PostgreSQL Source Code  git master
Data Structures | Enumerations | Functions | Variables
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_database.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Enumerations

enum  RoleRecurseType { ROLERECURSE_PRIVS = 0, ROLERECURSE_MEMBERS = 1 }
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_is_member_of (Oid roleid, enum RoleRecurseType type, Oid admin_of, bool *is_admin)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_role [] = {InvalidOid, InvalidOid}
 
static Listcached_roles [] = {NIL, NIL}
 
static uint32 cached_db_hash
 

Enumeration Type Documentation

◆ RoleRecurseType

enum RoleRecurseType
Enumerator
ROLERECURSE_PRIVS 
ROLERECURSE_MEMBERS 

Definition at line 65 of file acl.c.

66 {
67  ROLERECURSE_PRIVS = 0, /* recurse if rolinherit */
68  ROLERECURSE_MEMBERS = 1 /* recurse unconditionally */
69 };

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 413 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

414 {
415  Acl *result_acl;
416 
417  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
418 
419  memcpy(ACL_DAT(result_acl),
420  ACL_DAT(left_acl),
421  ACL_NUM(left_acl) * sizeof(AclItem));
422 
423  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
424  ACL_DAT(right_acl),
425  ACL_NUM(right_acl) * sizeof(AclItem));
426 
427  return result_acl;
428 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:362
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1530 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

1531 {
1532  Acl *acl = PG_GETARG_ACL_P(0);
1533  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1534  AclItem *aidat;
1535  int i,
1536  num;
1537 
1538  check_acl(acl);
1539  num = ACL_NUM(acl);
1540  aidat = ACL_DAT(acl);
1541  for (i = 0; i < num; ++i)
1542  {
1543  if (aip->ai_grantee == aidat[i].ai_grantee &&
1544  aip->ai_grantor == aidat[i].ai_grantor &&
1545  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1546  PG_RETURN_BOOL(true);
1547  }
1548  PG_RETURN_BOOL(false);
1549 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
i
int i
Definition: preproc-comment.c:23
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 393 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

394 {
395  Acl *result_acl;
396 
397  result_acl = allocacl(ACL_NUM(orig_acl));
398 
399  memcpy(ACL_DAT(result_acl),
400  ACL_DAT(orig_acl),
401  ACL_NUM(orig_acl) * sizeof(AclItem));
402 
403  return result_acl;
404 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:362
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 734 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask_ext(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

735 {
736  AclMode world_default;
737  AclMode owner_default;
738  int nacl;
739  Acl *acl;
740  AclItem *aip;
741 
742  switch (objtype)
743  {
744  case OBJECT_COLUMN:
745  /* by default, columns have no extra privileges */
746  world_default = ACL_NO_RIGHTS;
747  owner_default = ACL_NO_RIGHTS;
748  break;
749  case OBJECT_TABLE:
750  world_default = ACL_NO_RIGHTS;
751  owner_default = ACL_ALL_RIGHTS_RELATION;
752  break;
753  case OBJECT_SEQUENCE:
754  world_default = ACL_NO_RIGHTS;
755  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
756  break;
757  case OBJECT_DATABASE:
758  /* for backwards compatibility, grant some rights by default */
759  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
760  owner_default = ACL_ALL_RIGHTS_DATABASE;
761  break;
762  case OBJECT_FUNCTION:
763  /* Grant EXECUTE by default, for now */
764  world_default = ACL_EXECUTE;
765  owner_default = ACL_ALL_RIGHTS_FUNCTION;
766  break;
767  case OBJECT_LANGUAGE:
768  /* Grant USAGE by default, for now */
769  world_default = ACL_USAGE;
770  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
771  break;
772  case OBJECT_LARGEOBJECT:
773  world_default = ACL_NO_RIGHTS;
774  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
775  break;
776  case OBJECT_SCHEMA:
777  world_default = ACL_NO_RIGHTS;
778  owner_default = ACL_ALL_RIGHTS_SCHEMA;
779  break;
780  case OBJECT_TABLESPACE:
781  world_default = ACL_NO_RIGHTS;
782  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
783  break;
784  case OBJECT_FDW:
785  world_default = ACL_NO_RIGHTS;
786  owner_default = ACL_ALL_RIGHTS_FDW;
787  break;
788  case OBJECT_FOREIGN_SERVER:
789  world_default = ACL_NO_RIGHTS;
790  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
791  break;
792  case OBJECT_DOMAIN:
793  case OBJECT_TYPE:
794  world_default = ACL_USAGE;
795  owner_default = ACL_ALL_RIGHTS_TYPE;
796  break;
797  default:
798  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
799  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
800  owner_default = ACL_NO_RIGHTS;
801  break;
802  }
803 
804  nacl = 0;
805  if (world_default != ACL_NO_RIGHTS)
806  nacl++;
807  if (owner_default != ACL_NO_RIGHTS)
808  nacl++;
809 
810  acl = allocacl(nacl);
811  aip = ACL_DAT(acl);
812 
813  if (world_default != ACL_NO_RIGHTS)
814  {
815  aip->ai_grantee = ACL_ID_PUBLIC;
816  aip->ai_grantor = ownerId;
817  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
818  aip++;
819  }
820 
821  /*
822  * Note that the owner's entry shows all ordinary privileges but no grant
823  * options. This is because his grant options come "from the system" and
824  * not from his own efforts. (The SQL spec says that the owner's rights
825  * come from a "_SYSTEM" authid.) However, we do consider that the
826  * owner's ordinary privileges are self-granted; this lets him revoke
827  * them. We implement the owner's grant options without any explicit
828  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
829  * wherever we are testing grant options.
830  */
831  if (owner_default != ACL_NO_RIGHTS)
832  {
833  aip->ai_grantee = ownerId;
834  aip->ai_grantor = ownerId;
835  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
836  }
837 
838  return acl;
839 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_ALL_RIGHTS_FUNCTION
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:162
allocacl
static Acl * allocacl(int n)
Definition: acl.c:362
ACL_ALL_RIGHTS_TABLESPACE
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:166
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_ALL_RIGHTS_LANGUAGE
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:163
AclMode
uint32 AclMode
Definition: parsenodes.h:80
ERROR
#define ERROR
Definition: elog.h:46
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:96
ACL_ALL_RIGHTS_SCHEMA
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:165
ACL_ALL_RIGHTS_TYPE
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:167
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:94
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
ACL_ALL_RIGHTS_SEQUENCE
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:158
AclItem
Definition: acl.h:54
ACL_ALL_RIGHTS_LARGEOBJECT
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:164
ACL_ALL_RIGHTS_DATABASE
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:159
ACL_ALL_RIGHTS_FOREIGN_SERVER
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:161
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:89
elog
#define elog(elevel,...)
Definition: elog.h:232
ACL_ALL_RIGHTS_RELATION
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:157
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
ACL_ALL_RIGHTS_FDW
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:160
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 847 of file acl.c.

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

848 {
849  char objtypec = PG_GETARG_CHAR(0);
850  Oid owner = PG_GETARG_OID(1);
851  ObjectType objtype = 0;
852 
853  switch (objtypec)
854  {
855  case 'c':
856  objtype = OBJECT_COLUMN;
857  break;
858  case 'r':
859  objtype = OBJECT_TABLE;
860  break;
861  case 's':
862  objtype = OBJECT_SEQUENCE;
863  break;
864  case 'd':
865  objtype = OBJECT_DATABASE;
866  break;
867  case 'f':
868  objtype = OBJECT_FUNCTION;
869  break;
870  case 'l':
871  objtype = OBJECT_LANGUAGE;
872  break;
873  case 'L':
874  objtype = OBJECT_LARGEOBJECT;
875  break;
876  case 'n':
877  objtype = OBJECT_SCHEMA;
878  break;
879  case 't':
880  objtype = OBJECT_TABLESPACE;
881  break;
882  case 'F':
883  objtype = OBJECT_FDW;
884  break;
885  case 'S':
886  objtype = OBJECT_FOREIGN_SERVER;
887  break;
888  case 'T':
889  objtype = OBJECT_TYPE;
890  break;
891  default:
892  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
893  }
894 
895  PG_RETURN_ACL_P(acldefault(objtype, owner));
896 }
PG_RETURN_ACL_P
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
acldefault
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:734
Oid
unsigned int Oid
Definition: postgres_ext.h:31
ERROR
#define ERROR
Definition: elog.h:46
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
ObjectType
ObjectType
Definition: parsenodes.h:1787
elog
#define elog(elevel,...)
Definition: elog.h:232
PG_GETARG_CHAR
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 495 of file acl.c.

References ACL_DAT, and ACL_NUM.

Referenced by get_user_default_acl(), and SetDefaultACL().

496 {
497  /* Check for cases where one or both are empty/null */
498  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
499  {
500  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
501  return true;
502  else
503  return false;
504  }
505  else
506  {
507  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
508  return false;
509  }
510 
511  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
512  return false;
513 
514  if (memcmp(ACL_DAT(left_acl),
515  ACL_DAT(right_acl),
516  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
517  return true;
518 
519  return false;
520 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1723 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

1724 {
1725  Acl *acl = PG_GETARG_ACL_P(0);
1726  FuncCallContext *funcctx;
1727  int *idx;
1728  AclItem *aidat;
1729 
1730  if (SRF_IS_FIRSTCALL())
1731  {
1732  TupleDesc tupdesc;
1733  MemoryContext oldcontext;
1734 
1735  check_acl(acl);
1736 
1737  funcctx = SRF_FIRSTCALL_INIT();
1738  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1739 
1740  /*
1741  * build tupdesc for result tuples (matches out parameters in pg_proc
1742  * entry)
1743  */
1744  tupdesc = CreateTemplateTupleDesc(4);
1745  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1746  OIDOID, -1, 0);
1747  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1748  OIDOID, -1, 0);
1749  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1750  TEXTOID, -1, 0);
1751  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1752  BOOLOID, -1, 0);
1753 
1754  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1755 
1756  /* allocate memory for user context */
1757  idx = (int *) palloc(sizeof(int[2]));
1758  idx[0] = 0; /* ACL array item index */
1759  idx[1] = -1; /* privilege type counter */
1760  funcctx->user_fctx = (void *) idx;
1761 
1762  MemoryContextSwitchTo(oldcontext);
1763  }
1764 
1765  funcctx = SRF_PERCALL_SETUP();
1766  idx = (int *) funcctx->user_fctx;
1767  aidat = ACL_DAT(acl);
1768 
1769  /* need test here in case acl has no items */
1770  while (idx[0] < ACL_NUM(acl))
1771  {
1772  AclItem *aidata;
1773  AclMode priv_bit;
1774 
1775  idx[1]++;
1776  if (idx[1] == N_ACL_RIGHTS)
1777  {
1778  idx[1] = 0;
1779  idx[0]++;
1780  if (idx[0] >= ACL_NUM(acl)) /* done */
1781  break;
1782  }
1783  aidata = &aidat[idx[0]];
1784  priv_bit = 1 << idx[1];
1785 
1786  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1787  {
1788  Datum result;
1789  Datum values[4];
1790  bool nulls[4];
1791  HeapTuple tuple;
1792 
1793  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1794  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1795  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1796  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1797 
1798  MemSet(nulls, 0, sizeof(nulls));
1799 
1800  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1801  result = HeapTupleGetDatum(tuple);
1802 
1803  SRF_RETURN_NEXT(funcctx, result);
1804  }
1805  }
1806 
1807  SRF_RETURN_DONE(funcctx);
1808 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
convert_aclright_to_string
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1673
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
CreateTemplateTupleDesc
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:45
SRF_IS_FIRSTCALL
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:293
MemoryContextSwitchTo
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
MemSet
#define MemSet(start, val, len)
Definition: c.h:1008
idx
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
heap_form_tuple
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
SRF_PERCALL_SETUP
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:297
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
FuncCallContext::tuple_desc
TupleDesc tuple_desc
Definition: funcapi.h:112
SRF_RETURN_NEXT
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:299
AclMode
uint32 AclMode
Definition: parsenodes.h:80
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
BlessTupleDesc
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2082
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:95
TupleDescInitEntry
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:583
Datum
uintptr_t Datum
Definition: postgres.h:411
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
BoolGetDatum
#define BoolGetDatum(X)
Definition: postgres.h:446
AclItem
Definition: acl.h:54
FuncCallContext::multi_call_memory_ctx
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
HeapTupleGetDatum
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:220
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
values
static Datum values[MAXATTR]
Definition: bootstrap.c:156
FuncCallContext::user_fctx
void * user_fctx
Definition: funcapi.h:82
palloc
void * palloc(Size size)
Definition: mcxt.c:1062
CStringGetTextDatum
#define CStringGetTextDatum(s)
Definition: builtins.h:86
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526
SRF_RETURN_DONE
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:317
SRF_FIRSTCALL_INIT
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:295

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1510 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1511 {
1512  ereport(ERROR,
1513  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1514  errmsg("aclinsert is no longer supported")));
1515 
1516  PG_RETURN_NULL(); /* keep compiler quiet */
1517 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
ERROR
#define ERROR
Definition: elog.h:46
ereport
#define ereport(elevel,...)
Definition: elog.h:157
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 679 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

680 {
681  AclItem *a1 = PG_GETARG_ACLITEM_P(0);
682  AclItem *a2 = PG_GETARG_ACLITEM_P(1);
683  bool result;
684 
685  result = a1->ai_privs == a2->ai_privs &&
686  a1->ai_grantee == a2->ai_grantee &&
687  a1->ai_grantor == a2->ai_grantor;
688  PG_RETURN_BOOL(result);
689 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
a2
static const FormData_pg_attribute a2
Definition: heap.c:167
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
AclItem
Definition: acl.h:54
a1
static const FormData_pg_attribute a1
Definition: heap.c:153

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 644 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

645 {
646  return a1->ai_grantee == a2->ai_grantee &&
647  a1->ai_grantor == a2->ai_grantor;
648 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 655 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

656 {
657  const AclItem *a1 = (const AclItem *) arg1;
658  const AclItem *a2 = (const AclItem *) arg2;
659 
660  if (a1->ai_grantee > a2->ai_grantee)
661  return 1;
662  if (a1->ai_grantee < a2->ai_grantee)
663  return -1;
664  if (a1->ai_grantor > a2->ai_grantor)
665  return 1;
666  if (a1->ai_grantor < a2->ai_grantor)
667  return -1;
668  if (a1->ai_privs > a2->ai_privs)
669  return 1;
670  if (a1->ai_privs < a2->ai_privs)
671  return -1;
672  return 0;
673 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
a2
static const FormData_pg_attribute a2
Definition: heap.c:167
AclItem
Definition: acl.h:54
a1
static const FormData_pg_attribute a1
Definition: heap.c:153

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 551 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

552 {
553  const char *s = PG_GETARG_CSTRING(0);
554  AclItem *aip;
555 
556  aip = (AclItem *) palloc(sizeof(AclItem));
557  s = aclparse(s, aip);
558  while (isspace((unsigned char) *s))
559  ++s;
560  if (*s)
561  ereport(ERROR,
562  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
563  errmsg("extra garbage at the end of the ACL specification")));
564 
565  PG_RETURN_ACLITEM_P(aip);
566 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
ERROR
#define ERROR
Definition: elog.h:46
aclparse
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:232
ereport
#define ereport(elevel,...)
Definition: elog.h:157
AclItem
Definition: acl.h:54
PG_RETURN_ACLITEM_P
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
palloc
void * palloc(Size size)
Definition: mcxt.c:1062
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
PG_GETARG_CSTRING
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 577 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

578 {
579  AclItem *aip = PG_GETARG_ACLITEM_P(0);
580  char *p;
581  char *out;
582  HeapTuple htup;
583  unsigned i;
584 
585  out = palloc(strlen("=/") +
586  2 * N_ACL_RIGHTS +
587  2 * (2 * NAMEDATALEN + 2) +
588  1);
589 
590  p = out;
591  *p = '\0';
592 
593  if (aip->ai_grantee != ACL_ID_PUBLIC)
594  {
595  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
596  if (HeapTupleIsValid(htup))
597  {
598  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
599  ReleaseSysCache(htup);
600  }
601  else
602  {
603  /* Generate numeric OID if we don't find an entry */
604  sprintf(p, "%u", aip->ai_grantee);
605  }
606  }
607  while (*p)
608  ++p;
609 
610  *p++ = '=';
611 
612  for (i = 0; i < N_ACL_RIGHTS; ++i)
613  {
614  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
615  *p++ = ACL_ALL_RIGHTS_STR[i];
616  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
617  *p++ = '*';
618  }
619 
620  *p++ = '/';
621  *p = '\0';
622 
623  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
624  if (HeapTupleIsValid(htup))
625  {
626  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
627  ReleaseSysCache(htup);
628  }
629  else
630  {
631  /* Generate numeric OID if we don't find an entry */
632  sprintf(p, "%u", aip->ai_grantor);
633  }
634 
635  PG_RETURN_CSTRING(out);
636 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
putid
static void putid(char *p, const char *s)
Definition: acl.c:183
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:654
rolname
NameData rolname
Definition: pg_authid.h:34
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
sprintf
#define sprintf
Definition: port.h:219
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:95
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1150
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1198
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
AclItem
Definition: acl.h:54
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
PG_RETURN_CSTRING
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
palloc
void * palloc(Size size)
Definition: mcxt.c:1062
i
int i
Definition: preproc-comment.c:23
NameStr
#define NameStr(name)
Definition: c.h:681
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 481 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

482 {
483  if (acl != NULL && ACL_NUM(acl) > 1)
484  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
485 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
qsort
#define qsort(a, b, c, d)
Definition: port.h:505
aclitemComparator
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:655

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1306 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask_ext(), pg_class_aclmask_ext(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

1308 {
1309  AclMode result;
1310  AclMode remaining;
1311  AclItem *aidat;
1312  int i,
1313  num;
1314 
1315  /*
1316  * Null ACL should not happen, since caller should have inserted
1317  * appropriate default
1318  */
1319  if (acl == NULL)
1320  elog(ERROR, "null ACL");
1321 
1322  check_acl(acl);
1323 
1324  /* Quick exit for mask == 0 */
1325  if (mask == 0)
1326  return 0;
1327 
1328  result = 0;
1329 
1330  /* Owner always implicitly has all grant options */
1331  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1332  has_privs_of_role(roleid, ownerId))
1333  {
1334  result = mask & ACLITEM_ALL_GOPTION_BITS;
1335  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1336  return result;
1337  }
1338 
1339  num = ACL_NUM(acl);
1340  aidat = ACL_DAT(acl);
1341 
1342  /*
1343  * Check privileges granted directly to roleid or to public
1344  */
1345  for (i = 0; i < num; i++)
1346  {
1347  AclItem *aidata = &aidat[i];
1348 
1349  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1350  aidata->ai_grantee == roleid)
1351  {
1352  result |= aidata->ai_privs & mask;
1353  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1354  return result;
1355  }
1356  }
1357 
1358  /*
1359  * Check privileges granted indirectly via role memberships. We do this in
1360  * a separate pass to minimize expensive indirect membership tests. In
1361  * particular, it's worth testing whether a given ACL entry grants any
1362  * privileges still of interest before we perform the has_privs_of_role
1363  * test.
1364  */
1365  remaining = mask & ~result;
1366  for (i = 0; i < num; i++)
1367  {
1368  AclItem *aidata = &aidat[i];
1369 
1370  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1371  aidata->ai_grantee == roleid)
1372  continue; /* already checked it */
1373 
1374  if ((aidata->ai_privs & remaining) &&
1375  has_privs_of_role(roleid, aidata->ai_grantee))
1376  {
1377  result |= aidata->ai_privs & mask;
1378  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1379  return result;
1380  remaining = mask & ~result;
1381  }
1382  }
1383 
1384  return result;
1385 }
remaining
int remaining
Definition: informix.c:667
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
has_privs_of_role
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4843
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:80
ERROR
#define ERROR
Definition: elog.h:46
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
elog
#define elog(elevel,...)
Definition: elog.h:232
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1395 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

1397 {
1398  AclMode result;
1399  AclItem *aidat;
1400  int i,
1401  num;
1402 
1403  /*
1404  * Null ACL should not happen, since caller should have inserted
1405  * appropriate default
1406  */
1407  if (acl == NULL)
1408  elog(ERROR, "null ACL");
1409 
1410  check_acl(acl);
1411 
1412  /* Quick exit for mask == 0 */
1413  if (mask == 0)
1414  return 0;
1415 
1416  result = 0;
1417 
1418  /* Owner always implicitly has all grant options */
1419  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1420  roleid == ownerId)
1421  {
1422  result = mask & ACLITEM_ALL_GOPTION_BITS;
1423  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1424  return result;
1425  }
1426 
1427  num = ACL_NUM(acl);
1428  aidat = ACL_DAT(acl);
1429 
1430  /*
1431  * Check privileges granted directly to roleid (and not to public)
1432  */
1433  for (i = 0; i < num; i++)
1434  {
1435  AclItem *aidata = &aidat[i];
1436 
1437  if (aidata->ai_grantee == roleid)
1438  {
1439  result |= aidata->ai_privs & mask;
1440  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1441  return result;
1442  }
1443  }
1444 
1445  return result;
1446 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:80
ERROR
#define ERROR
Definition: elog.h:46
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
elog
#define elog(elevel,...)
Definition: elog.h:232
i
int i
Definition: preproc-comment.c:23
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1458 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), recordDependencyOnNewAcl(), and SetDefaultACL().

1459 {
1460  Oid *list;
1461  const AclItem *acldat;
1462  int i,
1463  j;
1464 
1465  if (acl == NULL || ACL_NUM(acl) == 0)
1466  {
1467  *roleids = NULL;
1468  return 0;
1469  }
1470 
1471  check_acl(acl);
1472 
1473  /* Allocate the worst-case space requirement */
1474  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1475  acldat = ACL_DAT(acl);
1476 
1477  /*
1478  * Walk the ACL collecting mentioned RoleIds.
1479  */
1480  j = 0;
1481  for (i = 0; i < ACL_NUM(acl); i++)
1482  {
1483  const AclItem *ai = &acldat[i];
1484 
1485  if (ai->ai_grantee != ACL_ID_PUBLIC)
1486  list[j++] = ai->ai_grantee;
1487  /* grantor is currently never PUBLIC, but let's check anyway */
1488  if (ai->ai_grantor != ACL_ID_PUBLIC)
1489  list[j++] = ai->ai_grantor;
1490  }
1491 
1492  /* Sort the array */
1493  qsort(list, j, sizeof(Oid), oid_cmp);
1494 
1495  /*
1496  * We could repalloc the array down to minimum size, but it's hardly worth
1497  * it since it's only transient memory.
1498  */
1499  *roleids = list;
1500 
1501  /* Remove duplicates from the array */
1502  return qunique(list, j, sizeof(Oid), oid_cmp);
1503 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
Oid
unsigned int Oid
Definition: postgres_ext.h:31
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
oid_cmp
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
qunique
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21
palloc
void * palloc(Size size)
Definition: mcxt.c:1062
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
qsort
#define qsort(a, b, c, d)
Definition: port.h:505
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 437 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

438 {
439  Acl *result_acl;
440  AclItem *aip;
441  int i,
442  num;
443 
444  /* Check for cases where one or both are empty/null */
445  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
446  {
447  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
448  return NULL;
449  else
450  return aclcopy(right_acl);
451  }
452  else
453  {
454  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
455  return aclcopy(left_acl);
456  }
457 
458  /* Merge them the hard way, one item at a time */
459  result_acl = aclcopy(left_acl);
460 
461  aip = ACL_DAT(right_acl);
462  num = ACL_NUM(right_acl);
463 
464  for (i = 0; i < num; i++, aip++)
465  {
466  Acl *tmp_acl;
467 
468  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
469  ownerId, DROP_RESTRICT);
470  pfree(result_acl);
471  result_acl = tmp_acl;
472  }
473 
474  return result_acl;
475 }
pfree
void pfree(void *pointer)
Definition: mcxt.c:1169
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:129
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
aclcopy
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:393
i
int i
Definition: preproc-comment.c:23
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:916

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1037 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

1038 {
1039  Acl *new_acl;
1040  AclItem *new_aip;
1041  AclItem *old_aip;
1042  AclItem *dst_aip;
1043  AclItem *src_aip;
1044  AclItem *targ_aip;
1045  bool newpresent = false;
1046  int dst,
1047  src,
1048  targ,
1049  num;
1050 
1051  check_acl(old_acl);
1052 
1053  /*
1054  * Make a copy of the given ACL, substituting new owner ID for old
1055  * wherever it appears as either grantor or grantee. Also note if the new
1056  * owner ID is already present.
1057  */
1058  num = ACL_NUM(old_acl);
1059  old_aip = ACL_DAT(old_acl);
1060  new_acl = allocacl(num);
1061  new_aip = ACL_DAT(new_acl);
1062  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1063  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1064  {
1065  if (dst_aip->ai_grantor == oldOwnerId)
1066  dst_aip->ai_grantor = newOwnerId;
1067  else if (dst_aip->ai_grantor == newOwnerId)
1068  newpresent = true;
1069  if (dst_aip->ai_grantee == oldOwnerId)
1070  dst_aip->ai_grantee = newOwnerId;
1071  else if (dst_aip->ai_grantee == newOwnerId)
1072  newpresent = true;
1073  }
1074 
1075  /*
1076  * If the old ACL contained any references to the new owner, then we may
1077  * now have generated an ACL containing duplicate entries. Find them and
1078  * merge them so that there are not duplicates. (This is relatively
1079  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1080  * be the normal case.)
1081  *
1082  * To simplify deletion of duplicate entries, we temporarily leave them in
1083  * the array but set their privilege masks to zero; when we reach such an
1084  * entry it's just skipped. (Thus, a side effect of this code will be to
1085  * remove privilege-free entries, should there be any in the input.) dst
1086  * is the next output slot, targ is the currently considered input slot
1087  * (always >= dst), and src scans entries to the right of targ looking for
1088  * duplicates. Once an entry has been emitted to dst it is known
1089  * duplicate-free and need not be considered anymore.
1090  */
1091  if (newpresent)
1092  {
1093  dst = 0;
1094  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1095  {
1096  /* ignore if deleted in an earlier pass */
1097  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1098  continue;
1099  /* find and merge any duplicates */
1100  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1101  src++, src_aip++)
1102  {
1103  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1104  continue;
1105  if (aclitem_match(targ_aip, src_aip))
1106  {
1107  ACLITEM_SET_RIGHTS(*targ_aip,
1108  ACLITEM_GET_RIGHTS(*targ_aip) |
1109  ACLITEM_GET_RIGHTS(*src_aip));
1110  /* mark the duplicate deleted */
1111  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1112  }
1113  }
1114  /* and emit to output */
1115  new_aip[dst] = *targ_aip;
1116  dst++;
1117  }
1118  /* Adjust array size to be 'dst' items */
1119  ARR_DIMS(new_acl)[0] = dst;
1120  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1121  }
1122 
1123  return new_acl;
1124 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
allocacl
static Acl * allocacl(int n)
Definition: acl.c:362
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:287
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:96
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:644
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:342
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 232 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

233 {
234  AclMode privs,
235  goption,
236  read;
237  char name[NAMEDATALEN];
238  char name2[NAMEDATALEN];
239 
240  Assert(s && aip);
241 
242  s = getid(s, name);
243  if (*s != '=')
244  {
245  /* we just read a keyword, not a name */
246  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
247  ereport(ERROR,
248  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
249  errmsg("unrecognized key word: \"%s\"", name),
250  errhint("ACL key word must be \"group\" or \"user\".")));
251  s = getid(s, name); /* move s to the name beyond the keyword */
252  if (name[0] == '\0')
253  ereport(ERROR,
254  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
255  errmsg("missing name"),
256  errhint("A name must follow the \"group\" or \"user\" key word.")));
257  }
258 
259  if (*s != '=')
260  ereport(ERROR,
261  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
262  errmsg("missing \"=\" sign")));
263 
264  privs = goption = ACL_NO_RIGHTS;
265 
266  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
267  {
268  switch (*s)
269  {
270  case '*':
271  goption |= read;
272  break;
273  case ACL_INSERT_CHR:
274  read = ACL_INSERT;
275  break;
276  case ACL_SELECT_CHR:
277  read = ACL_SELECT;
278  break;
279  case ACL_UPDATE_CHR:
280  read = ACL_UPDATE;
281  break;
282  case ACL_DELETE_CHR:
283  read = ACL_DELETE;
284  break;
285  case ACL_TRUNCATE_CHR:
286  read = ACL_TRUNCATE;
287  break;
288  case ACL_REFERENCES_CHR:
289  read = ACL_REFERENCES;
290  break;
291  case ACL_TRIGGER_CHR:
292  read = ACL_TRIGGER;
293  break;
294  case ACL_EXECUTE_CHR:
295  read = ACL_EXECUTE;
296  break;
297  case ACL_USAGE_CHR:
298  read = ACL_USAGE;
299  break;
300  case ACL_CREATE_CHR:
301  read = ACL_CREATE;
302  break;
303  case ACL_CREATE_TEMP_CHR:
304  read = ACL_CREATE_TEMP;
305  break;
306  case ACL_CONNECT_CHR:
307  read = ACL_CONNECT;
308  break;
309  case 'R': /* ignore old RULE privileges */
310  read = 0;
311  break;
312  default:
313  ereport(ERROR,
314  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
315  errmsg("invalid mode character: must be one of \"%s\"",
316  ACL_ALL_RIGHTS_STR)));
317  }
318 
319  privs |= read;
320  }
321 
322  if (name[0] == '\0')
323  aip->ai_grantee = ACL_ID_PUBLIC;
324  else
325  aip->ai_grantee = get_role_oid(name, false);
326 
327  /*
328  * XXX Allow a degree of backward compatibility by defaulting the grantor
329  * to the superuser.
330  */
331  if (*s == '/')
332  {
333  s = getid(s + 1, name2);
334  if (name2[0] == '\0')
335  ereport(ERROR,
336  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
337  errmsg("a name must follow the \"/\" sign")));
338  aip->ai_grantor = get_role_oid(name2, false);
339  }
340  else
341  {
342  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
343  ereport(WARNING,
344  (errcode(ERRCODE_INVALID_GRANTOR),
345  errmsg("defaulting grantor to user ID %u",
346  BOOTSTRAP_SUPERUSERID)));
347  }
348 
349  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
350 
351  return s;
352 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_INSERT_CHR
#define ACL_INSERT_CHR
Definition: acl.h:137
errhint
int errhint(const char *fmt,...)
Definition: elog.c:1156
ACL_CONNECT_CHR
#define ACL_CONNECT_CHR
Definition: acl.h:148
ACL_DELETE_CHR
#define ACL_DELETE_CHR
Definition: acl.h:140
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:85
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5094
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
AclMode
uint32 AclMode
Definition: parsenodes.h:80
ACL_CREATE_TEMP_CHR
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
ERROR
#define ERROR
Definition: elog.h:46
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
getid
static const char * getid(const char *s, char *n)
Definition: acl.c:131
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:96
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:88
ACL_TRUNCATE_CHR
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
ACL_REFERENCES_CHR
#define ACL_REFERENCES_CHR
Definition: acl.h:142
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:94
WARNING
#define WARNING
Definition: elog.h:40
ACL_SELECT_CHR
#define ACL_SELECT_CHR
Definition: acl.h:138
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:84
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:83
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
ACL_USAGE_CHR
#define ACL_USAGE_CHR
Definition: acl.h:145
ereport
#define ereport(elevel,...)
Definition: elog.h:157
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:87
Assert
#define Assert(condition)
Definition: c.h:804
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:82
ACL_UPDATE_CHR
#define ACL_UPDATE_CHR
Definition: acl.h:139
name
const char * name
Definition: encode.c:561
ACL_TRIGGER_CHR
#define ACL_TRIGGER_CHR
Definition: acl.h:143
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:89
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
read
#define read(a, b, c)
Definition: win32.h:13
ACL_EXECUTE_CHR
#define ACL_EXECUTE_CHR
Definition: acl.h:144
ACL_CREATE_CHR
#define ACL_CREATE_CHR
Definition: acl.h:146
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:86

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1520 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1521 {
1522  ereport(ERROR,
1523  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1524  errmsg("aclremove is no longer supported")));
1525 
1526  PG_RETURN_NULL(); /* keep compiler quiet */
1527 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
ERROR
#define ERROR
Definition: elog.h:46
ereport
#define ereport(elevel,...)
Definition: elog.h:157
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 916 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

918 {
919  Acl *new_acl = NULL;
920  AclItem *old_aip,
921  *new_aip = NULL;
922  AclMode old_rights,
923  old_goptions,
924  new_rights,
925  new_goptions;
926  int dst,
927  num;
928 
929  /* Caller probably already checked old_acl, but be safe */
930  check_acl(old_acl);
931 
932  /* If granting grant options, check for circularity */
933  if (modechg != ACL_MODECHG_DEL &&
934  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
935  check_circularity(old_acl, mod_aip, ownerId);
936 
937  num = ACL_NUM(old_acl);
938  old_aip = ACL_DAT(old_acl);
939 
940  /*
941  * Search the ACL for an existing entry for this grantee and grantor. If
942  * one exists, just modify the entry in-place (well, in the same position,
943  * since we actually return a copy); otherwise, insert the new entry at
944  * the end.
945  */
946 
947  for (dst = 0; dst < num; ++dst)
948  {
949  if (aclitem_match(mod_aip, old_aip + dst))
950  {
951  /* found a match, so modify existing item */
952  new_acl = allocacl(num);
953  new_aip = ACL_DAT(new_acl);
954  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
955  break;
956  }
957  }
958 
959  if (dst == num)
960  {
961  /* need to append a new item */
962  new_acl = allocacl(num + 1);
963  new_aip = ACL_DAT(new_acl);
964  memcpy(new_aip, old_aip, num * sizeof(AclItem));
965 
966  /* initialize the new entry with no permissions */
967  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
968  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
969  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
970  ACL_NO_RIGHTS, ACL_NO_RIGHTS);
971  num++; /* set num to the size of new_acl */
972  }
973 
974  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
975  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
976 
977  /* apply the specified permissions change */
978  switch (modechg)
979  {
980  case ACL_MODECHG_ADD:
981  ACLITEM_SET_RIGHTS(new_aip[dst],
982  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
983  break;
984  case ACL_MODECHG_DEL:
985  ACLITEM_SET_RIGHTS(new_aip[dst],
986  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
987  break;
988  case ACL_MODECHG_EQL:
989  ACLITEM_SET_RIGHTS(new_aip[dst],
990  ACLITEM_GET_RIGHTS(*mod_aip));
991  break;
992  }
993 
994  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
995  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
996 
997  /*
998  * If the adjusted entry has no permissions, delete it from the list.
999  */
1000  if (new_rights == ACL_NO_RIGHTS)
1001  {
1002  memmove(new_aip + dst,
1003  new_aip + dst + 1,
1004  (num - dst - 1) * sizeof(AclItem));
1005  /* Adjust array size to be 'num - 1' items */
1006  ARR_DIMS(new_acl)[0] = num - 1;
1007  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1008  }
1009 
1010  /*
1011  * Remove abandoned privileges (cascading revoke). Currently we can only
1012  * handle this when the grantee is not PUBLIC.
1013  */
1014  if ((old_goptions & ~new_goptions) != 0)
1015  {
1016  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1017  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1018  (old_goptions & ~new_goptions),
1019  ownerId, behavior);
1020  }
1021 
1022  return new_acl;
1023 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_MODECHG_EQL
#define ACL_MODECHG_EQL
Definition: acl.h:131
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
allocacl
static Acl * allocacl(int n)
Definition: acl.c:362
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:130
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:111
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclMode
uint32 AclMode
Definition: parsenodes.h:80
check_circularity
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1140
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:287
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:96
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:129
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
Assert
#define Assert(condition)
Definition: c.h:804
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:644
recursive_revoke
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1220
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:342
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 362 of file acl.c.

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

363 {
364  Acl *new_acl;
365  Size size;
366 
367  if (n < 0)
368  elog(ERROR, "invalid size: %d", n);
369  size = ACL_N_SIZE(n);
370  new_acl = (Acl *) palloc0(size);
371  SET_VARSIZE(new_acl, size);
372  new_acl->ndim = 1;
373  new_acl->dataoffset = 0; /* we never put in any nulls */
374  new_acl->elemtype = ACLITEMOID;
375  ARR_LBOUND(new_acl)[0] = 1;
376  ARR_DIMS(new_acl)[0] = n;
377  return new_acl;
378 }
ArrayType::dataoffset
int32 dataoffset
Definition: array.h:89
ARR_LBOUND
#define ARR_LBOUND(a)
Definition: array.h:289
ERROR
#define ERROR
Definition: elog.h:46
ArrayType::elemtype
Oid elemtype
Definition: array.h:90
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:287
palloc0
void * palloc0(Size size)
Definition: mcxt.c:1093
Size
size_t Size
Definition: c.h:540
elog
#define elog(elevel,...)
Definition: elog.h:232
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:342
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
ArrayType::ndim
int ndim
Definition: array.h:88

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 526 of file acl.c.

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

527 {
528  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
529  ereport(ERROR,
530  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
531  errmsg("ACL array contains wrong data type")));
532  if (ARR_NDIM(acl) != 1)
533  ereport(ERROR,
534  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
535  errmsg("ACL arrays must be one-dimensional")));
536  if (ARR_HASNULL(acl))
537  ereport(ERROR,
538  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
539  errmsg("ACL arrays must not contain null values")));
540 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
ERROR
#define ERROR
Definition: elog.h:46
ARR_HASNULL
#define ARR_HASNULL(a)
Definition: array.h:284
ereport
#define ereport(elevel,...)
Definition: elog.h:157
ARR_NDIM
#define ARR_NDIM(a)
Definition: array.h:283
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
ARR_ELEMTYPE
#define ARR_ELEMTYPE(a)
Definition: array.h:285

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1140 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

1142 {
1143  Acl *acl;
1144  AclItem *aip;
1145  int i,
1146  num;
1147  AclMode own_privs;
1148 
1149  check_acl(old_acl);
1150 
1151  /*
1152  * For now, grant options can only be granted to roles, not PUBLIC.
1153  * Otherwise we'd have to work a bit harder here.
1154  */
1155  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1156 
1157  /* The owner always has grant options, no need to check */
1158  if (mod_aip->ai_grantor == ownerId)
1159  return;
1160 
1161  /* Make a working copy */
1162  acl = allocacl(ACL_NUM(old_acl));
1163  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1164 
1165  /* Zap all grant options of target grantee, plus what depends on 'em */
1166 cc_restart:
1167  num = ACL_NUM(acl);
1168  aip = ACL_DAT(acl);
1169  for (i = 0; i < num; i++)
1170  {
1171  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1172  ACLITEM_GET_GOPTIONS(aip[i]) != ACL_NO_RIGHTS)
1173  {
1174  Acl *new_acl;
1175 
1176  /* We'll actually zap ordinary privs too, but no matter */
1177  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1178  ownerId, DROP_CASCADE);
1179 
1180  pfree(acl);
1181  acl = new_acl;
1182 
1183  goto cc_restart;
1184  }
1185  }
1186 
1187  /* Now we can compute grantor's independently-derived privileges */
1188  own_privs = aclmask(acl,
1189  mod_aip->ai_grantor,
1190  ownerId,
1191  ACL_GRANT_OPTION_FOR(ACLITEM_GET_GOPTIONS(*mod_aip)),
1192  ACLMASK_ALL);
1193  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1194 
1195  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1196  ereport(ERROR,
1197  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1198  errmsg("grant options cannot be granted back to your own grantor")));
1199 
1200  pfree(acl);
1201 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
allocacl
static Acl * allocacl(int n)
Definition: acl.c:362
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:130
aclmask
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1306
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:111
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclMode
uint32 AclMode
Definition: parsenodes.h:80
pfree
void pfree(void *pointer)
Definition: mcxt.c:1169
ERROR
#define ERROR
Definition: elog.h:46
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:96
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
ereport
#define ereport(elevel,...)
Definition: elog.h:157
AclItem
Definition: acl.h:54
ACL_OPTION_TO_PRIVS
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
Assert
#define Assert(condition)
Definition: c.h:804
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:916
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:526

◆ check_is_member_of_role()

void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 4893 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

4894 {
4895  if (!is_member_of_role(member, role))
4896  ereport(ERROR,
4897  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4898  errmsg("must be member of role \"%s\"",
4899  GetUserNameFromId(role, false))));
4900 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
ERROR
#define ERROR
Definition: elog.h:46
ereport
#define ereport(elevel,...)
Definition: elog.h:157
is_member_of_role
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4869
GetUserNameFromId
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:910
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5235 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

5236 {
5237  if (!role)
5238  return;
5239 
5240  if (role->roletype != ROLESPEC_CSTRING)
5241  return;
5242 
5243  if (IsReservedName(role->rolename))
5244  {
5245  if (detail_msg)
5246  ereport(ERROR,
5247  (errcode(ERRCODE_RESERVED_NAME),
5248  errmsg("role name \"%s\" is reserved",
5249  role->rolename),
5250  errdetail("%s", detail_msg)));
5251  else
5252  ereport(ERROR,
5253  (errcode(ERRCODE_RESERVED_NAME),
5254  errmsg("role name \"%s\" is reserved",
5255  role->rolename)));
5256  }
5257 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
IsReservedName
bool IsReservedName(const char *name)
Definition: catalog.c:218
ERROR
#define ERROR
Definition: elog.h:46
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:1042
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:351
ereport
#define ereport(elevel,...)
Definition: elog.h:157
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:352
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2443 of file acl.c.

References ACLCHECK_OK, InvalidAttrNumber, pg_attribute_aclcheck_ext(), and pg_class_aclcheck_ext().

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2445 {
2446  AclResult aclresult;
2447  bool is_missing = false;
2448 
2449  /*
2450  * If convert_column_name failed, we can just return -1 immediately.
2451  */
2452  if (attnum == InvalidAttrNumber)
2453  return -1;
2454 
2455  /*
2456  * Check for column-level privileges first. This serves in part as a check
2457  * on whether the column even exists, so we need to do it before checking
2458  * table-level privilege.
2459  */
2460  aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
2461  mode, &is_missing);
2462  if (aclresult == ACLCHECK_OK)
2463  return 1;
2464  else if (is_missing)
2465  return -1;
2466 
2467  /* Next check if we have the privilege at the table level */
2468  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2469  if (aclresult == ACLCHECK_OK)
2470  return 1;
2471  else if (is_missing)
2472  return -1;
2473  else
2474  return 0;
2475 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
pg_class_aclcheck_ext
AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:4694
AclResult
AclResult
Definition: acl.h:177
attnum
int16 attnum
Definition: pg_attribute.h:83
pg_attribute_aclcheck_ext
AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:4567
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1673 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

1674 {
1675  switch (aclright)
1676  {
1677  case ACL_INSERT:
1678  return "INSERT";
1679  case ACL_SELECT:
1680  return "SELECT";
1681  case ACL_UPDATE:
1682  return "UPDATE";
1683  case ACL_DELETE:
1684  return "DELETE";
1685  case ACL_TRUNCATE:
1686  return "TRUNCATE";
1687  case ACL_REFERENCES:
1688  return "REFERENCES";
1689  case ACL_TRIGGER:
1690  return "TRIGGER";
1691  case ACL_EXECUTE:
1692  return "EXECUTE";
1693  case ACL_USAGE:
1694  return "USAGE";
1695  case ACL_CREATE:
1696  return "CREATE";
1697  case ACL_CREATE_TEMP:
1698  return "TEMPORARY";
1699  case ACL_CONNECT:
1700  return "CONNECT";
1701  default:
1702  elog(ERROR, "unrecognized aclright: %d", aclright);
1703  return NULL;
1704  }
1705 }
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:85
ERROR
#define ERROR
Definition: elog.h:46
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:88
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:94
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:84
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:83
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:87
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:82
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:89
elog
#define elog(elevel,...)
Definition: elog.h:232
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:86

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1625 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

1627 {
1628  AclMode result = 0;
1629  char *priv_type = text_to_cstring(priv_type_text);
1630  char *chunk;
1631  char *next_chunk;
1632 
1633  /* We rely on priv_type being a private, modifiable string */
1634  for (chunk = priv_type; chunk; chunk = next_chunk)
1635  {
1636  int chunk_len;
1637  const priv_map *this_priv;
1638 
1639  /* Split string at commas */
1640  next_chunk = strchr(chunk, ',');
1641  if (next_chunk)
1642  *next_chunk++ = '\0';
1643 
1644  /* Drop leading/trailing whitespace in this chunk */
1645  while (*chunk && isspace((unsigned char) *chunk))
1646  chunk++;
1647  chunk_len = strlen(chunk);
1648  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1649  chunk_len--;
1650  chunk[chunk_len] = '\0';
1651 
1652  /* Match to the privileges list */
1653  for (this_priv = privileges; this_priv->name; this_priv++)
1654  {
1655  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1656  {
1657  result |= this_priv->value;
1658  break;
1659  }
1660  }
1661  if (!this_priv->name)
1662  ereport(ERROR,
1663  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1664  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1665  }
1666 
1667  pfree(priv_type);
1668  return result;
1669 }
priv_map
Definition: acl.c:45
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
priv_map::name
const char * name
Definition: acl.c:47
AclMode
uint32 AclMode
Definition: parsenodes.h:80
pfree
void pfree(void *pointer)
Definition: mcxt.c:1169
ERROR
#define ERROR
Definition: elog.h:46
priv_map::value
AclMode value
Definition: acl.c:48
ereport
#define ereport(elevel,...)
Definition: elog.h:157
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2803 of file acl.c.

References ATTNAME, attnum, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum, pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

2804 {
2805  char *colname;
2806  HeapTuple attTuple;
2807  AttrNumber attnum;
2808 
2809  colname = text_to_cstring(column);
2810 
2811  /*
2812  * We don't use get_attnum() here because it will report that dropped
2813  * columns don't exist. We need to treat dropped columns differently from
2814  * nonexistent columns.
2815  */
2816  attTuple = SearchSysCache2(ATTNAME,
2817  ObjectIdGetDatum(tableoid),
2818  CStringGetDatum(colname));
2819  if (HeapTupleIsValid(attTuple))
2820  {
2821  Form_pg_attribute attributeForm;
2822 
2823  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2824  /* We want to return NULL for dropped columns */
2825  if (attributeForm->attisdropped)
2826  attnum = InvalidAttrNumber;
2827  else
2828  attnum = attributeForm->attnum;
2829  ReleaseSysCache(attTuple);
2830  }
2831  else
2832  {
2833  char *tablename = get_rel_name(tableoid);
2834 
2835  /*
2836  * If the table OID is bogus, or it's just been dropped, we'll get
2837  * NULL back. In such cases we want has_column_privilege to return
2838  * NULL too, so just return InvalidAttrNumber.
2839  */
2840  if (tablename != NULL)
2841  {
2842  /* tableoid exists, colname does not, so throw error */
2843  ereport(ERROR,
2844  (errcode(ERRCODE_UNDEFINED_COLUMN),
2845  errmsg("column \"%s\" of relation \"%s\" does not exist",
2846  colname, tablename)));
2847  }
2848  /* tableoid doesn't exist, so act like attisdropped case */
2849  attnum = InvalidAttrNumber;
2850  }
2851 
2852  pfree(colname);
2853  return attnum;
2854 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:654
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
pfree
void pfree(void *pointer)
Definition: mcxt.c:1169
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
ERROR
#define ERROR
Definition: elog.h:46
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:622
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:207
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1198
attnum
int16 attnum
Definition: pg_attribute.h:83
ereport
#define ereport(elevel,...)
Definition: elog.h:157
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
SearchSysCache2
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1161
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
get_rel_name
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1899
AttrNumber
int16 AttrNumber
Definition: attnum.h:21

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2861 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2862 {
2863  static const priv_map column_priv_map[] = {
2864  {"SELECT", ACL_SELECT},
2865  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2866  {"INSERT", ACL_INSERT},
2867  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2868  {"UPDATE", ACL_UPDATE},
2869  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2870  {"REFERENCES", ACL_REFERENCES},
2871  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2872  {NULL, 0}
2873  };
2874 
2875  return convert_any_priv_string(priv_type_text, column_priv_map);
2876 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:84
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:83
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:87
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:82

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3046 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

3047 {
3048  char *dbname = text_to_cstring(databasename);
3049 
3050  return get_database_oid(dbname, false);
3051 }
get_database_oid
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2066
dbname
char * dbname
Definition: streamutil.c:51
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3058 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

3059 {
3060  static const priv_map database_priv_map[] = {
3061  {"CREATE", ACL_CREATE},
3062  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3063  {"TEMPORARY", ACL_CREATE_TEMP},
3064  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3065  {"TEMP", ACL_CREATE_TEMP},
3066  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3067  {"CONNECT", ACL_CONNECT},
3068  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3069  {NULL, 0}
3070  };
3071 
3072  return convert_any_priv_string(priv_type_text, database_priv_map);
3073 
3074 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:94
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3244 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

3245 {
3246  char *fdwstr = text_to_cstring(fdwname);
3247 
3248  return get_foreign_data_wrapper_oid(fdwstr, false);
3249 }
get_foreign_data_wrapper_oid
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:693
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3256 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

3257 {
3258  static const priv_map foreign_data_wrapper_priv_map[] = {
3259  {"USAGE", ACL_USAGE},
3260  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3261  {NULL, 0}
3262  };
3263 
3264  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3265 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3435 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

3436 {
3437  char *funcname = text_to_cstring(functionname);
3438  Oid oid;
3439 
3440  oid = DatumGetObjectId(DirectFunctionCall1(regprocedurein,
3441  CStringGetDatum(funcname)));
3442 
3443  if (!OidIsValid(oid))
3444  ereport(ERROR,
3445  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3446  errmsg("function \"%s\" does not exist", funcname)));
3447 
3448  return oid;
3449 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:544
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:626
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:710
ERROR
#define ERROR
Definition: elog.h:46
regprocedurein
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:230
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:622
ereport
#define ereport(elevel,...)
Definition: elog.h:157
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3456 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

3457 {
3458  static const priv_map function_priv_map[] = {
3459  {"EXECUTE", ACL_EXECUTE},
3460  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3461  {NULL, 0}
3462  };
3463 
3464  return convert_any_priv_string(priv_type_text, function_priv_map);
3465 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:89

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3635 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

3636 {
3637  char *langname = text_to_cstring(languagename);
3638 
3639  return get_language_oid(langname, false);
3640 }
get_language_oid
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:228
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3647 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

3648 {
3649  static const priv_map language_priv_map[] = {
3650  {"USAGE", ACL_USAGE},
3651  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3652  {NULL, 0}
3653  };
3654 
3655  return convert_any_priv_string(priv_type_text, language_priv_map);
3656 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_priv_string()

static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1575 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

1576 {
1577  char *priv_type = text_to_cstring(priv_type_text);
1578 
1579  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1580  return ACL_SELECT;
1581  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1582  return ACL_INSERT;
1583  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1584  return ACL_UPDATE;
1585  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1586  return ACL_DELETE;
1587  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1588  return ACL_TRUNCATE;
1589  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1590  return ACL_REFERENCES;
1591  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1592  return ACL_TRIGGER;
1593  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1594  return ACL_EXECUTE;
1595  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1596  return ACL_USAGE;
1597  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1598  return ACL_CREATE;
1599  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1600  return ACL_CREATE_TEMP;
1601  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1602  return ACL_CREATE_TEMP;
1603  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1604  return ACL_CONNECT;
1605  if (pg_strcasecmp(priv_type, "RULE") == 0)
1606  return 0; /* ignore old RULE privileges */
1607 
1608  ereport(ERROR,
1609  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1610  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1611  return ACL_NO_RIGHTS; /* keep compiler quiet */
1612 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:85
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
ERROR
#define ERROR
Definition: elog.h:46
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:96
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:88
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:94
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:84
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:83
ereport
#define ereport(elevel,...)
Definition: elog.h:157
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:87
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:82
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:89
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:86

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4598 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

4599 {
4600  static const priv_map role_priv_map[] = {
4601  {"USAGE", ACL_USAGE},
4602  {"MEMBER", ACL_CREATE},
4603  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4604  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4605  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4606  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4607  {NULL, 0}
4608  };
4609 
4610  return convert_any_priv_string(priv_type_text, role_priv_map);
4611 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3826 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

3827 {
3828  char *nspname = text_to_cstring(schemaname);
3829 
3830  return get_namespace_oid(nspname, false);
3831 }
get_namespace_oid
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3088
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3838 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

3839 {
3840  static const priv_map schema_priv_map[] = {
3841  {"CREATE", ACL_CREATE},
3842  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3843  {"USAGE", ACL_USAGE},
3844  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3845  {NULL, 0}
3846  };
3847 
3848  return convert_any_priv_string(priv_type_text, schema_priv_map);
3849 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2218 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

2219 {
2220  static const priv_map sequence_priv_map[] = {
2221  {"USAGE", ACL_USAGE},
2222  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2223  {"SELECT", ACL_SELECT},
2224  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2225  {"UPDATE", ACL_UPDATE},
2226  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2227  {NULL, 0}
2228  };
2229 
2230  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2231 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:84
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:83

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4019 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

4020 {
4021  char *serverstr = text_to_cstring(servername);
4022 
4023  return get_foreign_server_oid(serverstr, false);
4024 }
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
get_foreign_server_oid
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:716

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4031 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

4032 {
4033  static const priv_map server_priv_map[] = {
4034  {"USAGE", ACL_USAGE},
4035  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4036  {NULL, 0}
4037  };
4038 
4039  return convert_any_priv_string(priv_type_text, server_priv_map);
4040 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

Definition at line 1980 of file acl.c.

References makeRangeVarFromNameList(), NoLock, RangeVarGetRelid, and textToQualifiedNameList().

Referenced by has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_name(), has_table_privilege_id_name(), has_table_privilege_name(), and has_table_privilege_name_name().

1981 {
1982  RangeVar *relrv;
1983 
1984  relrv = makeRangeVarFromNameList(textToQualifiedNameList(tablename));
1985 
1986  /* We might not even have permissions on this relation; don't lock it. */
1987  return RangeVarGetRelid(relrv, NoLock, false);
1988 }
RangeVarGetRelid
#define RangeVarGetRelid(relation, lockmode, missing_ok)
Definition: namespace.h:79
makeRangeVarFromNameList
RangeVar * makeRangeVarFromNameList(List *names)
Definition: namespace.c:3107
NoLock
#define NoLock
Definition: lockdefs.h:34
textToQualifiedNameList
List * textToQualifiedNameList(text *textval)
Definition: varlena.c:3688

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 1995 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

1996 {
1997  static const priv_map table_priv_map[] = {
1998  {"SELECT", ACL_SELECT},
1999  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2000  {"INSERT", ACL_INSERT},
2001  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2002  {"UPDATE", ACL_UPDATE},
2003  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2004  {"DELETE", ACL_DELETE},
2005  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2006  {"TRUNCATE", ACL_TRUNCATE},
2007  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2008  {"REFERENCES", ACL_REFERENCES},
2009  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2010  {"TRIGGER", ACL_TRIGGER},
2011  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2012  {"RULE", 0}, /* ignore old RULE privileges */
2013  {"RULE WITH GRANT OPTION", 0},
2014  {NULL, 0}
2015  };
2016 
2017  return convert_any_priv_string(priv_type_text, table_priv_map);
2018 }
priv_map
Definition: acl.c:45
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:85
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:88
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:84
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:83
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:87
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:82
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:86

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4210 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

4211 {
4212  char *spcname = text_to_cstring(tablespacename);
4213 
4214  return get_tablespace_oid(spcname, false);
4215 }
get_tablespace_oid
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1427
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4222 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

4223 {
4224  static const priv_map tablespace_priv_map[] = {
4225  {"CREATE", ACL_CREATE},
4226  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4227  {NULL, 0}
4228  };
4229 
4230  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4231 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4400 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

4401 {
4402  char *typname = text_to_cstring(typename);
4403  Oid oid;
4404 
4405  oid = DatumGetObjectId(DirectFunctionCall1(regtypein,
4406  CStringGetDatum(typname)));
4407 
4408  if (!OidIsValid(oid))
4409  ereport(ERROR,
4410  (errcode(ERRCODE_UNDEFINED_OBJECT),
4411  errmsg("type \"%s\" does not exist", typname)));
4412 
4413  return oid;
4414 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:544
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:626
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:710
ERROR
#define ERROR
Definition: elog.h:46
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:622
typname
NameData typname
Definition: pg_type.h:41
regtypein
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1251
ereport
#define ereport(elevel,...)
Definition: elog.h:157
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4421 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

4422 {
4423  static const priv_map type_priv_map[] = {
4424  {"USAGE", ACL_USAGE},
4425  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4426  {NULL, 0}
4427  };
4428 
4429  return convert_any_priv_string(priv_type_text, type_priv_map);
4430 }
priv_map
Definition: acl.c:45
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1625
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:90
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 4978 of file acl.c.

Referenced by select_best_grantor().

4979 {
4980  int nbits = 0;
4981 
4982  /* this code relies on AclMode being an unsigned type */
4983  while (mask)
4984  {
4985  if (mask & 1)
4986  nbits++;
4987  mask >>= 1;
4988  }
4989  return nbits;
4990 }

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5094 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

5095 {
5096  Oid oid;
5097 
5098  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5099  CStringGetDatum(rolname));
5100  if (!OidIsValid(oid) && !missing_ok)
5101  ereport(ERROR,
5102  (errcode(ERRCODE_UNDEFINED_OBJECT),
5103  errmsg("role \"%s\" does not exist", rolname)));
5104  return oid;
5105 }
rolname
NameData rolname
Definition: pg_authid.h:34
GetSysCacheOid1
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:195
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:710
ERROR
#define ERROR
Definition: elog.h:46
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:622
ereport
#define ereport(elevel,...)
Definition: elog.h:157
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909

◆ get_role_oid_or_public()

Oid get_role_oid_or_public ( const char *  rolname)

Definition at line 5112 of file acl.c.

References ACL_ID_PUBLIC, and get_role_oid().

Referenced by has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_database_privilege_name_id(), has_database_privilege_name_name(), has_foreign_data_wrapper_privilege_name_id(), has_foreign_data_wrapper_privilege_name_name(), has_function_privilege_name_id(), has_function_privilege_name_name(), has_language_privilege_name_id(), has_language_privilege_name_name(), has_schema_privilege_name_id(), has_schema_privilege_name_name(), has_sequence_privilege_name_id(), has_sequence_privilege_name_name(), has_server_privilege_name_id(), has_server_privilege_name_name(), has_table_privilege_name_id(), has_table_privilege_name_name(), has_tablespace_privilege_name_id(), has_tablespace_privilege_name_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

5113 {
5114  if (strcmp(rolname, "public") == 0)
5115  return ACL_ID_PUBLIC;
5116 
5117  return get_role_oid(rolname, false);
5118 }
rolname
NameData rolname
Definition: pg_authid.h:34
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5094
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5213 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

5214 {
5215  HeapTuple tp;
5216  Form_pg_authid authForm;
5217  char *rolename;
5218 
5219  tp = get_rolespec_tuple(role);
5220  authForm = (Form_pg_authid) GETSTRUCT(tp);
5221  rolename = pstrdup(NameStr(authForm->rolname));
5222  ReleaseSysCache(tp);
5223 
5224  return rolename;
5225 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:654
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1299
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1198
get_rolespec_tuple
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5167
NameStr
#define NameStr(name)
Definition: c.h:681

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5128 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

5129 {
5130  Oid oid;
5131 
5132  switch (role->roletype)
5133  {
5134  case ROLESPEC_CSTRING:
5135  Assert(role->rolename);
5136  oid = get_role_oid(role->rolename, missing_ok);
5137  break;
5138 
5139  case ROLESPEC_CURRENT_ROLE:
5140  case ROLESPEC_CURRENT_USER:
5141  oid = GetUserId();
5142  break;
5143 
5144  case ROLESPEC_SESSION_USER:
5145  oid = GetSessionUserId();
5146  break;
5147 
5148  case ROLESPEC_PUBLIC:
5149  ereport(ERROR,
5150  (errcode(ERRCODE_UNDEFINED_OBJECT),
5151  errmsg("role \"%s\" does not exist", "public")));
5152  oid = InvalidOid; /* make compiler happy */
5153  break;
5154 
5155  default:
5156  elog(ERROR, "unexpected role type %d", role->roletype);
5157  }
5158 
5159  return oid;
5160 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
Oid
unsigned int Oid
Definition: postgres_ext.h:31
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:529
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5094
ERROR
#define ERROR
Definition: elog.h:46
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:351
InvalidOid
#define InvalidOid
Definition: postgres_ext.h:36
ereport
#define ereport(elevel,...)
Definition: elog.h:157
Assert
#define Assert(condition)
Definition: c.h:804
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:352
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
elog
#define elog(elevel,...)
Definition: elog.h:232

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5167 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

5168 {
5169  HeapTuple tuple;
5170 
5171  switch (role->roletype)
5172  {
5173  case ROLESPEC_CSTRING:
5174  Assert(role->rolename);
5175  tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
5176  if (!HeapTupleIsValid(tuple))
5177  ereport(ERROR,
5178  (errcode(ERRCODE_UNDEFINED_OBJECT),
5179  errmsg("role \"%s\" does not exist", role->rolename)));
5180  break;
5181 
5182  case ROLESPEC_CURRENT_ROLE:
5183  case ROLESPEC_CURRENT_USER:
5184  tuple = SearchSysCache1(AUTHOID, GetUserId());
5185  if (!HeapTupleIsValid(tuple))
5186  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5187  break;
5188 
5189  case ROLESPEC_SESSION_USER:
5190  tuple = SearchSysCache1(AUTHOID, GetSessionUserId());
5191  if (!HeapTupleIsValid(tuple))
5192  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5193  break;
5194 
5195  case ROLESPEC_PUBLIC:
5196  ereport(ERROR,
5197  (errcode(ERRCODE_UNDEFINED_OBJECT),
5198  errmsg("role \"%s\" does not exist", "public")));
5199  tuple = NULL; /* make compiler happy */
5200  break;
5201 
5202  default:
5203  elog(ERROR, "unexpected role type %d", role->roletype);
5204  }
5205 
5206  return tuple;
5207 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:529
ERROR
#define ERROR
Definition: elog.h:46
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:622
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1150
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:351
ereport
#define ereport(elevel,...)
Definition: elog.h:157
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
Assert
#define Assert(condition)
Definition: c.h:804
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:352
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909
elog
#define elog(elevel,...)
Definition: elog.h:232

◆ getid()

static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 131 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

132 {
133  int len = 0;
134  bool in_quotes = false;
135 
136  Assert(s && n);
137 
138  while (isspace((unsigned char) *s))
139  s++;
140  /* This code had better match what putid() does, below */
141  for (;
142  *s != '\0' &&
143  (isalnum((unsigned char) *s) ||
144  *s == '_' ||
145  *s == '"' ||
146  in_quotes);
147  s++)
148  {
149  if (*s == '"')
150  {
151  /* safe to look at next char (could be '\0' though) */
152  if (*(s + 1) != '"')
153  {
154  in_quotes = !in_quotes;
155  continue;
156  }
157  /* it's an escaped double quote; skip the escaping char */
158  s++;
159  }
160 
161  /* Add the character to the string */
162  if (len >= NAMEDATALEN - 1)
163  ereport(ERROR,
164  (errcode(ERRCODE_NAME_TOO_LONG),
165  errmsg("identifier too long"),
166  errdetail("Identifier must be less than %d characters.",
167  NAMEDATALEN)));
168 
169  n[len++] = *s;
170  }
171  n[len] = '\0';
172  while (isspace((unsigned char) *s))
173  s++;
174  return s;
175 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:698
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
ERROR
#define ERROR
Definition: elog.h:46
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:1042
ereport
#define ereport(elevel,...)
Definition: elog.h:157
Assert
#define Assert(condition)
Definition: c.h:804
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:909

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2340 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2341 {
2342  Oid tableoid = PG_GETARG_OID(0);
2343  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2344  Oid roleid;
2345  AclMode mode;
2346  AclResult aclresult;
2347 
2348  roleid = GetUserId();
2349  mode = convert_column_priv_string(priv_type_text);
2350 
2351  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2352  PG_RETURN_NULL();
2353 
2354  /* First check at table level, then examine each column if needed */
2355  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2356  if (aclresult != ACLCHECK_OK)
2357  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2358  ACLMASK_ANY);
2359 
2360  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2361 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4597
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4682
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2396 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2397 {
2398  Oid roleid = PG_GETARG_OID(0);
2399  Oid tableoid = PG_GETARG_OID(1);
2400  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2401  AclMode mode;
2402  AclResult aclresult;
2403 
2404  mode = convert_column_priv_string(priv_type_text);
2405 
2406  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2407  PG_RETURN_NULL();
2408 
2409  /* First check at table level, then examine each column if needed */
2410  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2411  if (aclresult != ACLCHECK_OK)
2412  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2413  ACLMASK_ANY);
2414 
2415  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2416 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4597
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4682
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2369 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2370 {
2371  Oid roleid = PG_GETARG_OID(0);
2372  text *tablename = PG_GETARG_TEXT_PP(1);
2373  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2374  Oid tableoid;
2375  AclMode mode;
2376  AclResult aclresult;
2377 
2378  tableoid = convert_table_name(tablename);
2379  mode = convert_column_priv_string(priv_type_text);
2380 
2381  /* First check at table level, then examine each column if needed */
2382  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2383  if (aclresult != ACLCHECK_OK)
2384  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2385  ACLMASK_ANY);
2386 
2387  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2388 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4597
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4682
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2281 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2282 {
2283  text *tablename = PG_GETARG_TEXT_PP(0);
2284  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2285  Oid roleid;
2286  Oid tableoid;
2287  AclMode mode;
2288  AclResult aclresult;
2289 
2290  roleid = GetUserId();
2291  tableoid = convert_table_name(tablename);
2292  mode = convert_column_priv_string(priv_type_text);
2293 
2294  /* First check at table level, then examine each column if needed */
2295  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2296  if (aclresult != ACLCHECK_OK)
2297  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2298  ACLMASK_ANY);
2299 
2300  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2301 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4597
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4682
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2309 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

2310 {
2311  Name username = PG_GETARG_NAME(0);
2312  Oid tableoid = PG_GETARG_OID(1);
2313  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2314  Oid roleid;
2315  AclMode mode;
2316  AclResult aclresult;
2317 
2318  roleid = get_role_oid_or_public(NameStr(*username));
2319  mode = convert_column_priv_string(priv_type_text);
2320 
2321  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2322  PG_RETURN_NULL();
2323 
2324  /* First check at table level, then examine each column if needed */
2325  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2326  if (aclresult != ACLCHECK_OK)
2327  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2328  ACLMASK_ANY);
2329 
2330  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2331 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
nameData
Definition: c.h:675
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
username
const char * username
Definition: pgbench.c:282
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4597
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4682
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2251 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2252 {
2253  Name rolename = PG_GETARG_NAME(0);
2254  text *tablename = PG_GETARG_TEXT_PP(1);
2255  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2256  Oid roleid;
2257  Oid tableoid;
2258  AclMode mode;
2259  AclResult aclresult;
2260 
2261  roleid = get_role_oid_or_public(NameStr(*rolename));
2262  tableoid = convert_table_name(tablename);
2263  mode = convert_column_priv_string(priv_type_text);
2264 
2265  /* First check at table level, then examine each column if needed */
2266  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2267  if (aclresult != ACLCHECK_OK)
2268  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2269  ACLMASK_ANY);
2270 
2271  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2272 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
nameData
Definition: c.h:675
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4597
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4682
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2775 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2776 {
2777  Oid tableoid = PG_GETARG_OID(0);
2778  AttrNumber colattnum = PG_GETARG_INT16(1);
2779  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2780  Oid roleid;
2781  AclMode mode;
2782  int privresult;
2783 
2784  roleid = GetUserId();
2785  mode = convert_column_priv_string(priv_type_text);
2786 
2787  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2788  if (privresult < 0)
2789  PG_RETURN_NULL();
2790  PG_RETURN_BOOL(privresult);
2791 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2668 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2669 {
2670  Oid roleid = PG_GETARG_OID(0);
2671  Oid tableoid = PG_GETARG_OID(1);
2672  AttrNumber colattnum = PG_GETARG_INT16(2);
2673  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2674  AclMode mode;
2675  int privresult;
2676 
2677  mode = convert_column_priv_string(priv_type_text);
2678 
2679  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2680  if (privresult < 0)
2681  PG_RETURN_NULL();
2682  PG_RETURN_BOOL(privresult);
2683 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2643 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2644 {
2645  Oid roleid = PG_GETARG_OID(0);
2646  Oid tableoid = PG_GETARG_OID(1);
2647  text *column = PG_GETARG_TEXT_PP(2);
2648  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2649  AttrNumber colattnum;
2650  AclMode mode;
2651  int privresult;
2652 
2653  colattnum = convert_column_name(tableoid, column);
2654  mode = convert_column_priv_string(priv_type_text);
2655 
2656  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2657  if (privresult < 0)
2658  PG_RETURN_NULL();
2659  PG_RETURN_BOOL(privresult);
2660 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2803
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2748 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2749 {
2750  Oid tableoid = PG_GETARG_OID(0);
2751  text *column = PG_GETARG_TEXT_PP(1);
2752  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2753  Oid roleid;
2754  AttrNumber colattnum;
2755  AclMode mode;
2756  int privresult;
2757 
2758  roleid = GetUserId();
2759  colattnum = convert_column_name(tableoid, column);
2760  mode = convert_column_priv_string(priv_type_text);
2761 
2762  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2763  if (privresult < 0)
2764  PG_RETURN_NULL();
2765  PG_RETURN_BOOL(privresult);
2766 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2803
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2618 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2619 {
2620  Oid roleid = PG_GETARG_OID(0);
2621  text *tablename = PG_GETARG_TEXT_PP(1);
2622  AttrNumber colattnum = PG_GETARG_INT16(2);
2623  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2624  Oid tableoid;
2625  AclMode mode;
2626  int privresult;
2627 
2628  tableoid = convert_table_name(tablename);
2629  mode = convert_column_priv_string(priv_type_text);
2630 
2631  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2632  if (privresult < 0)
2633  PG_RETURN_NULL();
2634  PG_RETURN_BOOL(privresult);
2635 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2591 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2592 {
2593  Oid roleid = PG_GETARG_OID(0);
2594  text *tablename = PG_GETARG_TEXT_PP(1);
2595  text *column = PG_GETARG_TEXT_PP(2);
2596  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2597  Oid tableoid;
2598  AttrNumber colattnum;
2599  AclMode mode;
2600  int privresult;
2601 
2602  tableoid = convert_table_name(tablename);
2603  colattnum = convert_column_name(tableoid, column);
2604  mode = convert_column_priv_string(priv_type_text);
2605 
2606  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2607  if (privresult < 0)
2608  PG_RETURN_NULL();
2609  PG_RETURN_BOOL(privresult);
2610 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2803
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2721 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2722 {
2723  text *tablename = PG_GETARG_TEXT_PP(0);
2724  AttrNumber colattnum = PG_GETARG_INT16(1);
2725  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2726  Oid roleid;
2727  Oid tableoid;
2728  AclMode mode;
2729  int privresult;
2730 
2731  roleid = GetUserId();
2732  tableoid = convert_table_name(tablename);
2733  mode = convert_column_priv_string(priv_type_text);
2734 
2735  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2736  if (privresult < 0)
2737  PG_RETURN_NULL();
2738  PG_RETURN_BOOL(privresult);
2739 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2566 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2567 {
2568  Name username = PG_GETARG_NAME(0);
2569  Oid tableoid = PG_GETARG_OID(1);
2570  AttrNumber colattnum = PG_GETARG_INT16(2);
2571  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2572  Oid roleid;
2573  AclMode mode;
2574  int privresult;
2575 
2576  roleid = get_role_oid_or_public(NameStr(*username));
2577  mode = convert_column_priv_string(priv_type_text);
2578 
2579  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2580  if (privresult < 0)
2581  PG_RETURN_NULL();
2582  PG_RETURN_BOOL(privresult);
2583 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
nameData
Definition: c.h:675
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
username
const char * username
Definition: pgbench.c:282
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2539 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2540 {
2541  Name username = PG_GETARG_NAME(0);
2542  Oid tableoid = PG_GETARG_OID(1);
2543  text *column = PG_GETARG_TEXT_PP(2);
2544  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2545  Oid roleid;
2546  AttrNumber colattnum;
2547  AclMode mode;
2548  int privresult;
2549 
2550  roleid = get_role_oid_or_public(NameStr(*username));
2551  colattnum = convert_column_name(tableoid, column);
2552  mode = convert_column_priv_string(priv_type_text);
2553 
2554  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2555  if (privresult < 0)
2556  PG_RETURN_NULL();
2557  PG_RETURN_BOOL(privresult);
2558 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2803
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
nameData
Definition: c.h:675
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
username
const char * username
Definition: pgbench.c:282
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2692 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2693 {
2694  text *tablename = PG_GETARG_TEXT_PP(0);
2695  text *column = PG_GETARG_TEXT_PP(1);
2696  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2697  Oid roleid;
2698  Oid tableoid;
2699  AttrNumber colattnum;
2700  AclMode mode;
2701  int privresult;
2702 
2703  roleid = GetUserId();
2704  tableoid = convert_table_name(tablename);
2705  colattnum = convert_column_name(tableoid, column);
2706  mode = convert_column_priv_string(priv_type_text);
2707 
2708  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2709  if (privresult < 0)
2710  PG_RETURN_NULL();
2711  PG_RETURN_BOOL(privresult);
2712 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2803
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2512 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2513 {
2514  Name rolename = PG_GETARG_NAME(0);
2515  text *tablename = PG_GETARG_TEXT_PP(1);
2516  AttrNumber colattnum = PG_GETARG_INT16(2);
2517  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2518  Oid roleid;
2519  Oid tableoid;
2520  AclMode mode;
2521  int privresult;
2522 
2523  roleid = get_role_oid_or_public(NameStr(*rolename));
2524  tableoid = convert_table_name(tablename);
2525  mode = convert_column_priv_string(priv_type_text);
2526 
2527  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2528  if (privresult < 0)
2529  PG_RETURN_NULL();
2530  PG_RETURN_BOOL(privresult);
2531 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
nameData
Definition: c.h:675
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2483 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2484 {
2485  Name rolename = PG_GETARG_NAME(0);
2486  text *tablename = PG_GETARG_TEXT_PP(1);
2487  text *column = PG_GETARG_TEXT_PP(2);
2488  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2489  Oid roleid;
2490  Oid tableoid;
2491  AttrNumber colattnum;
2492  AclMode mode;
2493  int privresult;
2494 
2495  roleid = get_role_oid_or_public(NameStr(*rolename));
2496  tableoid = convert_table_name(tablename);
2497  colattnum = convert_column_name(tableoid, column);
2498  mode = convert_column_priv_string(priv_type_text);
2499 
2500  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2501  if (privresult < 0)
2502  PG_RETURN_NULL();
2503  PG_RETURN_BOOL(privresult);
2504 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2803
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
nameData
Definition: c.h:675
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1980
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2443
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2861
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2972 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

2973 {
2974  Oid databaseoid = PG_GETARG_OID(0);
2975  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2976  Oid roleid;
2977  AclMode mode;
2978  AclResult aclresult;
2979 
2980  roleid = GetUserId();
2981  mode = convert_database_priv_string(priv_type_text);
2982 
2983  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
2984  PG_RETURN_NULL();
2985 
2986  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2987 
2988  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2989 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3058
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4708
varlena
Definition: c.h:621
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3020 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3021 {
3022  Oid roleid = PG_GETARG_OID(0);
3023  Oid databaseoid = PG_GETARG_OID(1);
3024  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3025  AclMode mode;
3026  AclResult aclresult;
3027 
3028  mode = convert_database_priv_string(priv_type_text);
3029 
3030  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3031  PG_RETURN_NULL();
3032 
3033  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3034 
3035  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3036 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3058
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4708
varlena
Definition: c.h:621
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2997 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2998 {
2999  Oid roleid = PG_GETARG_OID(0);
3000  text *databasename = PG_GETARG_TEXT_PP(1);
3001  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3002  Oid databaseoid;
3003  AclMode mode;
3004  AclResult aclresult;
3005 
3006  databaseoid = convert_database_name(databasename);
3007  mode = convert_database_priv_string(priv_type_text);
3008 
3009  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3010 
3011  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3012 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3046
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3058
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4708
varlena
Definition: c.h:621

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2921 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2922 {
2923  text *databasename = PG_GETARG_TEXT_PP(0);
2924  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2925  Oid roleid;
2926  Oid databaseoid;
2927  AclMode mode;
2928  AclResult aclresult;
2929 
2930  roleid = GetUserId();
2931  databaseoid = convert_database_name(databasename);
2932  mode = convert_database_priv_string(priv_type_text);
2933 
2934  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2935 
2936  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2937 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3046
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3058
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4708
varlena
Definition: c.h:621

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2945 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

2946 {
2947  Name username = PG_GETARG_NAME(0);
2948  Oid databaseoid = PG_GETARG_OID(1);
2949  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2950  Oid roleid;
2951  AclMode mode;
2952  AclResult aclresult;
2953 
2954  roleid = get_role_oid_or_public(NameStr(*username));
2955  mode = convert_database_priv_string(priv_type_text);
2956 
2957  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
2958  PG_RETURN_NULL();
2959 
2960  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2961 
2962  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2963 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
nameData
Definition: c.h:675
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3058
username
const char * username
Definition: pgbench.c:282
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4708
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2895 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

2896 {
2897  Name username = PG_GETARG_NAME(0);
2898  text *databasename = PG_GETARG_TEXT_PP(1);
2899  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2900  Oid roleid;
2901  Oid databaseoid;
2902  AclMode mode;
2903  AclResult aclresult;
2904 
2905  roleid = get_role_oid_or_public(NameStr(*username));
2906  databaseoid = convert_database_name(databasename);
2907  mode = convert_database_priv_string(priv_type_text);
2908 
2909  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2910 
2911  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2912 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
nameData
Definition: c.h:675
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3046
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3058
username
const char * username
Definition: pgbench.c:282
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4708
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3170 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3171 {
3172  Oid fdwid = PG_GETARG_OID(0);
3173  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3174  Oid roleid;
3175  AclMode mode;
3176  AclResult aclresult;
3177 
3178  roleid = GetUserId();
3179  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3180 
3181  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3182  PG_RETURN_NULL();
3183 
3184  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3185 
3186  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3187 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4783
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3256
varlena
Definition: c.h:621
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3218 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3219 {
3220  Oid roleid = PG_GETARG_OID(0);
3221  Oid fdwid = PG_GETARG_OID(1);
3222  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3223  AclMode mode;
3224  AclResult aclresult;
3225 
3226  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3227 
3228  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3229  PG_RETURN_NULL();
3230 
3231  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3232 
3233  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3234 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4783
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3256
varlena
Definition: c.h:621
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3195 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3196 {
3197  Oid roleid = PG_GETARG_OID(0);
3198  text *fdwname = PG_GETARG_TEXT_PP(1);
3199  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3200  Oid fdwid;
3201  AclMode mode;
3202  AclResult aclresult;
3203 
3204  fdwid = convert_foreign_data_wrapper_name(fdwname);
3205  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3206 
3207  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3208 
3209  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3210 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4783
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3244
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3256
varlena
Definition: c.h:621

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3119 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3120 {
3121  text *fdwname = PG_GETARG_TEXT_PP(0);
3122  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3123  Oid roleid;
3124  Oid fdwid;
3125  AclMode mode;
3126  AclResult aclresult;
3127 
3128  roleid = GetUserId();
3129  fdwid = convert_foreign_data_wrapper_name(fdwname);
3130  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3131 
3132  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3133 
3134  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3135 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:495
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4783
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3244
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3256
varlena
Definition: c.h:621

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3143 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

3144 {
3145  Name username = PG_GETARG_NAME(0);
3146  Oid fdwid = PG_GETARG_OID(1);
3147  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3148  Oid roleid;
3149  AclMode mode;
3150  AclResult aclresult;
3151 
3152  roleid = get_role_oid_or_public(NameStr(*username));
3153  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3154 
3155  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3156  PG_RETURN_NULL();
3157 
3158  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3159 
3160  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3161 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4783
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:186
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:551
nameData
Definition: c.h:675
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
username
const char * username
Definition: pgbench.c:282
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3256
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3093 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3094 {
3095  Name username = PG_GETARG_NAME(0);
3096  text *fdwname = PG_GETARG_TEXT_PP(1);
3097  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3098  Oid roleid;
3099  Oid fdwid;
3100  AclMode mode;
3101  AclResult aclresult;
3102 
3103  roleid = get_role_oid_or_public(NameStr(*username));
3104  fdwid = convert_foreign_data_wrapper_name(fdwname);
3105  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3106 
3107  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3108 
3109  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3110 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:65
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4783
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3244
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5112
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:80
nameData
Definition: c.h:675
username
const char * username
Definition: pgbench.c:282
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3256
NameStr
#define NameStr(name)
Definition: c.h:681
varlena
Definition: c.h:621
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3361 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), mode, ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

3362 {
3363  Oid functionoid = PG_GETARG_OID(0);
3364  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3365  Oid roleid;
3366  AclMode mode;
3367  AclResult aclresult;
3368 
3369  roleid = GetUserId();
3370