#include "postgres.h"
#include <ctype.h>
#include "access/hash.h"
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_type.h"
#include "catalog/pg_class.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"

Include dependency graph for acl.c:

Data Structures
struct	priv_map

Functions
static const char *	getid (const char s, char n)

static void	putid (char p, const char s)

static Acl *	allocacl (int n)

static void	check_acl (const Acl *acl)

static const char *	aclparse (const char s, AclItem aip)

static bool	aclitem_match (const AclItem a1, const AclItem a2)

static int	aclitemComparator (const void arg1, const void arg2)

static void	check_circularity (const Acl old_acl, const AclItem mod_aip, Oid ownerId)

static Acl *	recursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)

static AclMode	convert_priv_string (text *priv_type_text)

static AclMode	convert_any_priv_string (text priv_type_text, const priv_map privileges)

static Oid	convert_table_name (text *tablename)

static AclMode	convert_table_priv_string (text *priv_type_text)

static AclMode	convert_sequence_priv_string (text *priv_type_text)

static AttrNumber	convert_column_name (Oid tableoid, text *column)

static AclMode	convert_column_priv_string (text *priv_type_text)

static Oid	convert_database_name (text *databasename)

static AclMode	convert_database_priv_string (text *priv_type_text)

static Oid	convert_foreign_data_wrapper_name (text *fdwname)

static AclMode	convert_foreign_data_wrapper_priv_string (text *priv_type_text)

static Oid	convert_function_name (text *functionname)

static AclMode	convert_function_priv_string (text *priv_type_text)

static Oid	convert_language_name (text *languagename)

static AclMode	convert_language_priv_string (text *priv_type_text)

static Oid	convert_schema_name (text *schemaname)

static AclMode	convert_schema_priv_string (text *priv_type_text)

static Oid	convert_server_name (text *servername)

static AclMode	convert_server_priv_string (text *priv_type_text)

static Oid	convert_tablespace_name (text *tablespacename)

static AclMode	convert_tablespace_priv_string (text *priv_type_text)

static Oid	convert_type_name (text *typename)

static AclMode	convert_type_priv_string (text *priv_type_text)

static AclMode	convert_role_priv_string (text *priv_type_text)

static AclResult	pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)

static void	RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)

Acl *	make_empty_acl (void)

Acl *	aclcopy (const Acl *orig_acl)

Acl *	aclconcat (const Acl left_acl, const Acl right_acl)

Acl *	aclmerge (const Acl left_acl, const Acl right_acl, Oid ownerId)

void	aclitemsort (Acl *acl)

bool	aclequal (const Acl left_acl, const Acl right_acl)

Datum	aclitemin (PG_FUNCTION_ARGS)

Datum	aclitemout (PG_FUNCTION_ARGS)

Datum	aclitem_eq (PG_FUNCTION_ARGS)

Datum	hash_aclitem (PG_FUNCTION_ARGS)

Datum	hash_aclitem_extended (PG_FUNCTION_ARGS)

Acl *	acldefault (GrantObjectType objtype, Oid ownerId)

Datum	acldefault_sql (PG_FUNCTION_ARGS)

Acl *	aclupdate (const Acl old_acl, const AclItem mod_aip, int modechg, Oid ownerId, DropBehavior behavior)

Acl *	aclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)

AclMode	aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)

static AclMode	aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)

int	aclmembers (const Acl acl, Oid *roleids)

Datum	aclinsert (PG_FUNCTION_ARGS)

Datum	aclremove (PG_FUNCTION_ARGS)

Datum	aclcontains (PG_FUNCTION_ARGS)

Datum	makeaclitem (PG_FUNCTION_ARGS)

static const char *	convert_aclright_to_string (int aclright)

Datum	aclexplode (PG_FUNCTION_ARGS)

Datum	has_table_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_table_privilege_name (PG_FUNCTION_ARGS)

Datum	has_table_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_table_privilege_id (PG_FUNCTION_ARGS)

Datum	has_table_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_table_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_sequence_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_sequence_privilege_name (PG_FUNCTION_ARGS)

Datum	has_sequence_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_sequence_privilege_id (PG_FUNCTION_ARGS)

Datum	has_sequence_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_sequence_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_any_column_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_any_column_privilege_name (PG_FUNCTION_ARGS)

Datum	has_any_column_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_any_column_privilege_id (PG_FUNCTION_ARGS)

Datum	has_any_column_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_any_column_privilege_id_id (PG_FUNCTION_ARGS)

static int	column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)

Datum	has_column_privilege_name_name_name (PG_FUNCTION_ARGS)

Datum	has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)

Datum	has_column_privilege_name_id_name (PG_FUNCTION_ARGS)

Datum	has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)

Datum	has_column_privilege_id_name_name (PG_FUNCTION_ARGS)

Datum	has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)

Datum	has_column_privilege_id_id_name (PG_FUNCTION_ARGS)

Datum	has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)

Datum	has_column_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_column_privilege_name_attnum (PG_FUNCTION_ARGS)

Datum	has_column_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_column_privilege_id_attnum (PG_FUNCTION_ARGS)

Datum	has_database_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_database_privilege_name (PG_FUNCTION_ARGS)

Datum	has_database_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_database_privilege_id (PG_FUNCTION_ARGS)

Datum	has_database_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_database_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)

Datum	has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)

Datum	has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_function_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_function_privilege_name (PG_FUNCTION_ARGS)

Datum	has_function_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_function_privilege_id (PG_FUNCTION_ARGS)

Datum	has_function_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_function_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_language_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_language_privilege_name (PG_FUNCTION_ARGS)

Datum	has_language_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_language_privilege_id (PG_FUNCTION_ARGS)

Datum	has_language_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_language_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_schema_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_schema_privilege_name (PG_FUNCTION_ARGS)

Datum	has_schema_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_schema_privilege_id (PG_FUNCTION_ARGS)

Datum	has_schema_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_schema_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_server_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_server_privilege_name (PG_FUNCTION_ARGS)

Datum	has_server_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_server_privilege_id (PG_FUNCTION_ARGS)

Datum	has_server_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_server_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_tablespace_privilege_name (PG_FUNCTION_ARGS)

Datum	has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_tablespace_privilege_id (PG_FUNCTION_ARGS)

Datum	has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)

Datum	has_type_privilege_name_name (PG_FUNCTION_ARGS)

Datum	has_type_privilege_name (PG_FUNCTION_ARGS)

Datum	has_type_privilege_name_id (PG_FUNCTION_ARGS)

Datum	has_type_privilege_id (PG_FUNCTION_ARGS)

Datum	has_type_privilege_id_name (PG_FUNCTION_ARGS)

Datum	has_type_privilege_id_id (PG_FUNCTION_ARGS)

Datum	pg_has_role_name_name (PG_FUNCTION_ARGS)

Datum	pg_has_role_name (PG_FUNCTION_ARGS)

Datum	pg_has_role_name_id (PG_FUNCTION_ARGS)

Datum	pg_has_role_id (PG_FUNCTION_ARGS)

Datum	pg_has_role_id_name (PG_FUNCTION_ARGS)

Datum	pg_has_role_id_id (PG_FUNCTION_ARGS)

void	initialize_acl (void)

static bool	has_rolinherit (Oid roleid)

static List *	roles_has_privs_of (Oid roleid)

static List *	roles_is_member_of (Oid roleid)

bool	has_privs_of_role (Oid member, Oid role)

bool	is_member_of_role (Oid member, Oid role)

void	check_is_member_of_role (Oid member, Oid role)

bool	is_member_of_role_nosuper (Oid member, Oid role)

bool	is_admin_of_role (Oid member, Oid role)

static int	count_one_bits (AclMode mask)

void	select_best_grantor (Oid roleId, AclMode privileges, const Acl acl, Oid ownerId, Oid grantorId, AclMode *grantOptions)

Oid	get_role_oid (const char *rolname, bool missing_ok)

Oid	get_role_oid_or_public (const char *rolname)

Oid	get_rolespec_oid (const RoleSpec *role, bool missing_ok)

HeapTuple	get_rolespec_tuple (const RoleSpec *role)

char *	get_rolespec_name (const RoleSpec *role)

void	check_rolespec_name (const RoleSpec role, const char detail_msg)

Variables
static Oid	cached_privs_role = InvalidOid

static List *	cached_privs_roles = NIL

static Oid	cached_member_role = InvalidOid

static List *	cached_membership_roles = NIL

Function Documentation

Acl* aclconcat	(	const Acl *	left_acl,
		const Acl *	right_acl
	)

Definition at line 427 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

 {
     Acl        *result_acl;
 
     result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
 
     memcpy(ACL_DAT(result_acl),
            ACL_DAT(left_acl),
            ACL_NUM(left_acl) * sizeof(AclItem));
 
     memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
            ACL_DAT(right_acl),
            ACL_NUM(right_acl) * sizeof(AclItem));
 
     return result_acl;
 }

Datum aclcontains ( PG_FUNCTION_ARGS )

Definition at line 1551 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

 {
     Acl        *acl = PG_GETARG_ACL_P(0);
     AclItem    *aip = PG_GETARG_ACLITEM_P(1);
     AclItem    *aidat;
     int         i,
                 num;
 
     check_acl(acl);
     num = ACL_NUM(acl);
     aidat = ACL_DAT(acl);
     for (i = 0; i < num; ++i)
     {
         if (aip->ai_grantee == aidat[i].ai_grantee &&
             aip->ai_grantor == aidat[i].ai_grantor &&
             (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
             PG_RETURN_BOOL(true);
     }
     PG_RETURN_BOOL(false);
 }

Acl* aclcopy ( const Acl * orig_acl )

Definition at line 407 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

 {
     Acl        *result_acl;
 
     result_acl = allocacl(ACL_NUM(orig_acl));
 
     memcpy(ACL_DAT(result_acl),
            ACL_DAT(orig_acl),
            ACL_NUM(orig_acl) * sizeof(AclItem));
 
     return result_acl;
 }

Acl* acldefault	(	GrantObjectType	objtype,
		Oid	ownerId
	)

Definition at line 746 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_NAMESPACE, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_OBJECT_COLUMN, ACL_OBJECT_DATABASE, ACL_OBJECT_DOMAIN, ACL_OBJECT_FDW, ACL_OBJECT_FOREIGN_SERVER, ACL_OBJECT_FUNCTION, ACL_OBJECT_LANGUAGE, ACL_OBJECT_LARGEOBJECT, ACL_OBJECT_NAMESPACE, ACL_OBJECT_RELATION, ACL_OBJECT_SEQUENCE, ACL_OBJECT_TABLESPACE, ACL_OBJECT_TYPE, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, and ERROR.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

 {
     AclMode     world_default;
     AclMode     owner_default;
     int         nacl;
     Acl        *acl;
     AclItem    *aip;
 
     switch (objtype)
     {
         case ACL_OBJECT_COLUMN:
             /* by default, columns have no extra privileges */
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_NO_RIGHTS;
             break;
         case ACL_OBJECT_RELATION:
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_ALL_RIGHTS_RELATION;
             break;
         case ACL_OBJECT_SEQUENCE:
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_ALL_RIGHTS_SEQUENCE;
             break;
         case ACL_OBJECT_DATABASE:
             /* for backwards compatibility, grant some rights by default */
             world_default = ACL_CREATE_TEMP | ACL_CONNECT;
             owner_default = ACL_ALL_RIGHTS_DATABASE;
             break;
         case ACL_OBJECT_FUNCTION:
             /* Grant EXECUTE by default, for now */
             world_default = ACL_EXECUTE;
             owner_default = ACL_ALL_RIGHTS_FUNCTION;
             break;
         case ACL_OBJECT_LANGUAGE:
             /* Grant USAGE by default, for now */
             world_default = ACL_USAGE;
             owner_default = ACL_ALL_RIGHTS_LANGUAGE;
             break;
         case ACL_OBJECT_LARGEOBJECT:
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
             break;
         case ACL_OBJECT_NAMESPACE:
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_ALL_RIGHTS_NAMESPACE;
             break;
         case ACL_OBJECT_TABLESPACE:
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_ALL_RIGHTS_TABLESPACE;
             break;
         case ACL_OBJECT_FDW:
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_ALL_RIGHTS_FDW;
             break;
         case ACL_OBJECT_FOREIGN_SERVER:
             world_default = ACL_NO_RIGHTS;
             owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
             break;
         case ACL_OBJECT_DOMAIN:
         case ACL_OBJECT_TYPE:
             world_default = ACL_USAGE;
             owner_default = ACL_ALL_RIGHTS_TYPE;
             break;
         default:
             elog(ERROR, "unrecognized objtype: %d", (int) objtype);
             world_default = ACL_NO_RIGHTS;  /* keep compiler quiet */
             owner_default = ACL_NO_RIGHTS;
             break;
     }
 
     nacl = 0;
     if (world_default != ACL_NO_RIGHTS)
         nacl++;
     if (owner_default != ACL_NO_RIGHTS)
         nacl++;
 
     acl = allocacl(nacl);
     aip = ACL_DAT(acl);
 
     if (world_default != ACL_NO_RIGHTS)
     {
         aip->ai_grantee = ACL_ID_PUBLIC;
         aip->ai_grantor = ownerId;
         ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
         aip++;
     }
 
     /*
      * Note that the owner's entry shows all ordinary privileges but no grant
      * options.  This is because his grant options come "from the system" and
      * not from his own efforts.  (The SQL spec says that the owner's rights
      * come from a "_SYSTEM" authid.)  However, we do consider that the
      * owner's ordinary privileges are self-granted; this lets him revoke
      * them.  We implement the owner's grant options without any explicit
      * "_SYSTEM"-like ACL entry, by internally special-casing the owner
      * wherever we are testing grant options.
      */
     if (owner_default != ACL_NO_RIGHTS)
     {
         aip->ai_grantee = ownerId;
         aip->ai_grantor = ownerId;
         ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
     }
 
     return acl;
 }

Datum acldefault_sql ( PG_FUNCTION_ARGS )

Definition at line 860 of file acl.c.

References ACL_OBJECT_COLUMN, ACL_OBJECT_DATABASE, ACL_OBJECT_FDW, ACL_OBJECT_FOREIGN_SERVER, ACL_OBJECT_FUNCTION, ACL_OBJECT_LANGUAGE, ACL_OBJECT_LARGEOBJECT, ACL_OBJECT_NAMESPACE, ACL_OBJECT_RELATION, ACL_OBJECT_SEQUENCE, ACL_OBJECT_TABLESPACE, ACL_OBJECT_TYPE, acldefault(), elog, ERROR, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

 {
     char        objtypec = PG_GETARG_CHAR(0);
     Oid         owner = PG_GETARG_OID(1);
     GrantObjectType objtype = 0;
 
     switch (objtypec)
     {
         case 'c':
             objtype = ACL_OBJECT_COLUMN;
             break;
         case 'r':
             objtype = ACL_OBJECT_RELATION;
             break;
         case 's':
             objtype = ACL_OBJECT_SEQUENCE;
             break;
         case 'd':
             objtype = ACL_OBJECT_DATABASE;
             break;
         case 'f':
             objtype = ACL_OBJECT_FUNCTION;
             break;
         case 'l':
             objtype = ACL_OBJECT_LANGUAGE;
             break;
         case 'L':
             objtype = ACL_OBJECT_LARGEOBJECT;
             break;
         case 'n':
             objtype = ACL_OBJECT_NAMESPACE;
             break;
         case 't':
             objtype = ACL_OBJECT_TABLESPACE;
             break;
         case 'F':
             objtype = ACL_OBJECT_FDW;
             break;
         case 'S':
             objtype = ACL_OBJECT_FOREIGN_SERVER;
             break;
         case 'T':
             objtype = ACL_OBJECT_TYPE;
             break;
         default:
             elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
     }
 
     PG_RETURN_ACL_P(acldefault(objtype, owner));
 }

bool aclequal	(	const Acl *	left_acl,
		const Acl *	right_acl
	)

Definition at line 509 of file acl.c.

References ACL_DAT, and ACL_NUM.

Referenced by get_user_default_acl(), and SetDefaultACL().

 {
     /* Check for cases where one or both are empty/null */
     if (left_acl == NULL || ACL_NUM(left_acl) == 0)
     {
         if (right_acl == NULL || ACL_NUM(right_acl) == 0)
             return true;
         else
             return false;
     }
     else
     {
         if (right_acl == NULL || ACL_NUM(right_acl) == 0)
             return false;
     }
 
     if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
         return false;
 
     if (memcmp(ACL_DAT(left_acl),
                ACL_DAT(right_acl),
                ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
         return true;
 
     return false;
 }

Datum aclexplode ( PG_FUNCTION_ARGS )

Definition at line 1744 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, BOOLOID, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, OIDOID, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, TEXTOID, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

 {
     Acl        *acl = PG_GETARG_ACL_P(0);
     FuncCallContext *funcctx;
     int        *idx;
     AclItem    *aidat;
 
     if (SRF_IS_FIRSTCALL())
     {
         TupleDesc   tupdesc;
         MemoryContext oldcontext;
 
         check_acl(acl);
 
         funcctx = SRF_FIRSTCALL_INIT();
         oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
 
         /*
          * build tupdesc for result tuples (matches out parameters in pg_proc
          * entry)
          */
         tupdesc = CreateTemplateTupleDesc(4, false);
         TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
                            OIDOID, -1, 0);
         TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
                            OIDOID, -1, 0);
         TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
                            TEXTOID, -1, 0);
         TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
                            BOOLOID, -1, 0);
 
         funcctx->tuple_desc = BlessTupleDesc(tupdesc);
 
         /* allocate memory for user context */
         idx = (int *) palloc(sizeof(int[2]));
         idx[0] = 0;             /* ACL array item index */
         idx[1] = -1;            /* privilege type counter */
         funcctx->user_fctx = (void *) idx;
 
         MemoryContextSwitchTo(oldcontext);
     }
 
     funcctx = SRF_PERCALL_SETUP();
     idx = (int *) funcctx->user_fctx;
     aidat = ACL_DAT(acl);
 
     /* need test here in case acl has no items */
     while (idx[0] < ACL_NUM(acl))
     {
         AclItem    *aidata;
         AclMode     priv_bit;
 
         idx[1]++;
         if (idx[1] == N_ACL_RIGHTS)
         {
             idx[1] = 0;
             idx[0]++;
             if (idx[0] >= ACL_NUM(acl)) /* done */
                 break;
         }
         aidata = &aidat[idx[0]];
         priv_bit = 1 << idx[1];
 
         if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
         {
             Datum       result;
             Datum       values[4];
             bool        nulls[4];
             HeapTuple   tuple;
 
             values[0] = ObjectIdGetDatum(aidata->ai_grantor);
             values[1] = ObjectIdGetDatum(aidata->ai_grantee);
             values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
             values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
 
             MemSet(nulls, 0, sizeof(nulls));
 
             tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
             result = HeapTupleGetDatum(tuple);
 
             SRF_RETURN_NEXT(funcctx, result);
         }
     }
 
     SRF_RETURN_DONE(funcctx);
 }

Datum aclinsert ( PG_FUNCTION_ARGS )

Definition at line 1531 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

 {
     ereport(ERROR,
             (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
              errmsg("aclinsert is no longer supported")));
 
     PG_RETURN_NULL();           /* keep compiler quiet */
 }

Datum aclitem_eq ( PG_FUNCTION_ARGS )

Definition at line 693 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

 {
     AclItem    *a1 = PG_GETARG_ACLITEM_P(0);
     AclItem    *a2 = PG_GETARG_ACLITEM_P(1);
     bool        result;
 
     result = a1->ai_privs == a2->ai_privs &&
         a1->ai_grantee == a2->ai_grantee &&
         a1->ai_grantor == a2->ai_grantor;
     PG_RETURN_BOOL(result);
 }

static bool aclitem_match	(	const AclItem *	a1,
		const AclItem *	a2
	)

static

Definition at line 658 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

 {
     return a1->ai_grantee == a2->ai_grantee &&
         a1->ai_grantor == a2->ai_grantor;
 }

static int aclitemComparator	(	const void *	arg1,
		const void *	arg2
	)

static

Definition at line 669 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

 {
     const AclItem *a1 = (const AclItem *) arg1;
     const AclItem *a2 = (const AclItem *) arg2;
 
     if (a1->ai_grantee > a2->ai_grantee)
         return 1;
     if (a1->ai_grantee < a2->ai_grantee)
         return -1;
     if (a1->ai_grantor > a2->ai_grantor)
         return 1;
     if (a1->ai_grantor < a2->ai_grantor)
         return -1;
     if (a1->ai_privs > a2->ai_privs)
         return 1;
     if (a1->ai_privs < a2->ai_privs)
         return -1;
     return 0;
 }

Datum aclitemin ( PG_FUNCTION_ARGS )

Definition at line 565 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

 {
     const char *s = PG_GETARG_CSTRING(0);
     AclItem    *aip;
 
     aip = (AclItem *) palloc(sizeof(AclItem));
     s = aclparse(s, aip);
     while (isspace((unsigned char) *s))
         ++s;
     if (*s)
         ereport(ERROR,
                 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
                  errmsg("extra garbage at the end of the ACL specification")));
 
     PG_RETURN_ACLITEM_P(aip);
 }

Datum aclitemout ( PG_FUNCTION_ARGS )

Definition at line 591 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), and SearchSysCache1.

 {
     AclItem    *aip = PG_GETARG_ACLITEM_P(0);
     char       *p;
     char       *out;
     HeapTuple   htup;
     unsigned    i;
 
     out = palloc(strlen("=/") +
                  2 * N_ACL_RIGHTS +
                  2 * (2 * NAMEDATALEN + 2) +
                  1);
 
     p = out;
     *p = '\0';
 
     if (aip->ai_grantee != ACL_ID_PUBLIC)
     {
         htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
         if (HeapTupleIsValid(htup))
         {
             putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
             ReleaseSysCache(htup);
         }
         else
         {
             /* Generate numeric OID if we don't find an entry */
             sprintf(p, "%u", aip->ai_grantee);
         }
     }
     while (*p)
         ++p;
 
     *p++ = '=';
 
     for (i = 0; i < N_ACL_RIGHTS; ++i)
     {
         if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
             *p++ = ACL_ALL_RIGHTS_STR[i];
         if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
             *p++ = '*';
     }
 
     *p++ = '/';
     *p = '\0';
 
     htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
     if (HeapTupleIsValid(htup))
     {
         putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
         ReleaseSysCache(htup);
     }
     else
     {
         /* Generate numeric OID if we don't find an entry */
         sprintf(p, "%u", aip->ai_grantor);
     }
 
     PG_RETURN_CSTRING(out);
 }

void aclitemsort ( Acl * acl )

Definition at line 495 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

 {
     if (acl != NULL && ACL_NUM(acl) > 1)
         qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
 }

AclMode aclmask	(	const Acl *	acl,
		Oid	roleid,
		Oid	ownerId,
		AclMode	mask,
		AclMaskHow	how
	)

Definition at line 1319 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

 {
     AclMode     result;
     AclMode     remaining;
     AclItem    *aidat;
     int         i,
                 num;
 
     /*
      * Null ACL should not happen, since caller should have inserted
      * appropriate default
      */
     if (acl == NULL)
         elog(ERROR, "null ACL");
 
     check_acl(acl);
 
     /* Quick exit for mask == 0 */
     if (mask == 0)
         return 0;
 
     result = 0;
 
     /* Owner always implicitly has all grant options */
     if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
         has_privs_of_role(roleid, ownerId))
     {
         result = mask & ACLITEM_ALL_GOPTION_BITS;
         if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
             return result;
     }
 
     num = ACL_NUM(acl);
     aidat = ACL_DAT(acl);
 
     /*
      * Check privileges granted directly to roleid or to public
      */
     for (i = 0; i < num; i++)
     {
         AclItem    *aidata = &aidat[i];
 
         if (aidata->ai_grantee == ACL_ID_PUBLIC ||
             aidata->ai_grantee == roleid)
         {
             result |= aidata->ai_privs & mask;
             if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
                 return result;
         }
     }
 
     /*
      * Check privileges granted indirectly via role memberships. We do this in
      * a separate pass to minimize expensive indirect membership tests.  In
      * particular, it's worth testing whether a given ACL entry grants any
      * privileges still of interest before we perform the has_privs_of_role
      * test.
      */
     remaining = mask & ~result;
     for (i = 0; i < num; i++)
     {
         AclItem    *aidata = &aidat[i];
 
         if (aidata->ai_grantee == ACL_ID_PUBLIC ||
             aidata->ai_grantee == roleid)
             continue;           /* already checked it */
 
         if ((aidata->ai_privs & remaining) &&
             has_privs_of_role(roleid, aidata->ai_grantee))
         {
             result |= aidata->ai_privs & mask;
             if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
                 return result;
             remaining = mask & ~result;
         }
     }
 
     return result;
 }

static AclMode aclmask_direct	(	const Acl *	acl,
		Oid	roleid,
		Oid	ownerId,
		AclMode	mask,
		AclMaskHow	how
	)

static

Definition at line 1408 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

 {
     AclMode     result;
     AclItem    *aidat;
     int         i,
                 num;
 
     /*
      * Null ACL should not happen, since caller should have inserted
      * appropriate default
      */
     if (acl == NULL)
         elog(ERROR, "null ACL");
 
     check_acl(acl);
 
     /* Quick exit for mask == 0 */
     if (mask == 0)
         return 0;
 
     result = 0;
 
     /* Owner always implicitly has all grant options */
     if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
         roleid == ownerId)
     {
         result = mask & ACLITEM_ALL_GOPTION_BITS;
         if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
             return result;
     }
 
     num = ACL_NUM(acl);
     aidat = ACL_DAT(acl);
 
     /*
      * Check privileges granted directly to roleid (and not to public)
      */
     for (i = 0; i < num; i++)
     {
         AclItem    *aidata = &aidat[i];
 
         if (aidata->ai_grantee == roleid)
         {
             result |= aidata->ai_privs & mask;
             if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
                 return result;
         }
     }
 
     return result;
 }

int aclmembers	(	const Acl *	acl,
		Oid **	roleids
	)

Definition at line 1471 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, oid_cmp(), palloc(), and qsort.

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), heap_create_with_catalog(), ProcedureCreate(), and SetDefaultACL().

 {
     Oid        *list;
     const AclItem *acldat;
     int         i,
                 j,
                 k;
 
     if (acl == NULL || ACL_NUM(acl) == 0)
     {
         *roleids = NULL;
         return 0;
     }
 
     check_acl(acl);
 
     /* Allocate the worst-case space requirement */
     list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
     acldat = ACL_DAT(acl);
 
     /*
      * Walk the ACL collecting mentioned RoleIds.
      */
     j = 0;
     for (i = 0; i < ACL_NUM(acl); i++)
     {
         const AclItem *ai = &acldat[i];
 
         if (ai->ai_grantee != ACL_ID_PUBLIC)
             list[j++] = ai->ai_grantee;
         /* grantor is currently never PUBLIC, but let's check anyway */
         if (ai->ai_grantor != ACL_ID_PUBLIC)
             list[j++] = ai->ai_grantor;
     }
 
     /* Sort the array */
     qsort(list, j, sizeof(Oid), oid_cmp);
 
     /* Remove duplicates from the array */
     k = 0;
     for (i = 1; i < j; i++)
     {
         if (list[k] != list[i])
             list[++k] = list[i];
     }
 
     /*
      * We could repalloc the array down to minimum size, but it's hardly worth
      * it since it's only transient memory.
      */
     *roleids = list;
 
     return k + 1;
 }

Acl* aclmerge	(	const Acl *	left_acl,
		const Acl *	right_acl,
		Oid	ownerId
	)

Definition at line 451 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

 {
     Acl        *result_acl;
     AclItem    *aip;
     int         i,
                 num;
 
     /* Check for cases where one or both are empty/null */
     if (left_acl == NULL || ACL_NUM(left_acl) == 0)
     {
         if (right_acl == NULL || ACL_NUM(right_acl) == 0)
             return NULL;
         else
             return aclcopy(right_acl);
     }
     else
     {
         if (right_acl == NULL || ACL_NUM(right_acl) == 0)
             return aclcopy(left_acl);
     }
 
     /* Merge them the hard way, one item at a time */
     result_acl = aclcopy(left_acl);
 
     aip = ACL_DAT(right_acl);
     num = ACL_NUM(right_acl);
 
     for (i = 0; i < num; i++, aip++)
     {
         Acl        *tmp_acl;
 
         tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
                             ownerId, DROP_RESTRICT);
         pfree(result_acl);
         result_acl = tmp_acl;
     }
 
     return result_acl;
 }

Acl* aclnewowner	(	const Acl *	old_acl,
		Oid	oldOwnerId,
		Oid	newOwnerId
	)

Definition at line 1050 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

 {
     Acl        *new_acl;
     AclItem    *new_aip;
     AclItem    *old_aip;
     AclItem    *dst_aip;
     AclItem    *src_aip;
     AclItem    *targ_aip;
     bool        newpresent = false;
     int         dst,
                 src,
                 targ,
                 num;
 
     check_acl(old_acl);
 
     /*
      * Make a copy of the given ACL, substituting new owner ID for old
      * wherever it appears as either grantor or grantee.  Also note if the new
      * owner ID is already present.
      */
     num = ACL_NUM(old_acl);
     old_aip = ACL_DAT(old_acl);
     new_acl = allocacl(num);
     new_aip = ACL_DAT(new_acl);
     memcpy(new_aip, old_aip, num * sizeof(AclItem));
     for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
     {
         if (dst_aip->ai_grantor == oldOwnerId)
             dst_aip->ai_grantor = newOwnerId;
         else if (dst_aip->ai_grantor == newOwnerId)
             newpresent = true;
         if (dst_aip->ai_grantee == oldOwnerId)
             dst_aip->ai_grantee = newOwnerId;
         else if (dst_aip->ai_grantee == newOwnerId)
             newpresent = true;
     }
 
     /*
      * If the old ACL contained any references to the new owner, then we may
      * now have generated an ACL containing duplicate entries.  Find them and
      * merge them so that there are not duplicates.  (This is relatively
      * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
      * be the normal case.)
      *
      * To simplify deletion of duplicate entries, we temporarily leave them in
      * the array but set their privilege masks to zero; when we reach such an
      * entry it's just skipped.  (Thus, a side effect of this code will be to
      * remove privilege-free entries, should there be any in the input.)  dst
      * is the next output slot, targ is the currently considered input slot
      * (always >= dst), and src scans entries to the right of targ looking for
      * duplicates.  Once an entry has been emitted to dst it is known
      * duplicate-free and need not be considered anymore.
      */
     if (newpresent)
     {
         dst = 0;
         for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
         {
             /* ignore if deleted in an earlier pass */
             if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
                 continue;
             /* find and merge any duplicates */
             for (src = targ + 1, src_aip = targ_aip + 1; src < num;
                  src++, src_aip++)
             {
                 if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
                     continue;
                 if (aclitem_match(targ_aip, src_aip))
                 {
                     ACLITEM_SET_RIGHTS(*targ_aip,
                                        ACLITEM_GET_RIGHTS(*targ_aip) |
                                        ACLITEM_GET_RIGHTS(*src_aip));
                     /* mark the duplicate deleted */
                     ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
                 }
             }
             /* and emit to output */
             new_aip[dst] = *targ_aip;
             dst++;
         }
         /* Adjust array size to be 'dst' items */
         ARR_DIMS(new_acl)[0] = dst;
         SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
     }
 
     return new_acl;
 }

static const char * aclparse	(	const char *	s,
		AclItem *	aip
	)

static

Definition at line 238 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, BOOTSTRAP_SUPERUSERID, elog, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), LOG, name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

 {
     AclMode     privs,
                 goption,
                 read;
     char        name[NAMEDATALEN];
     char        name2[NAMEDATALEN];
 
     Assert(s && aip);
 
 #ifdef ACLDEBUG
     elog(LOG, "aclparse: input = \"%s\"", s);
 #endif
     s = getid(s, name);
     if (*s != '=')
     {
         /* we just read a keyword, not a name */
         if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
             ereport(ERROR,
                     (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
                      errmsg("unrecognized key word: \"%s\"", name),
                      errhint("ACL key word must be \"group\" or \"user\".")));
         s = getid(s, name);     /* move s to the name beyond the keyword */
         if (name[0] == '\0')
             ereport(ERROR,
                     (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
                      errmsg("missing name"),
                      errhint("A name must follow the \"group\" or \"user\" key word.")));
     }
 
     if (*s != '=')
         ereport(ERROR,
                 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
                  errmsg("missing \"=\" sign")));
 
     privs = goption = ACL_NO_RIGHTS;
 
     for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
     {
         switch (*s)
         {
             case '*':
                 goption |= read;
                 break;
             case ACL_INSERT_CHR:
                 read = ACL_INSERT;
                 break;
             case ACL_SELECT_CHR:
                 read = ACL_SELECT;
                 break;
             case ACL_UPDATE_CHR:
                 read = ACL_UPDATE;
                 break;
             case ACL_DELETE_CHR:
                 read = ACL_DELETE;
                 break;
             case ACL_TRUNCATE_CHR:
                 read = ACL_TRUNCATE;
                 break;
             case ACL_REFERENCES_CHR:
                 read = ACL_REFERENCES;
                 break;
             case ACL_TRIGGER_CHR:
                 read = ACL_TRIGGER;
                 break;
             case ACL_EXECUTE_CHR:
                 read = ACL_EXECUTE;
                 break;
             case ACL_USAGE_CHR:
                 read = ACL_USAGE;
                 break;
             case ACL_CREATE_CHR:
                 read = ACL_CREATE;
                 break;
             case ACL_CREATE_TEMP_CHR:
                 read = ACL_CREATE_TEMP;
                 break;
             case ACL_CONNECT_CHR:
                 read = ACL_CONNECT;
                 break;
             case 'R':           /* ignore old RULE privileges */
                 read = 0;
                 break;
             default:
                 ereport(ERROR,
                         (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
                          errmsg("invalid mode character: must be one of \"%s\"",
                                 ACL_ALL_RIGHTS_STR)));
         }
 
         privs |= read;
     }
 
     if (name[0] == '\0')
         aip->ai_grantee = ACL_ID_PUBLIC;
     else
         aip->ai_grantee = get_role_oid(name, false);
 
     /*
      * XXX Allow a degree of backward compatibility by defaulting the grantor
      * to the superuser.
      */
     if (*s == '/')
     {
         s = getid(s + 1, name2);
         if (name2[0] == '\0')
             ereport(ERROR,
                     (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
                      errmsg("a name must follow the \"/\" sign")));
         aip->ai_grantor = get_role_oid(name2, false);
     }
     else
     {
         aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
         ereport(WARNING,
                 (errcode(ERRCODE_INVALID_GRANTOR),
                  errmsg("defaulting grantor to user ID %u",
                         BOOTSTRAP_SUPERUSERID)));
     }
 
     ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
 
 #ifdef ACLDEBUG
     elog(LOG, "aclparse: correctly read [%u %x %x]",
          aip->ai_grantee, privs, goption);
 #endif
 
     return s;
 }

Datum aclremove ( PG_FUNCTION_ARGS )

Definition at line 1541 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

 {
     ereport(ERROR,
             (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
              errmsg("aclremove is no longer supported")));
 
     PG_RETURN_NULL();           /* keep compiler quiet */
 }

Acl* aclupdate	(	const Acl *	old_acl,
		const AclItem *	mod_aip,
		int	modechg,
		Oid	ownerId,
		DropBehavior	behavior
	)

Definition at line 929 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), memmove, recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

 {
     Acl        *new_acl = NULL;
     AclItem    *old_aip,
                *new_aip = NULL;
     AclMode     old_rights,
                 old_goptions,
                 new_rights,
                 new_goptions;
     int         dst,
                 num;
 
     /* Caller probably already checked old_acl, but be safe */
     check_acl(old_acl);
 
     /* If granting grant options, check for circularity */
     if (modechg != ACL_MODECHG_DEL &&
         ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
         check_circularity(old_acl, mod_aip, ownerId);
 
     num = ACL_NUM(old_acl);
     old_aip = ACL_DAT(old_acl);
 
     /*
      * Search the ACL for an existing entry for this grantee and grantor. If
      * one exists, just modify the entry in-place (well, in the same position,
      * since we actually return a copy); otherwise, insert the new entry at
      * the end.
      */
 
     for (dst = 0; dst < num; ++dst)
     {
         if (aclitem_match(mod_aip, old_aip + dst))
         {
             /* found a match, so modify existing item */
             new_acl = allocacl(num);
             new_aip = ACL_DAT(new_acl);
             memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
             break;
         }
     }
 
     if (dst == num)
     {
         /* need to append a new item */
         new_acl = allocacl(num + 1);
         new_aip = ACL_DAT(new_acl);
         memcpy(new_aip, old_aip, num * sizeof(AclItem));
 
         /* initialize the new entry with no permissions */
         new_aip[dst].ai_grantee = mod_aip->ai_grantee;
         new_aip[dst].ai_grantor = mod_aip->ai_grantor;
         ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
                                    ACL_NO_RIGHTS, ACL_NO_RIGHTS);
         num++;                  /* set num to the size of new_acl */
     }
 
     old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
     old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
 
     /* apply the specified permissions change */
     switch (modechg)
     {
         case ACL_MODECHG_ADD:
             ACLITEM_SET_RIGHTS(new_aip[dst],
                                old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
             break;
         case ACL_MODECHG_DEL:
             ACLITEM_SET_RIGHTS(new_aip[dst],
                                old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
             break;
         case ACL_MODECHG_EQL:
             ACLITEM_SET_RIGHTS(new_aip[dst],
                                ACLITEM_GET_RIGHTS(*mod_aip));
             break;
     }
 
     new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
     new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
 
     /*
      * If the adjusted entry has no permissions, delete it from the list.
      */
     if (new_rights == ACL_NO_RIGHTS)
     {
         memmove(new_aip + dst,
                 new_aip + dst + 1,
                 (num - dst - 1) * sizeof(AclItem));
         /* Adjust array size to be 'num - 1' items */
         ARR_DIMS(new_acl)[0] = num - 1;
         SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
     }
 
     /*
      * Remove abandoned privileges (cascading revoke).  Currently we can only
      * handle this when the grantee is not PUBLIC.
      */
     if ((old_goptions & ~new_goptions) != 0)
     {
         Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
         new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
                                    (old_goptions & ~new_goptions),
                                    ownerId, behavior);
     }
 
     return new_acl;
 }

static Acl * allocacl ( int n )

static

Definition at line 376 of file acl.c.

References ACL_N_SIZE, ACLITEMOID, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

 {
     Acl        *new_acl;
     Size        size;
 
     if (n < 0)
         elog(ERROR, "invalid size: %d", n);
     size = ACL_N_SIZE(n);
     new_acl = (Acl *) palloc0(size);
     SET_VARSIZE(new_acl, size);
     new_acl->ndim = 1;
     new_acl->dataoffset = 0;    /* we never put in any nulls */
     new_acl->elemtype = ACLITEMOID;
     ARR_LBOUND(new_acl)[0] = 1;
     ARR_DIMS(new_acl)[0] = n;
     return new_acl;
 }

static void check_acl ( const Acl * acl )

static

Definition at line 540 of file acl.c.

References ACLITEMOID, ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

 {
     if (ARR_ELEMTYPE(acl) != ACLITEMOID)
         ereport(ERROR,
                 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                  errmsg("ACL array contains wrong data type")));
     if (ARR_NDIM(acl) != 1)
         ereport(ERROR,
                 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                  errmsg("ACL arrays must be one-dimensional")));
     if (ARR_HASNULL(acl))
         ereport(ERROR,
                 (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
                  errmsg("ACL arrays must not contain null values")));
 }

static void check_circularity	(	const Acl *	old_acl,
		const AclItem *	mod_aip,
		Oid	ownerId
	)

static

Definition at line 1153 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

 {
     Acl        *acl;
     AclItem    *aip;
     int         i,
                 num;
     AclMode     own_privs;
 
     check_acl(old_acl);
 
     /*
      * For now, grant options can only be granted to roles, not PUBLIC.
      * Otherwise we'd have to work a bit harder here.
      */
     Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
 
     /* The owner always has grant options, no need to check */
     if (mod_aip->ai_grantor == ownerId)
         return;
 
     /* Make a working copy */
     acl = allocacl(ACL_NUM(old_acl));
     memcpy(acl, old_acl, ACL_SIZE(old_acl));
 
     /* Zap all grant options of target grantee, plus what depends on 'em */
 cc_restart:
     num = ACL_NUM(acl);
     aip = ACL_DAT(acl);
     for (i = 0; i < num; i++)
     {
         if (aip[i].ai_grantee == mod_aip->ai_grantee &&
             ACLITEM_GET_GOPTIONS(aip[i]) != ACL_NO_RIGHTS)
         {
             Acl        *new_acl;
 
             /* We'll actually zap ordinary privs too, but no matter */
             new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
                                 ownerId, DROP_CASCADE);
 
             pfree(acl);
             acl = new_acl;
 
             goto cc_restart;
         }
     }
 
     /* Now we can compute grantor's independently-derived privileges */
     own_privs = aclmask(acl,
                         mod_aip->ai_grantor,
                         ownerId,
                         ACL_GRANT_OPTION_FOR(ACLITEM_GET_GOPTIONS(*mod_aip)),
                         ACLMASK_ALL);
     own_privs = ACL_OPTION_TO_PRIVS(own_privs);
 
     if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
         ereport(ERROR,
                 (errcode(ERRCODE_INVALID_GRANT_OPERATION),
                  errmsg("grant options cannot be granted back to your own grantor")));
 
     pfree(acl);
 }

void check_is_member_of_role	(	Oid	member,
		Oid	role
	)

Definition at line 4874 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

 {
     if (!is_member_of_role(member, role))
         ereport(ERROR,
                 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
                  errmsg("must be member of role \"%s\"",
                         GetUserNameFromId(role, false))));
 }

void check_rolespec_name	(	const RoleSpec *	role,
		const char *	detail_msg
	)

Definition at line 5248 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

 {
     if (!role)
         return;
 
     if (role->roletype != ROLESPEC_CSTRING)
         return;
 
     if (IsReservedName(role->rolename))
     {
         if (detail_msg)
             ereport(ERROR,
                     (errcode(ERRCODE_RESERVED_NAME),
                      errmsg("role name \"%s\" is reserved",
                             role->rolename),
                      errdetail("%s", detail_msg)));
         else
             ereport(ERROR,
                     (errcode(ERRCODE_RESERVED_NAME),
                      errmsg("role name \"%s\" is reserved",
                             role->rolename)));
     }
 }

static int column_privilege_check	(	Oid	tableoid,
		AttrNumber	attnum,
		Oid	roleid,
		AclMode	mode
	)

static

Definition at line 2457 of file acl.c.

References ACLCHECK_OK, ATTNUM, GETSTRUCT, HeapTupleIsValid, Int16GetDatum, ObjectIdGetDatum, pg_attribute_aclcheck(), pg_class_aclcheck(), ReleaseSysCache(), RELOID, SearchSysCache2, and SearchSysCacheExists1.

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

 {
     AclResult   aclresult;
     HeapTuple   attTuple;
     Form_pg_attribute attributeForm;
 
     /*
      * First check if we have the privilege at the table level.  We check
      * existence of the pg_class row before risking calling pg_class_aclcheck.
      * Note: it might seem there's a race condition against concurrent DROP,
      * but really it's safe because there will be no syscache flush between
      * here and there.  So if we see the row in the syscache, so will
      * pg_class_aclcheck.
      */
     if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
         return -1;
 
     aclresult = pg_class_aclcheck(tableoid, roleid, mode);
 
     if (aclresult == ACLCHECK_OK)
         return true;
 
     /*
      * No table privilege, so try per-column privileges.  Again, we have to
      * check for dropped attribute first, and we rely on the syscache not to
      * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
      */
     attTuple = SearchSysCache2(ATTNUM,
                                ObjectIdGetDatum(tableoid),
                                Int16GetDatum(attnum));
     if (!HeapTupleIsValid(attTuple))
         return -1;
     attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
     if (attributeForm->attisdropped)
     {
         ReleaseSysCache(attTuple);
         return -1;
     }
     ReleaseSysCache(attTuple);
 
     aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
 
     return (aclresult == ACLCHECK_OK);
 }

static const char* convert_aclright_to_string ( int aclright )

static

Definition at line 1694 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

 {
     switch (aclright)
     {
         case ACL_INSERT:
             return "INSERT";
         case ACL_SELECT:
             return "SELECT";
         case ACL_UPDATE:
             return "UPDATE";
         case ACL_DELETE:
             return "DELETE";
         case ACL_TRUNCATE:
             return "TRUNCATE";
         case ACL_REFERENCES:
             return "REFERENCES";
         case ACL_TRIGGER:
             return "TRIGGER";
         case ACL_EXECUTE:
             return "EXECUTE";
         case ACL_USAGE:
             return "USAGE";
         case ACL_CREATE:
             return "CREATE";
         case ACL_CREATE_TEMP:
             return "TEMPORARY";
         case ACL_CONNECT:
             return "CONNECT";
         default:
             elog(ERROR, "unrecognized aclright: %d", aclright);
             return NULL;
     }
 }

static AclMode convert_any_priv_string	(	text *	priv_type_text,
		const priv_map *	privileges
	)

static

Definition at line 1646 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

 {
     AclMode     result = 0;
     char       *priv_type = text_to_cstring(priv_type_text);
     char       *chunk;
     char       *next_chunk;
 
     /* We rely on priv_type being a private, modifiable string */
     for (chunk = priv_type; chunk; chunk = next_chunk)
     {
         int         chunk_len;
         const priv_map *this_priv;
 
         /* Split string at commas */
         next_chunk = strchr(chunk, ',');
         if (next_chunk)
             *next_chunk++ = '\0';
 
         /* Drop leading/trailing whitespace in this chunk */
         while (*chunk && isspace((unsigned char) *chunk))
             chunk++;
         chunk_len = strlen(chunk);
         while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
             chunk_len--;
         chunk[chunk_len] = '\0';
 
         /* Match to the privileges list */
         for (this_priv = privileges; this_priv->name; this_priv++)
         {
             if (pg_strcasecmp(this_priv->name, chunk) == 0)
             {
                 result |= this_priv->value;
                 break;
             }
         }
         if (!this_priv->name)
             ereport(ERROR,
                     (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                      errmsg("unrecognized privilege type: \"%s\"", chunk)));
     }
 
     pfree(priv_type);
     return result;
 }

static AttrNumber convert_column_name	(	Oid	tableoid,
		text *	column
	)

static

Definition at line 2828 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, get_attnum(), get_rel_name(), InvalidAttrNumber, pfree(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

 {
     AttrNumber  attnum;
     char       *colname;
 
     colname = text_to_cstring(column);
     attnum = get_attnum(tableoid, colname);
     if (attnum == InvalidAttrNumber)
         ereport(ERROR,
                 (errcode(ERRCODE_UNDEFINED_COLUMN),
                  errmsg("column \"%s\" of relation \"%s\" does not exist",
                         colname, get_rel_name(tableoid))));
     pfree(colname);
     return attnum;
 }

static AclMode convert_column_priv_string ( text * priv_type_text )

static

Definition at line 2849 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

 {
     static const priv_map column_priv_map[] = {
         {"SELECT", ACL_SELECT},
         {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
         {"INSERT", ACL_INSERT},
         {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
         {"UPDATE", ACL_UPDATE},
         {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
         {"REFERENCES", ACL_REFERENCES},
         {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, column_priv_map);
 }

static Oid convert_database_name ( text * databasename )

static

Definition at line 3034 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

 {
     char       *dbname = text_to_cstring(databasename);
 
     return get_database_oid(dbname, false);
 }

static AclMode convert_database_priv_string ( text * priv_type_text )

static

Definition at line 3046 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

 {
     static const priv_map database_priv_map[] = {
         {"CREATE", ACL_CREATE},
         {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
         {"TEMPORARY", ACL_CREATE_TEMP},
         {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
         {"TEMP", ACL_CREATE_TEMP},
         {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
         {"CONNECT", ACL_CONNECT},
         {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, database_priv_map);
 
 }

static Oid convert_foreign_data_wrapper_name ( text * fdwname )

static

Definition at line 3223 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

 {
     char       *fdwstr = text_to_cstring(fdwname);
 
     return get_foreign_data_wrapper_oid(fdwstr, false);
 }

static AclMode convert_foreign_data_wrapper_priv_string ( text * priv_type_text )

static

Definition at line 3235 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

 {
     static const priv_map foreign_data_wrapper_priv_map[] = {
         {"USAGE", ACL_USAGE},
         {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
 }

static Oid convert_function_name ( text * functionname )

static

Definition at line 3414 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

 {
     char       *funcname = text_to_cstring(functionname);
     Oid         oid;
 
     oid = DatumGetObjectId(DirectFunctionCall1(regprocedurein,
                                                CStringGetDatum(funcname)));
 
     if (!OidIsValid(oid))
         ereport(ERROR,
                 (errcode(ERRCODE_UNDEFINED_FUNCTION),
                  errmsg("function \"%s\" does not exist", funcname)));
 
     return oid;
 }

static AclMode convert_function_priv_string ( text * priv_type_text )

static

Definition at line 3435 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

 {
     static const priv_map function_priv_map[] = {
         {"EXECUTE", ACL_EXECUTE},
         {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, function_priv_map);
 }

static Oid convert_language_name ( text * languagename )

static

Definition at line 3614 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

 {
     char       *langname = text_to_cstring(languagename);
 
     return get_language_oid(langname, false);
 }

static AclMode convert_language_priv_string ( text * priv_type_text )

static

Definition at line 3626 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

 {
     static const priv_map language_priv_map[] = {
         {"USAGE", ACL_USAGE},
         {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, language_priv_map);
 }

static AclMode convert_priv_string ( text * priv_type_text )

static

Definition at line 1596 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

 {
     char       *priv_type = text_to_cstring(priv_type_text);
 
     if (pg_strcasecmp(priv_type, "SELECT") == 0)
         return ACL_SELECT;
     if (pg_strcasecmp(priv_type, "INSERT") == 0)
         return ACL_INSERT;
     if (pg_strcasecmp(priv_type, "UPDATE") == 0)
         return ACL_UPDATE;
     if (pg_strcasecmp(priv_type, "DELETE") == 0)
         return ACL_DELETE;
     if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
         return ACL_TRUNCATE;
     if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
         return ACL_REFERENCES;
     if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
         return ACL_TRIGGER;
     if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
         return ACL_EXECUTE;
     if (pg_strcasecmp(priv_type, "USAGE") == 0)
         return ACL_USAGE;
     if (pg_strcasecmp(priv_type, "CREATE") == 0)
         return ACL_CREATE;
     if (pg_strcasecmp(priv_type, "TEMP") == 0)
         return ACL_CREATE_TEMP;
     if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
         return ACL_CREATE_TEMP;
     if (pg_strcasecmp(priv_type, "CONNECT") == 0)
         return ACL_CONNECT;
     if (pg_strcasecmp(priv_type, "RULE") == 0)
         return 0;               /* ignore old RULE privileges */
 
     ereport(ERROR,
             (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
              errmsg("unrecognized privilege type: \"%s\"", priv_type)));
     return ACL_NO_RIGHTS;       /* keep compiler quiet */
 }

static AclMode convert_role_priv_string ( text * priv_type_text )

static

Definition at line 4559 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

 {
     static const priv_map role_priv_map[] = {
         {"USAGE", ACL_USAGE},
         {"MEMBER", ACL_CREATE},
         {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
         {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
         {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
         {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, role_priv_map);
 }

static Oid convert_schema_name ( text * schemaname )

static

Definition at line 3805 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

 {
     char       *nspname = text_to_cstring(schemaname);
 
     return get_namespace_oid(nspname, false);
 }

static AclMode convert_schema_priv_string ( text * priv_type_text )

static

Definition at line 3817 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

 {
     static const priv_map schema_priv_map[] = {
         {"CREATE", ACL_CREATE},
         {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
         {"USAGE", ACL_USAGE},
         {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, schema_priv_map);
 }

static AclMode convert_sequence_priv_string ( text * priv_type_text )

static

Definition at line 2239 of file acl.c.

References ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

 {
     static const priv_map sequence_priv_map[] = {
         {"USAGE", ACL_USAGE},
         {"SELECT", ACL_SELECT},
         {"UPDATE", ACL_UPDATE},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, sequence_priv_map);
 }

static Oid convert_server_name ( text * servername )

static

Definition at line 3989 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

 {
     char       *serverstr = text_to_cstring(servername);
 
     return get_foreign_server_oid(serverstr, false);
 }

static AclMode convert_server_priv_string ( text * priv_type_text )

static

Definition at line 4001 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

 {
     static const priv_map server_priv_map[] = {
         {"USAGE", ACL_USAGE},
         {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, server_priv_map);
 }

static Oid convert_table_name ( text * tablename )

static

Definition at line 2001 of file acl.c.

References makeRangeVarFromNameList(), NoLock, RangeVarGetRelid, and textToQualifiedNameList().

Referenced by has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_name(), has_table_privilege_id_name(), has_table_privilege_name(), and has_table_privilege_name_name().

 {
     RangeVar   *relrv;
 
     relrv = makeRangeVarFromNameList(textToQualifiedNameList(tablename));
 
     /* We might not even have permissions on this relation; don't lock it. */
     return RangeVarGetRelid(relrv, NoLock, false);
 }

static AclMode convert_table_priv_string ( text * priv_type_text )

static

Definition at line 2016 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

 {
     static const priv_map table_priv_map[] = {
         {"SELECT", ACL_SELECT},
         {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
         {"INSERT", ACL_INSERT},
         {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
         {"UPDATE", ACL_UPDATE},
         {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
         {"DELETE", ACL_DELETE},
         {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
         {"TRUNCATE", ACL_TRUNCATE},
         {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
         {"REFERENCES", ACL_REFERENCES},
         {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
         {"TRIGGER", ACL_TRIGGER},
         {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
         {"RULE", 0},            /* ignore old RULE privileges */
         {"RULE WITH GRANT OPTION", 0},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, table_priv_map);
 }

static Oid convert_tablespace_name ( text * tablespacename )

static

Definition at line 4171 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

 {
     char       *spcname = text_to_cstring(tablespacename);
 
     return get_tablespace_oid(spcname, false);
 }

static AclMode convert_tablespace_priv_string ( text * priv_type_text )

static

Definition at line 4183 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

 {
     static const priv_map tablespace_priv_map[] = {
         {"CREATE", ACL_CREATE},
         {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, tablespace_priv_map);
 }

static Oid convert_type_name ( text * typename )

static

Definition at line 4361 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), and text_to_cstring().

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

 {
     char       *typname = text_to_cstring(typename);
     Oid         oid;
 
     oid = DatumGetObjectId(DirectFunctionCall1(regtypein,
                                                CStringGetDatum(typname)));
 
     if (!OidIsValid(oid))
         ereport(ERROR,
                 (errcode(ERRCODE_UNDEFINED_OBJECT),
                  errmsg("type \"%s\" does not exist", typname)));
 
     return oid;
 }

static AclMode convert_type_priv_string ( text * priv_type_text )

static

Definition at line 4382 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

 {
     static const priv_map type_priv_map[] = {
         {"USAGE", ACL_USAGE},
         {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
         {NULL, 0}
     };
 
     return convert_any_priv_string(priv_type_text, type_priv_map);
 }

static int count_one_bits ( AclMode mask )

static

Definition at line 4996 of file acl.c.

Referenced by select_best_grantor().

 {
     int         nbits = 0;
 
     /* this code relies on AclMode being an unsigned type */
     while (mask)
     {
         if (mask & 1)
             nbits++;
         mask >>= 1;
     }
     return nbits;
 }

Oid get_role_oid	(	const char *	rolname,
		bool	missing_ok
	)

Definition at line 5111 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

 {
     Oid         oid;
 
     oid = GetSysCacheOid1(AUTHNAME, CStringGetDatum(rolname));
     if (!OidIsValid(oid) && !missing_ok)
         ereport(ERROR,
                 (errcode(ERRCODE_UNDEFINED_OBJECT),
                  errmsg("role \"%s\" does not exist", rolname)));
     return oid;
 }

Oid get_role_oid_or_public ( const char * rolname )

Definition at line 5128 of file acl.c.

References ACL_ID_PUBLIC, and get_role_oid().

 {
     if (strcmp(rolname, "public") == 0)
         return ACL_ID_PUBLIC;
 
     return get_role_oid(rolname, false);
 }

char* get_rolespec_name ( const RoleSpec * role )

Definition at line 5226 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

 {
     HeapTuple   tp;
     Form_pg_authid authForm;
     char       *rolename;
 
     tp = get_rolespec_tuple(role);
     authForm = (Form_pg_authid) GETSTRUCT(tp);
     rolename = pstrdup(NameStr(authForm->rolname));
     ReleaseSysCache(tp);
 
     return rolename;
 }

Oid get_rolespec_oid	(	const RoleSpec *	role,
		bool	missing_ok
	)

Definition at line 5144 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

 {
     Oid         oid;
 
     switch (role->roletype)
     {
         case ROLESPEC_CSTRING:
             Assert(role->rolename);
             oid = get_role_oid(role->rolename, missing_ok);
             break;
 
         case ROLESPEC_CURRENT_USER:
             oid = GetUserId();
             break;
 
         case ROLESPEC_SESSION_USER:
             oid = GetSessionUserId();
             break;
 
         case ROLESPEC_PUBLIC:
             ereport(ERROR,
                     (errcode(ERRCODE_UNDEFINED_OBJECT),
                      errmsg("role \"%s\" does not exist", "public")));
             oid = InvalidOid;   /* make compiler happy */
             break;
 
         default:
             elog(ERROR, "unexpected role type %d", role->roletype);
     }
 
     return oid;
 }

HeapTuple get_rolespec_tuple ( const RoleSpec * role )

Definition at line 5182 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1.

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

 {
     HeapTuple   tuple;
 
     switch (role->roletype)
     {
         case ROLESPEC_CSTRING:
             Assert(role->rolename);
             tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
             if (!HeapTupleIsValid(tuple))
                 ereport(ERROR,
                         (errcode(ERRCODE_UNDEFINED_OBJECT),
                          errmsg("role \"%s\" does not exist", role->rolename)));
             break;
 
         case ROLESPEC_CURRENT_USER:
             tuple = SearchSysCache1(AUTHOID, GetUserId());
             if (!HeapTupleIsValid(tuple))
                 elog(ERROR, "cache lookup failed for role %u", GetUserId());
             break;
 
         case ROLESPEC_SESSION_USER:
             tuple = SearchSysCache1(AUTHOID, GetSessionUserId());
             if (!HeapTupleIsValid(tuple))
                 elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
             break;
 
         case ROLESPEC_PUBLIC:
             ereport(ERROR,
                     (errcode(ERRCODE_UNDEFINED_OBJECT),
                      errmsg("role \"%s\" does not exist", "public")));
             tuple = NULL;       /* make compiler happy */
 
         default:
             elog(ERROR, "unexpected role type %d", role->roletype);
     }
 
     return tuple;
 }

static const char * getid	(	const char *	s,
		char *	n
	)

static

Definition at line 137 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

 {
     int         len = 0;
     bool        in_quotes = false;
 
     Assert(s && n);
 
     while (isspace((unsigned char) *s))
         s++;
     /* This code had better match what putid() does, below */
     for (;
          *s != '\0' &&
          (isalnum((unsigned char) *s) ||
           *s == '_' ||
           *s == '"' ||
           in_quotes);
          s++)
     {
         if (*s == '"')
         {
             /* safe to look at next char (could be '\0' though) */
             if (*(s + 1) != '"')
             {
                 in_quotes = !in_quotes;
                 continue;
             }
             /* it's an escaped double quote; skip the escaping char */
             s++;
         }
 
         /* Add the character to the string */
         if (len >= NAMEDATALEN - 1)
             ereport(ERROR,
                     (errcode(ERRCODE_NAME_TOO_LONG),
                      errmsg("identifier too long"),
                      errdetail("Identifier must be less than %d characters.",
                                NAMEDATALEN)));
 
         n[len++] = *s;
     }
     n[len] = '\0';
     while (isspace((unsigned char) *s))
         s++;
     return s;
 }

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS )

Definition at line 2358 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

 {
     Oid         tableoid = PG_GETARG_OID(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     mode = convert_column_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
         PG_RETURN_NULL();
 
     /* First check at table level, then examine each column if needed */
     aclresult = pg_class_aclcheck(tableoid, roleid, mode);
     if (aclresult != ACLCHECK_OK)
         aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
                                               ACLMASK_ANY);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS )

Definition at line 2414 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

 {
     Oid         roleid = PG_GETARG_OID(0);
     Oid         tableoid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     AclMode     mode;
     AclResult   aclresult;
 
     mode = convert_column_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
         PG_RETURN_NULL();
 
     /* First check at table level, then examine each column if needed */
     aclresult = pg_class_aclcheck(tableoid, roleid, mode);
     if (aclresult != ACLCHECK_OK)
         aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
                                               ACLMASK_ANY);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS )

Definition at line 2387 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     text       *tablename = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         tableoid;
     AclMode     mode;
     AclResult   aclresult;
 
     tableoid = convert_table_name(tablename);
     mode = convert_column_priv_string(priv_type_text);
 
     /* First check at table level, then examine each column if needed */
     aclresult = pg_class_aclcheck(tableoid, roleid, mode);
     if (aclresult != ACLCHECK_OK)
         aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
                                               ACLMASK_ANY);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS )

Definition at line 2299 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     text       *tablename = PG_GETARG_TEXT_PP(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     Oid         tableoid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     tableoid = convert_table_name(tablename);
     mode = convert_column_priv_string(priv_type_text);
 
     /* First check at table level, then examine each column if needed */
     aclresult = pg_class_aclcheck(tableoid, roleid, mode);
     if (aclresult != ACLCHECK_OK)
         aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
                                               ACLMASK_ANY);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS )

Definition at line 2327 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     Oid         tableoid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     mode = convert_column_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
         PG_RETURN_NULL();
 
     /* First check at table level, then examine each column if needed */
     aclresult = pg_class_aclcheck(tableoid, roleid, mode);
     if (aclresult != ACLCHECK_OK)
         aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
                                               ACLMASK_ANY);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS )

Definition at line 2269 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     Name        rolename = PG_GETARG_NAME(0);
     text       *tablename = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     Oid         tableoid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = get_role_oid_or_public(NameStr(*rolename));
     tableoid = convert_table_name(tablename);
     mode = convert_column_priv_string(priv_type_text);
 
     /* First check at table level, then examine each column if needed */
     aclresult = pg_class_aclcheck(tableoid, roleid, mode);
     if (aclresult != ACLCHECK_OK)
         aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
                                               ACLMASK_ANY);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS )

Definition at line 2801 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Oid         tableoid = PG_GETARG_OID(0);
     AttrNumber  colattnum = PG_GETARG_INT16(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     AclMode     mode;
     int         privresult;
 
     roleid = GetUserId();
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS )

Definition at line 2694 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     Oid         tableoid = PG_GETARG_OID(1);
     AttrNumber  colattnum = PG_GETARG_INT16(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     AclMode     mode;
     int         privresult;
 
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS )

Definition at line 2669 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     Oid         tableoid = PG_GETARG_OID(1);
     text       *column = PG_GETARG_TEXT_PP(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     AttrNumber  colattnum;
     AclMode     mode;
     int         privresult;
 
     colattnum = convert_column_name(tableoid, column);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS )

Definition at line 2774 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Oid         tableoid = PG_GETARG_OID(0);
     text       *column = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     AttrNumber  colattnum;
     AclMode     mode;
     int         privresult;
 
     roleid = GetUserId();
     colattnum = convert_column_name(tableoid, column);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS )

Definition at line 2644 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     text       *tablename = PG_GETARG_TEXT_PP(1);
     AttrNumber  colattnum = PG_GETARG_INT16(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     Oid         tableoid;
     AclMode     mode;
     int         privresult;
 
     tableoid = convert_table_name(tablename);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS )

Definition at line 2617 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     text       *tablename = PG_GETARG_TEXT_PP(1);
     text       *column = PG_GETARG_TEXT_PP(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     Oid         tableoid;
     AttrNumber  colattnum;
     AclMode     mode;
     int         privresult;
 
     tableoid = convert_table_name(tablename);
     colattnum = convert_column_name(tableoid, column);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS )

Definition at line 2747 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     text       *tablename = PG_GETARG_TEXT_PP(0);
     AttrNumber  colattnum = PG_GETARG_INT16(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     Oid         tableoid;
     AclMode     mode;
     int         privresult;
 
     roleid = GetUserId();
     tableoid = convert_table_name(tablename);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS )

Definition at line 2592 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     Oid         tableoid = PG_GETARG_OID(1);
     AttrNumber  colattnum = PG_GETARG_INT16(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     Oid         roleid;
     AclMode     mode;
     int         privresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS )

Definition at line 2565 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     Oid         tableoid = PG_GETARG_OID(1);
     text       *column = PG_GETARG_TEXT_PP(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     Oid         roleid;
     AttrNumber  colattnum;
     AclMode     mode;
     int         privresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     colattnum = convert_column_name(tableoid, column);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS )

Definition at line 2718 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     text       *tablename = PG_GETARG_TEXT_PP(0);
     text       *column = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     Oid         tableoid;
     AttrNumber  colattnum;
     AclMode     mode;
     int         privresult;
 
     roleid = GetUserId();
     tableoid = convert_table_name(tablename);
     colattnum = convert_column_name(tableoid, column);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS )

Definition at line 2538 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Name        rolename = PG_GETARG_NAME(0);
     text       *tablename = PG_GETARG_TEXT_PP(1);
     AttrNumber  colattnum = PG_GETARG_INT16(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     Oid         roleid;
     Oid         tableoid;
     AclMode     mode;
     int         privresult;
 
     roleid = get_role_oid_or_public(NameStr(*rolename));
     tableoid = convert_table_name(tablename);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS )

Definition at line 2509 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

 {
     Name        rolename = PG_GETARG_NAME(0);
     text       *tablename = PG_GETARG_TEXT_PP(1);
     text       *column = PG_GETARG_TEXT_PP(2);
     text       *priv_type_text = PG_GETARG_TEXT_PP(3);
     Oid         roleid;
     Oid         tableoid;
     AttrNumber  colattnum;
     AclMode     mode;
     int         privresult;
 
     roleid = get_role_oid_or_public(NameStr(*rolename));
     tableoid = convert_table_name(tablename);
     colattnum = convert_column_name(tableoid, column);
     mode = convert_column_priv_string(priv_type_text);
 
     privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
     if (privresult < 0)
         PG_RETURN_NULL();
     PG_RETURN_BOOL(privresult);
 }

Datum has_database_privilege_id ( PG_FUNCTION_ARGS )

Definition at line 2960 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

 {
     Oid         databaseoid = PG_GETARG_OID(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     mode = convert_database_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
         PG_RETURN_NULL();
 
     aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS )

Definition at line 3008 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

 {
     Oid         roleid = PG_GETARG_OID(0);
     Oid         databaseoid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     AclMode     mode;
     AclResult   aclresult;
 
     mode = convert_database_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
         PG_RETURN_NULL();
 
     aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS )

Definition at line 2985 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     text       *databasename = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         databaseoid;
     AclMode     mode;
     AclResult   aclresult;
 
     databaseoid = convert_database_name(databasename);
     mode = convert_database_priv_string(priv_type_text);
 
     aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_database_privilege_name ( PG_FUNCTION_ARGS )

Definition at line 2909 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     text       *databasename = PG_GETARG_TEXT_PP(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     Oid         databaseoid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     databaseoid = convert_database_name(databasename);
     mode = convert_database_priv_string(priv_type_text);
 
     aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS )

Definition at line 2933 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     Oid         databaseoid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     mode = convert_database_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
         PG_RETURN_NULL();
 
     aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS )

Definition at line 2883 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     text       *databasename = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     Oid         databaseoid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     databaseoid = convert_database_name(databasename);
     mode = convert_database_priv_string(priv_type_text);
 
     aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS )

Definition at line 3155 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     Oid         fdwid = PG_GETARG_OID(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
 
     aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS )

Definition at line 3200 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     Oid         fdwid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     AclMode     mode;
     AclResult   aclresult;
 
     mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
 
     aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS )

Definition at line 3177 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     text       *fdwname = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         fdwid;
     AclMode     mode;
     AclResult   aclresult;
 
     fdwid = convert_foreign_data_wrapper_name(fdwname);
     mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
 
     aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS )

Definition at line 3107 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

 {
     text       *fdwname = PG_GETARG_TEXT_PP(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     Oid         fdwid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     fdwid = convert_foreign_data_wrapper_name(fdwname);
     mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
 
     aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS )

Definition at line 3131 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     Oid         fdwid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
 
     aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS )

Definition at line 3081 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     text       *fdwname = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     Oid         fdwid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     fdwid = convert_foreign_data_wrapper_name(fdwname);
     mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
 
     aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_function_privilege_id ( PG_FUNCTION_ARGS )

Definition at line 3340 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

 {
     Oid         functionoid = PG_GETARG_OID(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     mode = convert_function_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
         PG_RETURN_NULL();
 
     aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS )

Definition at line 3388 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

 {
     Oid         roleid = PG_GETARG_OID(0);
     Oid         functionoid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     AclMode     mode;
     AclResult   aclresult;
 
     mode = convert_function_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
         PG_RETURN_NULL();
 
     aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS )

Definition at line 3365 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

 {
     Oid         roleid = PG_GETARG_OID(0);
     text       *functionname = PG_GETARG_TEXT_PP(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         functionoid;
     AclMode     mode;
     AclResult   aclresult;
 
     functionoid = convert_function_name(functionname);
     mode = convert_function_priv_string(priv_type_text);
 
     aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_function_privilege_name ( PG_FUNCTION_ARGS )

Definition at line 3289 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

 {
     text       *functionname = PG_GETARG_TEXT_PP(0);
     text       *priv_type_text = PG_GETARG_TEXT_PP(1);
     Oid         roleid;
     Oid         functionoid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = GetUserId();
     functionoid = convert_function_name(functionname);
     mode = convert_function_priv_string(priv_type_text);
 
     aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS )

Definition at line 3313 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), NameStr, ObjectIdGetDatum, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, SearchSysCacheExists1, and username.

 {
     Name        username = PG_GETARG_NAME(0);
     Oid         functionoid = PG_GETARG_OID(1);
     text       *priv_type_text = PG_GETARG_TEXT_PP(2);
     Oid         roleid;
     AclMode     mode;
     AclResult   aclresult;
 
     roleid = get_role_oid_or_public(NameStr(*username));
     mode = convert_function_priv_string(priv_type_text);
 
     if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
         PG_RETURN_NULL();
 
     aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
 
     PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
 }

Data Structures

Functions

Variables

Function Documentation