIC.
1029  */
1030  if ((old_goptions & ~new_goptions) != 0)
1031  {
1032  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1033  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1034  (old_goptions & ~new_goptions),
1035  ownerId, behavior);
1036  }
1037 
1038  return new_acl;
1039 }
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1236
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1156
#define ACL_SIZE(ACL)
Definition: acl.h:111
#define ACL_MODECHG_DEL
Definition: acl.h:130
#define ACL_MODECHG_EQL
Definition: acl.h:131

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert(), check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 371 of file acl.c.

372 {
373  Acl *new_acl;
374  Size size;
375 
376  if (n < 0)
377  elog(ERROR, "invalid size: %d", n);
378  size = ACL_N_SIZE(n);
379  new_acl = (Acl *) palloc0(size);
380  SET_VARSIZE(new_acl, size);
381  new_acl->ndim = 1;
382  new_acl->dataoffset = 0; /* we never put in any nulls */
383  new_acl->elemtype = ACLITEMOID;
384  ARR_LBOUND(new_acl)[0] = 1;
385  ARR_DIMS(new_acl)[0] = n;
386  return new_acl;
387 }
#define ARR_LBOUND(a)
Definition: array.h:289
size_t Size
Definition: c.h:540
void * palloc0(Size size)
Definition: mcxt.c:1099
Oid elemtype
Definition: array.h:90
int ndim
Definition: array.h:88
int32 dataoffset
Definition: array.h:89

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 535 of file acl.c.

536 {
537  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
538  ereport(ERROR,
539  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
540  errmsg("ACL array contains wrong data type")));
541  if (ARR_NDIM(acl) != 1)
542  ereport(ERROR,
543  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
544  errmsg("ACL arrays must be one-dimensional")));
545  if (ARR_HASNULL(acl))
546  ereport(ERROR,
547  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
548  errmsg("ACL arrays must not contain null values")));
549 }
#define ARR_NDIM(a)
Definition: array.h:283
#define ARR_ELEMTYPE(a)
Definition: array.h:285
#define ARR_HASNULL(a)
Definition: array.h:284

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1156 of file acl.c.

1158 {
1159  Acl *acl;
1160  AclItem *aip;
1161  int i,
1162  num;
1163  AclMode own_privs;
1164 
1165  check_acl(old_acl);
1166 
1167  /*
1168  * For now, grant options can only be granted to roles, not PUBLIC.
1169  * Otherwise we'd have to work a bit harder here.
1170  */
1171  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1172 
1173  /* The owner always has grant options, no need to check */
1174  if (mod_aip->ai_grantor == ownerId)
1175  return;
1176 
1177  /* Make a working copy */
1178  acl = allocacl(ACL_NUM(old_acl));
1179  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1180 
1181  /* Zap all grant options of target grantee, plus what depends on 'em */
1182 cc_restart:
1183  num = ACL_NUM(acl);
1184  aip = ACL_DAT(acl);
1185  for (i = 0; i < num; i++)
1186  {
1187  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1189  {
1190  Acl *new_acl;
1191 
1192  /* We'll actually zap ordinary privs too, but no matter */
1193  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1194  ownerId, DROP_CASCADE);
1195 
1196  pfree(acl);
1197  acl = new_acl;
1198 
1199  goto cc_restart;
1200  }
1201  }
1202 
1203  /* Now we can compute grantor's independently-derived privileges */
1204  own_privs = aclmask(acl,
1205  mod_aip->ai_grantor,
1206  ownerId,
1208  ACLMASK_ALL);
1209  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1210 
1211  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1212  ereport(ERROR,
1213  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1214  errmsg("grant options cannot be granted back to your own grantor")));
1215 
1216  pfree(acl);
1217 }
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1322
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
@ DROP_CASCADE
Definition: parsenodes.h:2208

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert(), check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

◆ check_is_member_of_role()

void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 5003 of file acl.c.

5004 {
5005  if (!is_member_of_role(member, role))
5006  ereport(ERROR,
5007  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
5008  errmsg("must be member of role \"%s\"",
5009  GetUserNameFromId(role, false))));
5010 }
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4979
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:913

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5318 of file acl.c.

5319 {
5320  if (!role)
5321  return;
5322 
5323  if (role->roletype != ROLESPEC_CSTRING)
5324  return;
5325 
5326  if (IsReservedName(role->rolename))
5327  {
5328  if (detail_msg)
5329  ereport(ERROR,
5330  (errcode(ERRCODE_RESERVED_NAME),
5331  errmsg("role name \"%s\" is reserved",
5332  role->rolename),
5333  errdetail("%s", detail_msg)));
5334  else
5335  ereport(ERROR,
5336  (errcode(ERRCODE_RESERVED_NAME),
5337  errmsg("role name \"%s\" is reserved",
5338  role->rolename)));
5339  }
5340 }
bool IsReservedName(const char *name)
Definition: catalog.c:219
int errdetail(const char *fmt,...)
Definition: elog.c:1037
@ ROLESPEC_CSTRING
Definition: parsenodes.h:348
RoleSpecType roletype
Definition: parsenodes.h:358
char * rolename
Definition: parsenodes.h:359

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2467 of file acl.c.

2469 {
2470  AclResult aclresult;
2471  bool is_missing = false;
2472 
2473  /*
2474  * If convert_column_name failed, we can just return -1 immediately.
2475  */
2476  if (attnum == InvalidAttrNumber)
2477  return -1;
2478 
2479  /*
2480  * Check for column-level privileges first. This serves in part as a check
2481  * on whether the column even exists, so we need to do it before checking
2482  * table-level privilege.
2483  */
2484  aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
2485  mode, &is_missing);
2486  if (aclresult == ACLCHECK_OK)
2487  return 1;
2488  else if (is_missing)
2489  return -1;
2490 
2491  /* Next check if we have the privilege at the table level */
2492  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2493  if (aclresult == ACLCHECK_OK)
2494  return 1;
2495  else if (is_missing)
2496  return -1;
2497  else
2498  return 0;
2499 }
AclResult
Definition: acl.h:181
@ ACLCHECK_OK
Definition: acl.h:182
AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:5019
AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:4892
#define InvalidAttrNumber
Definition: attnum.h:23
int16 attnum
Definition: pg_attribute.h:83
static PgChecksumMode mode
Definition: pg_checksums.c:65

References ACLCHECK_OK, attnum, InvalidAttrNumber, mode, pg_attribute_aclcheck_ext(), and pg_class_aclcheck_ext().

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1693 of file acl.c.

1694 {
1695  switch (aclright)
1696  {
1697  case ACL_INSERT:
1698  return "INSERT";
1699  case ACL_SELECT:
1700  return "SELECT";
1701  case ACL_UPDATE:
1702  return "UPDATE";
1703  case ACL_DELETE:
1704  return "DELETE";
1705  case ACL_TRUNCATE:
1706  return "TRUNCATE";
1707  case ACL_REFERENCES:
1708  return "REFERENCES";
1709  case ACL_TRIGGER:
1710  return "TRIGGER";
1711  case ACL_EXECUTE:
1712  return "EXECUTE";
1713  case ACL_USAGE:
1714  return "USAGE";
1715  case ACL_CREATE:
1716  return "CREATE";
1717  case ACL_CREATE_TEMP:
1718  return "TEMPORARY";
1719  case ACL_CONNECT:
1720  return "CONNECT";
1721  case ACL_SET:
1722  return "SET";
1723  case ACL_ALTER_SYSTEM:
1724  return "ALTER SYSTEM";
1725  default:
1726  elog(ERROR, "unrecognized aclright: %d", aclright);
1727  return NULL;
1728  }
1729 }

References ACL_ALTER_SYSTEM, ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_SET, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1645 of file acl.c.

1647 {
1648  AclMode result = 0;
1649  char *priv_type = text_to_cstring(priv_type_text);
1650  char *chunk;
1651  char *next_chunk;
1652 
1653  /* We rely on priv_type being a private, modifiable string */
1654  for (chunk = priv_type; chunk; chunk = next_chunk)
1655  {
1656  int chunk_len;
1657  const priv_map *this_priv;
1658 
1659  /* Split string at commas */
1660  next_chunk = strchr(chunk, ',');
1661  if (next_chunk)
1662  *next_chunk++ = '\0';
1663 
1664  /* Drop leading/trailing whitespace in this chunk */
1665  while (*chunk && isspace((unsigned char) *chunk))
1666  chunk++;
1667  chunk_len = strlen(chunk);
1668  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1669  chunk_len--;
1670  chunk[chunk_len] = '\0';
1671 
1672  /* Match to the privileges list */
1673  for (this_priv = privileges; this_priv->name; this_priv++)
1674  {
1675  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1676  {
1677  result |= this_priv->value;
1678  break;
1679  }
1680  }
1681  if (!this_priv->name)
1682  ereport(ERROR,
1683  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1684  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1685  }
1686 
1687  pfree(priv_type);
1688  return result;
1689 }
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
Definition: acl.c:48
const char * name
Definition: acl.c:49
AclMode value
Definition: acl.c:50
char * text_to_cstring(const text *t)
Definition: varlena.c:221

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_parameter_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2827 of file acl.c.

2828 {
2829  char *colname;
2830  HeapTuple attTuple;
2832 
2833  colname = text_to_cstring(column);
2834 
2835  /*
2836  * We don't use get_attnum() here because it will report that dropped
2837  * columns don't exist. We need to treat dropped columns differently from
2838  * nonexistent columns.
2839  */
2840  attTuple = SearchSysCache2(ATTNAME,
2841  ObjectIdGetDatum(tableoid),
2842  CStringGetDatum(colname));
2843  if (HeapTupleIsValid(attTuple))
2844  {
2845  Form_pg_attribute attributeForm;
2846 
2847  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2848  /* We want to return NULL for dropped columns */
2849  if (attributeForm->attisdropped)
2851  else
2852  attnum = attributeForm->attnum;
2853  ReleaseSysCache(attTuple);
2854  }
2855  else
2856  {
2857  char *tablename = get_rel_name(tableoid);
2858 
2859  /*
2860  * If the table OID is bogus, or it's just been dropped, we'll get
2861  * NULL back. In such cases we want has_column_privilege to return
2862  * NULL too, so just return InvalidAttrNumber.
2863  */
2864  if (tablename != NULL)
2865  {
2866  /* tableoid exists, colname does not, so throw error */
2867  ereport(ERROR,
2868  (errcode(ERRCODE_UNDEFINED_COLUMN),
2869  errmsg("column \"%s\" of relation \"%s\" does not exist",
2870  colname, tablename)));
2871  }
2872  /* tableoid doesn't exist, so act like attisdropped case */
2874  }
2875 
2876  pfree(colname);
2877  return attnum;
2878 }
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1909
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:207
#define CStringGetDatum(X)
Definition: postgres.h:622
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1184
@ ATTNAME
Definition: syscache.h:40

References ATTNAME, attnum, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum, pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2885 of file acl.c.

2886 {
2887  static const priv_map column_priv_map[] = {
2888  {"SELECT", ACL_SELECT},
2889  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2890  {"INSERT", ACL_INSERT},
2891  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2892  {"UPDATE", ACL_UPDATE},
2893  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2894  {"REFERENCES", ACL_REFERENCES},
2895  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2896  {NULL, 0}
2897  };
2898 
2899  return convert_any_priv_string(priv_type_text, column_priv_map);
2900 }
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1645

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3070 of file acl.c.

3071 {
3072  char *dbname = text_to_cstring(databasename);
3073 
3074  return get_database_oid(dbname, false);
3075 }
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2947
char * dbname
Definition: streamutil.c:51

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3082 of file acl.c.

3083 {
3084  static const priv_map database_priv_map[] = {
3085  {"CREATE", ACL_CREATE},
3086  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3087  {"TEMPORARY", ACL_CREATE_TEMP},
3088  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3089  {"TEMP", ACL_CREATE_TEMP},
3090  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3091  {"CONNECT", ACL_CONNECT},
3092  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3093  {NULL, 0}
3094  };
3095 
3096  return convert_any_priv_string(priv_type_text, database_priv_map);
3097 }

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3267 of file acl.c.

3268 {
3269  char *fdwstr = text_to_cstring(fdwname);
3270 
3271  return get_foreign_data_wrapper_oid(fdwstr, false);
3272 }
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:659

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3279 of file acl.c.

3280 {
3281  static const priv_map foreign_data_wrapper_priv_map[] = {
3282  {"USAGE", ACL_USAGE},
3283  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3284  {NULL, 0}
3285  };
3286 
3287  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3288 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3458 of file acl.c.

3459 {
3460  char *funcname = text_to_cstring(functionname);
3461  Oid oid;
3462 
3464  CStringGetDatum(funcname)));
3465 
3466  if (!OidIsValid(oid))
3467  ereport(ERROR,
3468  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3469  errmsg("function \"%s\" does not exist", funcname)));
3470 
3471  return oid;
3472 }
#define OidIsValid(objectId)
Definition: c.h:710
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:631
#define DatumGetObjectId(X)
Definition: postgres.h:544
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:230

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3479 of file acl.c.

3480 {
3481  static const priv_map function_priv_map[] = {
3482  {"EXECUTE", ACL_EXECUTE},
3483  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3484  {NULL, 0}
3485  };
3486 
3487  return convert_any_priv_string(priv_type_text, function_priv_map);
3488 }

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3658 of file acl.c.

3659 {
3660  char *langname = text_to_cstring(languagename);
3661 
3662  return get_language_oid(langname, false);
3663 }
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:228

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3670 of file acl.c.

3671 {
3672  static const priv_map language_priv_map[] = {
3673  {"USAGE", ACL_USAGE},
3674  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3675  {NULL, 0}
3676  };
3677 
3678  return convert_any_priv_string(priv_type_text, language_priv_map);
3679 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

◆ convert_parameter_priv_string()

static AclMode convert_parameter_priv_string ( text priv_text)
static

Definition at line 4533 of file acl.c.

4534 {
4535  static const priv_map parameter_priv_map[] = {
4536  {"SET", ACL_SET},
4537  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SET)},
4538  {"ALTER SYSTEM", ACL_ALTER_SYSTEM},
4539  {"ALTER SYSTEM WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_ALTER_SYSTEM)},
4540  {NULL, 0}
4541  };
4542 
4543  return convert_any_priv_string(priv_text, parameter_priv_map);
4544 }

References ACL_ALTER_SYSTEM, ACL_GRANT_OPTION_FOR, ACL_SET, and convert_any_priv_string().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ convert_priv_string()

static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1591 of file acl.c.

1592 {
1593  char *priv_type = text_to_cstring(priv_type_text);
1594 
1595  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1596  return ACL_SELECT;
1597  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1598  return ACL_INSERT;
1599  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1600  return ACL_UPDATE;
1601  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1602  return ACL_DELETE;
1603  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1604  return ACL_TRUNCATE;
1605  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1606  return ACL_REFERENCES;
1607  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1608  return ACL_TRIGGER;
1609  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1610  return ACL_EXECUTE;
1611  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1612  return ACL_USAGE;
1613  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1614  return ACL_CREATE;
1615  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1616  return ACL_CREATE_TEMP;
1617  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1618  return ACL_CREATE_TEMP;
1619  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1620  return ACL_CONNECT;
1621  if (pg_strcasecmp(priv_type, "SET") == 0)
1622  return ACL_SET;
1623  if (pg_strcasecmp(priv_type, "ALTER SYSTEM") == 0)
1624  return ACL_ALTER_SYSTEM;
1625  if (pg_strcasecmp(priv_type, "RULE") == 0)
1626  return 0; /* ignore old RULE privileges */
1627 
1628  ereport(ERROR,
1629  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1630  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1631  return ACL_NO_RIGHTS; /* keep compiler quiet */
1632 }

References ACL_ALTER_SYSTEM, ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_SET, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4711 of file acl.c.

4712 {
4713  static const priv_map role_priv_map[] = {
4714  {"USAGE", ACL_USAGE},
4715  {"MEMBER", ACL_CREATE},
4716  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4717  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4718  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4719  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4720  {NULL, 0}
4721  };
4722 
4723  return convert_any_priv_string(priv_type_text, role_priv_map);
4724 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3849 of file acl.c.

3850 {
3851  char *nspname = text_to_cstring(schemaname);
3852 
3853  return get_namespace_oid(nspname, false);
3854 }
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3089

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3861 of file acl.c.

3862 {
3863  static const priv_map schema_priv_map[] = {
3864  {"CREATE", ACL_CREATE},
3865  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3866  {"USAGE", ACL_USAGE},
3867  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3868  {NULL, 0}
3869  };
3870 
3871  return convert_any_priv_string(priv_type_text, schema_priv_map);
3872 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2242 of file acl.c.

2243 {
2244  static const priv_map sequence_priv_map[] = {
2245  {"USAGE", ACL_USAGE},
2246  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2247  {"SELECT", ACL_SELECT},
2248  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2249  {"UPDATE", ACL_UPDATE},
2250  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2251  {NULL, 0}
2252  };
2253 
2254  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2255 }

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4042 of file acl.c.

4043 {
4044  char *serverstr = text_to_cstring(servername);
4045 
4046  return get_foreign_server_oid(serverstr, false);
4047 }
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:682

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4054 of file acl.c.

4055 {
4056  static const priv_map server_priv_map[] = {
4057  {"USAGE", ACL_USAGE},
4058  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4059  {NULL, 0}
4060  };
4061 
4062  return convert_any_priv_string(priv_type_text, server_priv_map);
4063 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2019 of file acl.c.

2020 {
2021  static const priv_map table_priv_map[] = {
2022  {"SELECT", ACL_SELECT},
2023  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2024  {"INSERT", ACL_INSERT},
2025  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2026  {"UPDATE", ACL_UPDATE},
2027  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2028  {"DELETE", ACL_DELETE},
2029  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2030  {"TRUNCATE", ACL_TRUNCATE},
2031  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2032  {"REFERENCES", ACL_REFERENCES},
2033  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2034  {"TRIGGER", ACL_TRIGGER},
2035  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2036  {"RULE", 0}, /* ignore old RULE privileges */
2037  {"RULE WITH GRANT OPTION", 0},
2038  {NULL, 0}
2039  };
2040 
2041  return convert_any_priv_string(priv_type_text, table_priv_map);
2042 }

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4233 of file acl.c.

4234 {
4235  char *spcname = text_to_cstring(tablespacename);
4236 
4237  return get_tablespace_oid(spcname, false);
4238 }
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1474

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4245 of file acl.c.

4246 {
4247  static const priv_map tablespace_priv_map[] = {
4248  {"CREATE", ACL_CREATE},
4249  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4250  {NULL, 0}
4251  };
4252 
4253  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4254 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4423 of file acl.c.

4424 {
4425  char *typname = text_to_cstring(typename);
4426  Oid oid;
4427 
4430 
4431  if (!OidIsValid(oid))
4432  ereport(ERROR,
4433  (errcode(ERRCODE_UNDEFINED_OBJECT),
4434  errmsg("type \"%s\" does not exist", typname)));
4435 
4436  return oid;
4437 }
NameData typname
Definition: pg_type.h:41
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1251

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4444 of file acl.c.

4445 {
4446  static const priv_map type_priv_map[] = {
4447  {"USAGE", ACL_USAGE},
4448  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4449  {NULL, 0}
4450  };
4451 
4452  return convert_any_priv_string(priv_type_text, type_priv_map);
4453 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5061 of file acl.c.

5062 {
5063  int nbits = 0;
5064 
5065  /* this code relies on AclMode being an unsigned type */
5066  while (mask)
5067  {
5068  if (mask & 1)
5069  nbits++;
5070  mask >>= 1;
5071  }
5072  return nbits;
5073 }

Referenced by select_best_grantor().

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5177 of file acl.c.

5178 {
5179  Oid oid;
5180 
5181  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5183  if (!OidIsValid(oid) && !missing_ok)
5184  ereport(ERROR,
5185  (errcode(ERRCODE_UNDEFINED_OBJECT),
5186  errmsg("role \"%s\" does not exist", rolname)));
5187  return oid;
5188 }
@ AUTHNAME
Definition: syscache.h:44
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:197

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, OidIsValid, and rolname.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), shell_check_detail(), and to_regrole().

◆ get_role_oid_or_public()

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5296 of file acl.c.

5297 {
5298  HeapTuple tp;
5299  Form_pg_authid authForm;
5300  char *rolename;
5301 
5302  tp = get_rolespec_tuple(role);
5303  authForm = (Form_pg_authid) GETSTRUCT(tp);
5304  rolename = pstrdup(NameStr(authForm->rolname));
5305  ReleaseSysCache(tp);
5306 
5307  return rolename;
5308 }
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5250
char * pstrdup(const char *in)
Definition: mcxt.c:1305

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5211 of file acl.c.

5212 {
5213  Oid oid;
5214 
5215  switch (role->roletype)
5216  {
5217  case ROLESPEC_CSTRING:
5218  Assert(role->rolename);
5219  oid = get_role_oid(role->rolename, missing_ok);
5220  break;
5221 
5222  case ROLESPEC_CURRENT_ROLE:
5223  case ROLESPEC_CURRENT_USER:
5224  oid = GetUserId();
5225  break;
5226 
5227  case ROLESPEC_SESSION_USER:
5228  oid = GetSessionUserId();
5229  break;
5230 
5231  case ROLESPEC_PUBLIC:
5232  ereport(ERROR,
5233  (errcode(ERRCODE_UNDEFINED_OBJECT),
5234  errmsg("role \"%s\" does not exist", "public")));
5235  oid = InvalidOid; /* make compiler happy */
5236  break;
5237 
5238  default:
5239  elog(ERROR, "unexpected role type %d", role->roletype);
5240  }
5241 
5242  return oid;
5243 }
Oid GetUserId(void)
Definition: miscinit.c:492
Oid GetSessionUserId(void)
Definition: miscinit.c:526
@ ROLESPEC_CURRENT_USER
Definition: parsenodes.h:350
@ ROLESPEC_SESSION_USER
Definition: parsenodes.h:351
@ ROLESPEC_CURRENT_ROLE
Definition: parsenodes.h:349
@ ROLESPEC_PUBLIC
Definition: parsenodes.h:352
#define InvalidOid
Definition: postgres_ext.h:36

References Assert(), elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5250 of file acl.c.

5251 {
5252  HeapTuple tuple;
5253 
5254  switch (role->roletype)
5255  {
5256  case ROLESPEC_CSTRING:
5257  Assert(role->rolename);
5259  if (!HeapTupleIsValid(tuple))
5260  ereport(ERROR,
5261  (errcode(ERRCODE_UNDEFINED_OBJECT),
5262  errmsg("role \"%s\" does not exist", role->rolename)));
5263  break;
5264 
5265  case ROLESPEC_CURRENT_ROLE:
5266  case ROLESPEC_CURRENT_USER:
5267  tuple = SearchSysCache1(AUTHOID, GetUserId());
5268  if (!HeapTupleIsValid(tuple))
5269  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5270  break;
5271 
5272  case ROLESPEC_SESSION_USER:
5274  if (!HeapTupleIsValid(tuple))
5275  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5276  break;
5277 
5278  case ROLESPEC_PUBLIC:
5279  ereport(ERROR,
5280  (errcode(ERRCODE_UNDEFINED_OBJECT),
5281  errmsg("role \"%s\" does not exist", "public")));
5282  tuple = NULL; /* make compiler happy */
5283  break;
5284 
5285  default:
5286  elog(ERROR, "unexpected role type %d", role->roletype);
5287  }
5288 
5289  return tuple;
5290 }

References Assert(), AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

◆ getid()

static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 134 of file acl.c.

135 {
136  int len = 0;
137  bool in_quotes = false;
138 
139  Assert(s && n);
140 
141  while (isspace((unsigned char) *s))
142  s++;
143  /* This code had better match what putid() does, below */
144  for (;
145  *s != '\0' &&
146  (isalnum((unsigned char) *s) ||
147  *s == '_' ||
148  *s == '"' ||
149  in_quotes);
150  s++)
151  {
152  if (*s == '"')
153  {
154  /* safe to look at next char (could be '\0' though) */
155  if (*(s + 1) != '"')
156  {
157  in_quotes = !in_quotes;
158  continue;
159  }
160  /* it's an escaped double quote; skip the escaping char */
161  s++;
162  }
163 
164  /* Add the character to the string */
165  if (len >= NAMEDATALEN - 1)
166  ereport(ERROR,
167  (errcode(ERRCODE_NAME_TOO_LONG),
168  errmsg("identifier too long"),
169  errdetail("Identifier must be less than %d characters.",
170  NAMEDATALEN)));
171 
172  n[len++] = *s;
173  }
174  n[len] = '\0';
175  while (isspace((unsigned char) *s))
176  s++;
177  return s;
178 }
const void size_t len

References Assert(), ereport, errcode(), errdetail(), errmsg(), ERROR, len, and NAMEDATALEN.

Referenced by aclparse().

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2364 of file acl.c.

2365 {
2366  Oid tableoid = PG_GETARG_OID(0);
2367  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2368  Oid roleid;
2369  AclMode mode;
2370  AclResult aclresult;
2371 
2372  roleid = GetUserId();
2373  mode = convert_column_priv_string(priv_type_text);
2374 
2376  PG_RETURN_NULL();
2377 
2378  /* First check at table level, then examine each column if needed */
2379  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2380  if (aclresult != ACLCHECK_OK)
2381  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2382  ACLMASK_ANY);
2383 
2384  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2385 }
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
@ ACLMASK_ANY
Definition: acl.h:176
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4922
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5007
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
Definition: c.h:622
@ RELOID
Definition: syscache.h:89
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:188

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2420 of file acl.c.

2421 {
2422  Oid roleid = PG_GETARG_OID(0);
2423  Oid tableoid = PG_GETARG_OID(1);
2424  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2425  AclMode mode;
2426  AclResult aclresult;
2427 
2428  mode = convert_column_priv_string(priv_type_text);
2429 
2431  PG_RETURN_NULL();
2432 
2433  /* First check at table level, then examine each column if needed */
2434  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2435  if (aclresult != ACLCHECK_OK)
2436  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2437  ACLMASK_ANY);
2438 
2439  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2440 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2393 of file acl.c.

2394 {
2395  Oid roleid = PG_GETARG_OID(0);
2396  text *tablename = PG_GETARG_TEXT_PP(1);
2397  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2398  Oid tableoid;
2399  AclMode mode;
2400  AclResult aclresult;
2401 
2402  tableoid = convert_table_name(tablename);
2403  mode = convert_column_priv_string(priv_type_text);
2404 
2405  /* First check at table level, then examine each column if needed */
2406  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2407  if (aclresult != ACLCHECK_OK)
2408  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2409  ACLMASK_ANY);
2410 
2411  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2412 }
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2305 of file acl.c.

2306 {
2307  text *tablename = PG_GETARG_TEXT_PP(0);
2308  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2309  Oid roleid;
2310  Oid tableoid;
2311  AclMode mode;
2312  AclResult aclresult;
2313 
2314  roleid = GetUserId();
2315  tableoid = convert_table_name(tablename);
2316  mode = convert_column_priv_string(priv_type_text);
2317 
2318  /* First check at table level, then examine each column if needed */
2319  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2320  if (aclresult != ACLCHECK_OK)
2321  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2322  ACLMASK_ANY);
2323 
2324  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2325 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2333 of file acl.c.

2334 {
2336  Oid tableoid = PG_GETARG_OID(1);
2337  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2338  Oid roleid;
2339  AclMode mode;
2340  AclResult aclresult;
2341 
2343  mode = convert_column_priv_string(priv_type_text);
2344 
2346  PG_RETURN_NULL();
2347 
2348  /* First check at table level, then examine each column if needed */
2349  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2350  if (aclresult != ACLCHECK_OK)
2351  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2352  ACLMASK_ANY);
2353 
2354  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2355 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5195
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278
const char * username
Definition: pgbench.c:309
Definition: c.h:676

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2275 of file acl.c.

2276 {
2277  Name rolename = PG_GETARG_NAME(0);
2278  text *tablename = PG_GETARG_TEXT_PP(1);
2279  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2280  Oid roleid;
2281  Oid tableoid;
2282  AclMode mode;
2283  AclResult aclresult;
2284 
2285  roleid = get_role_oid_or_public(NameStr(*rolename));
2286  tableoid = convert_table_name(tablename);
2287  mode = convert_column_priv_string(priv_type_text);
2288 
2289  /* First check at table level, then examine each column if needed */
2290  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2291  if (aclresult != ACLCHECK_OK)
2292  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2293  ACLMASK_ANY);
2294 
2295  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2296 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2799 of file acl.c.

2800 {
2801  Oid tableoid = PG_GETARG_OID(0);
2802  AttrNumber colattnum = PG_GETARG_INT16(1);
2803  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2804  Oid roleid;
2805  AclMode mode;
2806  int privresult;
2807 
2808  roleid = GetUserId();
2809  mode = convert_column_priv_string(priv_type_text);
2810 
2811  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2812  if (privresult < 0)
2813  PG_RETURN_NULL();
2814  PG_RETURN_BOOL(privresult);
2815 }
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2467
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2692 of file acl.c.

2693 {
2694  Oid roleid = PG_GETARG_OID(0);
2695  Oid tableoid = PG_GETARG_OID(1);
2696  AttrNumber colattnum = PG_GETARG_INT16(2);
2697  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2698  AclMode mode;
2699  int privresult;
2700 
2701  mode = convert_column_priv_string(priv_type_text);
2702 
2703  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2704  if (privresult < 0)
2705  PG_RETURN_NULL();
2706  PG_RETURN_BOOL(privresult);
2707 }

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2667 of file acl.c.

2668 {
2669  Oid roleid = PG_GETARG_OID(0);
2670  Oid tableoid = PG_GETARG_OID(1);
2671  text *column = PG_GETARG_TEXT_PP(2);
2672  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2673  AttrNumber colattnum;
2674  AclMode mode;
2675  int privresult;
2676 
2677  colattnum = convert_column_name(tableoid, column);
2678  mode = convert_column_priv_string(priv_type_text);
2679 
2680  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2681  if (privresult < 0)
2682  PG_RETURN_NULL();
2683  PG_RETURN_BOOL(privresult);
2684 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2827

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2772 of file acl.c.

2773 {
2774  Oid tableoid = PG_GETARG_OID(0);
2775  text *column = PG_GETARG_TEXT_PP(1);
2776  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2777  Oid roleid;
2778  AttrNumber colattnum;
2779  AclMode mode;
2780  int privresult;
2781 
2782  roleid = GetUserId();
2783  colattnum = convert_column_name(tableoid, column);
2784  mode = convert_column_priv_string(priv_type_text);
2785 
2786  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2787  if (privresult < 0)
2788  PG_RETURN_NULL();
2789  PG_RETURN_BOOL(privresult);
2790 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2642 of file acl.c.

2643 {
2644  Oid roleid = PG_GETARG_OID(0);
2645  text *tablename = PG_GETARG_TEXT_PP(1);
2646  AttrNumber colattnum = PG_GETARG_INT16(2);
2647  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2648  Oid tableoid;
2649  AclMode mode;
2650  int privresult;
2651 
2652  tableoid = convert_table_name(tablename);
2653  mode = convert_column_priv_string(priv_type_text);
2654 
2655  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2656  if (privresult < 0)
2657  PG_RETURN_NULL();
2658  PG_RETURN_BOOL(privresult);
2659 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2615 of file acl.c.

2616 {
2617  Oid roleid = PG_GETARG_OID(0);
2618  text *tablename = PG_GETARG_TEXT_PP(1);
2619  text *column = PG_GETARG_TEXT_PP(2);
2620  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2621  Oid tableoid;
2622  AttrNumber colattnum;
2623  AclMode mode;
2624  int privresult;
2625 
2626  tableoid = convert_table_name(tablename);
2627  colattnum = convert_column_name(tableoid, column);
2628  mode = convert_column_priv_string(priv_type_text);
2629 
2630  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2631  if (privresult < 0)
2632  PG_RETURN_NULL();
2633  PG_RETURN_BOOL(privresult);
2634 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2745 of file acl.c.

2746 {
2747  text *tablename = PG_GETARG_TEXT_PP(0);
2748  AttrNumber colattnum = PG_GETARG_INT16(1);
2749  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2750  Oid roleid;
2751  Oid tableoid;
2752  AclMode mode;
2753  int privresult;
2754 
2755  roleid = GetUserId();
2756  tableoid = convert_table_name(tablename);
2757  mode = convert_column_priv_string(priv_type_text);
2758 
2759  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2760  if (privresult < 0)
2761  PG_RETURN_NULL();
2762  PG_RETURN_BOOL(privresult);
2763 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2590 of file acl.c.

2591 {
2593  Oid tableoid = PG_GETARG_OID(1);
2594  AttrNumber colattnum = PG_GETARG_INT16(2);
2595  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2596  Oid roleid;
2597  AclMode mode;
2598  int privresult;
2599 
2601  mode = convert_column_priv_string(priv_type_text);
2602 
2603  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2604  if (privresult < 0)
2605  PG_RETURN_NULL();
2606  PG_RETURN_BOOL(privresult);
2607 }

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2563 of file acl.c.

2564 {
2566  Oid tableoid = PG_GETARG_OID(1);
2567  text *column = PG_GETARG_TEXT_PP(2);
2568  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2569  Oid roleid;
2570  AttrNumber colattnum;
2571  AclMode mode;
2572  int privresult;
2573 
2575  colattnum = convert_column_name(tableoid, column);
2576  mode = convert_column_priv_string(priv_type_text);
2577 
2578  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2579  if (privresult < 0)
2580  PG_RETURN_NULL();
2581  PG_RETURN_BOOL(privresult);
2582 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2716 of file acl.c.

2717 {
2718  text *tablename = PG_GETARG_TEXT_PP(0);
2719  text *column = PG_GETARG_TEXT_PP(1);
2720  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2721  Oid roleid;
2722  Oid tableoid;
2723  AttrNumber colattnum;
2724  AclMode mode;
2725  int privresult;
2726 
2727  roleid = GetUserId();
2728  tableoid = convert_table_name(tablename);
2729  colattnum = convert_column_name(tableoid, column);
2730  mode = convert_column_priv_string(priv_type_text);
2731 
2732  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2733  if (privresult < 0)
2734  PG_RETURN_NULL();
2735  PG_RETURN_BOOL(privresult);
2736 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2536 of file acl.c.

2537 {
2538  Name rolename = PG_GETARG_NAME(0);
2539  text *tablename = PG_GETARG_TEXT_PP(1);
2540  AttrNumber colattnum = PG_GETARG_INT16(2);
2541  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2542  Oid roleid;
2543  Oid tableoid;
2544  AclMode mode;
2545  int privresult;
2546 
2547  roleid = get_role_oid_or_public(NameStr(*rolename));
2548  tableoid = convert_table_name(tablename);
2549  mode = convert_column_priv_string(priv_type_text);
2550 
2551  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2552  if (privresult < 0)
2553  PG_RETURN_NULL();
2554  PG_RETURN_BOOL(privresult);
2555 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2507 of file acl.c.

2508 {
2509  Name rolename = PG_GETARG_NAME(0);
2510  text *tablename = PG_GETARG_TEXT_PP(1);
2511  text *column = PG_GETARG_TEXT_PP(2);
2512  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2513  Oid roleid;
2514  Oid tableoid;
2515  AttrNumber colattnum;
2516  AclMode mode;
2517  int privresult;
2518 
2519  roleid = get_role_oid_or_public(NameStr(*rolename));
2520  tableoid = convert_table_name(tablename);
2521  colattnum = convert_column_name(tableoid, column);
2522  mode = convert_column_priv_string(priv_type_text);
2523 
2524  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2525  if (privresult < 0)
2526  PG_RETURN_NULL();
2527  PG_RETURN_BOOL(privresult);
2528 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2996 of file acl.c.

2997 {
2998  Oid databaseoid = PG_GETARG_OID(0);
2999  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3000  Oid roleid;
3001  AclMode mode;
3002  AclResult aclresult;
3003 
3004  roleid = GetUserId();
3005  mode = convert_database_priv_string(priv_type_text);
3006 
3008  PG_RETURN_NULL();
3009 
3010  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3011 
3012  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3013 }
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3082
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5033
@ DATABASEOID
Definition: syscache.h:55

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3044 of file acl.c.

3045 {
3046  Oid roleid = PG_GETARG_OID(0);
3047  Oid databaseoid = PG_GETARG_OID(1);
3048  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3049  AclMode mode;
3050  AclResult aclresult;
3051 
3052  mode = convert_database_priv_string(priv_type_text);
3053 
3055  PG_RETURN_NULL();
3056 
3057  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3058 
3059  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3060 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3021 of file acl.c.

3022 {
3023  Oid roleid = PG_GETARG_OID(0);
3024  text *databasename = PG_GETARG_TEXT_PP(1);
3025  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3026  Oid databaseoid;
3027  AclMode mode;
3028  AclResult aclresult;
3029 
3030  databaseoid = convert_database_name(databasename);
3031  mode = convert_database_priv_string(priv_type_text);
3032 
3033  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3034 
3035  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3036 }
static Oid convert_database_name(text *databasename)
Definition: acl.c:3070

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2945 of file acl.c.

2946 {
2947  text *databasename = PG_GETARG_TEXT_PP(0);
2948  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2949  Oid roleid;
2950  Oid databaseoid;
2951  AclMode mode;
2952  AclResult aclresult;
2953 
2954  roleid = GetUserId();
2955  databaseoid = convert_database_name(databasename);
2956  mode = convert_database_priv_string(priv_type_text);
2957 
2958  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2959 
2960  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2961 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2969 of file acl.c.

2970 {
2972  Oid databaseoid = PG_GETARG_OID(1);
2973  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2974  Oid roleid;
2975  AclMode mode;
2976  AclResult aclresult;
2977 
2979  mode = convert_database_priv_string(priv_type_text);
2980 
2982  PG_RETURN_NULL();
2983 
2984  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2985 
2986  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2987 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2919 of file acl.c.

2920 {
2922  text *databasename = PG_GETARG_TEXT_PP(1);
2923  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2924  Oid roleid;
2925  Oid databaseoid;
2926  AclMode mode;
2927  AclResult aclresult;
2928 
2930  databaseoid = convert_database_name(databasename);
2931  mode = convert_database_priv_string(priv_type_text);
2932 
2933  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2934 
2935  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2936 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3193 of file acl.c.

3194 {
3195  Oid fdwid = PG_GETARG_OID(0);
3196  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3197  Oid roleid;
3198  AclMode mode;
3199  AclResult aclresult;
3200 
3201  roleid = GetUserId();
3203 
3205  PG_RETURN_NULL();
3206 
3207  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3208 
3209  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3210 }
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3279
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5134
@ FOREIGNDATAWRAPPEROID
Definition: syscache.h:62

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3241 of file acl.c.

3242 {
3243  Oid roleid = PG_GETARG_OID(0);
3244  Oid fdwid = PG_GETARG_OID(1);
3245  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3246  AclMode mode;
3247  AclResult aclresult;
3248 
3250 
3252  PG_RETURN_NULL();
3253 
3254  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3255 
3256  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3257 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3218 of file acl.c.

3219 {
3220  Oid roleid = PG_GETARG_OID(0);
3221  text *fdwname = PG_GETARG_TEXT_PP(1);
3222  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3223  Oid fdwid;
3224  AclMode mode;
3225  AclResult aclresult;
3226 
3227  fdwid = convert_foreign_data_wrapper_name(fdwname);
3229 
3230  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3231 
3232  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3233 }
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3267

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3142 of file acl.c.

3143 {
3144  text *fdwname = PG_GETARG_TEXT_PP(0);
3145  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3146  Oid roleid;
3147  Oid fdwid;
3148  AclMode mode;
3149  AclResult aclresult;
3150 
3151  roleid = GetUserId();
3152  fdwid = convert_foreign_data_wrapper_name(fdwname);
3154 
3155  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3156 
3157  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3158 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3166 of file acl.c.

3167 {
3169  Oid fdwid = PG_GETARG_OID(1);
3170  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3171  Oid roleid;
3172  AclMode mode;
3173  AclResult aclresult;
3174 
3177 
3179  PG_RETURN_NULL();
3180 
3181  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3182 
3183  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3184 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3116 of file acl.c.

3117 {
3119  text *fdwname = PG_GETARG_TEXT_PP(1);
3120  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3121  Oid roleid;
3122  Oid fdwid;
3123  AclMode mode;
3124  AclResult aclresult;
3125 
3127  fdwid = convert_foreign_data_wrapper_name(fdwname);
3129 
3130  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3131 
3132  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3133 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3384 of file acl.c.

3385 {
3386  Oid functionoid = PG_GETARG_OID(0);
3387  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3388  Oid roleid;
3389  AclMode mode;
3390  AclResult aclresult;
3391 
3392  roleid = GetUserId();
3393  mode = convert_function_priv_string(priv_type_text);
3394 
3395  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3396  PG_RETURN_NULL();
3397 
3398  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3399 
3400  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3401 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3479
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5071
@ PROCOID
Definition: syscache.h:79

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), mode, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_id()

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3432 of file acl.c.

3433 {
3434  Oid roleid = PG_GETARG_OID(0);
3435  Oid functionoid = PG_GETARG_OID(1);
3436  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3437  AclMode mode;
3438  AclResult aclresult;
3439 
3440  mode = convert_function_priv_string(priv_type_text);
3441 
3442  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3443  PG_RETURN_NULL();
3444 
3445  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3446 
3447  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3448 }

References ACLCHECK_OK, convert_function_priv_string(), mode, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_name()

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3409 of file acl.c.

3410 {
3411  Oid roleid = PG_GETARG_OID(0);
3412  text *functionname = PG_GETARG_TEXT_PP(1);
3413  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3414  Oid functionoid;
3415  AclMode mode;
3416  AclResult aclresult;
3417 
3418  functionoid = convert_function_name(functionname);
3419  mode = convert_function_priv_string(priv_type_text);
3420 
3421  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3422 
3423  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3424 }
static Oid convert_function_name(text *functionname)
Definition: acl.c:3458

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

◆ has_function_privilege_name()

Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3333 of file acl.c.

3334 {
3335  text *functionname = PG_GETARG_TEXT_PP(0);
3336  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3337  Oid roleid;
3338  Oid functionoid;
3339  AclMode mode;
3340  AclResult aclresult;
3341 
3342  roleid = GetUserId();
3343  functionoid = convert_function_name(functionname);
3344  mode = convert_function_priv_string(priv_type_text);
3345 
3346  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3347 
3348  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3349 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), mode, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

◆ has_function_privilege_name_id()

Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3357 of file acl.c.

3358 {
3360  Oid functionoid = PG_GETARG_OID(1);
3361  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3362  Oid roleid;
3363  AclMode mode;
3364  AclResult aclresult;
3365 
3367  mode = convert_function_priv_string(priv_type_text);
3368 
3369  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3370  PG_RETURN_NULL();
3371 
3372  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3373 
3374  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3375 }

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, SearchSysCacheExists1, and username.

◆ has_function_privilege_name_name()

Datum has_function_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3307 of file acl.c.

3308 {
3310  text *functionname = PG_GETARG_TEXT_PP(1);
3311  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3312  Oid roleid;
3313  Oid functionoid;
3314  AclMode mode;
3315  AclResult aclresult;
3316 
3318  functionoid = convert_function_name(functionname);
3319  mode = convert_function_priv_string(priv_type_text);
3320 
3321  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3322 
3323  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3324 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, and username.

◆ has_language_privilege_id()

Datum has_language_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3584 of file acl.c.

3585 {
3586  Oid languageoid = PG_GETARG_OID(0);
3587  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3588  Oid roleid;
3589  AclMode mode;
3590  AclResult aclresult;
3591 
3592  roleid = GetUserId();
3593  mode = convert_language_priv_string(priv_type_text);
3594 
3595  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3596  PG_RETURN_NULL();
3597 
3598  aclresult = pg_language_aclcheck(languageoid, roleid, mode);
3599 
3600  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3601 }
static AclMode convert_language_priv_string(text *priv_type_text)
Definition: acl.c:3670
AclResult pg_language_aclcheck(Oid lang_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5083
@ LANGOID
Definition: syscache.h:68

References ACLCHECK_OK, convert_language_priv_string(), GetUserId(), LANGOID, mode, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_language_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_id()

Datum has_language_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3632 of file acl.c.

3633 {
3634  Oid roleid = PG_GETARG_OID(0);
3635  Oid languageoid = PG_GETARG_OID(1);
3636  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3637  AclMode mode;
3638  AclResult aclresult;
3639 
3640  mode = convert_language_priv_string(priv_type_text);
3641 
3642  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3643  PG_RETURN_NULL();
3644 
3645  aclresult = pg_language_aclcheck(languageoid, roleid, mode);
3646 
3647  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3648 }

References ACLCHECK_OK, convert_language_priv_string(), LANGOID, mode, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_language_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_name()

Datum has_language_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3609 of file acl.c.

3610 {
3611  Oid roleid = PG_GETARG_OID(0);
3612  text *languagename = PG_GETARG_TEXT_PP(1);
3613  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3614  Oid languageoid;
3615  AclMode mode;
3616  AclResult aclresult;
3617 
3618  languageoid = convert_language_name(languagename);
3619  mode = convert_language_priv_string(priv_type_text);
3620 
3621  aclresult = pg_language_aclcheck(languageoid, roleid, mode);
3622 
3623  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3624 }
static Oid convert_language_name(text *languagename)
Definition: acl.c:3658

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_language_aclcheck(), and PG_RETURN_BOOL.

◆ has_language_privilege_name()

Datum has_language_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3533 of file acl.c.

3534 {
3535  text *languagename = PG_GETARG_TEXT_PP(0);
3536  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3537  Oid roleid;
3538  Oid languageoid;
3539  AclMode mode;
3540  AclResult aclresult;
3541 
3542  roleid = GetUserId();
3543  languageoid = convert_language_name(languagename);
3544  mode = convert_language_priv_string(priv_type_text);
3545 
3546  aclresult = pg_language_aclcheck(languageoid, roleid, mode);
3547 
3548  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3549 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), GetUserId(), mode, PG_GETARG_TEXT_PP, pg_language_aclcheck(), and PG_RETURN_BOOL.

◆ has_language_privilege_name_id()

Datum has_language_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3557 of file acl.c.

3558 {
3560  Oid languageoid = PG_GETARG_OID(1);
3561  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3562  Oid roleid;
3563  AclMode mode;
3564  AclResult aclresult;
3565 
3567  mode = convert_language_priv_string(priv_type_text);
3568 
3569  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3570  PG_RETURN_NULL();
3571 
3572  aclresult = pg_language_aclcheck(languageoid, roleid, mode);
3573 
3574  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3575 }

References ACLCHECK_OK, convert_language_priv_string(), get_role_oid_or_public(), LANGOID, mode, NameStr, ObjectIdGetDatum, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_language_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_language_privilege_name_name()

Datum has_language_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3507 of file acl.c.

3508 {
3510  text *languagename = PG_GETARG_TEXT_PP(1);
3511  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3512  Oid roleid;
3513  Oid languageoid;
3514  AclMode mode;
3515  AclResult aclresult;
3516 
3518  languageoid = convert_language_name(languagename);
3519  mode = convert_language_priv_string(priv_type_text);
3520 
3521  aclresult = pg_language_aclcheck(languageoid, roleid, mode);
3522 
3523  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3524 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, pg_language_aclcheck(), PG_RETURN_BOOL, and username.

◆ has_param_priv_byname()

static bool has_param_priv_byname ( Oid  roleid,
const text parameter,
AclMode  priv 
)
static

Definition at line 4472 of file acl.c.

4473 {
4474  char *paramstr = text_to_cstring(parameter);
4475 
4476  return pg_parameter_aclcheck(paramstr, roleid, priv) == ACLCHECK_OK;
4477 }
AclResult pg_parameter_aclcheck(const char *name, Oid roleid, AclMode mode)
Definition: aclchk.c:5046

References ACLCHECK_OK, pg_parameter_aclcheck(), and text_to_cstring().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ has_parameter_privilege_id_name()

Datum has_parameter_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4515 of file acl.c.

4516 {
4517  Oid roleid = PG_GETARG_OID(0);
4518  text *parameter = PG_GETARG_TEXT_PP(1);
4520 
4521  PG_RETURN_BOOL(has_param_priv_byname(roleid, parameter, priv));
4522 }
static bool has_param_priv_byname(Oid roleid, const text *parameter, AclMode priv)
Definition: acl.c:4472
static AclMode convert_parameter_priv_string(text *priv_text)
Definition: acl.c:4533

References convert_parameter_priv_string(), has_param_priv_byname(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name()

Datum has_parameter_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4501 of file acl.c.

4502 {
4503  text *parameter = PG_GETARG_TEXT_PP(0);
4505 
4506  PG_RETURN_BOOL(has_param_priv_byname(GetUserId(), parameter, priv));
4507 }

References convert_parameter_priv_string(), GetUserId(), has_param_priv_byname(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name_name()

Datum has_parameter_privilege_name_name ( PG_FUNCTION_ARGS  )

◆ has_privs_of_role()

bool has_privs_of_role ( Oid  member,
Oid  role 
)

Definition at line 4951 of file acl.c.

4952 {
4953  /* Fast path for simple case */
4954  if (member == role)
4955  return true;
4956 
4957  /* Superusers have every privilege, so are part of every role */
4958  if (superuser_arg(member))
4959  return true;
4960 
4961  /*
4962  * Find all the roles that member has the privileges of, including
4963  * multi-level recursion, then see if target role is any one of them.
4964  */
4966  InvalidOid, NULL),
4967  role);
4968 }
static List * roles_is_member_of(Oid roleid, enum RoleRecurseType type, Oid admin_of, bool *is_admin)
Definition: acl.c:4834
bool list_member_oid(const List *list, Oid datum)
Definition: list.c:701
bool superuser_arg(Oid roleid)
Definition: superuser.c:56

References InvalidOid, list_member_oid(), ROLERECURSE_PRIVS, roles_is_member_of(), and superuser_arg().

Referenced by aclmask(), AlterObjectNamespace_internal(), AlterObjectOwner_internal(), AlterObjectRename_internal(), bbsink_server_new(), calculate_database_size(), calculate_tablespace_size(), check_role_for_policy(), convert_and_check_filename(), DoCopy(), DropOwnedObjects(), file_fdw_validator(), get_explain_guc_options(), GetConfigOption(), GetConfigOptionByName(), GetConfigOptionByNum(), GetConfigOptionResetString(), pg_class_aclmask_ext(), pg_class_ownercheck(), pg_collation_ownercheck(), pg_conversion_ownercheck(), pg_database_ownercheck(), pg_event_trigger_ownercheck(), pg_extension_ownercheck(), pg_foreign_data_wrapper_ownercheck(), pg_foreign_server_ownercheck(), pg_language_ownercheck(), pg_largeobject_ownercheck(), pg_namespace_aclmask(), pg_namespace_ownercheck(), pg_opclass_ownercheck(), pg_oper_ownercheck(), pg_opfamily_ownercheck(), pg_proc_ownercheck(), pg_publication_ownercheck(), pg_role_aclcheck(), pg_signal_backend(), pg_stat_get_wal_receiver(), pg_stat_get_wal_senders(), pg_stat_statements_internal(), pg_statistics_object_ownercheck(), pg_subscription_ownercheck(), pg_tablespace_ownercheck(), pg_ts_config_ownercheck(), pg_ts_dict_ownercheck(), pg_type_ownercheck(), pgrowlocks(), ReassignOwnedObjects(), shell_check_detail(), ShowAllGUCConfig(), standard_ProcessUtility(), and TerminateOtherDBBackends().

◆ has_rolinherit()

static bool has_rolinherit ( Oid  roleid)
static

Definition at line 4803 of file acl.c.

4804 {
4805  bool result = false;
4806  HeapTuple utup;
4807 
4808  utup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(roleid));
4809  if (HeapTupleIsValid(utup))
4810  {
4811  result = ((Form_pg_authid) GETSTRUCT(utup))->rolinherit;
4812  ReleaseSysCache(utup);
4813  }
4814  return result;
4815 }
bool rolinherit
Definition: pg_authid.h:36

References AUTHOID, GETSTRUCT, HeapTupleIsValid, ObjectIdGetDatum, ReleaseSysCache(), rolinherit, and SearchSysCache1().

Referenced by roles_is_member_of().

◆ has_schema_privilege_id()

Datum has_schema_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3775 of file acl.c.

3776 {
3777  Oid schemaoid = PG_GETARG_OID(0);
3778  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3779  Oid roleid;
3780  AclMode mode;
3781  AclResult aclresult;
3782 
3783  roleid = GetUserId();
3784  mode = convert_schema_priv_string(priv_type_text);
3785 
3787  PG_RETURN_NULL();
3788 
3789  aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode);
3790 
3791  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3792 }
static AclMode convert_schema_priv_string(text *priv_type_text)
Definition: acl.c:3861
AclResult pg_namespace_aclcheck(Oid nsp_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5109
@ NAMESPACEOID
Definition: syscache.h:70

References ACLCHECK_OK, convert_schema_priv_string(), GetUserId(), mode, NAMESPACEOID, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_namespace_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_id()

Datum has_schema_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3823 of file acl.c.

3824 {
3825  Oid roleid = PG_GETARG_OID(0);
3826  Oid schemaoid = PG_GETARG_OID(1);
3827  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3828  AclMode mode;
3829  AclResult aclresult;
3830 
3831  mode = convert_schema_priv_string(priv_type_text);
3832 
3834  PG_RETURN_NULL();
3835 
3836  aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode);
3837 
3838  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3839 }

References ACLCHECK_OK, convert_schema_priv_string(), mode, NAMESPACEOID, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_namespace_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_name()

Datum has_schema_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3800 of file acl.c.

3801 {
3802  Oid roleid = PG_GETARG_OID(0);
3803  text *schemaname = PG_GETARG_TEXT_PP(1);
3804  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3805  Oid schemaoid;
3806  AclMode mode;
3807  AclResult aclresult;
3808 
3809  schemaoid = convert_schema_name(schemaname);
3810  mode = convert_schema_priv_string(priv_type_text);
3811 
3812  aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode);
3813 
3814  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3815 }
static Oid convert_schema_name(text *schemaname)
Definition: acl.c:3849

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_namespace_aclcheck(), and PG_RETURN_BOOL.

◆ has_schema_privilege_name()

Datum has_schema_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3724 of file acl.c.

3725 {
3726  text *schemaname = PG_GETARG_TEXT_PP(0);
3727  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3728  Oid roleid;
3729  Oid schemaoid;
3730  AclMode mode;
3731  AclResult aclresult;
3732 
3733  roleid = GetUserId();
3734  schemaoid = convert_schema_name(schemaname);
3735  mode = convert_schema_priv_string(priv_type_text);
3736 
3737  aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode);
3738 
3739  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3740 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), GetUserId(), mode, PG_GETARG_TEXT_PP, pg_namespace_aclcheck(), and PG_RETURN_BOOL.

◆ has_schema_privilege_name_id()

Datum has_schema_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3748 of file acl.c.

3749 {
3751  Oid schemaoid = PG_GETARG_OID(1);
3752  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3753  Oid roleid;
3754  AclMode mode;
3755  AclResult aclresult;
3756 
3758  mode = convert_schema_priv_string(priv_type_text);
3759 
3761  PG_RETURN_NULL();
3762 
3763  aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode);
3764 
3765  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3766 }

References ACLCHECK_OK, convert_schema_priv_string(), get_role_oid_or_public(), mode, NAMESPACEOID, NameStr, ObjectIdGetDatum, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_namespace_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_schema_privilege_name_name()

Datum has_schema_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3698 of file acl.c.

3699 {
3701  text *schemaname = PG_GETARG_TEXT_PP(1);
3702  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3703  Oid roleid;
3704  Oid schemaoid;
3705  AclMode mode;
3706  AclResult aclresult;
3707 
3709  schemaoid = convert_schema_name(schemaname);
3710  mode = convert_schema_priv_string(priv_type_text);
3711 
3712  aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode);
3713 
3714  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3715 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, pg_namespace_aclcheck(), PG_RETURN_BOOL, and username.

◆ has_sequence_privilege_id()

Datum has_sequence_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2154 of file acl.c.

2155 {
2156  Oid sequenceoid = PG_GETARG_OID(0);
2157  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2158  Oid roleid;
2159  AclMode mode;
2160  AclResult aclresult;
2161  char relkind;
2162 
2163  roleid = GetUserId();
2164  mode = convert_sequence_priv_string(priv_type_text);
2165  relkind = get_rel_relkind(sequenceoid);
2166  if (relkind == '\0')
2167  PG_RETURN_NULL();
2168  else if (relkind != RELKIND_SEQUENCE)
2169  ereport(ERROR,
2170  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2171  errmsg("\"%s\" is not a sequence",
2172  get_rel_name(sequenceoid))));
2173 
2174  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2175 
2176  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2177 }
static AclMode convert_sequence_priv_string(text *priv_type_text)
Definition: acl.c:2242
char get_rel_relkind(Oid relid)
Definition: lsyscache.c:1984

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_id()

Datum has_sequence_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2213 of file acl.c.

2214 {
2215  Oid roleid = PG_GETARG_OID(0);
2216  Oid sequenceoid = PG_GETARG_OID(1);
2217  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2218  AclMode mode;
2219  AclResult aclresult;
2220  char relkind;
2221 
2222  mode = convert_sequence_priv_string(priv_type_text);
2223  relkind = get_rel_relkind(sequenceoid);
2224  if (relkind == '\0')
2225  PG_RETURN_NULL();
2226  else if (relkind != RELKIND_SEQUENCE)
2227  ereport(ERROR,
2228  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2229  errmsg("\"%s\" is not a sequence",
2230  get_rel_name(sequenceoid))));
2231 
2232  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2233 
2234  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2235 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_name()

Datum has_sequence_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2185 of file acl.c.

2186 {
2187  Oid roleid = PG_GETARG_OID(0);
2188  text *sequencename = PG_GETARG_TEXT_PP(1);
2189  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2190  Oid sequenceoid;
2191  AclMode mode;
2192  AclResult aclresult;
2193 
2194  mode = convert_sequence_priv_string(priv_type_text);
2195  sequenceoid = convert_table_name(sequencename);
2196  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2197  ereport(ERROR,
2198  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2199  errmsg("\"%s\" is not a sequence",
2200  text_to_cstring(sequencename))));
2201 
2202  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2203 
2204  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2205 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name()

Datum has_sequence_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2092 of file acl.c.

2093 {
2094  text *sequencename = PG_GETARG_TEXT_PP(0);
2095  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2096  Oid roleid;
2097  Oid sequenceoid;
2098  AclMode mode;
2099  AclResult aclresult;
2100 
2101  roleid = GetUserId();
2102  mode = convert_sequence_priv_string(priv_type_text);
2103  sequenceoid = convert_table_name(sequencename);
2104  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2105  ereport(ERROR,
2106  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2107  errmsg("\"%s\" is not a sequence",
2108  text_to_cstring(sequencename))));
2109 
2110  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2111 
2112  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2113 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name_id()

Datum has_sequence_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2121 of file acl.c.

2122 {
2124  Oid sequenceoid = PG_GETARG_OID(1);
2125  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2126  Oid roleid;
2127  AclMode mode;
2128  AclResult aclresult;
2129  char relkind;
2130 
2132  mode = convert_sequence_priv_string(priv_type_text);
2133  relkind = get_rel_relkind(sequenceoid);
2134  if (relkind == '\0')
2135  PG_RETURN_NULL();
2136  else if (relkind != RELKIND_SEQUENCE)
2137  ereport(ERROR,
2138  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2139  errmsg("\"%s\" is not a sequence",
2140  get_rel_name(sequenceoid))));
2141 
2142  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2143 
2144  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2145 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_sequence_privilege_name_name()

Datum has_sequence_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2061 of file acl.c.

2062 {
2063  Name rolename = PG_GETARG_NAME(0);
2064  text *sequencename = PG_GETARG_TEXT_PP(1);
2065  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2066  Oid roleid;
2067  Oid sequenceoid;
2068  AclMode mode;
2069  AclResult aclresult;
2070 
2071  roleid = get_role_oid_or_public(NameStr(*rolename));
2072  mode = convert_sequence_priv_string(priv_type_text);
2073  sequenceoid = convert_table_name(sequencename);
2074  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2075  ereport(ERROR,
2076  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2077  errmsg("\"%s\" is not a sequence",
2078  text_to_cstring(sequencename))));
2079 
2080  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2081 
2082  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2083 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_server_privilege_id()

Datum has_server_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3968 of file acl.c.

3969 {
3970  Oid serverid = PG_GETARG_OID(0);
3971  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3972  Oid roleid;
3973  AclMode mode;
3974  AclResult aclresult;
3975 
3976  roleid = GetUserId();
3977  mode = convert_server_priv_string(priv_type_text);
3978 
3980  PG_RETURN_NULL();
3981 
3982  aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode);
3983 
3984  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3985 }
static AclMode convert_server_priv_string(text *priv_type_text)
Definition: acl.c:4054
AclResult pg_foreign_server_aclcheck(Oid srv_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5147
@ FOREIGNSERVEROID
Definition: syscache.h:64

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, GetUserId(), mode, ObjectIdGetDatum, pg_foreign_server_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_id()

Datum has_server_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4016 of file acl.c.

4017 {
4018  Oid roleid = PG_GETARG_OID(0);
4019  Oid serverid = PG_GETARG_OID(1);
4020  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4021  AclMode mode;
4022  AclResult aclresult;
4023 
4024  mode = convert_server_priv_string(priv_type_text);
4025 
4027  PG_RETURN_NULL();
4028 
4029  aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode);
4030 
4031  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4032 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, mode, ObjectIdGetDatum, pg_foreign_server_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_name()

Datum has_server_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3993 of file acl.c.

3994 {
3995  Oid roleid = PG_GETARG_OID(0);
3996  text *servername = PG_GETARG_TEXT_PP(1);
3997  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3998  Oid serverid;
3999  AclMode mode;
4000  AclResult aclresult;
4001 
4002  serverid = convert_server_name(servername);
4003  mode = convert_server_priv_string(priv_type_text);
4004 
4005  aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode);
4006 
4007  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4008 }
static Oid convert_server_name(text *servername)
Definition: acl.c:4042

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), mode, pg_foreign_server_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name()

Datum has_server_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3917 of file acl.c.

3918 {
3919  text *servername = PG_GETARG_TEXT_PP(0);
3920  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3921  Oid roleid;
3922  Oid serverid;
3923  AclMode mode;
3924  AclResult aclresult;
3925 
3926  roleid = GetUserId();
3927  serverid = convert_server_name(servername);
3928  mode = convert_server_priv_string(priv_type_text);
3929 
3930  aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode);
3931 
3932  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3933 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), GetUserId(), mode, pg_foreign_server_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name_id()

Datum has_server_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3941 of file acl.c.

3942 {
3944  Oid serverid = PG_GETARG_OID(1);
3945  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3946  Oid roleid;
3947  AclMode mode;
3948  AclResult aclresult;
3949 
3951  mode = convert_server_priv_string(priv_type_text);
3952 
3954  PG_RETURN_NULL();
3955 
3956  aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode);
3957 
3958  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3959 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_foreign_server_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_server_privilege_name_name()

Datum has_server_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3891 of file acl.c.

3892 {
3894  text *servername = PG_GETARG_TEXT_PP(1);
3895  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3896  Oid roleid;
3897  Oid serverid;
3898  AclMode mode;
3899  AclResult aclresult;
3900 
3902  serverid = convert_server_name(servername);
3903  mode = convert_server_priv_string(priv_type_text);
3904 
3905  aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode);
3906 
3907  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3908 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_foreign_server_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_table_privilege_id()

Datum has_table_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 1930 of file acl.c.

1931 {
1932  Oid tableoid = PG_GETARG_OID(0);
1933  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1934  Oid roleid;
1935  AclMode mode;
1936  AclResult aclresult;
1937 
1938  roleid = GetUserId();
1939  mode = convert_table_priv_string(priv_type_text);
1940 
1942  PG_RETURN_NULL();
1943 
1944  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1945 
1946  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1947 }
static AclMode convert_table_priv_string(text *priv_type_text)
Definition: acl.c:2019

References ACLCHECK_OK, convert_table_priv_string(), GetUserId(), mode, ObjectIdGetDatum, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_id()

Datum has_table_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 1978 of file acl.c.

1979 {
1980  Oid roleid = PG_GETARG_OID(0);
1981  Oid tableoid = PG_GETARG_OID(1);
1982  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1983  AclMode mode;
1984  AclResult aclresult;
1985 
1986  mode = convert_table_priv_string(priv_type_text);
1987 
1989  PG_RETURN_NULL();
1990 
1991  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1992 
1993  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1994 }

References ACLCHECK_OK, convert_table_priv_string(), mode, ObjectIdGetDatum, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_name()

Datum has_table_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 1955 of file acl.c.

1956 {
1957  Oid roleid = PG_GETARG_OID(0);
1958  text *tablename = PG_GETARG_TEXT_PP(1);
1959  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1960  Oid tableoid;
1961  AclMode mode;
1962  AclResult aclresult;
1963 
1964  tableoid = convert_table_name(tablename);
1965  mode = convert_table_priv_string(priv_type_text);
1966 
1967  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1968 
1969  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1970 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name()

Datum has_table_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 1879 of file acl.c.

1880 {
1881  text *tablename = PG_GETARG_TEXT_PP(0);
1882  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1883  Oid roleid;
1884  Oid tableoid;
1885  AclMode mode;
1886  AclResult aclresult;
1887 
1888  roleid = GetUserId();
1889  tableoid = convert_table_name(tablename);
1890  mode = convert_table_priv_string(priv_type_text);
1891 
1892  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1893 
1894  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1895 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name_id()

Datum has_table_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 1903 of file acl.c.

1904 {
1906  Oid tableoid = PG_GETARG_OID(1);
1907  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1908  Oid roleid;
1909  AclMode mode;
1910  AclResult aclresult;
1911 
1913  mode = convert_table_priv_string(priv_type_text);
1914 
1916  PG_RETURN_NULL();
1917 
1918  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1919 
1920  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1921 }

References ACLCHECK_OK, convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_table_privilege_name_name()

Datum has_table_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 1853 of file acl.c.

1854 {
1855  Name rolename = PG_GETARG_NAME(0);
1856  text *tablename = PG_GETARG_TEXT_PP(1);
1857  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1858  Oid roleid;
1859  Oid tableoid;
1860  AclMode mode;
1861  AclResult aclresult;
1862 
1863  roleid = get_role_oid_or_public(NameStr(*rolename));
1864  tableoid = convert_table_name(tablename);
1865  mode = convert_table_priv_string(priv_type_text);
1866 
1867  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1868 
1869  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1870 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_id()

Datum has_tablespace_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4159 of file acl.c.

4160 {
4161  Oid tablespaceoid = PG_GETARG_OID(0);
4162  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4163  Oid roleid;
4164  AclMode mode;
4165  AclResult aclresult;
4166 
4167  roleid = GetUserId();
4168  mode = convert_tablespace_priv_string(priv_type_text);
4169 
4171  PG_RETURN_NULL();
4172 
4173  aclresult = pg_tablespace_aclcheck(tablespaceoid, roleid, mode);
4174 
4175  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4176 }
static AclMode convert_tablespace_priv_string(text *priv_type_text)
Definition: acl.c:4245
AclResult pg_tablespace_aclcheck(Oid spc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:5121
@ TABLESPACEOID
Definition: syscache.h:101

References ACLCHECK_OK, convert_tablespace_priv_string(), GetUserId(), mode, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, pg_tablespace_aclcheck(), SearchSysCacheExists1, and TABLESPACEOID.

◆ has_tablespace_privilege_id_id()

Datum has_tablespace_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4207 of file acl.c.

4208 {
4209  Oid roleid = PG_GETARG_OID(0);
4210  Oid tablespaceoid = PG_GETARG_OID(1);
4211  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4212  AclMode mode;
4213  AclResult aclresult;
4214 
4215  mode = convert_tablespace_priv_string(priv_type_text);
4216 
4217  if (!