PostgreSQL Source Code  git master
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_type.h"
#include "catalog/pg_class.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static int oidComparator (const void *arg1, const void *arg2)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Aclacldefault (GrantObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_has_privs_of (Oid roleid)
 
static Listroles_is_member_of (Oid roleid)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_privs_role = InvalidOid
 
static Listcached_privs_roles = NIL
 
static Oid cached_member_role = InvalidOid
 
static Listcached_membership_roles = NIL
 

Function Documentation

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 427 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

428 {
429  Acl *result_acl;
430 
431  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
432 
433  memcpy(ACL_DAT(result_acl),
434  ACL_DAT(left_acl),
435  ACL_NUM(left_acl) * sizeof(AclItem));
436 
437  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
438  ACL_DAT(right_acl),
439  ACL_NUM(right_acl) * sizeof(AclItem));
440 
441  return result_acl;
442 }
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1554 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

1555 {
1556  Acl *acl = PG_GETARG_ACL_P(0);
1557  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1558  AclItem *aidat;
1559  int i,
1560  num;
1561 
1562  check_acl(acl);
1563  num = ACL_NUM(acl);
1564  aidat = ACL_DAT(acl);
1565  for (i = 0; i < num; ++i)
1566  {
1567  if (aip->ai_grantee == aidat[i].ai_grantee &&
1568  aip->ai_grantor == aidat[i].ai_grantor &&
1569  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1570  PG_RETURN_BOOL(true);
1571  }
1572  PG_RETURN_BOOL(false);
1573 }
Oid ai_grantee
Definition: acl.h:49
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:110
Oid ai_grantor
Definition: acl.h:50
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:61
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define PG_GETARG_ACL_P(n)
Definition: acl.h:115
int i
static void check_acl(const Acl *acl)
Definition: acl.c:540
Acl* aclcopy ( const Acl orig_acl)

Definition at line 407 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

408 {
409  Acl *result_acl;
410 
411  result_acl = allocacl(ACL_NUM(orig_acl));
412 
413  memcpy(ACL_DAT(result_acl),
414  ACL_DAT(orig_acl),
415  ACL_NUM(orig_acl) * sizeof(AclItem));
416 
417  return result_acl;
418 }
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
Acl* acldefault ( GrantObjectType  objtype,
Oid  ownerId 
)

Definition at line 732 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_NAMESPACE, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_OBJECT_COLUMN, ACL_OBJECT_DATABASE, ACL_OBJECT_DOMAIN, ACL_OBJECT_FDW, ACL_OBJECT_FOREIGN_SERVER, ACL_OBJECT_FUNCTION, ACL_OBJECT_LANGUAGE, ACL_OBJECT_LARGEOBJECT, ACL_OBJECT_NAMESPACE, ACL_OBJECT_RELATION, ACL_OBJECT_SEQUENCE, ACL_OBJECT_TABLESPACE, ACL_OBJECT_TYPE, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, and ERROR.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

733 {
734  AclMode world_default;
735  AclMode owner_default;
736  int nacl;
737  Acl *acl;
738  AclItem *aip;
739 
740  switch (objtype)
741  {
742  case ACL_OBJECT_COLUMN:
743  /* by default, columns have no extra privileges */
744  world_default = ACL_NO_RIGHTS;
745  owner_default = ACL_NO_RIGHTS;
746  break;
747  case ACL_OBJECT_RELATION:
748  world_default = ACL_NO_RIGHTS;
749  owner_default = ACL_ALL_RIGHTS_RELATION;
750  break;
751  case ACL_OBJECT_SEQUENCE:
752  world_default = ACL_NO_RIGHTS;
753  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
754  break;
755  case ACL_OBJECT_DATABASE:
756  /* for backwards compatibility, grant some rights by default */
757  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
758  owner_default = ACL_ALL_RIGHTS_DATABASE;
759  break;
760  case ACL_OBJECT_FUNCTION:
761  /* Grant EXECUTE by default, for now */
762  world_default = ACL_EXECUTE;
763  owner_default = ACL_ALL_RIGHTS_FUNCTION;
764  break;
765  case ACL_OBJECT_LANGUAGE:
766  /* Grant USAGE by default, for now */
767  world_default = ACL_USAGE;
768  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
769  break;
771  world_default = ACL_NO_RIGHTS;
772  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
773  break;
775  world_default = ACL_NO_RIGHTS;
776  owner_default = ACL_ALL_RIGHTS_NAMESPACE;
777  break;
779  world_default = ACL_NO_RIGHTS;
780  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
781  break;
782  case ACL_OBJECT_FDW:
783  world_default = ACL_NO_RIGHTS;
784  owner_default = ACL_ALL_RIGHTS_FDW;
785  break;
787  world_default = ACL_NO_RIGHTS;
788  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
789  break;
790  case ACL_OBJECT_DOMAIN:
791  case ACL_OBJECT_TYPE:
792  world_default = ACL_USAGE;
793  owner_default = ACL_ALL_RIGHTS_TYPE;
794  break;
795  default:
796  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
797  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
798  owner_default = ACL_NO_RIGHTS;
799  break;
800  }
801 
802  nacl = 0;
803  if (world_default != ACL_NO_RIGHTS)
804  nacl++;
805  if (owner_default != ACL_NO_RIGHTS)
806  nacl++;
807 
808  acl = allocacl(nacl);
809  aip = ACL_DAT(acl);
810 
811  if (world_default != ACL_NO_RIGHTS)
812  {
813  aip->ai_grantee = ACL_ID_PUBLIC;
814  aip->ai_grantor = ownerId;
815  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
816  aip++;
817  }
818 
819  /*
820  * Note that the owner's entry shows all ordinary privileges but no grant
821  * options. This is because his grant options come "from the system" and
822  * not from his own efforts. (The SQL spec says that the owner's rights
823  * come from a "_SYSTEM" authid.) However, we do consider that the
824  * owner's ordinary privileges are self-granted; this lets him revoke
825  * them. We implement the owner's grant options without any explicit
826  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
827  * wherever we are testing grant options.
828  */
829  if (owner_default != ACL_NO_RIGHTS)
830  {
831  aip->ai_grantee = ownerId;
832  aip->ai_grantor = ownerId;
833  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
834  }
835 
836  return acl;
837 }
Oid ai_grantee
Definition: acl.h:49
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:155
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:159
Oid ai_grantor
Definition: acl.h:50
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:156
uint32 AclMode
Definition: parsenodes.h:63
#define ERROR
Definition: elog.h:43
#define ACL_NO_RIGHTS
Definition: parsenodes.h:79
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:160
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_CONNECT
Definition: parsenodes.h:77
#define ACL_ALL_RIGHTS_NAMESPACE
Definition: acl.h:158
#define ACL_DAT(ACL)
Definition: acl.h:102
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:151
Definition: acl.h:47
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:157
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:152
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:154
#define ACL_EXECUTE
Definition: parsenodes.h:72
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:150
#define ACL_CREATE_TEMP
Definition: parsenodes.h:76
#define ACL_ID_PUBLIC
Definition: acl.h:39
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:153
#define elog
Definition: elog.h:219
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:75
Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 846 of file acl.c.

References ACL_OBJECT_COLUMN, ACL_OBJECT_DATABASE, ACL_OBJECT_FDW, ACL_OBJECT_FOREIGN_SERVER, ACL_OBJECT_FUNCTION, ACL_OBJECT_LANGUAGE, ACL_OBJECT_LARGEOBJECT, ACL_OBJECT_NAMESPACE, ACL_OBJECT_RELATION, ACL_OBJECT_SEQUENCE, ACL_OBJECT_TABLESPACE, ACL_OBJECT_TYPE, acldefault(), elog, ERROR, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

847 {
848  char objtypec = PG_GETARG_CHAR(0);
849  Oid owner = PG_GETARG_OID(1);
850  GrantObjectType objtype = 0;
851 
852  switch (objtypec)
853  {
854  case 'c':
855  objtype = ACL_OBJECT_COLUMN;
856  break;
857  case 'r':
858  objtype = ACL_OBJECT_RELATION;
859  break;
860  case 's':
861  objtype = ACL_OBJECT_SEQUENCE;
862  break;
863  case 'd':
864  objtype = ACL_OBJECT_DATABASE;
865  break;
866  case 'f':
867  objtype = ACL_OBJECT_FUNCTION;
868  break;
869  case 'l':
870  objtype = ACL_OBJECT_LANGUAGE;
871  break;
872  case 'L':
873  objtype = ACL_OBJECT_LARGEOBJECT;
874  break;
875  case 'n':
876  objtype = ACL_OBJECT_NAMESPACE;
877  break;
878  case 't':
879  objtype = ACL_OBJECT_TABLESPACE;
880  break;
881  case 'F':
882  objtype = ACL_OBJECT_FDW;
883  break;
884  case 'S':
885  objtype = ACL_OBJECT_FOREIGN_SERVER;
886  break;
887  case 'T':
888  objtype = ACL_OBJECT_TYPE;
889  break;
890  default:
891  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
892  }
893 
894  PG_RETURN_ACL_P(acldefault(objtype, owner));
895 }
GrantObjectType
Definition: parsenodes.h:1733
#define PG_RETURN_ACL_P(x)
Definition: acl.h:117
Acl * acldefault(GrantObjectType objtype, Oid ownerId)
Definition: acl.c:732
unsigned int Oid
Definition: postgres_ext.h:31
#define ERROR
Definition: elog.h:43
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define elog
Definition: elog.h:219
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:229
bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 509 of file acl.c.

References ACL_DAT, ACL_NUM, and NULL.

Referenced by get_user_default_acl(), and SetDefaultACL().

510 {
511  /* Check for cases where one or both are empty/null */
512  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
513  {
514  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
515  return true;
516  else
517  return false;
518  }
519  else
520  {
521  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
522  return false;
523  }
524 
525  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
526  return false;
527 
528  if (memcmp(ACL_DAT(left_acl),
529  ACL_DAT(right_acl),
530  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
531  return true;
532 
533  return false;
534 }
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define NULL
Definition: c.h:226
Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1747 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, BOOLOID, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, OIDOID, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, TEXTOID, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

1748 {
1749  Acl *acl = PG_GETARG_ACL_P(0);
1750  FuncCallContext *funcctx;
1751  int *idx;
1752  AclItem *aidat;
1753 
1754  if (SRF_IS_FIRSTCALL())
1755  {
1756  TupleDesc tupdesc;
1757  MemoryContext oldcontext;
1758 
1759  check_acl(acl);
1760 
1761  funcctx = SRF_FIRSTCALL_INIT();
1762  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1763 
1764  /*
1765  * build tupdesc for result tuples (matches out parameters in pg_proc
1766  * entry)
1767  */
1768  tupdesc = CreateTemplateTupleDesc(4, false);
1769  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1770  OIDOID, -1, 0);
1771  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1772  OIDOID, -1, 0);
1773  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1774  TEXTOID, -1, 0);
1775  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1776  BOOLOID, -1, 0);
1777 
1778  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1779 
1780  /* allocate memory for user context */
1781  idx = (int *) palloc(sizeof(int[2]));
1782  idx[0] = 0; /* ACL array item index */
1783  idx[1] = -1; /* privilege type counter */
1784  funcctx->user_fctx = (void *) idx;
1785 
1786  MemoryContextSwitchTo(oldcontext);
1787  }
1788 
1789  funcctx = SRF_PERCALL_SETUP();
1790  idx = (int *) funcctx->user_fctx;
1791  aidat = ACL_DAT(acl);
1792 
1793  /* need test here in case acl has no items */
1794  while (idx[0] < ACL_NUM(acl))
1795  {
1796  AclItem *aidata;
1797  AclMode priv_bit;
1798 
1799  idx[1]++;
1800  if (idx[1] == N_ACL_RIGHTS)
1801  {
1802  idx[1] = 0;
1803  idx[0]++;
1804  if (idx[0] >= ACL_NUM(acl)) /* done */
1805  break;
1806  }
1807  aidata = &aidat[idx[0]];
1808  priv_bit = 1 << idx[1];
1809 
1810  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1811  {
1812  Datum result;
1813  Datum values[4];
1814  bool nulls[4];
1815  HeapTuple tuple;
1816 
1817  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1818  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1819  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1820  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1821 
1822  MemSet(nulls, 0, sizeof(nulls));
1823 
1824  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1825  result = HeapTupleGetDatum(tuple);
1826 
1827  SRF_RETURN_NEXT(funcctx, result);
1828  }
1829  }
1830 
1831  SRF_RETURN_DONE(funcctx);
1832 }
Oid ai_grantee
Definition: acl.h:49
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1697
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:60
#define OIDOID
Definition: pg_type.h:328
#define TEXTOID
Definition: pg_type.h:324
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:285
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
#define MemSet(start, val, len)
Definition: c.h:852
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:264
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:692
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:289
Oid ai_grantor
Definition: acl.h:50
TupleDesc tuple_desc
Definition: funcapi.h:120
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:291
uint32 AclMode
Definition: parsenodes.h:63
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define ACL_NUM(ACL)
Definition: acl.h:101
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:1031
#define N_ACL_RIGHTS
Definition: parsenodes.h:78
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:493
uintptr_t Datum
Definition: postgres.h:374
#define ACL_DAT(ACL)
Definition: acl.h:102
#define BoolGetDatum(X)
Definition: postgres.h:410
Definition: acl.h:47
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:109
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:59
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:222
#define BOOLOID
Definition: pg_type.h:288
TupleDesc CreateTemplateTupleDesc(int natts, bool hasoid)
Definition: tupdesc.c:41
#define PG_GETARG_ACL_P(n)
Definition: acl.h:115
static Datum values[MAXATTR]
Definition: bootstrap.c:162
void * user_fctx
Definition: funcapi.h:90
void * palloc(Size size)
Definition: mcxt.c:891
#define CStringGetTextDatum(s)
Definition: builtins.h:90
int16 AttrNumber
Definition: attnum.h:21
static void check_acl(const Acl *acl)
Definition: acl.c:540
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:309
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:287
Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1534 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1535 {
1536  ereport(ERROR,
1537  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1538  errmsg("aclinsert is no longer supported")));
1539 
1540  PG_RETURN_NULL(); /* keep compiler quiet */
1541 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 693 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

694 {
697  bool result;
698 
699  result = a1->ai_privs == a2->ai_privs &&
700  a1->ai_grantee == a2->ai_grantee &&
701  a1->ai_grantor == a2->ai_grantor;
702  PG_RETURN_BOOL(result);
703 }
Oid ai_grantee
Definition: acl.h:49
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:110
Oid ai_grantor
Definition: acl.h:50
AclMode ai_privs
Definition: acl.h:51
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
Definition: acl.h:47
static FormData_pg_attribute a1
Definition: heap.c:142
static FormData_pg_attribute a2
Definition: heap.c:148
static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 658 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

659 {
660  return a1->ai_grantee == a2->ai_grantee &&
661  a1->ai_grantor == a2->ai_grantor;
662 }
Oid ai_grantee
Definition: acl.h:49
Oid ai_grantor
Definition: acl.h:50
static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 669 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

670 {
671  const AclItem *a1 = (const AclItem *) arg1;
672  const AclItem *a2 = (const AclItem *) arg2;
673 
674  if (a1->ai_grantee > a2->ai_grantee)
675  return 1;
676  if (a1->ai_grantee < a2->ai_grantee)
677  return -1;
678  if (a1->ai_grantor > a2->ai_grantor)
679  return 1;
680  if (a1->ai_grantor < a2->ai_grantor)
681  return -1;
682  if (a1->ai_privs > a2->ai_privs)
683  return 1;
684  if (a1->ai_privs < a2->ai_privs)
685  return -1;
686  return 0;
687 }
Oid ai_grantee
Definition: acl.h:49
Oid ai_grantor
Definition: acl.h:50
AclMode ai_privs
Definition: acl.h:51
Definition: acl.h:47
static FormData_pg_attribute a1
Definition: heap.c:142
static FormData_pg_attribute a2
Definition: heap.c:148
Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 565 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

566 {
567  const char *s = PG_GETARG_CSTRING(0);
568  AclItem *aip;
569 
570  aip = (AclItem *) palloc(sizeof(AclItem));
571  s = aclparse(s, aip);
572  while (isspace((unsigned char) *s))
573  ++s;
574  if (*s)
575  ereport(ERROR,
576  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
577  errmsg("extra garbage at the end of the ACL specification")));
578 
579  PG_RETURN_ACLITEM_P(aip);
580 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:238
Definition: acl.h:47
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:111
void * palloc(Size size)
Definition: mcxt.c:891
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:233
Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 591 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), and SearchSysCache1.

592 {
593  AclItem *aip = PG_GETARG_ACLITEM_P(0);
594  char *p;
595  char *out;
596  HeapTuple htup;
597  unsigned i;
598 
599  out = palloc(strlen("=/") +
600  2 * N_ACL_RIGHTS +
601  2 * (2 * NAMEDATALEN + 2) +
602  1);
603 
604  p = out;
605  *p = '\0';
606 
607  if (aip->ai_grantee != ACL_ID_PUBLIC)
608  {
610  if (HeapTupleIsValid(htup))
611  {
612  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
613  ReleaseSysCache(htup);
614  }
615  else
616  {
617  /* Generate numeric OID if we don't find an entry */
618  sprintf(p, "%u", aip->ai_grantee);
619  }
620  }
621  while (*p)
622  ++p;
623 
624  *p++ = '=';
625 
626  for (i = 0; i < N_ACL_RIGHTS; ++i)
627  {
628  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
629  *p++ = ACL_ALL_RIGHTS_STR[i];
630  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
631  *p++ = '*';
632  }
633 
634  *p++ = '/';
635  *p = '\0';
636 
638  if (HeapTupleIsValid(htup))
639  {
640  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
641  ReleaseSysCache(htup);
642  }
643  else
644  {
645  /* Generate numeric OID if we don't find an entry */
646  sprintf(p, "%u", aip->ai_grantor);
647  }
648 
649  PG_RETURN_CSTRING(out);
650 }
Oid ai_grantee
Definition: acl.h:49
static void putid(char *p, const char *s)
Definition: acl.c:189
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:60
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:110
Oid ai_grantor
Definition: acl.h:50
#define SearchSysCache1(cacheId, key1)
Definition: syscache.h:149
#define NAMEDATALEN
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:72
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define N_ACL_RIGHTS
Definition: parsenodes.h:78
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1083
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:144
Definition: acl.h:47
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:306
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:59
void * palloc(Size size)
Definition: mcxt.c:891
int i
#define NameStr(name)
Definition: c.h:494
#define ACL_ID_PUBLIC
Definition: acl.h:39
void aclitemsort ( Acl acl)

Definition at line 495 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), NULL, and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

496 {
497  if (acl != NULL && ACL_NUM(acl) > 1)
498  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
499 }
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define NULL
Definition: c.h:226
#define qsort(a, b, c, d)
Definition: port.h:440
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:669
AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1305 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, NULL, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

1307 {
1308  AclMode result;
1310  AclItem *aidat;
1311  int i,
1312  num;
1313 
1314  /*
1315  * Null ACL should not happen, since caller should have inserted
1316  * appropriate default
1317  */
1318  if (acl == NULL)
1319  elog(ERROR, "null ACL");
1320 
1321  check_acl(acl);
1322 
1323  /* Quick exit for mask == 0 */
1324  if (mask == 0)
1325  return 0;
1326 
1327  result = 0;
1328 
1329  /* Owner always implicitly has all grant options */
1330  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1331  has_privs_of_role(roleid, ownerId))
1332  {
1333  result = mask & ACLITEM_ALL_GOPTION_BITS;
1334  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1335  return result;
1336  }
1337 
1338  num = ACL_NUM(acl);
1339  aidat = ACL_DAT(acl);
1340 
1341  /*
1342  * Check privileges granted directly to roleid or to public
1343  */
1344  for (i = 0; i < num; i++)
1345  {
1346  AclItem *aidata = &aidat[i];
1347 
1348  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1349  aidata->ai_grantee == roleid)
1350  {
1351  result |= aidata->ai_privs & mask;
1352  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1353  return result;
1354  }
1355  }
1356 
1357  /*
1358  * Check privileges granted indirectly via role memberships. We do this in
1359  * a separate pass to minimize expensive indirect membership tests. In
1360  * particular, it's worth testing whether a given ACL entry grants any
1361  * privileges still of interest before we perform the has_privs_of_role
1362  * test.
1363  */
1364  remaining = mask & ~result;
1365  for (i = 0; i < num; i++)
1366  {
1367  AclItem *aidata = &aidat[i];
1368 
1369  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1370  aidata->ai_grantee == roleid)
1371  continue; /* already checked it */
1372 
1373  if ((aidata->ai_privs & remaining) &&
1374  has_privs_of_role(roleid, aidata->ai_grantee))
1375  {
1376  result |= aidata->ai_privs & mask;
1377  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1378  return result;
1379  remaining = mask & ~result;
1380  }
1381  }
1382 
1383  return result;
1384 }
int remaining
Definition: informix.c:692
Oid ai_grantee
Definition: acl.h:49
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:81
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4831
AclMode ai_privs
Definition: acl.h:51
uint32 AclMode
Definition: parsenodes.h:63
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define NULL
Definition: c.h:226
int i
#define ACL_ID_PUBLIC
Definition: acl.h:39
#define elog
Definition: elog.h:219
static void check_acl(const Acl *acl)
Definition: acl.c:540
static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1394 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, i, and NULL.

Referenced by select_best_grantor().

1396 {
1397  AclMode result;
1398  AclItem *aidat;
1399  int i,
1400  num;
1401 
1402  /*
1403  * Null ACL should not happen, since caller should have inserted
1404  * appropriate default
1405  */
1406  if (acl == NULL)
1407  elog(ERROR, "null ACL");
1408 
1409  check_acl(acl);
1410 
1411  /* Quick exit for mask == 0 */
1412  if (mask == 0)
1413  return 0;
1414 
1415  result = 0;
1416 
1417  /* Owner always implicitly has all grant options */
1418  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1419  roleid == ownerId)
1420  {
1421  result = mask & ACLITEM_ALL_GOPTION_BITS;
1422  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1423  return result;
1424  }
1425 
1426  num = ACL_NUM(acl);
1427  aidat = ACL_DAT(acl);
1428 
1429  /*
1430  * Check privileges granted directly to roleid (and not to public)
1431  */
1432  for (i = 0; i < num; i++)
1433  {
1434  AclItem *aidata = &aidat[i];
1435 
1436  if (aidata->ai_grantee == roleid)
1437  {
1438  result |= aidata->ai_privs & mask;
1439  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1440  return result;
1441  }
1442  }
1443 
1444  return result;
1445 }
Oid ai_grantee
Definition: acl.h:49
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:81
AclMode ai_privs
Definition: acl.h:51
uint32 AclMode
Definition: parsenodes.h:63
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define NULL
Definition: c.h:226
int i
#define elog
Definition: elog.h:219
static void check_acl(const Acl *acl)
Definition: acl.c:540
int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1457 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, NULL, oidComparator(), palloc(), and qsort.

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), heap_create_with_catalog(), ProcedureCreate(), and SetDefaultACL().

1458 {
1459  Oid *list;
1460  const AclItem *acldat;
1461  int i,
1462  j,
1463  k;
1464 
1465  if (acl == NULL || ACL_NUM(acl) == 0)
1466  {
1467  *roleids = NULL;
1468  return 0;
1469  }
1470 
1471  check_acl(acl);
1472 
1473  /* Allocate the worst-case space requirement */
1474  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1475  acldat = ACL_DAT(acl);
1476 
1477  /*
1478  * Walk the ACL collecting mentioned RoleIds.
1479  */
1480  j = 0;
1481  for (i = 0; i < ACL_NUM(acl); i++)
1482  {
1483  const AclItem *ai = &acldat[i];
1484 
1485  if (ai->ai_grantee != ACL_ID_PUBLIC)
1486  list[j++] = ai->ai_grantee;
1487  /* grantor is currently never PUBLIC, but let's check anyway */
1488  if (ai->ai_grantor != ACL_ID_PUBLIC)
1489  list[j++] = ai->ai_grantor;
1490  }
1491 
1492  /* Sort the array */
1493  qsort(list, j, sizeof(Oid), oidComparator);
1494 
1495  /* Remove duplicates from the array */
1496  k = 0;
1497  for (i = 1; i < j; i++)
1498  {
1499  if (list[k] != list[i])
1500  list[++k] = list[i];
1501  }
1502 
1503  /*
1504  * We could repalloc the array down to minimum size, but it's hardly worth
1505  * it since it's only transient memory.
1506  */
1507  *roleids = list;
1508 
1509  return k + 1;
1510 }
Oid ai_grantee
Definition: acl.h:49
unsigned int Oid
Definition: postgres_ext.h:31
Oid ai_grantor
Definition: acl.h:50
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define NULL
Definition: c.h:226
static int oidComparator(const void *arg1, const void *arg2)
Definition: acl.c:1517
tuple list
Definition: sort-test.py:11
void * palloc(Size size)
Definition: mcxt.c:891
int i
#define ACL_ID_PUBLIC
Definition: acl.h:39
#define qsort(a, b, c, d)
Definition: port.h:440
static void check_acl(const Acl *acl)
Definition: acl.c:540
Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 451 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, NULL, and pfree().

Referenced by get_user_default_acl().

452 {
453  Acl *result_acl;
454  AclItem *aip;
455  int i,
456  num;
457 
458  /* Check for cases where one or both are empty/null */
459  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
460  {
461  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
462  return NULL;
463  else
464  return aclcopy(right_acl);
465  }
466  else
467  {
468  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
469  return aclcopy(left_acl);
470  }
471 
472  /* Merge them the hard way, one item at a time */
473  result_acl = aclcopy(left_acl);
474 
475  aip = ACL_DAT(right_acl);
476  num = ACL_NUM(right_acl);
477 
478  for (i = 0; i < num; i++, aip++)
479  {
480  Acl *tmp_acl;
481 
482  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
483  ownerId, DROP_RESTRICT);
484  pfree(result_acl);
485  result_acl = tmp_acl;
486  }
487 
488  return result_acl;
489 }
void pfree(void *pointer)
Definition: mcxt.c:992
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_MODECHG_ADD
Definition: acl.h:122
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:407
#define NULL
Definition: c.h:226
int i
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:915
Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1036 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

1037 {
1038  Acl *new_acl;
1039  AclItem *new_aip;
1040  AclItem *old_aip;
1041  AclItem *dst_aip;
1042  AclItem *src_aip;
1043  AclItem *targ_aip;
1044  bool newpresent = false;
1045  int dst,
1046  src,
1047  targ,
1048  num;
1049 
1050  check_acl(old_acl);
1051 
1052  /*
1053  * Make a copy of the given ACL, substituting new owner ID for old
1054  * wherever it appears as either grantor or grantee. Also note if the new
1055  * owner ID is already present.
1056  */
1057  num = ACL_NUM(old_acl);
1058  old_aip = ACL_DAT(old_acl);
1059  new_acl = allocacl(num);
1060  new_aip = ACL_DAT(new_acl);
1061  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1062  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1063  {
1064  if (dst_aip->ai_grantor == oldOwnerId)
1065  dst_aip->ai_grantor = newOwnerId;
1066  else if (dst_aip->ai_grantor == newOwnerId)
1067  newpresent = true;
1068  if (dst_aip->ai_grantee == oldOwnerId)
1069  dst_aip->ai_grantee = newOwnerId;
1070  else if (dst_aip->ai_grantee == newOwnerId)
1071  newpresent = true;
1072  }
1073 
1074  /*
1075  * If the old ACL contained any references to the new owner, then we may
1076  * now have generated an ACL containing duplicate entries. Find them and
1077  * merge them so that there are not duplicates. (This is relatively
1078  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1079  * be the normal case.)
1080  *
1081  * To simplify deletion of duplicate entries, we temporarily leave them in
1082  * the array but set their privilege masks to zero; when we reach such an
1083  * entry it's just skipped. (Thus, a side effect of this code will be to
1084  * remove privilege-free entries, should there be any in the input.) dst
1085  * is the next output slot, targ is the currently considered input slot
1086  * (always >= dst), and src scans entries to the right of targ looking for
1087  * duplicates. Once an entry has been emitted to dst it is known
1088  * duplicate-free and need not be considered anymore.
1089  */
1090  if (newpresent)
1091  {
1092  dst = 0;
1093  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1094  {
1095  /* ignore if deleted in an earlier pass */
1096  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1097  continue;
1098  /* find and merge any duplicates */
1099  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1100  src++, src_aip++)
1101  {
1102  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1103  continue;
1104  if (aclitem_match(targ_aip, src_aip))
1105  {
1106  ACLITEM_SET_RIGHTS(*targ_aip,
1107  ACLITEM_GET_RIGHTS(*targ_aip) |
1108  ACLITEM_GET_RIGHTS(*src_aip));
1109  /* mark the duplicate deleted */
1110  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1111  }
1112  }
1113  /* and emit to output */
1114  new_aip[dst] = *targ_aip;
1115  dst++;
1116  }
1117  /* Adjust array size to be 'dst' items */
1118  ARR_DIMS(new_acl)[0] = dst;
1119  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1120  }
1121 
1122  return new_acl;
1123 }
Oid ai_grantee
Definition: acl.h:49
static Acl * allocacl(int n)
Definition: acl.c:376
Oid ai_grantor
Definition: acl.h:50
#define ARR_DIMS(a)
Definition: array.h:275
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_NO_RIGHTS
Definition: parsenodes.h:79
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:61
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:72
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:658
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:330
#define ACL_N_SIZE(N)
Definition: acl.h:103
static void check_acl(const Acl *acl)
Definition: acl.c:540
static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 238 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, BOOTSTRAP_SUPERUSERID, elog, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), LOG, name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

239 {
240  AclMode privs,
241  goption,
242  read;
243  char name[NAMEDATALEN];
244  char name2[NAMEDATALEN];
245 
246  Assert(s && aip);
247 
248 #ifdef ACLDEBUG
249  elog(LOG, "aclparse: input = \"%s\"", s);
250 #endif
251  s = getid(s, name);
252  if (*s != '=')
253  {
254  /* we just read a keyword, not a name */
255  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
256  ereport(ERROR,
257  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
258  errmsg("unrecognized key word: \"%s\"", name),
259  errhint("ACL key word must be \"group\" or \"user\".")));
260  s = getid(s, name); /* move s to the name beyond the keyword */
261  if (name[0] == '\0')
262  ereport(ERROR,
263  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
264  errmsg("missing name"),
265  errhint("A name must follow the \"group\" or \"user\" key word.")));
266  }
267 
268  if (*s != '=')
269  ereport(ERROR,
270  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
271  errmsg("missing \"=\" sign")));
272 
273  privs = goption = ACL_NO_RIGHTS;
274 
275  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
276  {
277  switch (*s)
278  {
279  case '*':
280  goption |= read;
281  break;
282  case ACL_INSERT_CHR:
283  read = ACL_INSERT;
284  break;
285  case ACL_SELECT_CHR:
286  read = ACL_SELECT;
287  break;
288  case ACL_UPDATE_CHR:
289  read = ACL_UPDATE;
290  break;
291  case ACL_DELETE_CHR:
292  read = ACL_DELETE;
293  break;
294  case ACL_TRUNCATE_CHR:
295  read = ACL_TRUNCATE;
296  break;
297  case ACL_REFERENCES_CHR:
298  read = ACL_REFERENCES;
299  break;
300  case ACL_TRIGGER_CHR:
301  read = ACL_TRIGGER;
302  break;
303  case ACL_EXECUTE_CHR:
304  read = ACL_EXECUTE;
305  break;
306  case ACL_USAGE_CHR:
307  read = ACL_USAGE;
308  break;
309  case ACL_CREATE_CHR:
310  read = ACL_CREATE;
311  break;
312  case ACL_CREATE_TEMP_CHR:
313  read = ACL_CREATE_TEMP;
314  break;
315  case ACL_CONNECT_CHR:
316  read = ACL_CONNECT;
317  break;
318  case 'R': /* ignore old RULE privileges */
319  read = 0;
320  break;
321  default:
322  ereport(ERROR,
323  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
324  errmsg("invalid mode character: must be one of \"%s\"",
326  }
327 
328  privs |= read;
329  }
330 
331  if (name[0] == '\0')
332  aip->ai_grantee = ACL_ID_PUBLIC;
333  else
334  aip->ai_grantee = get_role_oid(name, false);
335 
336  /*
337  * XXX Allow a degree of backward compatibility by defaulting the grantor
338  * to the superuser.
339  */
340  if (*s == '/')
341  {
342  s = getid(s + 1, name2);
343  if (name2[0] == '\0')
344  ereport(ERROR,
345  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
346  errmsg("a name must follow the \"/\" sign")));
347  aip->ai_grantor = get_role_oid(name2, false);
348  }
349  else
350  {
353  (errcode(ERRCODE_INVALID_GRANTOR),
354  errmsg("defaulting grantor to user ID %u",
356  }
357 
358  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
359 
360 #ifdef ACLDEBUG
361  elog(LOG, "aclparse: correctly read [%u %x %x]",
362  aip->ai_grantee, privs, goption);
363 #endif
364 
365  return s;
366 }
Oid ai_grantee
Definition: acl.h:49
#define ACL_INSERT_CHR
Definition: acl.h:130
int errhint(const char *fmt,...)
Definition: elog.c:987
#define ACL_CONNECT_CHR
Definition: acl.h:141
#define ACL_DELETE_CHR
Definition: acl.h:133
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ACL_DELETE
Definition: parsenodes.h:68
#define LOG
Definition: elog.h:26
Oid ai_grantor
Definition: acl.h:50
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5114
#define NAMEDATALEN
uint32 AclMode
Definition: parsenodes.h:63
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:140
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:75
static const char * getid(const char *s, char *n)
Definition: acl.c:137
#define ACL_NO_RIGHTS
Definition: parsenodes.h:79
#define ACL_TRIGGER
Definition: parsenodes.h:71
#define ACL_TRUNCATE_CHR
Definition: acl.h:134
#define ACL_REFERENCES_CHR
Definition: acl.h:135
#define ACL_USAGE
Definition: parsenodes.h:73
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACL_CONNECT
Definition: parsenodes.h:77
#define WARNING
Definition: elog.h:40
#define ACL_SELECT_CHR
Definition: acl.h:131
#define ACL_UPDATE
Definition: parsenodes.h:67
#define ACL_SELECT
Definition: parsenodes.h:66
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:144
#define ACL_USAGE_CHR
Definition: acl.h:138
#define ACL_REFERENCES
Definition: parsenodes.h:70
#define Assert(condition)
Definition: c.h:670
#define ACL_INSERT
Definition: parsenodes.h:65
#define ACL_UPDATE_CHR
Definition: acl.h:132
#define BOOTSTRAP_SUPERUSERID
Definition: pg_authid.h:104
const char * name
Definition: encode.c:521
#define ACL_TRIGGER_CHR
Definition: acl.h:136
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define ACL_EXECUTE
Definition: parsenodes.h:72
#define ACL_CREATE_TEMP
Definition: parsenodes.h:76
#define ACL_ID_PUBLIC
Definition: acl.h:39
#define elog
Definition: elog.h:219
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:75
#define read(a, b, c)
Definition: win32.h:18
#define ACL_EXECUTE_CHR
Definition: acl.h:137
#define ACL_CREATE_CHR
Definition: acl.h:139
#define ACL_TRUNCATE
Definition: parsenodes.h:69
Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1544 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1545 {
1546  ereport(ERROR,
1547  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1548  errmsg("aclremove is no longer supported")));
1549 
1550  PG_RETURN_NULL(); /* keep compiler quiet */
1551 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 915 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), memmove, NULL, recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

917 {
918  Acl *new_acl = NULL;
919  AclItem *old_aip,
920  *new_aip = NULL;
921  AclMode old_rights,
922  old_goptions,
923  new_rights,
924  new_goptions;
925  int dst,
926  num;
927 
928  /* Caller probably already checked old_acl, but be safe */
929  check_acl(old_acl);
930 
931  /* If granting grant options, check for circularity */
932  if (modechg != ACL_MODECHG_DEL &&
933  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
934  check_circularity(old_acl, mod_aip, ownerId);
935 
936  num = ACL_NUM(old_acl);
937  old_aip = ACL_DAT(old_acl);
938 
939  /*
940  * Search the ACL for an existing entry for this grantee and grantor. If
941  * one exists, just modify the entry in-place (well, in the same position,
942  * since we actually return a copy); otherwise, insert the new entry at
943  * the end.
944  */
945 
946  for (dst = 0; dst < num; ++dst)
947  {
948  if (aclitem_match(mod_aip, old_aip + dst))
949  {
950  /* found a match, so modify existing item */
951  new_acl = allocacl(num);
952  new_aip = ACL_DAT(new_acl);
953  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
954  break;
955  }
956  }
957 
958  if (dst == num)
959  {
960  /* need to append a new item */
961  new_acl = allocacl(num + 1);
962  new_aip = ACL_DAT(new_acl);
963  memcpy(new_aip, old_aip, num * sizeof(AclItem));
964 
965  /* initialize the new entry with no permissions */
966  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
967  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
968  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
970  num++; /* set num to the size of new_acl */
971  }
972 
973  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
974  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
975 
976  /* apply the specified permissions change */
977  switch (modechg)
978  {
979  case ACL_MODECHG_ADD:
980  ACLITEM_SET_RIGHTS(new_aip[dst],
981  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
982  break;
983  case ACL_MODECHG_DEL:
984  ACLITEM_SET_RIGHTS(new_aip[dst],
985  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
986  break;
987  case ACL_MODECHG_EQL:
988  ACLITEM_SET_RIGHTS(new_aip[dst],
989  ACLITEM_GET_RIGHTS(*mod_aip));
990  break;
991  }
992 
993  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
994  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
995 
996  /*
997  * If the adjusted entry has no permissions, delete it from the list.
998  */
999  if (new_rights == ACL_NO_RIGHTS)
1000  {
1001  memmove(new_aip + dst,
1002  new_aip + dst + 1,
1003  (num - dst - 1) * sizeof(AclItem));
1004  /* Adjust array size to be 'num - 1' items */
1005  ARR_DIMS(new_acl)[0] = num - 1;
1006  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1007  }
1008 
1009  /*
1010  * Remove abandoned privileges (cascading revoke). Currently we can only
1011  * handle this when the grantee is not PUBLIC.
1012  */
1013  if ((old_goptions & ~new_goptions) != 0)
1014  {
1015  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1016  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1017  (old_goptions & ~new_goptions),
1018  ownerId, behavior);
1019  }
1020 
1021  return new_acl;
1022 }
Oid ai_grantee
Definition: acl.h:49
#define ACL_MODECHG_EQL
Definition: acl.h:124
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:60
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_MODECHG_DEL
Definition: acl.h:123
#define ACL_SIZE(ACL)
Definition: acl.h:104
Oid ai_grantor
Definition: acl.h:50
uint32 AclMode
Definition: parsenodes.h:63
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1139
#define ARR_DIMS(a)
Definition: array.h:275
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_NO_RIGHTS
Definition: parsenodes.h:79
#define memmove(d, s, c)
Definition: c.h:1057
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:61
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:72
#define ACL_MODECHG_ADD
Definition: acl.h:122
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define NULL
Definition: c.h:226
#define Assert(condition)
Definition: c.h:670
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:658
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1219
#define ACL_ID_PUBLIC
Definition: acl.h:39
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:330
#define ACL_N_SIZE(N)
Definition: acl.h:103
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:75
static void check_acl(const Acl *acl)
Definition: acl.c:540
static Acl * allocacl ( int  n)
static

Definition at line 376 of file acl.c.

References ACL_N_SIZE, ACLITEMOID, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

377 {
378  Acl *new_acl;
379  Size size;
380 
381  if (n < 0)
382  elog(ERROR, "invalid size: %d", n);
383  size = ACL_N_SIZE(n);
384  new_acl = (Acl *) palloc0(size);
385  SET_VARSIZE(new_acl, size);
386  new_acl->ndim = 1;
387  new_acl->dataoffset = 0; /* we never put in any nulls */
388  new_acl->elemtype = ACLITEMOID;
389  ARR_LBOUND(new_acl)[0] = 1;
390  ARR_DIMS(new_acl)[0] = n;
391  return new_acl;
392 }
int32 dataoffset
Definition: array.h:80
#define ARR_LBOUND(a)
Definition: array.h:277
#define ERROR
Definition: elog.h:43
Oid elemtype
Definition: array.h:81
#define ARR_DIMS(a)
Definition: array.h:275
void * palloc0(Size size)
Definition: mcxt.c:920
#define ACLITEMOID
Definition: pg_type.h:482
size_t Size
Definition: c.h:352
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:330
#define elog
Definition: elog.h:219
#define ACL_N_SIZE(N)
Definition: acl.h:103
int ndim
Definition: array.h:79
static void check_acl ( const Acl acl)
static

Definition at line 540 of file acl.c.

References ACLITEMOID, ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

541 {
542  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
543  ereport(ERROR,
544  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
545  errmsg("ACL array contains wrong data type")));
546  if (ARR_NDIM(acl) != 1)
547  ereport(ERROR,
548  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
549  errmsg("ACL arrays must be one-dimensional")));
550  if (ARR_HASNULL(acl))
551  ereport(ERROR,
552  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
553  errmsg("ACL arrays must not contain null values")));
554 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ARR_HASNULL(a)
Definition: array.h:272
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACLITEMOID
Definition: pg_type.h:482
#define ARR_NDIM(a)
Definition: array.h:271
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define ARR_ELEMTYPE(a)
Definition: array.h:273
static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1139 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

1141 {
1142  Acl *acl;
1143  AclItem *aip;
1144  int i,
1145  num;
1146  AclMode own_privs;
1147 
1148  check_acl(old_acl);
1149 
1150  /*
1151  * For now, grant options can only be granted to roles, not PUBLIC.
1152  * Otherwise we'd have to work a bit harder here.
1153  */
1154  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1155 
1156  /* The owner always has grant options, no need to check */
1157  if (mod_aip->ai_grantor == ownerId)
1158  return;
1159 
1160  /* Make a working copy */
1161  acl = allocacl(ACL_NUM(old_acl));
1162  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1163 
1164  /* Zap all grant options of target grantee, plus what depends on 'em */
1165 cc_restart:
1166  num = ACL_NUM(acl);
1167  aip = ACL_DAT(acl);
1168  for (i = 0; i < num; i++)
1169  {
1170  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1172  {
1173  Acl *new_acl;
1174 
1175  /* We'll actually zap ordinary privs too, but no matter */
1176  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1177  ownerId, DROP_CASCADE);
1178 
1179  pfree(acl);
1180  acl = new_acl;
1181 
1182  goto cc_restart;
1183  }
1184  }
1185 
1186  /* Now we can compute grantor's independently-derived privileges */
1187  own_privs = aclmask(acl,
1188  mod_aip->ai_grantor,
1189  ownerId,
1191  ACLMASK_ALL);
1192  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1193 
1194  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1195  ereport(ERROR,
1196  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1197  errmsg("grant options cannot be granted back to your own grantor")));
1198 
1199  pfree(acl);
1200 }
Oid ai_grantee
Definition: acl.h:49
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:60
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_MODECHG_DEL
Definition: acl.h:123
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1305
#define ACL_SIZE(ACL)
Definition: acl.h:104
int errcode(int sqlerrcode)
Definition: elog.c:575
Oid ai_grantor
Definition: acl.h:50
uint32 AclMode
Definition: parsenodes.h:63
void pfree(void *pointer)
Definition: mcxt.c:992
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:101
#define ACL_NO_RIGHTS
Definition: parsenodes.h:79
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define ACL_DAT(ACL)
Definition: acl.h:102
Definition: acl.h:47
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:64
#define Assert(condition)
Definition: c.h:670
int errmsg(const char *fmt,...)
Definition: elog.c:797
int i
#define ACL_ID_PUBLIC
Definition: acl.h:39
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:915
static void check_acl(const Acl *acl)
Definition: acl.c:540
void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 4877 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

4878 {
4879  if (!is_member_of_role(member, role))
4880  ereport(ERROR,
4881  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4882  errmsg("must be member of role \"%s\"",
4883  GetUserNameFromId(role, false))));
4884 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4855
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:691
int errmsg(const char *fmt,...)
Definition: elog.c:797
void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5251 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

5252 {
5253  if (!role)
5254  return;
5255 
5256  if (role->roletype != ROLESPEC_CSTRING)
5257  return;
5258 
5259  if (IsReservedName(role->rolename))
5260  {
5261  if (detail_msg)
5262  ereport(ERROR,
5263  (errcode(ERRCODE_RESERVED_NAME),
5264  errmsg("role name \"%s\" is reserved",
5265  role->rolename),
5266  errdetail("%s", detail_msg)));
5267  else
5268  ereport(ERROR,
5269  (errcode(ERRCODE_RESERVED_NAME),
5270  errmsg("role name \"%s\" is reserved",
5271  role->rolename)));
5272  }
5273 }
int errcode(int sqlerrcode)
Definition: elog.c:575
bool IsReservedName(const char *name)
Definition: catalog.c:193
#define ERROR
Definition: elog.h:43
int errdetail(const char *fmt,...)
Definition: elog.c:873
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpecType roletype
Definition: parsenodes.h:319
char * rolename
Definition: parsenodes.h:320
int errmsg(const char *fmt,...)
Definition: elog.c:797
static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2460 of file acl.c.

References ACLCHECK_OK, ATTNUM, GETSTRUCT, HeapTupleIsValid, Int16GetDatum, ObjectIdGetDatum, pg_attribute_aclcheck(), pg_class_aclcheck(), ReleaseSysCache(), RELOID, SearchSysCache2, and SearchSysCacheExists1.

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2462 {
2463  AclResult aclresult;
2464  HeapTuple attTuple;
2465  Form_pg_attribute attributeForm;
2466 
2467  /*
2468  * First check if we have the privilege at the table level. We check
2469  * existence of the pg_class row before risking calling pg_class_aclcheck.
2470  * Note: it might seem there's a race condition against concurrent DROP,
2471  * but really it's safe because there will be no syscache flush between
2472  * here and there. So if we see the row in the syscache, so will
2473  * pg_class_aclcheck.
2474  */
2476  return -1;
2477 
2478  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2479 
2480  if (aclresult == ACLCHECK_OK)
2481  return true;
2482 
2483  /*
2484  * No table privilege, so try per-column privileges. Again, we have to
2485  * check for dropped attribute first, and we rely on the syscache not to
2486  * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
2487  */
2488  attTuple = SearchSysCache2(ATTNUM,
2489  ObjectIdGetDatum(tableoid),
2490  Int16GetDatum(attnum));
2491  if (!HeapTupleIsValid(attTuple))
2492  return -1;
2493  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2494  if (attributeForm->attisdropped)
2495  {
2496  ReleaseSysCache(attTuple);
2497  return -1;
2498  }
2499  ReleaseSysCache(attTuple);
2500 
2501  aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
2502 
2503  return (aclresult == ACLCHECK_OK);
2504 }
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
AclResult pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: aclchk.c:4283
#define Int16GetDatum(X)
Definition: postgres.h:459
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:184
AclResult
Definition: acl.h:170
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1083
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4397
#define SearchSysCache2(cacheId, key1, key2)
Definition: syscache.h:151
static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1697 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, ERROR, and NULL.

Referenced by aclexplode().

1698 {
1699  switch (aclright)
1700  {
1701  case ACL_INSERT:
1702  return "INSERT";
1703  case ACL_SELECT:
1704  return "SELECT";
1705  case ACL_UPDATE:
1706  return "UPDATE";
1707  case ACL_DELETE:
1708  return "DELETE";
1709  case ACL_TRUNCATE:
1710  return "TRUNCATE";
1711  case ACL_REFERENCES:
1712  return "REFERENCES";
1713  case ACL_TRIGGER:
1714  return "TRIGGER";
1715  case ACL_EXECUTE:
1716  return "EXECUTE";
1717  case ACL_USAGE:
1718  return "USAGE";
1719  case ACL_CREATE:
1720  return "CREATE";
1721  case ACL_CREATE_TEMP:
1722  return "TEMPORARY";
1723  case ACL_CONNECT:
1724  return "CONNECT";
1725  default:
1726  elog(ERROR, "unrecognized aclright: %d", aclright);
1727  return NULL;
1728  }
1729 }
#define ACL_DELETE
Definition: parsenodes.h:68
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:75
#define ACL_TRIGGER
Definition: parsenodes.h:71
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_CONNECT
Definition: parsenodes.h:77
#define ACL_UPDATE
Definition: parsenodes.h:67
#define ACL_SELECT
Definition: parsenodes.h:66
#define ACL_REFERENCES
Definition: parsenodes.h:70
#define NULL
Definition: c.h:226
#define ACL_INSERT
Definition: parsenodes.h:65
#define ACL_EXECUTE
Definition: parsenodes.h:72
#define ACL_CREATE_TEMP
Definition: parsenodes.h:76
#define elog
Definition: elog.h:219
#define ACL_TRUNCATE
Definition: parsenodes.h:69
static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1649 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

1651 {
1652  AclMode result = 0;
1653  char *priv_type = text_to_cstring(priv_type_text);
1654  char *chunk;
1655  char *next_chunk;
1656 
1657  /* We rely on priv_type being a private, modifiable string */
1658  for (chunk = priv_type; chunk; chunk = next_chunk)
1659  {
1660  int chunk_len;
1661  const priv_map *this_priv;
1662 
1663  /* Split string at commas */
1664  next_chunk = strchr(chunk, ',');
1665  if (next_chunk)
1666  *next_chunk++ = '\0';
1667 
1668  /* Drop leading/trailing whitespace in this chunk */
1669  while (*chunk && isspace((unsigned char) *chunk))
1670  chunk++;
1671  chunk_len = strlen(chunk);
1672  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1673  chunk_len--;
1674  chunk[chunk_len] = '\0';
1675 
1676  /* Match to the privileges list */
1677  for (this_priv = privileges; this_priv->name; this_priv++)
1678  {
1679  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1680  {
1681  result |= this_priv->value;
1682  break;
1683  }
1684  }
1685  if (!this_priv->name)
1686  ereport(ERROR,
1687  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1688  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1689  }
1690 
1691  pfree(priv_type);
1692  return result;
1693 }
Definition: acl.c:42
int errcode(int sqlerrcode)
Definition: elog.c:575
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
const char * name
Definition: acl.c:44
uint32 AclMode
Definition: parsenodes.h:63
void pfree(void *pointer)
Definition: mcxt.c:992
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
AclMode value
Definition: acl.c:45
char * text_to_cstring(const text *t)
Definition: varlena.c:184
int errmsg(const char *fmt,...)
Definition: elog.c:797
static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2831 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, get_attnum(), get_rel_name(), InvalidAttrNumber, pfree(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

2832 {
2833  AttrNumber attnum;
2834  char *colname;
2835 
2836  colname = text_to_cstring(column);
2837  attnum = get_attnum(tableoid, colname);
2838  if (attnum == InvalidAttrNumber)
2839  ereport(ERROR,
2840  (errcode(ERRCODE_UNDEFINED_COLUMN),
2841  errmsg("column \"%s\" of relation \"%s\" does not exist",
2842  colname, get_rel_name(tableoid))));
2843  pfree(colname);
2844  return attnum;
2845 }
int errcode(int sqlerrcode)
Definition: elog.c:575
void pfree(void *pointer)
Definition: mcxt.c:992
#define ERROR
Definition: elog.h:43
AttrNumber get_attnum(Oid relid, const char *attname)
Definition: lsyscache.c:821
#define ereport(elevel, rest)
Definition: elog.h:122
#define InvalidAttrNumber
Definition: attnum.h:23
char * text_to_cstring(const text *t)
Definition: varlena.c:184
int errmsg(const char *fmt,...)
Definition: elog.c:797
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1694
int16 AttrNumber
Definition: attnum.h:21
static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2852 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, convert_any_priv_string(), and NULL.

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2853 {
2854  static const priv_map column_priv_map[] = {
2855  {"SELECT", ACL_SELECT},
2856  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2857  {"INSERT", ACL_INSERT},
2858  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2859  {"UPDATE", ACL_UPDATE},
2860  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2861  {"REFERENCES", ACL_REFERENCES},
2862  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2863  {NULL, 0}
2864  };
2865 
2866  return convert_any_priv_string(priv_type_text, column_priv_map);
2867 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_UPDATE
Definition: parsenodes.h:67
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define ACL_SELECT
Definition: parsenodes.h:66
#define ACL_REFERENCES
Definition: parsenodes.h:70
#define NULL
Definition: c.h:226
#define ACL_INSERT
Definition: parsenodes.h:65
static Oid convert_database_name ( text databasename)
static

Definition at line 3037 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

3038 {
3039  char *dbname = text_to_cstring(databasename);
3040 
3041  return get_database_oid(dbname, false);
3042 }
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2002
char * dbname
Definition: streamutil.c:41
char * text_to_cstring(const text *t)
Definition: varlena.c:184
static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3049 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, convert_any_priv_string(), and NULL.

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

3050 {
3051  static const priv_map database_priv_map[] = {
3052  {"CREATE", ACL_CREATE},
3053  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3054  {"TEMPORARY", ACL_CREATE_TEMP},
3055  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3056  {"TEMP", ACL_CREATE_TEMP},
3057  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3058  {"CONNECT", ACL_CONNECT},
3059  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3060  {NULL, 0}
3061  };
3062 
3063  return convert_any_priv_string(priv_type_text, database_priv_map);
3064 
3065 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_CREATE
Definition: parsenodes.h:75
#define ACL_CONNECT
Definition: parsenodes.h:77
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
#define ACL_CREATE_TEMP
Definition: parsenodes.h:76
static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3226 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

3227 {
3228  char *fdwstr = text_to_cstring(fdwname);
3229 
3230  return get_foreign_data_wrapper_oid(fdwstr, false);
3231 }
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:659
char * text_to_cstring(const text *t)
Definition: varlena.c:184
static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3238 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, convert_any_priv_string(), and NULL.

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

3239 {
3240  static const priv_map foreign_data_wrapper_priv_map[] = {
3241  {"USAGE", ACL_USAGE},
3242  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3243  {NULL, 0}
3244  };
3245 
3246  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3247 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
static Oid convert_function_name ( text functionname)
static

Definition at line 3417 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

3418 {
3419  char *funcname = text_to_cstring(functionname);
3420  Oid oid;
3421 
3423  CStringGetDatum(funcname)));
3424 
3425  if (!OidIsValid(oid))
3426  ereport(ERROR,
3427  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3428  errmsg("function \"%s\" does not exist", funcname)));
3429 
3430  return oid;
3431 }
#define DatumGetObjectId(X)
Definition: postgres.h:508
int errcode(int sqlerrcode)
Definition: elog.c:575
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:555
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:533
#define ERROR
Definition: elog.h:43
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:275
#define CStringGetDatum(X)
Definition: postgres.h:586
#define ereport(elevel, rest)
Definition: elog.h:122
char * text_to_cstring(const text *t)
Definition: varlena.c:184
int errmsg(const char *fmt,...)
Definition: elog.c:797
static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3438 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, convert_any_priv_string(), and NULL.

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

3439 {
3440  static const priv_map function_priv_map[] = {
3441  {"EXECUTE", ACL_EXECUTE},
3442  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3443  {NULL, 0}
3444  };
3445 
3446  return convert_any_priv_string(priv_type_text, function_priv_map);
3447 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
#define ACL_EXECUTE
Definition: parsenodes.h:72
static Oid convert_language_name ( text languagename)
static

Definition at line 3617 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

3618 {
3619  char *langname = text_to_cstring(languagename);
3620 
3621  return get_language_oid(langname, false);
3622 }
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:553
char * text_to_cstring(const text *t)
Definition: varlena.c:184
static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3629 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, convert_any_priv_string(), and NULL.

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

3630 {
3631  static const priv_map language_priv_map[] = {
3632  {"USAGE", ACL_USAGE},
3633  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3634  {NULL, 0}
3635  };
3636 
3637  return convert_any_priv_string(priv_type_text, language_priv_map);
3638 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1599 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

1600 {
1601  char *priv_type = text_to_cstring(priv_type_text);
1602 
1603  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1604  return ACL_SELECT;
1605  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1606  return ACL_INSERT;
1607  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1608  return ACL_UPDATE;
1609  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1610  return ACL_DELETE;
1611  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1612  return ACL_TRUNCATE;
1613  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1614  return ACL_REFERENCES;
1615  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1616  return ACL_TRIGGER;
1617  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1618  return ACL_EXECUTE;
1619  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1620  return ACL_USAGE;
1621  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1622  return ACL_CREATE;
1623  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1624  return ACL_CREATE_TEMP;
1625  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1626  return ACL_CREATE_TEMP;
1627  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1628  return ACL_CONNECT;
1629  if (pg_strcasecmp(priv_type, "RULE") == 0)
1630  return 0; /* ignore old RULE privileges */
1631 
1632  ereport(ERROR,
1633  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1634  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1635  return ACL_NO_RIGHTS; /* keep compiler quiet */
1636 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ACL_DELETE
Definition: parsenodes.h:68
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:75
#define ACL_NO_RIGHTS
Definition: parsenodes.h:79
#define ACL_TRIGGER
Definition: parsenodes.h:71
#define ACL_USAGE
Definition: parsenodes.h:73
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACL_CONNECT
Definition: parsenodes.h:77
#define ACL_UPDATE
Definition: parsenodes.h:67
#define ACL_SELECT
Definition: parsenodes.h:66
#define ACL_REFERENCES
Definition: parsenodes.h:70
#define ACL_INSERT
Definition: parsenodes.h:65
char * text_to_cstring(const text *t)
Definition: varlena.c:184
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define ACL_EXECUTE
Definition: parsenodes.h:72
#define ACL_CREATE_TEMP
Definition: parsenodes.h:76
#define ACL_TRUNCATE
Definition: parsenodes.h:69
static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4562 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, convert_any_priv_string(), and NULL.

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

4563 {
4564  static const priv_map role_priv_map[] = {
4565  {"USAGE", ACL_USAGE},
4566  {"MEMBER", ACL_CREATE},
4567  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4568  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4569  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4570  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4571  {NULL, 0}
4572  };
4573 
4574  return convert_any_priv_string(priv_type_text, role_priv_map);
4575 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_CREATE
Definition: parsenodes.h:75
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
static Oid convert_schema_name ( text schemaname)
static

Definition at line 3808 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

3809 {
3810  char *nspname = text_to_cstring(schemaname);
3811 
3812  return get_namespace_oid(nspname, false);
3813 }
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:2839
char * text_to_cstring(const text *t)
Definition: varlena.c:184
static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3820 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, convert_any_priv_string(), and NULL.

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

3821 {
3822  static const priv_map schema_priv_map[] = {
3823  {"CREATE", ACL_CREATE},
3824  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3825  {"USAGE", ACL_USAGE},
3826  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3827  {NULL, 0}
3828  };
3829 
3830  return convert_any_priv_string(priv_type_text, schema_priv_map);
3831 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_CREATE
Definition: parsenodes.h:75
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2242 of file acl.c.

References ACL_SELECT, ACL_UPDATE, ACL_USAGE, convert_any_priv_string(), and NULL.

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

2243 {
2244  static const priv_map sequence_priv_map[] = {
2245  {"USAGE", ACL_USAGE},
2246  {"SELECT", ACL_SELECT},
2247  {"UPDATE", ACL_UPDATE},
2248  {NULL, 0}
2249  };
2250 
2251  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2252 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_UPDATE
Definition: parsenodes.h:67
#define ACL_SELECT
Definition: parsenodes.h:66
#define NULL
Definition: c.h:226
static Oid convert_server_name ( text servername)
static

Definition at line 3992 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

3993 {
3994  char *serverstr = text_to_cstring(servername);
3995 
3996  return get_foreign_server_oid(serverstr, false);
3997 }
char * text_to_cstring(const text *t)
Definition: varlena.c:184
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:680
static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4004 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, convert_any_priv_string(), and NULL.

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

4005 {
4006  static const priv_map server_priv_map[] = {
4007  {"USAGE", ACL_USAGE},
4008  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4009  {NULL, 0}
4010  };
4011 
4012  return convert_any_priv_string(priv_type_text, server_priv_map);
4013 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
static Oid convert_table_name ( text tablename)
static
static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2019 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, convert_any_priv_string(), and NULL.

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

2020 {
2021  static const priv_map table_priv_map[] = {
2022  {"SELECT", ACL_SELECT},
2023  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2024  {"INSERT", ACL_INSERT},
2025  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2026  {"UPDATE", ACL_UPDATE},
2027  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2028  {"DELETE", ACL_DELETE},
2029  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2030  {"TRUNCATE", ACL_TRUNCATE},
2031  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2032  {"REFERENCES", ACL_REFERENCES},
2033  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2034  {"TRIGGER", ACL_TRIGGER},
2035  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2036  {"RULE", 0}, /* ignore old RULE privileges */
2037  {"RULE WITH GRANT OPTION", 0},
2038  {NULL, 0}
2039  };
2040 
2041  return convert_any_priv_string(priv_type_text, table_priv_map);
2042 }
Definition: acl.c:42
#define ACL_DELETE
Definition: parsenodes.h:68
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_TRIGGER
Definition: parsenodes.h:71
#define ACL_UPDATE
Definition: parsenodes.h:67
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define ACL_SELECT
Definition: parsenodes.h:66
#define ACL_REFERENCES
Definition: parsenodes.h:70
#define NULL
Definition: c.h:226
#define ACL_INSERT
Definition: parsenodes.h:65
#define ACL_TRUNCATE
Definition: parsenodes.h:69
static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4174 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

4175 {
4176  char *spcname = text_to_cstring(tablespacename);
4177 
4178  return get_tablespace_oid(spcname, false);
4179 }
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1381
char * text_to_cstring(const text *t)
Definition: varlena.c:184
static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4186 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, convert_any_priv_string(), and NULL.

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

4187 {
4188  static const priv_map tablespace_priv_map[] = {
4189  {"CREATE", ACL_CREATE},
4190  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4191  {NULL, 0}
4192  };
4193 
4194  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4195 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_CREATE
Definition: parsenodes.h:75
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
static Oid convert_type_name ( text typename)
static

Definition at line 4364 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), and text_to_cstring().

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

4365 {
4366  char *typname = text_to_cstring(typename);
4367  Oid oid;
4368 
4370  CStringGetDatum(typname)));
4371 
4372  if (!OidIsValid(oid))
4373  ereport(ERROR,
4374  (errcode(ERRCODE_UNDEFINED_OBJECT),
4375  errmsg("type \"%s\" does not exist", typname)));
4376 
4377  return oid;
4378 }
#define DatumGetObjectId(X)
Definition: postgres.h:508
int errcode(int sqlerrcode)
Definition: elog.c:575
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:555
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:533
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:586
#define ereport(elevel, rest)
Definition: elog.h:122
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1178
char * text_to_cstring(const text *t)
Definition: varlena.c:184
int errmsg(const char *fmt,...)
Definition: elog.c:797
static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4385 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, convert_any_priv_string(), and NULL.

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

4386 {
4387  static const priv_map type_priv_map[] = {
4388  {"USAGE", ACL_USAGE},
4389  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4390  {NULL, 0}
4391  };
4392 
4393  return convert_any_priv_string(priv_type_text, type_priv_map);
4394 }
Definition: acl.c:42
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1649
#define ACL_USAGE
Definition: parsenodes.h:73
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:63
#define NULL
Definition: c.h:226
static int count_one_bits ( AclMode  mask)
static

Definition at line 4999 of file acl.c.

Referenced by select_best_grantor().

5000 {
5001  int nbits = 0;
5002 
5003  /* this code relies on AclMode being an unsigned type */
5004  while (mask)
5005  {
5006  if (mask & 1)
5007  nbits++;
5008  mask >>= 1;
5009  }
5010  return nbits;
5011 }
Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5114 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

5115 {
5116  Oid oid;
5117 
5118  oid = GetSysCacheOid1(AUTHNAME, CStringGetDatum(rolname));
5119  if (!OidIsValid(oid) && !missing_ok)
5120  ereport(ERROR,
5121  (errcode(ERRCODE_UNDEFINED_OBJECT),
5122  errmsg("role \"%s\" does not exist", rolname)));
5123  return oid;
5124 }
int errcode(int sqlerrcode)
Definition: elog.c:575
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:533
#define GetSysCacheOid1(cacheId, key1)
Definition: syscache.h:176
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:586
#define ereport(elevel, rest)
Definition: elog.h:122
int errmsg(const char *fmt,...)
Definition: elog.c:797
char* get_rolespec_name ( const RoleSpec role)

Definition at line 5229 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

5230 {
5231  HeapTuple tp;
5232  Form_pg_authid authForm;
5233  char *rolename;
5234 
5235  tp = get_rolespec_tuple(role);
5236  authForm = (Form_pg_authid) GETSTRUCT(tp);
5237  rolename = pstrdup(NameStr(authForm->rolname));
5238  ReleaseSysCache(tp);
5239 
5240  return rolename;
5241 }
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
char * pstrdup(const char *in)
Definition: mcxt.c:1165
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:72
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1083
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5185
#define NameStr(name)
Definition: c.h:494
Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5147 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

5148 {
5149  Oid oid;
5150 
5151  switch (role->roletype)
5152  {
5153  case ROLESPEC_CSTRING:
5154  Assert(role->rolename);
5155  oid = get_role_oid(role->rolename, missing_ok);
5156  break;
5157 
5158  case ROLESPEC_CURRENT_USER:
5159  oid = GetUserId();
5160  break;
5161 
5162  case ROLESPEC_SESSION_USER:
5163  oid = GetSessionUserId();
5164  break;
5165 
5166  case ROLESPEC_PUBLIC:
5167  ereport(ERROR,
5168  (errcode(ERRCODE_UNDEFINED_OBJECT),
5169  errmsg("role \"%s\" does not exist", "public")));
5170  oid = InvalidOid; /* make compiler happy */
5171  break;
5172 
5173  default:
5174  elog(ERROR, "unexpected role type %d", role->roletype);
5175  }
5176 
5177  return oid;
5178 }
Oid GetUserId(void)
Definition: miscinit.c:283
int errcode(int sqlerrcode)
Definition: elog.c:575
unsigned int Oid
Definition: postgres_ext.h:31
Oid GetSessionUserId(void)
Definition: miscinit.c:317
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5114
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpecType roletype
Definition: parsenodes.h:319
#define InvalidOid
Definition: postgres_ext.h:36
#define Assert(condition)
Definition: c.h:670
char * rolename
Definition: parsenodes.h:320
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define elog
Definition: elog.h:219
HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5185 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, NULL, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1.

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

5186 {
5187  HeapTuple tuple;
5188 
5189  switch (role->roletype)
5190  {
5191  case ROLESPEC_CSTRING:
5192  Assert(role->rolename);
5194  if (!HeapTupleIsValid(tuple))
5195  ereport(ERROR,
5196  (errcode(ERRCODE_UNDEFINED_OBJECT),
5197  errmsg("role \"%s\" does not exist", role->rolename)));
5198  break;
5199 
5200  case ROLESPEC_CURRENT_USER:
5201  tuple = SearchSysCache1(AUTHOID, GetUserId());
5202  if (!HeapTupleIsValid(tuple))
5203  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5204  break;
5205 
5206  case ROLESPEC_SESSION_USER:
5208  if (!HeapTupleIsValid(tuple))
5209  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5210  break;
5211 
5212  case ROLESPEC_PUBLIC:
5213  ereport(ERROR,
5214  (errcode(ERRCODE_UNDEFINED_OBJECT),
5215  errmsg("role \"%s\" does not exist", "public")));
5216  tuple = NULL; /* make compiler happy */
5217 
5218  default:
5219  elog(ERROR, "unexpected role type %d", role->roletype);
5220  }
5221 
5222  return tuple;
5223 }
Oid GetUserId(void)
Definition: miscinit.c:283
int errcode(int sqlerrcode)
Definition: elog.c:575
Oid GetSessionUserId(void)
Definition: miscinit.c:317
#define SearchSysCache1(cacheId, key1)
Definition: syscache.h:149
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:586
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpecType roletype
Definition: parsenodes.h:319
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
#define NULL
Definition: c.h:226
#define Assert(condition)
Definition: c.h:670
char * rolename
Definition: parsenodes.h:320
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define elog
Definition: elog.h:219
static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 137 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

138 {
139  int len = 0;
140  bool in_quotes = false;
141 
142  Assert(s && n);
143 
144  while (isspace((unsigned char) *s))
145  s++;
146  /* This code had better match what putid() does, below */
147  for (;
148  *s != '\0' &&
149  (isalnum((unsigned char) *s) ||
150  *s == '_' ||
151  *s == '"' ||
152  in_quotes);
153  s++)
154  {
155  if (*s == '"')
156  {
157  /* safe to look at next char (could be '\0' though) */
158  if (*(s + 1) != '"')
159  {
160  in_quotes = !in_quotes;
161  continue;
162  }
163  /* it's an escaped double quote; skip the escaping char */
164  s++;
165  }
166 
167  /* Add the character to the string */
168  if (len >= NAMEDATALEN - 1)
169  ereport(ERROR,
170  (errcode(ERRCODE_NAME_TOO_LONG),
171  errmsg("identifier too long"),
172  errdetail("Identifier must be less than %d characters.",
173  NAMEDATALEN)));
174 
175  n[len++] = *s;
176  }
177  n[len] = '\0';
178  while (isspace((unsigned char) *s))
179  s++;
180  return s;
181 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define NAMEDATALEN
#define ERROR
Definition: elog.h:43
int errdetail(const char *fmt,...)
Definition: elog.c:873
#define ereport(elevel, rest)
Definition: elog.h:122
#define Assert(condition)
Definition: c.h:670
int errmsg(const char *fmt,...)
Definition: elog.c:797
Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2361 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2362 {
2363  Oid tableoid = PG_GETARG_OID(0);
2364  text *priv_type_text = PG_GETARG_TEXT_P(1);
2365  Oid roleid;
2366  AclMode mode;
2367  AclResult aclresult;
2368 
2369  roleid = GetUserId();
2370  mode = convert_column_priv_string(priv_type_text);
2371 
2373  PG_RETURN_NULL();
2374 
2375  /* First check at table level, then examine each column if needed */
2376  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2377  if (aclresult != ACLCHECK_OK)
2378  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2379  ACLMASK_ANY);
2380 
2381  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2382 }
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4312
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4397
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2417 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2418 {
2419  Oid roleid = PG_GETARG_OID(0);
2420  Oid tableoid = PG_GETARG_OID(1);
2421  text *priv_type_text = PG_GETARG_TEXT_P(2);
2422  AclMode mode;
2423  AclResult aclresult;
2424 
2425  mode = convert_column_priv_string(priv_type_text);
2426 
2428  PG_RETURN_NULL();
2429 
2430  /* First check at table level, then examine each column if needed */
2431  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2432  if (aclresult != ACLCHECK_OK)
2433  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2434  ACLMASK_ANY);
2435 
2436  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2437 }
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4312
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4397
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2390 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

2391 {
2392  Oid roleid = PG_GETARG_OID(0);
2393  text *tablename = PG_GETARG_TEXT_P(1);
2394  text *priv_type_text = PG_GETARG_TEXT_P(2);
2395  Oid tableoid;
2396  AclMode mode;
2397  AclResult aclresult;
2398 
2399  tableoid = convert_table_name(tablename);
2400  mode = convert_column_priv_string(priv_type_text);
2401 
2402  /* First check at table level, then examine each column if needed */
2403  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2404  if (aclresult != ACLCHECK_OK)
2405  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2406  ACLMASK_ANY);
2407 
2408  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2409 }
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4312
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4397
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2302 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

2303 {
2304  text *tablename = PG_GETARG_TEXT_P(0);
2305  text *priv_type_text = PG_GETARG_TEXT_P(1);
2306  Oid roleid;
2307  Oid tableoid;
2308  AclMode mode;
2309  AclResult aclresult;
2310 
2311  roleid = GetUserId();
2312  tableoid = convert_table_name(tablename);
2313  mode = convert_column_priv_string(priv_type_text);
2314 
2315  /* First check at table level, then examine each column if needed */
2316  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2317  if (aclresult != ACLCHECK_OK)
2318  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2319  ACLMASK_ANY);
2320 
2321  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2322 }
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4312
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4397
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2330 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

2331 {
2333  Oid tableoid = PG_GETARG_OID(1);
2334  text *priv_type_text = PG_GETARG_TEXT_P(2);
2335  Oid roleid;
2336  AclMode mode;
2337  AclResult aclresult;
2338 
2339  roleid = get_role_oid_or_public(NameStr(*username));
2340  mode = convert_column_priv_string(priv_type_text);
2341 
2343  PG_RETURN_NULL();
2344 
2345  /* First check at table level, then examine each column if needed */
2346  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2347  if (aclresult != ACLCHECK_OK)
2348  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2349  ACLMASK_ANY);
2350 
2351  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2352 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
Definition: c.h:488
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static char * username
Definition: initdb.c:130
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4312
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4397
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
#define PG_RETURN_NULL()
Definition: fmgr.h:289
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2272 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

2273 {
2274  Name rolename = PG_GETARG_NAME(0);
2275  text *tablename = PG_GETARG_TEXT_P(1);
2276  text *priv_type_text = PG_GETARG_TEXT_P(2);
2277  Oid roleid;
2278  Oid tableoid;
2279  AclMode mode;
2280  AclResult aclresult;
2281 
2282  roleid = get_role_oid_or_public(NameStr(*rolename));
2283  tableoid = convert_table_name(tablename);
2284  mode = convert_column_priv_string(priv_type_text);
2285 
2286  /* First check at table level, then examine each column if needed */
2287  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2288  if (aclresult != ACLCHECK_OK)
2289  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2290  ACLMASK_ANY);
2291 
2292  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2293 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4312
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4397
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2804 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2805 {
2806  Oid tableoid = PG_GETARG_OID(0);
2807  AttrNumber colattnum = PG_GETARG_INT16(1);
2808  text *priv_type_text = PG_GETARG_TEXT_P(2);
2809  Oid roleid;
2810  AclMode mode;
2811  int privresult;
2812 
2813  roleid = GetUserId();
2814  mode = convert_column_priv_string(priv_type_text);
2815 
2816  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2817  if (privresult < 0)
2818  PG_RETURN_NULL();
2819  PG_RETURN_BOOL(privresult);
2820 }
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_INT16(n)
Definition: fmgr.h:227
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2697 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2698 {
2699  Oid roleid = PG_GETARG_OID(0);
2700  Oid tableoid = PG_GETARG_OID(1);
2701  AttrNumber colattnum = PG_GETARG_INT16(2);
2702  text *priv_type_text = PG_GETARG_TEXT_P(3);
2703  AclMode mode;
2704  int privresult;
2705 
2706  mode = convert_column_priv_string(priv_type_text);
2707 
2708  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2709  if (privresult < 0)
2710  PG_RETURN_NULL();
2711  PG_RETURN_BOOL(privresult);
2712 }
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_INT16(n)
Definition: fmgr.h:227
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2672 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2673 {
2674  Oid roleid = PG_GETARG_OID(0);
2675  Oid tableoid = PG_GETARG_OID(1);
2676  text *column = PG_GETARG_TEXT_P(2);
2677  text *priv_type_text = PG_GETARG_TEXT_P(3);
2678  AttrNumber colattnum;
2679  AclMode mode;
2680  int privresult;
2681 
2682  colattnum = convert_column_name(tableoid, column);
2683  mode = convert_column_priv_string(priv_type_text);
2684 
2685  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2686  if (privresult < 0)
2687  PG_RETURN_NULL();
2688  PG_RETURN_BOOL(privresult);
2689 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2831
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2777 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2778 {
2779  Oid tableoid = PG_GETARG_OID(0);
2780  text *column = PG_GETARG_TEXT_P(1);
2781  text *priv_type_text = PG_GETARG_TEXT_P(2);
2782  Oid roleid;
2783  AttrNumber colattnum;
2784  AclMode mode;
2785  int privresult;
2786 
2787  roleid = GetUserId();
2788  colattnum = convert_column_name(tableoid, column);
2789  mode = convert_column_priv_string(priv_type_text);
2790 
2791  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2792  if (privresult < 0)
2793  PG_RETURN_NULL();
2794  PG_RETURN_BOOL(privresult);
2795 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2831
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2647 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2648 {
2649  Oid roleid = PG_GETARG_OID(0);
2650  text *tablename = PG_GETARG_TEXT_P(1);
2651  AttrNumber colattnum = PG_GETARG_INT16(2);
2652  text *priv_type_text = PG_GETARG_TEXT_P(3);
2653  Oid tableoid;
2654  AclMode mode;
2655  int privresult;
2656 
2657  tableoid = convert_table_name(tablename);
2658  mode = convert_column_priv_string(priv_type_text);
2659 
2660  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2661  if (privresult < 0)
2662  PG_RETURN_NULL();
2663  PG_RETURN_BOOL(privresult);
2664 }
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_INT16(n)
Definition: fmgr.h:227
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2620 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2621 {
2622  Oid roleid = PG_GETARG_OID(0);
2623  text *tablename = PG_GETARG_TEXT_P(1);
2624  text *column = PG_GETARG_TEXT_P(2);
2625  text *priv_type_text = PG_GETARG_TEXT_P(3);
2626  Oid tableoid;
2627  AttrNumber colattnum;
2628  AclMode mode;
2629  int privresult;
2630 
2631  tableoid = convert_table_name(tablename);
2632  colattnum = convert_column_name(tableoid, column);
2633  mode = convert_column_priv_string(priv_type_text);
2634 
2635  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2636  if (privresult < 0)
2637  PG_RETURN_NULL();
2638  PG_RETURN_BOOL(privresult);
2639 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2831
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2750 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_INT16, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2751 {
2752  text *tablename = PG_GETARG_TEXT_P(0);
2753  AttrNumber colattnum = PG_GETARG_INT16(1);
2754  text *priv_type_text = PG_GETARG_TEXT_P(2);
2755  Oid roleid;
2756  Oid tableoid;
2757  AclMode mode;
2758  int privresult;
2759 
2760  roleid = GetUserId();
2761  tableoid = convert_table_name(tablename);
2762  mode = convert_column_priv_string(priv_type_text);
2763 
2764  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2765  if (privresult < 0)
2766  PG_RETURN_NULL();
2767  PG_RETURN_BOOL(privresult);
2768 }
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_INT16(n)
Definition: fmgr.h:227
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2595 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2596 {
2598  Oid tableoid = PG_GETARG_OID(1);
2599  AttrNumber colattnum = PG_GETARG_INT16(2);
2600  text *priv_type_text = PG_GETARG_TEXT_P(3);
2601  Oid roleid;
2602  AclMode mode;
2603  int privresult;
2604 
2605  roleid = get_role_oid_or_public(NameStr(*username));
2606  mode = convert_column_priv_string(priv_type_text);
2607 
2608  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2609  if (privresult < 0)
2610  PG_RETURN_NULL();
2611  PG_RETURN_BOOL(privresult);
2612 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_INT16(n)
Definition: fmgr.h:227
static char * username
Definition: initdb.c:130
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2568 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2569 {
2571  Oid tableoid = PG_GETARG_OID(1);
2572  text *column = PG_GETARG_TEXT_P(2);
2573  text *priv_type_text = PG_GETARG_TEXT_P(3);
2574  Oid roleid;
2575  AttrNumber colattnum;
2576  AclMode mode;
2577  int privresult;
2578 
2579  roleid = get_role_oid_or_public(NameStr(*username));
2580  colattnum = convert_column_name(tableoid, column);
2581  mode = convert_column_priv_string(priv_type_text);
2582 
2583  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2584  if (privresult < 0)
2585  PG_RETURN_NULL();
2586  PG_RETURN_BOOL(privresult);
2587 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2831
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static char * username
Definition: initdb.c:130
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2721 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2722 {
2723  text *tablename = PG_GETARG_TEXT_P(0);
2724  text *column = PG_GETARG_TEXT_P(1);
2725  text *priv_type_text = PG_GETARG_TEXT_P(2);
2726  Oid roleid;
2727  Oid tableoid;
2728  AttrNumber colattnum;
2729  AclMode mode;
2730  int privresult;
2731 
2732  roleid = GetUserId();
2733  tableoid = convert_table_name(tablename);
2734  colattnum = convert_column_name(tableoid, column);
2735  mode = convert_column_priv_string(priv_type_text);
2736 
2737  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2738  if (privresult < 0)
2739  PG_RETURN_NULL();
2740  PG_RETURN_BOOL(privresult);
2741 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2831
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2541 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2542 {
2543  Name rolename = PG_GETARG_NAME(0);
2544  text *tablename = PG_GETARG_TEXT_P(1);
2545  AttrNumber colattnum = PG_GETARG_INT16(2);
2546  text *priv_type_text = PG_GETARG_TEXT_P(3);
2547  Oid roleid;
2548  Oid tableoid;
2549  AclMode mode;
2550  int privresult;
2551 
2552  roleid = get_role_oid_or_public(NameStr(*rolename));
2553  tableoid = convert_table_name(tablename);
2554  mode = convert_column_priv_string(priv_type_text);
2555 
2556  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2557  if (privresult < 0)
2558  PG_RETURN_NULL();
2559  PG_RETURN_BOOL(privresult);
2560 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_INT16(n)
Definition: fmgr.h:227
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2512 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and PG_RETURN_NULL.

2513 {
2514  Name rolename = PG_GETARG_NAME(0);
2515  text *tablename = PG_GETARG_TEXT_P(1);
2516  text *column = PG_GETARG_TEXT_P(2);
2517  text *priv_type_text = PG_GETARG_TEXT_P(3);
2518  Oid roleid;
2519  Oid tableoid;
2520  AttrNumber colattnum;
2521  AclMode mode;
2522  int privresult;
2523 
2524  roleid = get_role_oid_or_public(NameStr(*rolename));
2525  tableoid = convert_table_name(tablename);
2526  colattnum = convert_column_name(tableoid, column);
2527  mode = convert_column_priv_string(priv_type_text);
2528 
2529  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2530  if (privresult < 0)
2531  PG_RETURN_NULL();
2532  PG_RETURN_BOOL(privresult);
2533 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2831
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_table_name(text *tablename)
Definition: acl.c:2004
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2460
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2852
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:289
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2963 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

2964 {
2965  Oid databaseoid = PG_GETARG_OID(0);
2966  text *priv_type_text = PG_GETARG_TEXT_P(1);
2967  Oid roleid;
2968  AclMode mode;
2969  AclResult aclresult;
2970 
2971  roleid = GetUserId();
2972  mode = convert_database_priv_string(priv_type_text);
2973 
2975  PG_RETURN_NULL();
2976 
2977  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2978 
2979  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2980 }
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3049
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4409
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3011 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3012 {
3013  Oid roleid = PG_GETARG_OID(0);
3014  Oid databaseoid = PG_GETARG_OID(1);
3015  text *priv_type_text = PG_GETARG_TEXT_P(2);
3016  AclMode mode;
3017  AclResult aclresult;
3018 
3019  mode = convert_database_priv_string(priv_type_text);
3020 
3022  PG_RETURN_NULL();
3023 
3024  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3025 
3026  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3027 }
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3049
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4409
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2988 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

2989 {
2990  Oid roleid = PG_GETARG_OID(0);
2991  text *databasename = PG_GETARG_TEXT_P(1);
2992  text *priv_type_text = PG_GETARG_TEXT_P(2);
2993  Oid databaseoid;
2994  AclMode mode;
2995  AclResult aclresult;
2996 
2997  databaseoid = convert_database_name(databasename);
2998  mode = convert_database_priv_string(priv_type_text);
2999 
3000  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3001 
3002  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3003 }
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
static Oid convert_database_name(text *databasename)
Definition: acl.c:3037
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3049
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4409
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2912 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), pg_database_aclcheck(), PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

2913 {
2914  text *databasename = PG_GETARG_TEXT_P(0);
2915  text *priv_type_text = PG_GETARG_TEXT_P(1);
2916  Oid roleid;
2917  Oid databaseoid;
2918  AclMode mode;
2919  AclResult aclresult;
2920 
2921  roleid = GetUserId();
2922  databaseoid = convert_database_name(databasename);
2923  mode = convert_database_priv_string(priv_type_text);
2924 
2925  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2926 
2927  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2928 }
Oid GetUserId(void)
Definition: miscinit.c:283
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
static Oid convert_database_name(text *databasename)
Definition: acl.c:3037
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3049
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4409
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2936 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

2937 {
2939  Oid databaseoid = PG_GETARG_OID(1);
2940  text *priv_type_text = PG_GETARG_TEXT_P(2);
2941  Oid roleid;
2942  AclMode mode;
2943  AclResult aclresult;
2944 
2945  roleid = get_role_oid_or_public(NameStr(*username));
2946  mode = convert_database_priv_string(priv_type_text);
2947 
2949  PG_RETURN_NULL();
2950 
2951  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2952 
2953  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2954 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
Definition: c.h:488
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3049
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static char * username
Definition: initdb.c:130
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4409
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
#define PG_RETURN_NULL()
Definition: fmgr.h:289
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2886 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and username.

2887 {
2889  text *databasename = PG_GETARG_TEXT_P(1);
2890  text *priv_type_text = PG_GETARG_TEXT_P(2);
2891  Oid roleid;
2892  Oid databaseoid;
2893  AclMode mode;
2894  AclResult aclresult;
2895 
2896  roleid = get_role_oid_or_public(NameStr(*username));
2897  databaseoid = convert_database_name(databasename);
2898  mode = convert_database_priv_string(priv_type_text);
2899 
2900  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2901 
2902  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2903 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
static Oid convert_database_name(text *databasename)
Definition: acl.c:3037
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3049
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static char * username
Definition: initdb.c:130
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4409
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3158 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

3159 {
3160  Oid fdwid = PG_GETARG_OID(0);
3161  text *priv_type_text = PG_GETARG_TEXT_P(1);
3162  Oid roleid;
3163  AclMode mode;
3164  AclResult aclresult;
3165 
3166  roleid = GetUserId();
3167  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3168 
3169  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3170 
3171  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3172 }
Oid GetUserId(void)
Definition: miscinit.c:283
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4484
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3238
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3203 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

3204 {
3205  Oid roleid = PG_GETARG_OID(0);
3206  Oid fdwid = PG_GETARG_OID(1);
3207  text *priv_type_text = PG_GETARG_TEXT_P(2);
3208  AclMode mode;
3209  AclResult aclresult;
3210 
3211  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3212 
3213  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3214 
3215  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3216 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4484
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3238
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3180 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

3181 {
3182  Oid roleid = PG_GETARG_OID(0);
3183  text *fdwname = PG_GETARG_TEXT_P(1);
3184  text *priv_type_text = PG_GETARG_TEXT_P(2);
3185  Oid fdwid;
3186  AclMode mode;
3187  AclResult aclresult;
3188 
3189  fdwid = convert_foreign_data_wrapper_name(fdwname);
3190  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3191 
3192  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3193 
3194  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3195 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4484
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3226
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3238
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3110 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_P, and PG_RETURN_BOOL.

3111 {
3112  text *fdwname = PG_GETARG_TEXT_P(0);
3113  text *priv_type_text = PG_GETARG_TEXT_P(1);
3114  Oid roleid;
3115  Oid fdwid;
3116  AclMode mode;
3117  AclResult aclresult;
3118 
3119  roleid = GetUserId();
3120  fdwid = convert_foreign_data_wrapper_name(fdwname);
3121  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3122 
3123  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3124 
3125  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3126 }
Oid GetUserId(void)
Definition: miscinit.c:283
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4484
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3226
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3238
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
Definition: c.h:434
Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3134 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and username.

3135 {
3137  Oid fdwid = PG_GETARG_OID(1);
3138  text *priv_type_text = PG_GETARG_TEXT_P(2);
3139  Oid roleid;
3140  AclMode mode;
3141  AclResult aclresult;
3142 
3143  roleid = get_role_oid_or_public(NameStr(*username));
3144  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3145 
3146  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3147 
3148  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3149 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4484
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static char * username
Definition: initdb.c:130
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3238
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3084 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_P, PG_RETURN_BOOL, and username.

3085 {
3087  text *fdwname = PG_GETARG_TEXT_P(1);
3088  text *priv_type_text = PG_GETARG_TEXT_P(2);
3089  Oid roleid;
3090  Oid fdwid;
3091  AclMode mode;
3092  AclResult aclresult;
3093 
3094  roleid = get_role_oid_or_public(NameStr(*username));
3095  fdwid = convert_foreign_data_wrapper_name(fdwname);
3096  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3097 
3098  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3099 
3100  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3101 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4484
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3226
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5131
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
Definition: c.h:488
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static char * username
Definition: initdb.c:130
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3238
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
#define NameStr(name)
Definition: c.h:494
Definition: c.h:434
#define PG_GETARG_NAME(n)
Definition: fmgr.h:234
Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3343 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_P, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

3344 {
3345  Oid functionoid = PG_GETARG_OID(0);
3346  text *priv_type_text = PG_GETARG_TEXT_P(1);
3347  Oid roleid;
3348  AclMode mode;
3349  AclResult aclresult;
3350 
3351  roleid = GetUserId();
3352  mode = convert_function_priv_string(priv_type_text);
3353 
3354  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3355  PG_RETURN_NULL();
3356 
3357  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3358 
3359  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3360 }
Oid GetUserId(void)
Definition: miscinit.c:283
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3438
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4421
Definition: c.h:434
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3391 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_P, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

3392 {
3393  Oid roleid = PG_GETARG_OID(0);
3394  Oid functionoid = PG_GETARG_OID(1);
3395  text *priv_type_text = PG_GETARG_TEXT_P(2);
3396  AclMode mode;
3397  AclResult aclresult;
3398 
3399  mode = convert_function_priv_string(priv_type_text);
3400 
3401  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3402  PG_RETURN_NULL();
3403 
3404  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3405 
3406  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3407 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3438
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:167
#define ObjectIdGetDatum(X)
Definition: postgres.h:515
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4421
Definition: c.h:434
#define PG_RETURN_NULL()
Definition: fmgr.h:289
Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3368 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_P, pg_proc_aclcheck(), and PG_RETURN_BOOL.

3369 {
3370  Oid roleid = PG_GETARG_OID(0);
3371  text *functionname = PG_GETARG_TEXT_P(1);
3372  text *priv_type_text = PG_GETARG_TEXT_P(2);
3373  Oid functionoid;
3374  AclMode mode;
3375  AclResult aclresult;
3376 
3377  functionoid = convert_function_name(functionname);
3378  mode = convert_function_priv_string(priv_type_text);
3379 
3380  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3381 
3382  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3383 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3438
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
#define PG_GETARG_OID(n)
Definition: fmgr.h:231
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_function_name(text *functionname)
Definition: acl.c:3417
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4421
Definition: c.h:434
Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3292 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), PG_GETARG_TEXT_P, pg_proc_aclcheck(), and PG_RETURN_BOOL.

3293 {
3294  text *functionname = PG_GETARG_TEXT_P(0);
3295  text *priv_type_text = PG_GETARG_TEXT_P(1);
3296  Oid roleid;
3297  Oid functionoid;
3298  AclMode mode;
3299  AclResult aclresult;
3300 
3301  roleid = GetUserId();
3302  functionoid = convert_function_name(functionname);
3303  mode = convert_function_priv_string(priv_type_text);
3304 
3305  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3306 
3307  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3308 }
Oid GetUserId(void)
Definition: miscinit.c:283
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3438
unsigned int Oid
Definition: postgres_ext.h:31
uint32 AclMode
Definition: parsenodes.h:63
AclResult
Definition: acl.h:170
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:303
static Oid convert_function_name(text *functionname)
Definition: acl.c:3417
#define PG_GETARG_TEXT_P(n)
Definition: fmgr.h:269
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4421
Definition: c.h:434