PostgreSQL Source Code  git master
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_database.h"
#include "catalog/pg_foreign_data_wrapper.h"
#include "catalog/pg_foreign_server.h"
#include "catalog/pg_language.h"
#include "catalog/pg_largeobject.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_tablespace.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/bloomfilter.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "storage/large_object.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/snapmgr.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Macros

#define ROLES_LIST_BLOOM_THRESHOLD   1024
 

Enumerations

enum  RoleRecurseType { ROLERECURSE_MEMBERS = 0 , ROLERECURSE_PRIVS = 1 , ROLERECURSE_SETROLE = 2 }
 

Functions

static const char * getid (const char *s, char *n, Node *escontext)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip, Node *escontext)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_parameter_priv_string (text *priv_text)
 
static AclMode convert_largeobject_priv_string (text *priv_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
static bool has_param_priv_byname (Oid roleid, const text *parameter, AclMode priv)
 
Datum has_parameter_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_id_name (PG_FUNCTION_ARGS)
 
static bool has_lo_priv_byid (Oid roleid, Oid lobjId, AclMode priv, bool *is_missing)
 
Datum has_largeobject_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_largeobject_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_largeobject_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static Listroles_list_append (List *roles_list, bloom_filter **bf, Oid role)
 
static Listroles_is_member_of (Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool member_can_set_role (Oid member, Oid role)
 
void check_can_set_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
Oid select_best_admin (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_role [] = {InvalidOid, InvalidOid, InvalidOid}
 
static Listcached_roles [] = {NIL, NIL, NIL}
 
static uint32 cached_db_hash
 

Macro Definition Documentation

◆ ROLES_LIST_BLOOM_THRESHOLD

#define ROLES_LIST_BLOOM_THRESHOLD   1024

Definition at line 91 of file acl.c.

Enumeration Type Documentation

◆ RoleRecurseType

Enumerator
ROLERECURSE_MEMBERS 
ROLERECURSE_PRIVS 
ROLERECURSE_SETROLE 

Definition at line 75 of file acl.c.

76 {
77  ROLERECURSE_MEMBERS = 0, /* recurse unconditionally */
78  ROLERECURSE_PRIVS = 1, /* recurse through inheritable grants */
79  ROLERECURSE_SETROLE = 2 /* recurse through grants with set_option */
80 };
@ ROLERECURSE_PRIVS
Definition: acl.c:78
@ ROLERECURSE_MEMBERS
Definition: acl.c:77
@ ROLERECURSE_SETROLE
Definition: acl.c:79

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 461 of file acl.c.

462 {
463  Acl *result_acl;
464 
465  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
466 
467  memcpy(ACL_DAT(result_acl),
468  ACL_DAT(left_acl),
469  ACL_NUM(left_acl) * sizeof(AclItem));
470 
471  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
472  ACL_DAT(right_acl),
473  ACL_NUM(right_acl) * sizeof(AclItem));
474 
475  return result_acl;
476 }
static Acl * allocacl(int n)
Definition: acl.c:410
#define ACL_DAT(ACL)
Definition: acl.h:109
#define ACL_NUM(ACL)
Definition: acl.h:108
Definition: acl.h:55

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1596 of file acl.c.

1597 {
1598  Acl *acl = PG_GETARG_ACL_P(0);
1599  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1600  AclItem *aidat;
1601  int i,
1602  num;
1603 
1604  check_acl(acl);
1605  num = ACL_NUM(acl);
1606  aidat = ACL_DAT(acl);
1607  for (i = 0; i < num; ++i)
1608  {
1609  if (aip->ai_grantee == aidat[i].ai_grantee &&
1610  aip->ai_grantor == aidat[i].ai_grantor &&
1611  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1612  PG_RETURN_BOOL(true);
1613  }
1614  PG_RETURN_BOOL(false);
1615 }
static void check_acl(const Acl *acl)
Definition: acl.c:574
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
int i
Definition: isn.c:72
Oid ai_grantee
Definition: acl.h:56
Oid ai_grantor
Definition: acl.h:57

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 441 of file acl.c.

442 {
443  Acl *result_acl;
444 
445  result_acl = allocacl(ACL_NUM(orig_acl));
446 
447  memcpy(ACL_DAT(result_acl),
448  ACL_DAT(orig_acl),
449  ACL_NUM(orig_acl) * sizeof(AclItem));
450 
451  return result_acl;
452 }

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 787 of file acl.c.

788 {
789  AclMode world_default;
790  AclMode owner_default;
791  int nacl;
792  Acl *acl;
793  AclItem *aip;
794 
795  switch (objtype)
796  {
797  case OBJECT_COLUMN:
798  /* by default, columns have no extra privileges */
799  world_default = ACL_NO_RIGHTS;
800  owner_default = ACL_NO_RIGHTS;
801  break;
802  case OBJECT_TABLE:
803  world_default = ACL_NO_RIGHTS;
804  owner_default = ACL_ALL_RIGHTS_RELATION;
805  break;
806  case OBJECT_SEQUENCE:
807  world_default = ACL_NO_RIGHTS;
808  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
809  break;
810  case OBJECT_DATABASE:
811  /* for backwards compatibility, grant some rights by default */
812  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
813  owner_default = ACL_ALL_RIGHTS_DATABASE;
814  break;
815  case OBJECT_FUNCTION:
816  /* Grant EXECUTE by default, for now */
817  world_default = ACL_EXECUTE;
818  owner_default = ACL_ALL_RIGHTS_FUNCTION;
819  break;
820  case OBJECT_LANGUAGE:
821  /* Grant USAGE by default, for now */
822  world_default = ACL_USAGE;
823  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
824  break;
825  case OBJECT_LARGEOBJECT:
826  world_default = ACL_NO_RIGHTS;
827  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
828  break;
829  case OBJECT_SCHEMA:
830  world_default = ACL_NO_RIGHTS;
831  owner_default = ACL_ALL_RIGHTS_SCHEMA;
832  break;
833  case OBJECT_TABLESPACE:
834  world_default = ACL_NO_RIGHTS;
835  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
836  break;
837  case OBJECT_FDW:
838  world_default = ACL_NO_RIGHTS;
839  owner_default = ACL_ALL_RIGHTS_FDW;
840  break;
842  world_default = ACL_NO_RIGHTS;
843  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
844  break;
845  case OBJECT_DOMAIN:
846  case OBJECT_TYPE:
847  world_default = ACL_USAGE;
848  owner_default = ACL_ALL_RIGHTS_TYPE;
849  break;
851  world_default = ACL_NO_RIGHTS;
852  owner_default = ACL_ALL_RIGHTS_PARAMETER_ACL;
853  break;
854  default:
855  elog(ERROR, "unrecognized object type: %d", (int) objtype);
856  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
857  owner_default = ACL_NO_RIGHTS;
858  break;
859  }
860 
861  nacl = 0;
862  if (world_default != ACL_NO_RIGHTS)
863  nacl++;
864  if (owner_default != ACL_NO_RIGHTS)
865  nacl++;
866 
867  acl = allocacl(nacl);
868  aip = ACL_DAT(acl);
869 
870  if (world_default != ACL_NO_RIGHTS)
871  {
872  aip->ai_grantee = ACL_ID_PUBLIC;
873  aip->ai_grantor = ownerId;
874  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
875  aip++;
876  }
877 
878  /*
879  * Note that the owner's entry shows all ordinary privileges but no grant
880  * options. This is because his grant options come "from the system" and
881  * not from his own efforts. (The SQL spec says that the owner's rights
882  * come from a "_SYSTEM" authid.) However, we do consider that the
883  * owner's ordinary privileges are self-granted; this lets him revoke
884  * them. We implement the owner's grant options without any explicit
885  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
886  * wherever we are testing grant options.
887  */
888  if (owner_default != ACL_NO_RIGHTS)
889  {
890  aip->ai_grantee = ownerId;
891  aip->ai_grantor = ownerId;
892  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
893  }
894 
895  return acl;
896 }
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:164
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:170
#define ACL_ALL_RIGHTS_PARAMETER_ACL
Definition: acl.h:168
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:169
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:161
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:162
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:165
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:166
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:171
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:163
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:160
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:167
#define ERROR
Definition: elog.h:39
#define elog(elevel,...)
Definition: elog.h:225
#define ACL_CREATE_TEMP
Definition: parsenodes.h:86
uint64 AclMode
Definition: parsenodes.h:74
#define ACL_USAGE
Definition: parsenodes.h:84
#define ACL_NO_RIGHTS
Definition: parsenodes.h:92
@ OBJECT_FDW
Definition: parsenodes.h:2284
@ OBJECT_SCHEMA
Definition: parsenodes.h:2304
@ OBJECT_DOMAIN
Definition: parsenodes.h:2280
@ OBJECT_COLUMN
Definition: parsenodes.h:2274
@ OBJECT_TABLESPACE
Definition: parsenodes.h:2310
@ OBJECT_LARGEOBJECT
Definition: parsenodes.h:2290
@ OBJECT_DATABASE
Definition: parsenodes.h:2277
@ OBJECT_SEQUENCE
Definition: parsenodes.h:2305
@ OBJECT_LANGUAGE
Definition: parsenodes.h:2289
@ OBJECT_FOREIGN_SERVER
Definition: parsenodes.h:2285
@ OBJECT_TABLE
Definition: parsenodes.h:2309
@ OBJECT_PARAMETER_ACL
Definition: parsenodes.h:2295
@ OBJECT_TYPE
Definition: parsenodes.h:2317
@ OBJECT_FUNCTION
Definition: parsenodes.h:2287
#define ACL_CONNECT
Definition: parsenodes.h:87
#define ACL_EXECUTE
Definition: parsenodes.h:83

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_PARAMETER_ACL, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), buildDefaultACLCommands(), dumpACL(), dumpRoleGUCPrivs(), dumpTable(), dumpTablespaces(), ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), get_user_default_acl(), object_aclmask_ext(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask_ext(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask_ext(), and SetDefaultACL().

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 904 of file acl.c.

905 {
906  char objtypec = PG_GETARG_CHAR(0);
907  Oid owner = PG_GETARG_OID(1);
908  ObjectType objtype = 0;
909 
910  switch (objtypec)
911  {
912  case 'c':
913  objtype = OBJECT_COLUMN;
914  break;
915  case 'r':
916  objtype = OBJECT_TABLE;
917  break;
918  case 's':
919  objtype = OBJECT_SEQUENCE;
920  break;
921  case 'd':
922  objtype = OBJECT_DATABASE;
923  break;
924  case 'f':
925  objtype = OBJECT_FUNCTION;
926  break;
927  case 'l':
928  objtype = OBJECT_LANGUAGE;
929  break;
930  case 'L':
931  objtype = OBJECT_LARGEOBJECT;
932  break;
933  case 'n':
934  objtype = OBJECT_SCHEMA;
935  break;
936  case 'p':
937  objtype = OBJECT_PARAMETER_ACL;
938  break;
939  case 't':
940  objtype = OBJECT_TABLESPACE;
941  break;
942  case 'F':
943  objtype = OBJECT_FDW;
944  break;
945  case 'S':
946  objtype = OBJECT_FOREIGN_SERVER;
947  break;
948  case 'T':
949  objtype = OBJECT_TYPE;
950  break;
951  default:
952  elog(ERROR, "unrecognized object type abbreviation: %c", objtypec);
953  }
954 
955  PG_RETURN_ACL_P(acldefault(objtype, owner));
956 }
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:787
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273
ObjectType
Definition: parsenodes.h:2267
unsigned int Oid
Definition: postgres_ext.h:31

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 543 of file acl.c.

544 {
545  /* Check for cases where one or both are empty/null */
546  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
547  {
548  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
549  return true;
550  else
551  return false;
552  }
553  else
554  {
555  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
556  return false;
557  }
558 
559  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
560  return false;
561 
562  if (memcmp(ACL_DAT(left_acl),
563  ACL_DAT(right_acl),
564  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
565  return true;
566 
567  return false;
568 }

References ACL_DAT, and ACL_NUM.

Referenced by ExecGrant_Parameter(), get_user_default_acl(), and SetDefaultACL().

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1774 of file acl.c.

1775 {
1776  Acl *acl = PG_GETARG_ACL_P(0);
1777  FuncCallContext *funcctx;
1778  int *idx;
1779  AclItem *aidat;
1780 
1781  if (SRF_IS_FIRSTCALL())
1782  {
1783  TupleDesc tupdesc;
1784  MemoryContext oldcontext;
1785 
1786  check_acl(acl);
1787 
1788  funcctx = SRF_FIRSTCALL_INIT();
1789  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1790 
1791  /*
1792  * build tupdesc for result tuples (matches out parameters in pg_proc
1793  * entry)
1794  */
1795  tupdesc = CreateTemplateTupleDesc(4);
1796  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1797  OIDOID, -1, 0);
1798  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1799  OIDOID, -1, 0);
1800  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1801  TEXTOID, -1, 0);
1802  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1803  BOOLOID, -1, 0);
1804 
1805  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1806 
1807  /* allocate memory for user context */
1808  idx = (int *) palloc(sizeof(int[2]));
1809  idx[0] = 0; /* ACL array item index */
1810  idx[1] = -1; /* privilege type counter */
1811  funcctx->user_fctx = (void *) idx;
1812 
1813  MemoryContextSwitchTo(oldcontext);
1814  }
1815 
1816  funcctx = SRF_PERCALL_SETUP();
1817  idx = (int *) funcctx->user_fctx;
1818  aidat = ACL_DAT(acl);
1819 
1820  /* need test here in case acl has no items */
1821  while (idx[0] < ACL_NUM(acl))
1822  {
1823  AclItem *aidata;
1824  AclMode priv_bit;
1825 
1826  idx[1]++;
1827  if (idx[1] == N_ACL_RIGHTS)
1828  {
1829  idx[1] = 0;
1830  idx[0]++;
1831  if (idx[0] >= ACL_NUM(acl)) /* done */
1832  break;
1833  }
1834  aidata = &aidat[idx[0]];
1835  priv_bit = UINT64CONST(1) << idx[1];
1836 
1837  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1838  {
1839  Datum result;
1840  Datum values[4];
1841  bool nulls[4] = {0};
1842  HeapTuple tuple;
1843 
1844  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1845  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1847  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1848 
1849  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1850  result = HeapTupleGetDatum(tuple);
1851 
1852  SRF_RETURN_NEXT(funcctx, result);
1853  }
1854  }
1855 
1856  SRF_RETURN_DONE(funcctx);
1857 }
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1718
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
int16 AttrNumber
Definition: attnum.h:21
static Datum values[MAXATTR]
Definition: bootstrap.c:150
#define CStringGetTextDatum(s)
Definition: builtins.h:97
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2158
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:304
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:308
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:310
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:306
static Datum HeapTupleGetDatum(const HeapTupleData *tuple)
Definition: funcapi.h:230
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:328
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, const Datum *values, const bool *isnull)
Definition: heaptuple.c:1116
void * palloc(Size size)
Definition: mcxt.c:1317
#define N_ACL_RIGHTS
Definition: parsenodes.h:91
uintptr_t Datum
Definition: postgres.h:64
static Datum BoolGetDatum(bool X)
Definition: postgres.h:102
static Datum ObjectIdGetDatum(Oid X)
Definition: postgres.h:252
MemoryContextSwitchTo(old_ctx)
void * user_fctx
Definition: funcapi.h:82
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
TupleDesc tuple_desc
Definition: funcapi.h:112
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:67
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:651

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum(), check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum(), idx(), MemoryContextSwitchTo(), FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum(), palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1576 of file acl.c.

1577 {
1578  ereport(ERROR,
1579  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1580  errmsg("aclinsert is no longer supported")));
1581 
1582  PG_RETURN_NULL(); /* keep compiler quiet */
1583 }
int errcode(int sqlerrcode)
Definition: elog.c:853
int errmsg(const char *fmt,...)
Definition: elog.c:1070
#define ereport(elevel,...)
Definition: elog.h:149
#define PG_RETURN_NULL()
Definition: fmgr.h:345

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 732 of file acl.c.

733 {
736  bool result;
737 
738  result = a1->ai_privs == a2->ai_privs &&
739  a1->ai_grantee == a2->ai_grantee &&
740  a1->ai_grantor == a2->ai_grantor;
741  PG_RETURN_BOOL(result);
742 }
static const FormData_pg_attribute a1
Definition: heap.c:142
static const FormData_pg_attribute a2
Definition: heap.c:156

References a1, a2, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 697 of file acl.c.

698 {
699  return a1->ai_grantee == a2->ai_grantee &&
700  a1->ai_grantor == a2->ai_grantor;
701 }

References a1, and a2.

Referenced by aclnewowner(), and aclupdate().

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 708 of file acl.c.

709 {
710  const AclItem *a1 = (const AclItem *) arg1;
711  const AclItem *a2 = (const AclItem *) arg2;
712 
713  if (a1->ai_grantee > a2->ai_grantee)
714  return 1;
715  if (a1->ai_grantee < a2->ai_grantee)
716  return -1;
717  if (a1->ai_grantor > a2->ai_grantor)
718  return 1;
719  if (a1->ai_grantor < a2->ai_grantor)
720  return -1;
721  if (a1->ai_privs > a2->ai_privs)
722  return 1;
723  if (a1->ai_privs < a2->ai_privs)
724  return -1;
725  return 0;
726 }

References a1, and a2.

Referenced by aclitemsort().

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 599 of file acl.c.

600 {
601  const char *s = PG_GETARG_CSTRING(0);
602  Node *escontext = fcinfo->context;
603  AclItem *aip;
604 
605  aip = (AclItem *) palloc(sizeof(AclItem));
606 
607  s = aclparse(s, aip, escontext);
608  if (s == NULL)
609  PG_RETURN_NULL();
610 
611  while (isspace((unsigned char) *s))
612  ++s;
613  if (*s)
614  ereturn(escontext, (Datum) 0,
615  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
616  errmsg("extra garbage at the end of the ACL specification")));
617 
618  PG_RETURN_ACLITEM_P(aip);
619 }
static const char * aclparse(const char *s, AclItem *aip, Node *escontext)
Definition: acl.c:257
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
#define ereturn(context, dummy_value,...)
Definition: elog.h:277
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277
Definition: nodes.h:129

References aclparse(), ereturn, errcode(), errmsg(), palloc(), PG_GETARG_CSTRING, PG_RETURN_ACLITEM_P, and PG_RETURN_NULL.

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 630 of file acl.c.

631 {
632  AclItem *aip = PG_GETARG_ACLITEM_P(0);
633  char *p;
634  char *out;
635  HeapTuple htup;
636  unsigned i;
637 
638  out = palloc(strlen("=/") +
639  2 * N_ACL_RIGHTS +
640  2 * (2 * NAMEDATALEN + 2) +
641  1);
642 
643  p = out;
644  *p = '\0';
645 
646  if (aip->ai_grantee != ACL_ID_PUBLIC)
647  {
648  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
649  if (HeapTupleIsValid(htup))
650  {
651  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
652  ReleaseSysCache(htup);
653  }
654  else
655  {
656  /* Generate numeric OID if we don't find an entry */
657  sprintf(p, "%u", aip->ai_grantee);
658  }
659  }
660  while (*p)
661  ++p;
662 
663  *p++ = '=';
664 
665  for (i = 0; i < N_ACL_RIGHTS; ++i)
666  {
667  if (ACLITEM_GET_PRIVS(*aip) & (UINT64CONST(1) << i))
668  *p++ = ACL_ALL_RIGHTS_STR[i];
669  if (ACLITEM_GET_GOPTIONS(*aip) & (UINT64CONST(1) << i))
670  *p++ = '*';
671  }
672 
673  *p++ = '/';
674  *p = '\0';
675 
676  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
677  if (HeapTupleIsValid(htup))
678  {
679  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
680  ReleaseSysCache(htup);
681  }
682  else
683  {
684  /* Generate numeric OID if we don't find an entry */
685  sprintf(p, "%u", aip->ai_grantor);
686  }
687 
688  PG_RETURN_CSTRING(out);
689 }
static void putid(char *p, const char *s)
Definition: acl.c:205
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:154
#define NameStr(name)
Definition: c.h:737
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
#define GETSTRUCT(TUP)
Definition: htup_details.h:653
NameData rolname
Definition: pg_authid.h:34
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
#define NAMEDATALEN
#define sprintf
Definition: port.h:240
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:269
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:221

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum(), palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 529 of file acl.c.

530 {
531  if (acl != NULL && ACL_NUM(acl) > 1)
532  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
533 }
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:708
#define qsort(a, b, c, d)
Definition: port.h:447

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1372 of file acl.c.

1374 {
1375  AclMode result;
1377  AclItem *aidat;
1378  int i,
1379  num;
1380 
1381  /*
1382  * Null ACL should not happen, since caller should have inserted
1383  * appropriate default
1384  */
1385  if (acl == NULL)
1386  elog(ERROR, "null ACL");
1387 
1388  check_acl(acl);
1389 
1390  /* Quick exit for mask == 0 */
1391  if (mask == 0)
1392  return 0;
1393 
1394  result = 0;
1395 
1396  /* Owner always implicitly has all grant options */
1397  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1398  has_privs_of_role(roleid, ownerId))
1399  {
1400  result = mask & ACLITEM_ALL_GOPTION_BITS;
1401  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1402  return result;
1403  }
1404 
1405  num = ACL_NUM(acl);
1406  aidat = ACL_DAT(acl);
1407 
1408  /*
1409  * Check privileges granted directly to roleid or to public
1410  */
1411  for (i = 0; i < num; i++)
1412  {
1413  AclItem *aidata = &aidat[i];
1414 
1415  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1416  aidata->ai_grantee == roleid)
1417  {
1418  result |= aidata->ai_privs & mask;
1419  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1420  return result;
1421  }
1422  }
1423 
1424  /*
1425  * Check privileges granted indirectly via role memberships. We do this in
1426  * a separate pass to minimize expensive indirect membership tests. In
1427  * particular, it's worth testing whether a given ACL entry grants any
1428  * privileges still of interest before we perform the has_privs_of_role
1429  * test.
1430  */
1431  remaining = mask & ~result;
1432  for (i = 0; i < num; i++)
1433  {
1434  AclItem *aidata = &aidat[i];
1435 
1436  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1437  aidata->ai_grantee == roleid)
1438  continue; /* already checked it */
1439 
1440  if ((aidata->ai_privs & remaining) &&
1441  has_privs_of_role(roleid, aidata->ai_grantee))
1442  {
1443  result |= aidata->ai_privs & mask;
1444  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1445  return result;
1446  remaining = mask & ~result;
1447  }
1448  }
1449 
1450  return result;
1451 }
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:5268
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
@ ACLMASK_ALL
Definition: acl.h:176
int remaining
Definition: informix.c:692
AclMode ai_privs
Definition: acl.h:58

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), object_aclmask_ext(), pg_attribute_aclcheck_all_ext(), pg_attribute_aclmask_ext(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask_ext(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask_ext(), and recursive_revoke().

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1461 of file acl.c.

1463 {
1464  AclMode result;
1465  AclItem *aidat;
1466  int i,
1467  num;
1468 
1469  /*
1470  * Null ACL should not happen, since caller should have inserted
1471  * appropriate default
1472  */
1473  if (acl == NULL)
1474  elog(ERROR, "null ACL");
1475 
1476  check_acl(acl);
1477 
1478  /* Quick exit for mask == 0 */
1479  if (mask == 0)
1480  return 0;
1481 
1482  result = 0;
1483 
1484  /* Owner always implicitly has all grant options */
1485  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1486  roleid == ownerId)
1487  {
1488  result = mask & ACLITEM_ALL_GOPTION_BITS;
1489  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1490  return result;
1491  }
1492 
1493  num = ACL_NUM(acl);
1494  aidat = ACL_DAT(acl);
1495 
1496  /*
1497  * Check privileges granted directly to roleid (and not to public)
1498  */
1499  for (i = 0; i < num; i++)
1500  {
1501  AclItem *aidata = &aidat[i];
1502 
1503  if (aidata->ai_grantee == roleid)
1504  {
1505  result |= aidata->ai_privs & mask;
1506  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1507  return result;
1508  }
1509  }
1510 
1511  return result;
1512 }

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1524 of file acl.c.

1525 {
1526  Oid *list;
1527  const AclItem *acldat;
1528  int i,
1529  j;
1530 
1531  if (acl == NULL || ACL_NUM(acl) == 0)
1532  {
1533  *roleids = NULL;
1534  return 0;
1535  }
1536 
1537  check_acl(acl);
1538 
1539  /* Allocate the worst-case space requirement */
1540  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1541  acldat = ACL_DAT(acl);
1542 
1543  /*
1544  * Walk the ACL collecting mentioned RoleIds.
1545  */
1546  j = 0;
1547  for (i = 0; i < ACL_NUM(acl); i++)
1548  {
1549  const AclItem *ai = &acldat[i];
1550 
1551  if (ai->ai_grantee != ACL_ID_PUBLIC)
1552  list[j++] = ai->ai_grantee;
1553  /* grantor is currently never PUBLIC, but let's check anyway */
1554  if (ai->ai_grantor != ACL_ID_PUBLIC)
1555  list[j++] = ai->ai_grantor;
1556  }
1557 
1558  /* Sort the array */
1559  qsort(list, j, sizeof(Oid), oid_cmp);
1560 
1561  /*
1562  * We could repalloc the array down to minimum size, but it's hardly worth
1563  * it since it's only transient memory.
1564  */
1565  *roleids = list;
1566 
1567  /* Remove duplicates from the array */
1568  return qunique(list, j, sizeof(Oid), oid_cmp);
1569 }
int j
Definition: isn.c:73
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:258
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, j, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), recordDependencyOnNewAcl(), recordExtensionInitPrivWorker(), RemoveRoleFromInitPriv(), ReplaceRoleInInitPriv(), and SetDefaultACL().

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 485 of file acl.c.

486 {
487  Acl *result_acl;
488  AclItem *aip;
489  int i,
490  num;
491 
492  /* Check for cases where one or both are empty/null */
493  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
494  {
495  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
496  return NULL;
497  else
498  return aclcopy(right_acl);
499  }
500  else
501  {
502  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
503  return aclcopy(left_acl);
504  }
505 
506  /* Merge them the hard way, one item at a time */
507  result_acl = aclcopy(left_acl);
508 
509  aip = ACL_DAT(right_acl);
510  num = ACL_NUM(right_acl);
511 
512  for (i = 0; i < num; i++, aip++)
513  {
514  Acl *tmp_acl;
515 
516  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
517  ownerId, DROP_RESTRICT);
518  pfree(result_acl);
519  result_acl = tmp_acl;
520  }
521 
522  return result_acl;
523 }
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:976
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:441
#define ACL_MODECHG_ADD
Definition: acl.h:129
void pfree(void *pointer)
Definition: mcxt.c:1521
@ DROP_RESTRICT
Definition: parsenodes.h:2341

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1103 of file acl.c.

1104 {
1105  Acl *new_acl;
1106  AclItem *new_aip;
1107  AclItem *old_aip;
1108  AclItem *dst_aip;
1109  AclItem *src_aip;
1110  AclItem *targ_aip;
1111  bool newpresent = false;
1112  int dst,
1113  src,
1114  targ,
1115  num;
1116 
1117  check_acl(old_acl);
1118 
1119  /*
1120  * Make a copy of the given ACL, substituting new owner ID for old
1121  * wherever it appears as either grantor or grantee. Also note if the new
1122  * owner ID is already present.
1123  */
1124  num = ACL_NUM(old_acl);
1125  old_aip = ACL_DAT(old_acl);
1126  new_acl = allocacl(num);
1127  new_aip = ACL_DAT(new_acl);
1128  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1129  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1130  {
1131  if (dst_aip->ai_grantor == oldOwnerId)
1132  dst_aip->ai_grantor = newOwnerId;
1133  else if (dst_aip->ai_grantor == newOwnerId)
1134  newpresent = true;
1135  if (dst_aip->ai_grantee == oldOwnerId)
1136  dst_aip->ai_grantee = newOwnerId;
1137  else if (dst_aip->ai_grantee == newOwnerId)
1138  newpresent = true;
1139  }
1140 
1141  /*
1142  * If the old ACL contained any references to the new owner, then we may
1143  * now have generated an ACL containing duplicate entries. Find them and
1144  * merge them so that there are not duplicates. (This is relatively
1145  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1146  * be the normal case.)
1147  *
1148  * To simplify deletion of duplicate entries, we temporarily leave them in
1149  * the array but set their privilege masks to zero; when we reach such an
1150  * entry it's just skipped. (Thus, a side effect of this code will be to
1151  * remove privilege-free entries, should there be any in the input.) dst
1152  * is the next output slot, targ is the currently considered input slot
1153  * (always >= dst), and src scans entries to the right of targ looking for
1154  * duplicates. Once an entry has been emitted to dst it is known
1155  * duplicate-free and need not be considered anymore.
1156  */
1157  if (newpresent)
1158  {
1159  dst = 0;
1160  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1161  {
1162  /* ignore if deleted in an earlier pass */
1163  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1164  continue;
1165  /* find and merge any duplicates */
1166  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1167  src++, src_aip++)
1168  {
1169  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1170  continue;
1171  if (aclitem_match(targ_aip, src_aip))
1172  {
1173  ACLITEM_SET_RIGHTS(*targ_aip,
1174  ACLITEM_GET_RIGHTS(*targ_aip) |
1175  ACLITEM_GET_RIGHTS(*src_aip));
1176  /* mark the duplicate deleted */
1177  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1178  }
1179  }
1180  /* and emit to output */
1181  new_aip[dst] = *targ_aip;
1182  dst++;
1183  }
1184  /* Adjust array size to be 'dst' items */
1185  ARR_DIMS(new_acl)[0] = dst;
1186  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1187  }
1188 
1189  return new_acl;
1190 }
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:697
#define ACL_N_SIZE(N)
Definition: acl.h:110
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
#define ARR_DIMS(a)
Definition: array.h:294
#define SET_VARSIZE(PTR, len)
Definition: varatt.h:305

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), change_owner_fix_column_acls(), and ReplaceRoleInInitPriv().

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip,
Node escontext 
)
static

Definition at line 257 of file acl.c.

258 {
259  AclMode privs,
260  goption,
261  read;
262  char name[NAMEDATALEN];
263  char name2[NAMEDATALEN];
264 
265  Assert(s && aip);
266 
267  s = getid(s, name, escontext);
268  if (s == NULL)
269  return NULL;
270  if (*s != '=')
271  {
272  /* we just read a keyword, not a name */
273  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
274  ereturn(escontext, NULL,
275  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
276  errmsg("unrecognized key word: \"%s\"", name),
277  errhint("ACL key word must be \"group\" or \"user\".")));
278  /* move s to the name beyond the keyword */
279  s = getid(s, name, escontext);
280  if (s == NULL)
281  return NULL;
282  if (name[0] == '\0')
283  ereturn(escontext, NULL,
284  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
285  errmsg("missing name"),
286  errhint("A name must follow the \"group\" or \"user\" key word.")));
287  }
288 
289  if (*s != '=')
290  ereturn(escontext, NULL,
291  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
292  errmsg("missing \"=\" sign")));
293 
294  privs = goption = ACL_NO_RIGHTS;
295 
296  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
297  {
298  switch (*s)
299  {
300  case '*':
301  goption |= read;
302  break;
303  case ACL_INSERT_CHR:
304  read = ACL_INSERT;
305  break;
306  case ACL_SELECT_CHR:
307  read = ACL_SELECT;
308  break;
309  case ACL_UPDATE_CHR:
310  read = ACL_UPDATE;
311  break;
312  case ACL_DELETE_CHR:
313  read = ACL_DELETE;
314  break;
315  case ACL_TRUNCATE_CHR:
316  read = ACL_TRUNCATE;
317  break;
318  case ACL_REFERENCES_CHR:
320  break;
321  case ACL_TRIGGER_CHR:
322  read = ACL_TRIGGER;
323  break;
324  case ACL_EXECUTE_CHR:
325  read = ACL_EXECUTE;
326  break;
327  case ACL_USAGE_CHR:
328  read = ACL_USAGE;
329  break;
330  case ACL_CREATE_CHR:
331  read = ACL_CREATE;
332  break;
333  case ACL_CREATE_TEMP_CHR:
335  break;
336  case ACL_CONNECT_CHR:
337  read = ACL_CONNECT;
338  break;
339  case ACL_SET_CHR:
340  read = ACL_SET;
341  break;
344  break;
345  case ACL_MAINTAIN_CHR:
346  read = ACL_MAINTAIN;
347  break;
348  default:
349  ereturn(escontext, NULL,
350  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
351  errmsg("invalid mode character: must be one of \"%s\"",
353  }
354 
355  privs |= read;
356  }
357 
358  if (name[0] == '\0')
359  aip->ai_grantee = ACL_ID_PUBLIC;
360  else
361  {
362  aip->ai_grantee = get_role_oid(name, true);
363  if (!OidIsValid(aip->ai_grantee))
364  ereturn(escontext, NULL,
365  (errcode(ERRCODE_UNDEFINED_OBJECT),
366  errmsg("role \"%s\" does not exist", name)));
367  }
368 
369  /*
370  * XXX Allow a degree of backward compatibility by defaulting the grantor
371  * to the superuser.
372  */
373  if (*s == '/')
374  {
375  s = getid(s + 1, name2, escontext);
376  if (s == NULL)
377  return NULL;
378  if (name2[0] == '\0')
379  ereturn(escontext, NULL,
380  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
381  errmsg("a name must follow the \"/\" sign")));
382  aip->ai_grantor = get_role_oid(name2, true);
383  if (!OidIsValid(aip->ai_grantor))
384  ereturn(escontext, NULL,
385  (errcode(ERRCODE_UNDEFINED_OBJECT),
386  errmsg("role \"%s\" does not exist", name2)));
387  }
388  else
389  {
390  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
392  (errcode(ERRCODE_INVALID_GRANTOR),
393  errmsg("defaulting grantor to user ID %u",
394  BOOTSTRAP_SUPERUSERID)));
395  }
396 
397  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
398 
399  return s;
400 }
static const char * getid(const char *s, char *n, Node *escontext)
Definition: acl.c:153
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5554
#define ACL_CREATE_CHR
Definition: acl.h:146
#define ACL_SET_CHR
Definition: acl.h:149
#define ACL_REFERENCES_CHR
Definition: acl.h:142
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
#define ACL_SELECT_CHR
Definition: acl.h:138
#define ACL_EXECUTE_CHR
Definition: acl.h:144
#define ACL_DELETE_CHR
Definition: acl.h:140
#define ACL_INSERT_CHR
Definition: acl.h:137
#define ACL_UPDATE_CHR
Definition: acl.h:139
#define ACL_ALTER_SYSTEM_CHR
Definition: acl.h:150
#define ACL_USAGE_CHR
Definition: acl.h:145
#define ACL_CONNECT_CHR
Definition: acl.h:148
#define ACL_TRIGGER_CHR
Definition: acl.h:143
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
#define ACL_MAINTAIN_CHR
Definition: acl.h:151
#define Assert(condition)
Definition: c.h:849
#define OidIsValid(objectId)
Definition: c.h:766
int errhint(const char *fmt,...)
Definition: elog.c:1317
#define WARNING
Definition: elog.h:36
#define read(a, b, c)
Definition: win32.h:13
#define ACL_SET
Definition: parsenodes.h:88
#define ACL_DELETE
Definition: parsenodes.h:79
#define ACL_MAINTAIN
Definition: parsenodes.h:90
#define ACL_INSERT
Definition: parsenodes.h:76
#define ACL_UPDATE
Definition: parsenodes.h:78
#define ACL_ALTER_SYSTEM
Definition: parsenodes.h:89
#define ACL_REFERENCES
Definition: parsenodes.h:81
#define ACL_SELECT
Definition: parsenodes.h:77
#define ACL_TRUNCATE
Definition: parsenodes.h:80
#define ACL_CREATE
Definition: parsenodes.h:85
#define ACL_TRIGGER
Definition: parsenodes.h:82
const char * name

References ACL_ALL_RIGHTS_STR, ACL_ALTER_SYSTEM, ACL_ALTER_SYSTEM_CHR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_MAINTAIN, ACL_MAINTAIN_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_SET, ACL_SET_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, ereport, ereturn, errcode(), errhint(), errmsg(), get_role_oid(), getid(), name, NAMEDATALEN, OidIsValid, read, and WARNING.

Referenced by aclitemin().

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1586 of file acl.c.

1587 {
1588  ereport(ERROR,
1589  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1590  errmsg("aclremove is no longer supported")));
1591 
1592  PG_RETURN_NULL(); /* keep compiler quiet */
1593 }

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 976 of file acl.c.

978 {
979  Acl *new_acl = NULL;
980  AclItem *old_aip,
981  *new_aip = NULL;
982  AclMode old_rights,
983  old_goptions,
984  new_rights,
985  new_goptions;
986  int dst,
987  num;
988 
989  /* Caller probably already checked old_acl, but be safe */
990  check_acl(old_acl);
991 
992  /* If granting grant options, check for circularity */
993  if (modechg != ACL_MODECHG_DEL &&
994  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
995  check_circularity(old_acl, mod_aip, ownerId);
996 
997  num = ACL_NUM(old_acl);
998  old_aip = ACL_DAT(old_acl);
999 
1000  /*
1001  * Search the ACL for an existing entry for this grantee and grantor. If
1002  * one exists, just modify the entry in-place (well, in the same position,
1003  * since we actually return a copy); otherwise, insert the new entry at
1004  * the end.
1005  */
1006 
1007  for (dst = 0; dst < num; ++dst)
1008  {
1009  if (aclitem_match(mod_aip, old_aip + dst))
1010  {
1011  /* found a match, so modify existing item */
1012  new_acl = allocacl(num);
1013  new_aip = ACL_DAT(new_acl);
1014  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
1015  break;
1016  }
1017  }
1018 
1019  if (dst == num)
1020  {
1021  /* need to append a new item */
1022  new_acl = allocacl(num + 1);
1023  new_aip = ACL_DAT(new_acl);
1024  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1025 
1026  /* initialize the new entry with no permissions */
1027  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
1028  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
1029  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
1031  num++; /* set num to the size of new_acl */
1032  }
1033 
1034  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1035  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1036 
1037  /* apply the specified permissions change */
1038  switch (modechg)
1039  {
1040  case ACL_MODECHG_ADD:
1041  ACLITEM_SET_RIGHTS(new_aip[dst],
1042  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
1043  break;
1044  case ACL_MODECHG_DEL:
1045  ACLITEM_SET_RIGHTS(new_aip[dst],
1046  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1047  break;
1048  case ACL_MODECHG_EQL:
1049  ACLITEM_SET_RIGHTS(new_aip[dst],
1050  ACLITEM_GET_RIGHTS(*mod_aip));
1051  break;
1052  }
1053 
1054  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1055  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1056 
1057  /*
1058  * If the adjusted entry has no permissions, delete it from the list.
1059  */
1060  if (new_rights == ACL_NO_RIGHTS)
1061  {
1062  memmove(new_aip + dst,
1063  new_aip + dst + 1,
1064  (num - dst - 1) * sizeof(AclItem));
1065  /* Adjust array size to be 'num - 1' items */
1066  ARR_DIMS(new_acl)[0] = num - 1;
1067  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1068  }
1069 
1070  /*
1071  * Remove abandoned privileges (cascading revoke). Currently we can only
1072  * handle this when the grantee is not PUBLIC.
1073  */
1074  if ((old_goptions & ~new_goptions) != 0)
1075  {
1076  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1077  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1078  (old_goptions & ~new_goptions),
1079  ownerId, behavior);
1080  }
1081 
1082  return new_acl;
1083 }
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1286
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1206
#define ACL_SIZE(ACL)
Definition: acl.h:111
#define ACL_MODECHG_DEL
Definition: acl.h:130
#define ACL_MODECHG_EQL
Definition: acl.h:131

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 410 of file acl.c.

411 {
412  Acl *new_acl;
413  Size size;
414 
415  if (n < 0)
416  elog(ERROR, "invalid size: %d", n);
417  size = ACL_N_SIZE(n);
418  new_acl = (Acl *) palloc0(size);
419  SET_VARSIZE(new_acl, size);
420  new_acl->ndim = 1;
421  new_acl->dataoffset = 0; /* we never put in any nulls */
422  new_acl->elemtype = ACLITEMOID;
423  ARR_LBOUND(new_acl)[0] = 1;
424  ARR_DIMS(new_acl)[0] = n;
425  return new_acl;
426 }
#define ARR_LBOUND(a)
Definition: array.h:296
size_t Size
Definition: c.h:596
void * palloc0(Size size)
Definition: mcxt.c:1347
static pg_noinline void Size size
Definition: slab.c:607
Oid elemtype
Definition: array.h:97
int ndim
Definition: array.h:95
int32 dataoffset
Definition: array.h:96

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), SET_VARSIZE, and size.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 574 of file acl.c.

575 {
576  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
577  ereport(ERROR,
578  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
579  errmsg("ACL array contains wrong data type")));
580  if (ARR_NDIM(acl) != 1)
581  ereport(ERROR,
582  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
583  errmsg("ACL arrays must be one-dimensional")));
584  if (ARR_HASNULL(acl))
585  ereport(ERROR,
586  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
587  errmsg("ACL arrays must not contain null values")));
588 }
#define ARR_NDIM(a)
Definition: array.h:290
#define ARR_ELEMTYPE(a)
Definition: array.h:292
#define ARR_HASNULL(a)
Definition: array.h:291

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

◆ check_can_set_role()

void check_can_set_role ( Oid  member,
Oid  role 
)

Definition at line 5325 of file acl.c.

5326 {
5327  if (!member_can_set_role(member, role))
5328  ereport(ERROR,
5329  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
5330  errmsg("must be able to SET ROLE \"%s\"",
5331  GetUserNameFromId(role, false))));
5332 }
bool member_can_set_role(Oid member, Oid role)
Definition: acl.c:5302
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:980

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and member_can_set_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterSubscriptionOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), and CreateSchemaCommand().

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1206 of file acl.c.

1208 {
1209  Acl *acl;
1210  AclItem *aip;
1211  int i,
1212  num;
1213  AclMode own_privs;
1214 
1215  check_acl(old_acl);
1216 
1217  /*
1218  * For now, grant options can only be granted to roles, not PUBLIC.
1219  * Otherwise we'd have to work a bit harder here.
1220  */
1221  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1222 
1223  /* The owner always has grant options, no need to check */
1224  if (mod_aip->ai_grantor == ownerId)
1225  return;
1226 
1227  /* Make a working copy */
1228  acl = allocacl(ACL_NUM(old_acl));
1229  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1230 
1231  /* Zap all grant options of target grantee, plus what depends on 'em */
1232 cc_restart:
1233  num = ACL_NUM(acl);
1234  aip = ACL_DAT(acl);
1235  for (i = 0; i < num; i++)
1236  {
1237  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1239  {
1240  Acl *new_acl;
1241 
1242  /* We'll actually zap ordinary privs too, but no matter */
1243  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1244  ownerId, DROP_CASCADE);
1245 
1246  pfree(acl);
1247  acl = new_acl;
1248 
1249  goto cc_restart;
1250  }
1251  }
1252 
1253  /* Now we can compute grantor's independently-derived privileges */
1254  own_privs = aclmask(acl,
1255  mod_aip->ai_grantor,
1256  ownerId,
1258  ACLMASK_ALL);
1259  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1260 
1261  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1262  ereport(ERROR,
1263  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1264  errmsg("grant options cannot be granted back to your own grantor")));
1265 
1266  pfree(acl);
1267 }
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1372
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
@ DROP_CASCADE
Definition: parsenodes.h:2342

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5695 of file acl.c.

5696 {
5697  if (!role)
5698  return;
5699 
5700  if (role->roletype != ROLESPEC_CSTRING)
5701  return;
5702 
5703  if (IsReservedName(role->rolename))
5704  {
5705  if (detail_msg)
5706  ereport(ERROR,
5707  (errcode(ERRCODE_RESERVED_NAME),
5708  errmsg("role name \"%s\" is reserved",
5709  role->rolename),
5710  errdetail_internal("%s", detail_msg)));
5711  else
5712  ereport(ERROR,
5713  (errcode(ERRCODE_RESERVED_NAME),
5714  errmsg("role name \"%s\" is reserved",
5715  role->rolename)));
5716  }
5717 }
bool IsReservedName(const char *name)
Definition: catalog.c:247
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1230
@ ROLESPEC_CSTRING
Definition: parsenodes.h:396
RoleSpecType roletype
Definition: parsenodes.h:406
char * rolename
Definition: parsenodes.h:407

References ereport, errcode(), errdetail_internal(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2519 of file acl.c.

2521 {
2522  AclResult aclresult;
2523  bool is_missing = false;
2524 
2525  /*
2526  * If convert_column_name failed, we can just return -1 immediately.
2527  */
2528  if (attnum == InvalidAttrNumber)
2529  return -1;
2530 
2531  /*
2532  * Check for column-level privileges first. This serves in part as a check
2533  * on whether the column even exists, so we need to do it before checking
2534  * table-level privilege.
2535  */
2536  aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
2537  mode, &is_missing);
2538  if (aclresult == ACLCHECK_OK)
2539  return 1;
2540  else if (is_missing)
2541  return -1;
2542 
2543  /* Next check if we have the privilege at the table level */
2544  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2545  if (aclresult == ACLCHECK_OK)
2546  return 1;
2547  else if (is_missing)
2548  return -1;
2549  else
2550  return 0;
2551 }
AclResult
Definition: acl.h:182
@ ACLCHECK_OK
Definition: acl.h:183
AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:4104
AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3935
#define InvalidAttrNumber
Definition: attnum.h:23
int16 attnum
Definition: pg_attribute.h:74
static PgChecksumMode mode
Definition: pg_checksums.c:56

References ACLCHECK_OK, attnum, InvalidAttrNumber, mode, pg_attribute_aclcheck_ext(), and pg_class_aclcheck_ext().

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1718 of file acl.c.

1719 {
1720  switch (aclright)
1721  {
1722  case ACL_INSERT:
1723  return "INSERT";
1724  case ACL_SELECT:
1725  return "SELECT";
1726  case ACL_UPDATE:
1727  return "UPDATE";
1728  case ACL_DELETE:
1729  return "DELETE";
1730  case ACL_TRUNCATE:
1731  return "TRUNCATE";
1732  case ACL_REFERENCES:
1733  return "REFERENCES";
1734  case ACL_TRIGGER:
1735  return "TRIGGER";
1736  case ACL_EXECUTE:
1737  return "EXECUTE";
1738  case ACL_USAGE:
1739  return "USAGE";
1740  case ACL_CREATE:
1741  return "CREATE";
1742  case ACL_CREATE_TEMP:
1743  return "TEMPORARY";
1744  case ACL_CONNECT:
1745  return "CONNECT";
1746  case ACL_SET:
1747  return "SET";
1748  case ACL_ALTER_SYSTEM:
1749  return "ALTER SYSTEM";
1750  case ACL_MAINTAIN:
1751  return "MAINTAIN";
1752  default:
1753  elog(ERROR, "unrecognized aclright: %d", aclright);
1754  return NULL;
1755  }
1756 }

References ACL_ALTER_SYSTEM, ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_MAINTAIN, ACL_REFERENCES, ACL_SELECT, ACL_SET, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1670 of file acl.c.

1672 {
1673  AclMode result = 0;
1674  char *priv_type = text_to_cstring(priv_type_text);
1675  char *chunk;
1676  char *next_chunk;
1677 
1678  /* We rely on priv_type being a private, modifiable string */
1679  for (chunk = priv_type; chunk; chunk = next_chunk)
1680  {
1681  int chunk_len;
1682  const priv_map *this_priv;
1683 
1684  /* Split string at commas */
1685  next_chunk = strchr(chunk, ',');
1686  if (next_chunk)
1687  *next_chunk++ = '\0';
1688 
1689  /* Drop leading/trailing whitespace in this chunk */
1690  while (*chunk && isspace((unsigned char) *chunk))
1691  chunk++;
1692  chunk_len = strlen(chunk);
1693  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1694  chunk_len--;
1695  chunk[chunk_len] = '\0';
1696 
1697  /* Match to the privileges list */
1698  for (this_priv = privileges; this_priv->name; this_priv++)
1699  {
1700  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1701  {
1702  result |= this_priv->value;
1703  break;
1704  }
1705  }
1706  if (!this_priv->name)
1707  ereport(ERROR,
1708  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1709  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1710  }
1711 
1712  pfree(priv_type);
1713  return result;
1714 }
uint64 chunk
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
Definition: acl.c:56
const char * name
Definition: acl.c:57
AclMode value
Definition: acl.c:58
char * text_to_cstring(const text *t)
Definition: varlena.c:217

References chunk, ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_largeobject_priv_string(), convert_parameter_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), convert_type_priv_string(), and makeaclitem().

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2879 of file acl.c.

2880 {
2881  char *colname;
2882  HeapTuple attTuple;
2884 
2885  colname = text_to_cstring(column);
2886 
2887  /*
2888  * We don't use get_attnum() here because it will report that dropped
2889  * columns don't exist. We need to treat dropped columns differently from
2890  * nonexistent columns.
2891  */
2892  attTuple = SearchSysCache2(ATTNAME,
2893  ObjectIdGetDatum(tableoid),
2894  CStringGetDatum(colname));
2895  if (HeapTupleIsValid(attTuple))
2896  {
2897  Form_pg_attribute attributeForm;
2898 
2899  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2900  /* We want to return NULL for dropped columns */
2901  if (attributeForm->attisdropped)
2903  else
2904  attnum = attributeForm->attnum;
2905  ReleaseSysCache(attTuple);
2906  }
2907  else
2908  {
2909  char *tablename = get_rel_name(tableoid);
2910 
2911  /*
2912  * If the table OID is bogus, or it's just been dropped, we'll get
2913  * NULL back. In such cases we want has_column_privilege to return
2914  * NULL too, so just return InvalidAttrNumber.
2915  */
2916  if (tablename != NULL)
2917  {
2918  /* tableoid exists, colname does not, so throw error */
2919  ereport(ERROR,
2920  (errcode(ERRCODE_UNDEFINED_COLUMN),
2921  errmsg("column \"%s\" of relation \"%s\" does not exist",
2922  colname, tablename)));
2923  }
2924  /* tableoid doesn't exist, so act like attisdropped case */
2926  }
2927 
2928  pfree(colname);
2929  return attnum;
2930 }
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1928
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:209
static Datum CStringGetDatum(const char *X)
Definition: postgres.h:350
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:232

References attnum, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum(), pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2937 of file acl.c.

2938 {
2939  static const priv_map column_priv_map[] = {
2940  {"SELECT", ACL_SELECT},
2941  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2942  {"INSERT", ACL_INSERT},
2943  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2944  {"UPDATE", ACL_UPDATE},
2945  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2946  {"REFERENCES", ACL_REFERENCES},
2947  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2948  {NULL, 0}
2949  };
2950 
2951  return convert_any_priv_string(priv_type_text, column_priv_map);
2952 }
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1670

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3131 of file acl.c.

3132 {
3133  char *dbname = text_to_cstring(databasename);
3134 
3135  return get_database_oid(dbname, false);
3136 }
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:3140
char * dbname
Definition: streamutil.c:52

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3143 of file acl.c.

3144 {
3145  static const priv_map database_priv_map[] = {
3146  {"CREATE", ACL_CREATE},
3147  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3148  {"TEMPORARY", ACL_CREATE_TEMP},
3149  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3150  {"TEMP", ACL_CREATE_TEMP},
3151  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3152  {"CONNECT", ACL_CONNECT},
3153  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3154  {NULL, 0}
3155  };
3156 
3157  return convert_any_priv_string(priv_type_text, database_priv_map);
3158 }

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3337 of file acl.c.

3338 {
3339  char *fdwstr = text_to_cstring(fdwname);
3340 
3341  return get_foreign_data_wrapper_oid(fdwstr, false);
3342 }
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:681

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3349 of file acl.c.

3350 {
3351  static const priv_map foreign_data_wrapper_priv_map[] = {
3352  {"USAGE", ACL_USAGE},
3353  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3354  {NULL, 0}
3355  };
3356 
3357  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3358 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3537 of file acl.c.

3538 {
3539  char *funcname = text_to_cstring(functionname);
3540  Oid oid;
3541 
3544 
3545  if (!OidIsValid(oid))
3546  ereport(ERROR,
3547  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3548  errmsg("function \"%s\" does not exist", funcname)));
3549 
3550  return oid;
3551 }
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:641
#define funcname
Definition: indent_codes.h:69
static Oid DatumGetObjectId(Datum X)
Definition: postgres.h:242
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:224

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, funcname, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3558 of file acl.c.

3559 {
3560  static const priv_map function_priv_map[] = {
3561  {"EXECUTE", ACL_EXECUTE},
3562  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3563  {NULL, 0}
3564  };
3565 
3566  return convert_any_priv_string(priv_type_text, function_priv_map);
3567 }

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3746 of file acl.c.

3747 {
3748  char *langname = text_to_cstring(languagename);
3749 
3750  return get_language_oid(langname, false);
3751 }
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:226

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3758 of file acl.c.

3759 {
3760  static const priv_map language_priv_map[] = {
3761  {"USAGE", ACL_USAGE},
3762  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3763  {NULL, 0}
3764  };
3765 
3766  return convert_any_priv_string(priv_type_text, language_priv_map);
3767 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

◆ convert_largeobject_priv_string()

static AclMode convert_largeobject_priv_string ( text priv_text)
static

Definition at line 4793 of file acl.c.

4794 {
4795  static const priv_map largeobject_priv_map[] = {
4796  {"SELECT", ACL_SELECT},
4797  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
4798  {"UPDATE", ACL_UPDATE},
4799  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
4800  {NULL, 0}
4801  };
4802 
4803  return convert_any_priv_string(priv_type_text, largeobject_priv_map);
4804 }

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_largeobject_privilege_id(), has_largeobject_privilege_id_id(), and has_largeobject_privilege_name_id().

◆ convert_parameter_priv_string()

static AclMode convert_parameter_priv_string ( text priv_text)
static

Definition at line 4657 of file acl.c.

4658 {
4659  static const priv_map parameter_priv_map[] = {
4660  {"SET", ACL_SET},
4661  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SET)},
4662  {"ALTER SYSTEM", ACL_ALTER_SYSTEM},
4663  {"ALTER SYSTEM WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_ALTER_SYSTEM)},
4664  {NULL, 0}
4665  };
4666 
4667  return convert_any_priv_string(priv_text, parameter_priv_map);
4668 }

References ACL_ALTER_SYSTEM, ACL_GRANT_OPTION_FOR, ACL_SET, and convert_any_priv_string().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4971 of file acl.c.

4972 {
4973  static const priv_map role_priv_map[] = {
4974  {"USAGE", ACL_USAGE},
4975  {"MEMBER", ACL_CREATE},
4976  {"SET", ACL_SET},
4977  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4978  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4979  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4980  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4981  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4982  {"SET WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4983  {NULL, 0}
4984  };
4985 
4986  return convert_any_priv_string(priv_type_text, role_priv_map);
4987 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_SET, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3946 of file acl.c.

3947 {
3948  char *nspname = text_to_cstring(schemaname);
3949 
3950  return get_namespace_oid(nspname, false);
3951 }
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3535

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3958 of file acl.c.

3959 {
3960  static const priv_map schema_priv_map[] = {
3961  {"CREATE", ACL_CREATE},
3962  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3963  {"USAGE", ACL_USAGE},
3964  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3965  {NULL, 0}
3966  };
3967 
3968  return convert_any_priv_string(priv_type_text, schema_priv_map);
3969 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2282 of file acl.c.

2283 {
2284  static const priv_map sequence_priv_map[] = {
2285  {"USAGE", ACL_USAGE},
2286  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2287  {"SELECT", ACL_SELECT},
2288  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2289  {"UPDATE", ACL_UPDATE},
2290  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2291  {NULL, 0}
2292  };
2293 
2294  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2295 }

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4148 of file acl.c.

4149 {
4150  char *serverstr = text_to_cstring(servername);
4151 
4152  return get_foreign_server_oid(serverstr, false);
4153 }
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:704

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4160 of file acl.c.

4161 {
4162  static const priv_map server_priv_map[] = {
4163  {"USAGE", ACL_USAGE},
4164  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4165  {NULL, 0}
4166  };
4167 
4168  return convert_any_priv_string(priv_type_text, server_priv_map);
4169 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2047 of file acl.c.

2048 {
2049  static const priv_map table_priv_map[] = {
2050  {"SELECT", ACL_SELECT},
2051  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2052  {"INSERT", ACL_INSERT},
2053  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2054  {"UPDATE", ACL_UPDATE},
2055  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2056  {"DELETE", ACL_DELETE},
2057  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2058  {"TRUNCATE", ACL_TRUNCATE},
2059  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2060  {"REFERENCES", ACL_REFERENCES},
2061  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2062  {"TRIGGER", ACL_TRIGGER},
2063  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2064  {"MAINTAIN", ACL_MAINTAIN},
2065  {"MAINTAIN WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_MAINTAIN)},
2066  {NULL, 0}
2067  };
2068 
2069  return convert_any_priv_string(priv_type_text, table_priv_map);
2070 }

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_MAINTAIN, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4348 of file acl.c.

4349 {
4350  char *spcname = text_to_cstring(tablespacename);
4351 
4352  return get_tablespace_oid(spcname, false);
4353 }
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1426

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4360 of file acl.c.

4361 {
4362  static const priv_map tablespace_priv_map[] = {
4363  {"CREATE", ACL_CREATE},
4364  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4365  {NULL, 0}
4366  };
4367 
4368  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4369 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4547 of file acl.c.

4548 {
4549  char *typname = text_to_cstring(typename);
4550  Oid oid;
4551 
4554 
4555  if (!OidIsValid(oid))
4556  ereport(ERROR,
4557  (errcode(ERRCODE_UNDEFINED_OBJECT),
4558  errmsg("type \"%s\" does not exist", typname)));
4559 
4560  return oid;
4561 }
NameData typname
Definition: pg_type.h:41
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1176

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4568 of file acl.c.

4569 {
4570  static const priv_map type_priv_map[] = {
4571  {"USAGE", ACL_USAGE},
4572  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4573  {NULL, 0}
4574  };
4575 
4576  return convert_any_priv_string(priv_type_text, type_priv_map);
4577 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5438 of file acl.c.

5439 {
5440  int nbits = 0;
5441 
5442  /* this code relies on AclMode being an unsigned type */
5443  while (mask)
5444  {
5445  if (mask & 1)
5446  nbits++;
5447  mask >>= 1;
5448  }
5449  return nbits;
5450 }

Referenced by select_best_grantor().

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5554 of file acl.c.

5555 {
5556  Oid oid;
5557 
5558  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5560  if (!OidIsValid(oid) && !missing_ok)
5561  ereport(ERROR,
5562  (errcode(ERRCODE_UNDEFINED_OBJECT),
5563  errmsg("role \"%s\" does not exist", rolname)));
5564  return oid;
5565 }
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:109

References CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, OidIsValid, and rolname.

Referenced by aclparse(), check_hba(), check_ident_usermap(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), shell_check_detail(), and worker_spi_launch().

◆ get_role_oid_or_public()

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5673 of file acl.c.

5674 {
5675  HeapTuple tp;
5676  Form_pg_authid authForm;
5677  char *rolename;
5678 
5679  tp = get_rolespec_tuple(role);
5680  authForm = (Form_pg_authid) GETSTRUCT(tp);
5681  rolename = pstrdup(NameStr(authForm->rolname));
5682  ReleaseSysCache(tp);
5683 
5684  return rolename;
5685 }
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5627
char * pstrdup(const char *in)
Definition: mcxt.c:1696

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5588 of file acl.c.

5589 {
5590  Oid oid;
5591 
5592  switch (role->roletype)
5593  {
5594  case ROLESPEC_CSTRING:
5595  Assert(role->rolename);
5596  oid = get_role_oid(role->rolename, missing_ok);
5597  break;
5598 
5599  case ROLESPEC_CURRENT_ROLE:
5600  case ROLESPEC_CURRENT_USER:
5601  oid = GetUserId();
5602  break;
5603 
5604  case ROLESPEC_SESSION_USER:
5605  oid = GetSessionUserId();
5606  break;
5607 
5608  case ROLESPEC_PUBLIC:
5609  ereport(ERROR,
5610  (errcode(ERRCODE_UNDEFINED_OBJECT),
5611  errmsg("role \"%s\" does not exist", "public")));
5612  oid = InvalidOid; /* make compiler happy */
5613  break;
5614 
5615  default:
5616  elog(ERROR, "unexpected role type %d", role->roletype);
5617  }
5618 
5619  return oid;
5620 }
Oid GetUserId(void)
Definition: miscinit.c:514
Oid GetSessionUserId(void)
Definition: miscinit.c:548
@ ROLESPEC_CURRENT_USER
Definition: parsenodes.h:398
@ ROLESPEC_SESSION_USER
Definition: parsenodes.h:399
@ ROLESPEC_CURRENT_ROLE
Definition: parsenodes.h:397
@ ROLESPEC_PUBLIC
Definition: parsenodes.h:400
#define InvalidOid
Definition: postgres_ext.h:36

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5627 of file acl.c.

5628 {
5629  HeapTuple tuple;
5630 
5631  switch (role->roletype)
5632  {
5633  case ROLESPEC_CSTRING:
5634  Assert(role->rolename);
5635  tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
5636  if (!HeapTupleIsValid(tuple))
5637  ereport(ERROR,
5638  (errcode(ERRCODE_UNDEFINED_OBJECT),
5639  errmsg("role \"%s\" does not exist", role->rolename)));
5640  break;
5641 
5642  case ROLESPEC_CURRENT_ROLE:
5643  case ROLESPEC_CURRENT_USER:
5644  tuple = SearchSysCache1(AUTHOID, ObjectIdGetDatum(GetUserId()));
5645  if (!HeapTupleIsValid(tuple))
5646  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5647  break;
5648 
5649  case ROLESPEC_SESSION_USER:
5650  tuple = SearchSysCache1(AUTHOID, ObjectIdGetDatum(GetSessionUserId()));
5651  if (!HeapTupleIsValid(tuple))
5652  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5653  break;
5654 
5655  case ROLESPEC_PUBLIC:
5656  ereport(ERROR,
5657  (errcode(ERRCODE_UNDEFINED_OBJECT),
5658  errmsg("role \"%s\" does not exist", "public")));
5659  tuple = NULL; /* make compiler happy */
5660  break;
5661 
5662  default:
5663  elog(ERROR, "unexpected role type %d", role->roletype);
5664  }
5665 
5666  return tuple;
5667 }

References Assert, CStringGetDatum(), elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, ObjectIdGetDatum(), RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

◆ getid()

static const char * getid ( const char *  s,
char *  n,
Node escontext 
)
static

Definition at line 153 of file acl.c.

154 {
155  int len = 0;
156  bool in_quotes = false;
157 
158  Assert(s && n);
159 
160  while (isspace((unsigned char) *s))
161  s++;
162  /* This code had better match what putid() does, below */
163  for (;
164  *s != '\0' &&
165  (isalnum((unsigned char) *s) ||
166  *s == '_' ||
167  *s == '"' ||
168  in_quotes);
169  s++)
170  {
171  if (*s == '"')
172  {
173  /* safe to look at next char (could be '\0' though) */
174  if (*(s + 1) != '"')
175  {
176  in_quotes = !in_quotes;
177  continue;
178  }
179  /* it's an escaped double quote; skip the escaping char */
180  s++;
181  }
182 
183  /* Add the character to the string */
184  if (len >= NAMEDATALEN - 1)
185  ereturn(escontext, NULL,
186  (errcode(ERRCODE_NAME_TOO_LONG),
187  errmsg("identifier too long"),
188  errdetail("Identifier must be less than %d characters.",
189  NAMEDATALEN)));
190 
191  n[len++] = *s;
192  }
193  n[len] = '\0';
194  while (isspace((unsigned char) *s))
195  s++;
196  return s;
197 }
int errdetail(const char *fmt,...)
Definition: elog.c:1203
const void size_t len

References Assert, ereturn, errcode(), errdetail(), errmsg(), len, and NAMEDATALEN.

Referenced by aclparse().

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2408 of file acl.c.

2409 {
2410  Oid tableoid = PG_GETARG_OID(0);
2411  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2412  Oid roleid;
2413  AclMode mode;
2414  AclResult aclresult;
2415  bool is_missing = false;
2416 
2417  roleid = GetUserId();
2418  mode = convert_column_priv_string(priv_type_text);
2419 
2420  /* First check at table level, then examine each column if needed */
2421  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2422  if (aclresult != ACLCHECK_OK)
2423  {
2424  if (is_missing)
2425  PG_RETURN_NULL();
2426  aclresult = pg_attribute_aclcheck_all_ext(tableoid, roleid, mode,
2427  ACLMASK_ANY, &is_missing);
2428  if (is_missing)
2429  PG_RETURN_NULL();
2430  }
2431 
2432  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2433 }
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2937
@ ACLMASK_ANY
Definition: acl.h:177
AclResult pg_attribute_aclcheck_all_ext(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how, bool *is_missing)
Definition: aclchk.c:3976
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
Definition: c.h:678

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, pg_attribute_aclcheck_all_ext(), pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2468 of file acl.c.

2469 {
2470  Oid roleid = PG_GETARG_OID(0);
2471  Oid tableoid = PG_GETARG_OID(1);
2472  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2473  AclMode mode;
2474  AclResult aclresult;
2475  bool is_missing = false;
2476 
2477  mode = convert_column_priv_string(priv_type_text);
2478 
2479  /* First check at table level, then examine each column if needed */
2480  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2481  if (aclresult != ACLCHECK_OK)
2482  {
2483  if (is_missing)
2484  PG_RETURN_NULL();
2485  aclresult = pg_attribute_aclcheck_all_ext(tableoid, roleid, mode,
2486  ACLMASK_ANY, &is_missing);
2487  if (is_missing)
2488  PG_RETURN_NULL();
2489  }
2490 
2491  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2492 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, pg_attribute_aclcheck_all_ext(), pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2441 of file acl.c.

2442 {
2443  Oid roleid = PG_GETARG_OID(0);
2444  text *tablename = PG_GETARG_TEXT_PP(1);
2445  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2446  Oid tableoid;
2447  AclMode mode;
2448  AclResult aclresult;
2449 
2450  tableoid = convert_table_name(tablename);
2451  mode = convert_column_priv_string(priv_type_text);
2452 
2453  /* First check at table level, then examine each column if needed */
2454  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2455  if (aclresult != ACLCHECK_OK)
2456  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2457  ACLMASK_ANY);
2458 
2459  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2460 }
static Oid convert_table_name(text *tablename)
Definition: acl.c:2032
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:3965
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4094

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2345 of file acl.c.

2346 {
2347  text *tablename = PG_GETARG_TEXT_PP(0);
2348  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2349  Oid roleid;
2350  Oid tableoid;
2351  AclMode mode;
2352  AclResult aclresult;
2353 
2354  roleid = GetUserId();
2355  tableoid = convert_table_name(tablename);
2356  mode = convert_column_priv_string(priv_type_text);
2357 
2358  /* First check at table level, then examine each column if needed */
2359  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2360  if (aclresult != ACLCHECK_OK)
2361  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2362  ACLMASK_ANY);
2363 
2364  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2365 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2373 of file acl.c.

2374 {
2376  Oid tableoid = PG_GETARG_OID(1);
2377  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2378  Oid roleid;
2379  AclMode mode;
2380  AclResult aclresult;
2381  bool is_missing = false;
2382 
2384  mode = convert_column_priv_string(priv_type_text);
2385 
2386  /* First check at table level, then examine each column if needed */
2387  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2388  if (aclresult != ACLCHECK_OK)
2389  {
2390  if (is_missing)
2391  PG_RETURN_NULL();
2392  aclresult = pg_attribute_aclcheck_all_ext(tableoid, roleid, mode,
2393  ACLMASK_ANY, &is_missing);
2394  if (is_missing)
2395  PG_RETURN_NULL();
2396  }
2397 
2398  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2399 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5572
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278
static char * username
Definition: initdb.c:153
Definition: c.h:732

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all_ext(), pg_class_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2315 of file acl.c.

2316 {
2317  Name rolename = PG_GETARG_NAME(0);
2318  text *tablename = PG_GETARG_TEXT_PP(1);
2319  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2320  Oid roleid;
2321  Oid tableoid;
2322  AclMode mode;
2323  AclResult aclresult;
2324 
2325  roleid = get_role_oid_or_public(NameStr(*rolename));
2326  tableoid = convert_table_name(tablename);
2327  mode = convert_column_priv_string(priv_type_text);
2328 
2329  /* First check at table level, then examine each column if needed */
2330  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2331  if (aclresult != ACLCHECK_OK)
2332  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2333  ACLMASK_ANY);
2334 
2335  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2336 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2851 of file acl.c.

2852 {
2853  Oid tableoid = PG_GETARG_OID(0);
2854  AttrNumber colattnum = PG_GETARG_INT16(1);
2855  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2856  Oid roleid;
2857  AclMode mode;
2858  int privresult;
2859 
2860  roleid = GetUserId();
2861  mode = convert_column_priv_string(priv_type_text);
2862 
2863  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2864  if (privresult < 0)
2865  PG_RETURN_NULL();
2866  PG_RETURN_BOOL(privresult);
2867 }
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2519
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2744 of file acl.c.

2745 {
2746  Oid roleid = PG_GETARG_OID(0);
2747  Oid tableoid = PG_GETARG_OID(1);
2748  AttrNumber colattnum = PG_GETARG_INT16(2);
2749  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2750  AclMode mode;
2751  int privresult;
2752 
2753  mode = convert_column_priv_string(priv_type_text);
2754 
2755  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2756  if (privresult < 0)
2757  PG_RETURN_NULL();
2758  PG_RETURN_BOOL(privresult);
2759 }

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2719 of file acl.c.

2720 {
2721  Oid roleid = PG_GETARG_OID(0);
2722  Oid tableoid = PG_GETARG_OID(1);
2723  text *column = PG_GETARG_TEXT_PP(2);
2724  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2725  AttrNumber colattnum;
2726  AclMode mode;
2727  int privresult;
2728 
2729  colattnum = convert_column_name(tableoid, column);
2730  mode = convert_column_priv_string(priv_type_text);
2731 
2732  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2733  if (privresult < 0)
2734  PG_RETURN_NULL();
2735  PG_RETURN_BOOL(privresult);
2736 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2879

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2824 of file acl.c.

2825 {
2826  Oid tableoid = PG_GETARG_OID(0);
2827  text *column = PG_GETARG_TEXT_PP(1);
2828  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2829  Oid roleid;
2830  AttrNumber colattnum;
2831  AclMode mode;
2832  int privresult;
2833 
2834  roleid = GetUserId();
2835  colattnum = convert_column_name(tableoid, column);
2836  mode = convert_column_priv_string(priv_type_text);
2837 
2838  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2839  if (privresult < 0)
2840  PG_RETURN_NULL();
2841  PG_RETURN_BOOL(privresult);
2842 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2694 of file acl.c.

2695 {
2696  Oid roleid = PG_GETARG_OID(0);
2697  text *tablename = PG_GETARG_TEXT_PP(1);
2698  AttrNumber colattnum = PG_GETARG_INT16(2);
2699  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2700  Oid tableoid;
2701  AclMode mode;
2702  int privresult;
2703 
2704  tableoid = convert_table_name(tablename);
2705  mode = convert_column_priv_string(priv_type_text);
2706 
2707  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2708  if (privresult < 0)
2709  PG_RETURN_NULL();
2710  PG_RETURN_BOOL(privresult);
2711 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2667 of file acl.c.

2668 {
2669  Oid roleid = PG_GETARG_OID(0);
2670  text *tablename = PG_GETARG_TEXT_PP(1);
2671  text *column = PG_GETARG_TEXT_PP(2);
2672  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2673  Oid tableoid;
2674  AttrNumber colattnum;
2675  AclMode mode;
2676  int privresult;
2677 
2678  tableoid = convert_table_name(tablename);
2679  colattnum = convert_column_name(tableoid, column);
2680  mode = convert_column_priv_string(priv_type_text);
2681 
2682  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2683  if (privresult < 0)
2684  PG_RETURN_NULL();
2685  PG_RETURN_BOOL(privresult);
2686 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2797 of file acl.c.

2798 {
2799  text *tablename = PG_GETARG_TEXT_PP(0);
2800  AttrNumber colattnum = PG_GETARG_INT16(1);
2801  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2802  Oid roleid;
2803  Oid tableoid;
2804  AclMode mode;
2805  int privresult;
2806 
2807  roleid = GetUserId();
2808  tableoid = convert_table_name(tablename);
2809  mode = convert_column_priv_string(priv_type_text);
2810 
2811  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2812  if (privresult < 0)
2813  PG_RETURN_NULL();
2814  PG_RETURN_BOOL(privresult);
2815 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2642 of file acl.c.

2643 {
2645  Oid tableoid = PG_GETARG_OID(1);
2646  AttrNumber colattnum = PG_GETARG_INT16(2);
2647  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2648  Oid roleid;
2649  AclMode mode;
2650  int privresult;
2651 
2653  mode = convert_column_priv_string(priv_type_text);
2654 
2655  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2656  if (privresult < 0)
2657  PG_RETURN_NULL();
2658  PG_RETURN_BOOL(privresult);
2659 }

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2615 of file acl.c.

2616 {
2618  Oid tableoid = PG_GETARG_OID(1);
2619  text *column = PG_GETARG_TEXT_PP(2);
2620  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2621  Oid roleid;
2622  AttrNumber colattnum;
2623  AclMode mode;
2624  int privresult;
2625 
2627  colattnum = convert_column_name(tableoid, column);
2628  mode = convert_column_priv_string(priv_type_text);
2629 
2630  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2631  if (privresult < 0)
2632  PG_RETURN_NULL();
2633  PG_RETURN_BOOL(privresult);
2634 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2768 of file acl.c.

2769 {
2770  text *tablename = PG_GETARG_TEXT_PP(0);
2771  text *column = PG_GETARG_TEXT_PP(1);
2772  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2773  Oid roleid;
2774  Oid tableoid;
2775  AttrNumber colattnum;
2776  AclMode mode;
2777  int privresult;
2778 
2779  roleid = GetUserId();
2780  tableoid = convert_table_name(tablename);
2781  colattnum = convert_column_name(tableoid, column);
2782  mode = convert_column_priv_string(priv_type_text);
2783 
2784  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2785  if (privresult < 0)
2786  PG_RETURN_NULL();
2787  PG_RETURN_BOOL(privresult);
2788 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2588 of file acl.c.

2589 {
2590  Name rolename = PG_GETARG_NAME(0);
2591  text *tablename = PG_GETARG_TEXT_PP(1);
2592  AttrNumber colattnum = PG_GETARG_INT16(2);
2593  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2594  Oid roleid;
2595  Oid tableoid;
2596  AclMode mode;
2597  int privresult;
2598 
2599  roleid = get_role_oid_or_public(NameStr(*rolename));
2600  tableoid = convert_table_name(tablename);
2601  mode = convert_column_priv_string(priv_type_text);
2602 
2603  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2604  if (privresult < 0)
2605  PG_RETURN_NULL();
2606  PG_RETURN_BOOL(privresult);
2607 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2559 of file acl.c.

2560 {
2561  Name rolename = PG_GETARG_NAME(0);
2562  text *tablename = PG_GETARG_TEXT_PP(1);
2563  text *column = PG_GETARG_TEXT_PP(2);
2564  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2565  Oid roleid;
2566  Oid tableoid;
2567  AttrNumber colattnum;
2568  AclMode mode;
2569  int privresult;
2570 
2571  roleid = get_role_oid_or_public(NameStr(*rolename));
2572  tableoid = convert_table_name(tablename);
2573  colattnum = convert_column_name(tableoid, column);
2574  mode = convert_column_priv_string(priv_type_text);
2575 
2576  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2577  if (privresult < 0)
2578  PG_RETURN_NULL();
2579  PG_RETURN_BOOL(privresult);
2580 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3051 of file acl.c.

3052 {
3053  Oid databaseoid = PG_GETARG_OID(0);
3054  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3055  Oid roleid;
3056  AclMode mode;
3057  AclResult aclresult;
3058  bool is_missing = false;
3059 
3060  roleid = GetUserId();
3061  mode = convert_database_priv_string(priv_type_text);
3062 
3063  aclresult = object_aclcheck_ext(DatabaseRelationId, databaseoid,
3064  roleid, mode,
3065  &is_missing);
3066 
3067  if (is_missing)
3068  PG_RETURN_NULL();
3069 
3070  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3071 }
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3143
AclResult object_aclcheck_ext(Oid classid, Oid objectid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3901

References ACLCHECK_OK, convert_database_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3102 of file acl.c.

3103 {
3104  Oid roleid = PG_GETARG_OID(0);
3105  Oid databaseoid = PG_GETARG_OID(1);
3106  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3107  AclMode mode;
3108  AclResult aclresult;
3109  bool is_missing = false;
3110 
3111  mode = convert_database_priv_string(priv_type_text);
3112 
3113  aclresult = object_aclcheck_ext(DatabaseRelationId, databaseoid,
3114  roleid, mode,
3115  &is_missing);
3116 
3117  if (is_missing)
3118  PG_RETURN_NULL();
3119 
3120  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3121 }

References ACLCHECK_OK, convert_database_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3079 of file acl.c.

3080 {
3081  Oid roleid = PG_GETARG_OID(0);
3082  text *databasename = PG_GETARG_TEXT_PP(1);
3083  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3084  Oid databaseoid;
3085  AclMode mode;
3086  AclResult aclresult;
3087 
3088  databaseoid = convert_database_name(databasename);
3089  mode = convert_database_priv_string(priv_type_text);
3090 
3091  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3092 
3093  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3094 }
static Oid convert_database_name(text *databasename)
Definition: acl.c:3131
AclResult object_aclcheck(Oid classid, Oid objectid, Oid roleid, AclMode mode)
Definition: aclchk.c:3891

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2997 of file acl.c.

2998 {
2999  text *databasename = PG_GETARG_TEXT_PP(0);
3000  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3001  Oid roleid;
3002  Oid databaseoid;
3003  AclMode mode;
3004  AclResult aclresult;
3005 
3006  roleid = GetUserId();
3007  databaseoid = convert_database_name(databasename);
3008  mode = convert_database_priv_string(priv_type_text);
3009 
3010  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3011 
3012  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3013 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3021 of file acl.c.

3022 {
3024  Oid databaseoid = PG_GETARG_OID(1);
3025  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3026  Oid roleid;
3027  AclMode mode;
3028  AclResult aclresult;
3029  bool is_missing = false;
3030 
3032  mode = convert_database_priv_string(priv_type_text);
3033 
3034  aclresult = object_aclcheck_ext(DatabaseRelationId, databaseoid,
3035  roleid, mode,
3036  &is_missing);
3037 
3038  if (is_missing)
3039  PG_RETURN_NULL();
3040 
3041  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3042 }

References ACLCHECK_OK, convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2971 of file acl.c.

2972 {
2974  text *databasename = PG_GETARG_TEXT_PP(1);
2975  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2976  Oid roleid;
2977  Oid databaseoid;
2978  AclMode mode;
2979  AclResult aclresult;
2980 
2982  databaseoid = convert_database_name(databasename);
2983  mode = convert_database_priv_string(priv_type_text);
2984 
2985  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2986 
2987  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2988 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3257 of file acl.c.

3258 {
3259  Oid fdwid = PG_GETARG_OID(0);
3260  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3261  Oid roleid;
3262  AclMode mode;
3263  AclResult aclresult;
3264  bool is_missing = false;
3265 
3266  roleid = GetUserId();
3268 
3269  aclresult = object_aclcheck_ext(ForeignDataWrapperRelationId, fdwid,
3270  roleid, mode,
3271  &is_missing);
3272 
3273  if (is_missing)
3274  PG_RETURN_NULL();
3275 
3276  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3277 }
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3349

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3308 of file acl.c.

3309 {
3310  Oid roleid = PG_GETARG_OID(0);
3311  Oid fdwid = PG_GETARG_OID(1);
3312  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3313  AclMode mode;
3314  AclResult aclresult;
3315  bool is_missing = false;
3316 
3318 
3319  aclresult = object_aclcheck_ext(ForeignDataWrapperRelationId, fdwid,
3320  roleid, mode,
3321  &is_missing);
3322 
3323  if (is_missing)
3324  PG_RETURN_NULL();
3325 
3326  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3327 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3285 of file acl.c.

3286 {
3287  Oid roleid = PG_GETARG_OID(0);
3288  text *fdwname = PG_GETARG_TEXT_PP(1);
3289  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3290  Oid fdwid;
3291  AclMode mode;
3292  AclResult aclresult;
3293 
3294  fdwid = convert_foreign_data_wrapper_name(fdwname);
3296 
3297  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3298 
3299  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3300 }
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3337

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3203 of file acl.c.

3204 {
3205  text *fdwname = PG_GETARG_TEXT_PP(0);
3206  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3207  Oid roleid;
3208  Oid fdwid;
3209  AclMode mode;
3210  AclResult aclresult;
3211 
3212  roleid = GetUserId();
3213  fdwid = convert_foreign_data_wrapper_name(fdwname);
3215 
3216  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3217 
3218  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3219 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3227 of file acl.c.

3228 {
3230  Oid fdwid = PG_GETARG_OID(1);
3231  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3232  Oid roleid;
3233  AclMode mode;
3234  AclResult aclresult;
3235  bool is_missing = false;
3236 
3239 
3240  aclresult = object_aclcheck_ext(ForeignDataWrapperRelationId, fdwid,
3241  roleid, mode,
3242  &is_missing);
3243 
3244  if (is_missing)
3245  PG_RETURN_NULL();
3246 
3247  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3248 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3177 of file acl.c.

3178 {
3180  text *fdwname = PG_GETARG_TEXT_PP(1);
3181  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3182  Oid roleid;
3183  Oid fdwid;
3184  AclMode mode;
3185  AclResult aclresult;
3186 
3188  fdwid = convert_foreign_data_wrapper_name(fdwname);
3190 
3191  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3192 
3193  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3194 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3457 of file acl.c.

3458 {
3459  Oid functionoid = PG_GETARG_OID(0);
3460  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3461  Oid roleid;
3462  AclMode mode;
3463  AclResult aclresult;
3464  bool is_missing = false;
3465 
3466  roleid = GetUserId();
3467  mode = convert_function_priv_string(priv_type_text);
3468 
3469  aclresult = object_aclcheck_ext(ProcedureRelationId, functionoid,
3470  roleid, mode,
3471  &is_missing);
3472 
3473  if (is_missing)
3474  PG_RETURN_NULL();
3475 
3476  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3477 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3558

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_function_privilege_id_id()

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3508 of file acl.c.

3509 {
3510  Oid roleid = PG_GETARG_OID(0);
3511  Oid functionoid = PG_GETARG_OID(1);
3512  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3513  AclMode mode;
3514  AclResult aclresult;
3515  bool is_missing = false;
3516 
3517  mode = convert_function_priv_string(priv_type_text);
3518 
3519  aclresult = object_aclcheck_ext(ProcedureRelationId, functionoid,
3520  roleid, mode,
3521  &is_missing);
3522 
3523  if (is_missing)
3524  PG_RETURN_NULL();
3525 
3526  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3527 }

References ACLCHECK_OK, convert_function_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_function_privilege_id_name()

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3485 of file acl.c.

3486 {
3487  Oid roleid = PG_GETARG_OID(0);
3488  text *functionname = PG_GETARG_TEXT_PP(1);
3489  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3490  Oid functionoid;
3491  AclMode mode;
3492  AclResult aclresult;
3493 
3494  functionoid = convert_function_name(functionname);
3495  mode = convert_function_priv_string(priv_type_text);
3496 
3497  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3498 
3499  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3500 }
static Oid convert_function_name(text *functionname)
Definition: acl.c:3537

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name()

Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3403 of file acl.c.

3404 {
3405  text *functionname = PG_GETARG_TEXT_PP(0);
3406  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3407  Oid roleid;
3408  Oid functionoid;
3409  AclMode mode;
3410  AclResult aclresult;
3411 
3412  roleid = GetUserId();
3413  functionoid = convert_function_name(functionname);
3414  mode = convert_function_priv_string(priv_type_text);
3415 
3416  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3417 
3418  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3419 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name_id()

Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3427 of file acl.c.

3428 {
3430  Oid functionoid = PG_GETARG_OID(1);
3431  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3432  Oid roleid;
3433  AclMode mode;
3434  AclResult aclresult;
3435  bool is_missing = false;
3436 
3438  mode = convert_function_priv_string(priv_type_text);
3439 
3440  aclresult = object_aclcheck_ext(ProcedureRelationId, functionoid,
3441  roleid, mode,
3442  &is_missing);
3443 
3444  if (is_missing)
3445  PG_RETURN_NULL();
3446 
3447  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3448 }

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_function_privilege_name_name()

Datum has_function_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3377 of file acl.c.

3378 {
3380  text *functionname = PG_GETARG_TEXT_PP(1);
3381  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3382  Oid roleid;
3383  Oid functionoid;
3384  AclMode mode;
3385  AclResult aclresult;
3386 
3388  functionoid = convert_function_name(functionname);
3389  mode = convert_function_priv_string(priv_type_text);
3390 
3391  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3392 
3393  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3394 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_language_privilege_id()

Datum has_language_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3666 of file acl.c.

3667 {
3668  Oid languageoid = PG_GETARG_OID(0);
3669  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3670  Oid roleid;
3671  AclMode mode;
3672  AclResult aclresult;
3673  bool is_missing = false;
3674 
3675  roleid = GetUserId();
3676  mode = convert_language_priv_string(priv_type_text);
3677 
3678  aclresult = object_aclcheck_ext(LanguageRelationId, languageoid,
3679  roleid, mode,
3680  &is_missing);
3681 
3682  if (is_missing)
3683  PG_RETURN_NULL();
3684 
3685  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3686 }
static AclMode convert_language_priv_string(text *priv_type_text)
Definition: acl.c:3758

References ACLCHECK_OK, convert_language_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_language_privilege_id_id()

Datum has_language_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3717 of file acl.c.

3718 {
3719  Oid roleid = PG_GETARG_OID(0);
3720  Oid languageoid = PG_GETARG_OID(1);
3721  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3722  AclMode mode;
3723  AclResult aclresult;
3724  bool is_missing = false;
3725 
3726  mode = convert_language_priv_string(priv_type_text);
3727 
3728  aclresult = object_aclcheck_ext(LanguageRelationId, languageoid,
3729  roleid, mode,
3730  &is_missing);
3731 
3732  if (is_missing)
3733  PG_RETURN_NULL();
3734 
3735  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3736 }

References ACLCHECK_OK, convert_language_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_language_privilege_id_name()

Datum has_language_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3694 of file acl.c.

3695 {
3696  Oid roleid = PG_GETARG_OID(0);
3697  text *languagename = PG_GETARG_TEXT_PP(1);
3698  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3699  Oid languageoid;
3700  AclMode mode;
3701  AclResult aclresult;
3702 
3703  languageoid = convert_language_name(languagename);
3704  mode = convert_language_priv_string(priv_type_text);
3705 
3706  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3707 
3708  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3709 }
static Oid convert_language_name(text *languagename)
Definition: acl.c:3746

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name()

Datum has_language_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3612 of file acl.c.

3613 {
3614  text *languagename = PG_GETARG_TEXT_PP(0);
3615  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3616  Oid roleid;
3617  Oid languageoid;
3618  AclMode mode;
3619  AclResult aclresult;
3620 
3621  roleid = GetUserId();
3622  languageoid = convert_language_name(languagename);
3623  mode = convert_language_priv_string(priv_type_text);
3624 
3625  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3626 
3627  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3628 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name_id()

Datum has_language_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3636 of file acl.c.

3637 {
3639  Oid languageoid = PG_GETARG_OID(1);
3640  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3641  Oid roleid;
3642  AclMode mode;
3643  AclResult aclresult;
3644  bool is_missing = false;
3645 
3647  mode = convert_language_priv_string(priv_type_text);
3648 
3649  aclresult = object_aclcheck_ext(LanguageRelationId, languageoid,
3650  roleid, mode,
3651  &is_missing);
3652 
3653  if (is_missing)
3654  PG_RETURN_NULL();
3655 
3656  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3657 }

References ACLCHECK_OK, convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_language_privilege_name_name()

Datum has_language_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3586 of file acl.c.

3587 {
3589  text *languagename = PG_GETARG_TEXT_PP(1);
3590  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3591  Oid roleid;
3592  Oid languageoid;
3593  AclMode mode;
3594  AclResult aclresult;
3595 
3597  languageoid = convert_language_name(languagename);
3598  mode = convert_language_priv_string(priv_type_text);
3599 
3600  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3601 
3602  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3603 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_largeobject_privilege_id()

Datum has_largeobject_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4746 of file acl.c.

4747 {
4748  Oid lobjId = PG_GETARG_OID(0);
4749  Oid roleid = GetUserId();
4750  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4751  AclMode mode;
4752  bool is_missing = false;
4753  bool result;
4754 
4755  mode = convert_largeobject_priv_string(priv_type_text);
4756  result = has_lo_priv_byid(roleid, lobjId, mode, &is_missing);
4757 
4758  if (is_missing)
4759  PG_RETURN_NULL();
4760 
4761  PG_RETURN_BOOL(result);
4762 }
static AclMode convert_largeobject_priv_string(text *priv_text)
Definition: acl.c:4793
static bool has_lo_priv_byid(Oid roleid, Oid lobjId, AclMode priv, bool *is_missing)
Definition: acl.c:4687

References convert_largeobject_priv_string(), GetUserId(), has_lo_priv_byid(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_largeobject_privilege_id_id()

Datum has_largeobject_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4770 of file acl.c.

4771 {
4772  Oid roleid = PG_GETARG_OID(0);
4773  Oid lobjId = PG_GETARG_OID(1);
4774  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4775  AclMode mode;
4776  bool is_missing = false;
4777  bool result;
4778 
4779  mode = convert_largeobject_priv_string(priv_type_text);
4780  result = has_lo_priv_byid(roleid, lobjId, mode, &is_missing);
4781 
4782  if (is_missing)
4783  PG_RETURN_NULL();
4784 
4785  PG_RETURN_BOOL(result);
4786 }

References convert_largeobject_priv_string(), has_lo_priv_byid(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_largeobject_privilege_name_id()

Datum has_largeobject_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 4720 of file acl.c.

4721 {
4724  Oid lobjId = PG_GETARG_OID(1);
4725  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4726  AclMode mode;
4727  bool is_missing = false;
4728  bool result;
4729 
4730  mode = convert_largeobject_priv_string(priv_type_text);
4731  result = has_lo_priv_byid(roleid, lobjId, mode, &is_missing);
4732 
4733  if (is_missing)
4734  PG_RETURN_NULL();
4735 
4736  PG_RETURN_BOOL(result);
4737 }

References convert_largeobject_priv_string(), get_role_oid_or_public(), has_lo_priv_byid(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_lo_priv_byid()

static bool has_lo_priv_byid ( Oid  roleid,
Oid  lobjId,
AclMode  priv,
bool is_missing 
)
static

Definition at line 4687 of file acl.c.

4688 {
4689  Snapshot snapshot = NULL;
4690  AclResult aclresult;
4691 
4692  if (priv & ACL_UPDATE)
4693  snapshot = NULL;
4694  else
4695  snapshot = GetActiveSnapshot();
4696 
4697  if (!LargeObjectExistsWithSnapshot(lobjId, snapshot))
4698  {
4699  Assert(is_missing != NULL);
4700  *is_missing = true;
4701  return false;
4702  }
4703 
4705  return true;
4706 
4707  aclresult = pg_largeobject_aclcheck_snapshot(lobjId,
4708  roleid,
4709  priv,
4710  snapshot);
4711  return aclresult == ACLCHECK_OK;
4712 }
AclResult pg_largeobject_aclcheck_snapshot(Oid lobj_oid, Oid roleid, AclMode mode, Snapshot snapshot)
Definition: aclchk.c:4131
bool lo_compat_privileges
Definition: inv_api.c:56
bool LargeObjectExistsWithSnapshot(Oid loid, Snapshot snapshot)
Snapshot GetActiveSnapshot(void)
Definition: snapmgr.c:770

References ACL_UPDATE, ACLCHECK_OK, Assert, GetActiveSnapshot(), LargeObjectExistsWithSnapshot(), lo_compat_privileges, and pg_largeobject_aclcheck_snapshot().

Referenced by has_largeobject_privilege_id(), has_largeobject_privilege_id_id(), and has_largeobject_privilege_name_id().

◆ has_param_priv_byname()

static bool has_param_priv_byname ( Oid  roleid,
const text parameter,
AclMode  priv 
)
static

Definition at line 4596 of file acl.c.

4597 {
4598  char *paramstr = text_to_cstring(parameter);
4599 
4600  return pg_parameter_aclcheck(paramstr, roleid, priv) == ACLCHECK_OK;
4601 }
AclResult pg_parameter_aclcheck(const char *name, Oid roleid, AclMode mode)
Definition: aclchk.c:4119

References ACLCHECK_OK, pg_parameter_aclcheck(), and text_to_cstring().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ has_parameter_privilege_id_name()

Datum has_parameter_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4639 of file acl.c.

4640 {
4641  Oid roleid = PG_GETARG_OID(0);
4642  text *parameter = PG_GETARG_TEXT_PP(1);
4644 
4645  PG_RETURN_BOOL(has_param_priv_byname(roleid, parameter, priv));
4646 }
static bool has_param_priv_byname(Oid roleid, const text *parameter, AclMode priv)
Definition: acl.c:4596
static AclMode convert_parameter_priv_string(text *priv_text)
Definition: acl.c:4657

References convert_parameter_priv_string(), has_param_priv_byname(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name()

Datum has_parameter_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4625 of file acl.c.

4626 {
4627  text *parameter = PG_GETARG_TEXT_PP(0);
4629 
4630  PG_RETURN_BOOL(has_param_priv_byname(GetUserId(), parameter, priv));
4631 }

References convert_parameter_priv_string(), GetUserId(), has_param_priv_byname(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name_name()

Datum has_parameter_privilege_name_name ( PG_FUNCTION_ARGS  )

◆ has_privs_of_role()

bool has_privs_of_role ( Oid  member,
Oid  role 
)

Definition at line 5268 of file acl.c.

5269 {
5270  /* Fast path for simple case */
5271  if (member == role)
5272  return true;
5273 
5274  /* Superusers have every privilege, so are part of every role */
5275  if (superuser_arg(member))
5276  return true;
5277 
5278  /*
5279  * Find all the roles that member has the privileges of, including
5280  * multi-level recursion, then see if target role is any one of them.
5281  */
5283  InvalidOid, NULL),
5284  role);
5285 }
static List * roles_is_member_of(Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
Definition: acl.c:5136
bool list_member_oid(const List *list, Oid datum)
Definition: list.c:722
bool superuser_arg(Oid roleid)
Definition: superuser.c:56

References InvalidOid, list_member_oid(), ROLERECURSE_PRIVS, roles_is_member_of(), and superuser_arg().

Referenced by aclmask(), AlterObjectNamespace_internal(), AlterObjectOwner_internal(), AlterObjectRename_internal(), bbsink_server_new(), calculate_database_size(), calculate_tablespace_size(), check_role_for_policy(), check_role_grantor(), ConfigOptionIsVisible(), convert_and_check_filename(), CreateSubscription(), DoCopy(), DropOwnedObjects(), ExecAlterDefaultPrivilegesStmt(), file_fdw_validator(), GetConfigOptionValues(), InitPostgres(), object_ownercheck(), pg_class_aclmask_ext(), pg_namespace_aclmask_ext(), pg_role_aclcheck(), pg_signal_backend(), pg_stat_get_wal_receiver(), pg_stat_get_wal_senders(), pg_stat_statements_internal(), pgrowlocks(), ReassignOwnedObjects(), ReindexMultipleTables(), shell_check_detail(), standard_ProcessUtility(), and TerminateOtherDBBackends().

◆ has_schema_privilege_id()

Datum has_schema_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3866 of file acl.c.

3867 {
3868  Oid schemaoid = PG_GETARG_OID(0);
3869  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3870  Oid roleid;
3871  AclMode mode;
3872  AclResult aclresult;
3873  bool is_missing = false;
3874 
3875  roleid = GetUserId();
3876  mode = convert_schema_priv_string(priv_type_text);
3877 
3878  aclresult = object_aclcheck_ext(NamespaceRelationId, schemaoid,
3879  roleid, mode,
3880  &is_missing);
3881 
3882  if (is_missing)
3883  PG_RETURN_NULL();
3884 
3885  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3886 }
static AclMode convert_schema_priv_string(text *priv_type_text)
Definition: acl.c:3958

References ACLCHECK_OK, convert_schema_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_schema_privilege_id_id()

Datum has_schema_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3917 of file acl.c.

3918 {
3919  Oid roleid = PG_GETARG_OID(0);
3920  Oid schemaoid = PG_GETARG_OID(1);
3921  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3922  AclMode mode;
3923  AclResult aclresult;
3924  bool is_missing = false;
3925 
3926  mode = convert_schema_priv_string(priv_type_text);
3927 
3928  aclresult = object_aclcheck_ext(NamespaceRelationId, schemaoid,
3929  roleid, mode,
3930  &is_missing);
3931 
3932  if (is_missing)
3933  PG_RETURN_NULL();
3934 
3935  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3936 }

References ACLCHECK_OK, convert_schema_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_schema_privilege_id_name()

Datum has_schema_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3894 of file acl.c.

3895 {
3896  Oid roleid = PG_GETARG_OID(0);
3897  text *schemaname = PG_GETARG_TEXT_PP(1);
3898  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3899  Oid schemaoid;
3900  AclMode mode;
3901  AclResult aclresult;
3902 
3903  schemaoid = convert_schema_name(schemaname);
3904  mode = convert_schema_priv_string(priv_type_text);
3905 
3906  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3907 
3908  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3909 }
static Oid convert_schema_name(text *schemaname)
Definition: acl.c:3946

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name()

Datum has_schema_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3812 of file acl.c.

3813 {
3814  text *schemaname = PG_GETARG_TEXT_PP(0);
3815  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3816  Oid roleid;
3817  Oid schemaoid;
3818  AclMode mode;
3819  AclResult aclresult;
3820 
3821  roleid = GetUserId();
3822  schemaoid = convert_schema_name(schemaname);
3823  mode = convert_schema_priv_string(priv_type_text);
3824 
3825  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3826 
3827  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3828 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name_id()

Datum has_schema_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3836 of file acl.c.

3837 {
3839  Oid schemaoid = PG_GETARG_OID(1);
3840  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3841  Oid roleid;
3842  AclMode mode;
3843  AclResult aclresult;
3844  bool is_missing = false;
3845 
3847  mode = convert_schema_priv_string(priv_type_text);
3848 
3849  aclresult = object_aclcheck_ext(NamespaceRelationId, schemaoid,
3850  roleid, mode,
3851  &is_missing);
3852 
3853  if (is_missing)
3854  PG_RETURN_NULL();
3855 
3856  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3857 }

References ACLCHECK_OK, convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_schema_privilege_name_name()

Datum has_schema_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3786 of file acl.c.

3787 {
3789  text *schemaname = PG_GETARG_TEXT_PP(1);
3790  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3791  Oid roleid;
3792  Oid schemaoid;
3793  AclMode mode;
3794  AclResult aclresult;
3795 
3797  schemaoid = convert_schema_name(schemaname);
3798  mode = convert_schema_priv_string(priv_type_text);
3799 
3800  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3801 
3802  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3803 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_sequence_privilege_id()

Datum has_sequence_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2186 of file acl.c.

2187 {
2188  Oid sequenceoid = PG_GETARG_OID(0);
2189  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2190  Oid roleid;
2191  AclMode mode;
2192  AclResult aclresult;
2193  char relkind;
2194  bool is_missing = false;
2195 
2196  roleid = GetUserId();
2197  mode = convert_sequence_priv_string(priv_type_text);
2198  relkind = get_rel_relkind(sequenceoid);
2199  if (relkind == '\0')
2200  PG_RETURN_NULL();
2201  else if (relkind != RELKIND_SEQUENCE)
2202  ereport(ERROR,
2203  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2204  errmsg("\"%s\" is not a sequence",
2205  get_rel_name(sequenceoid))));
2206 
2207  aclresult = pg_class_aclcheck_ext(sequenceoid, roleid, mode, &is_missing);
2208 
2209  if (is_missing)
2210  PG_RETURN_NULL();
2211 
2212  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2213 }
static AclMode convert_sequence_priv_string(text *priv_type_text)
Definition: acl.c:2282
char get_rel_relkind(Oid relid)
Definition: lsyscache.c:2003

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_id()

Datum has_sequence_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2249 of file acl.c.

2250 {
2251  Oid roleid = PG_GETARG_OID(0);
2252  Oid sequenceoid = PG_GETARG_OID(1);
2253  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2254  AclMode mode;
2255  AclResult aclresult;
2256  char relkind;
2257  bool is_missing = false;
2258 
2259  mode = convert_sequence_priv_string(priv_type_text);
2260  relkind = get_rel_relkind(sequenceoid);
2261  if (relkind == '\0')
2262  PG_RETURN_NULL();
2263  else if (relkind != RELKIND_SEQUENCE)
2264  ereport(ERROR,
2265  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2266  errmsg("\"%s\" is not a sequence",
2267  get_rel_name(sequenceoid))));
2268 
2269  aclresult = pg_class_aclcheck_ext(sequenceoid, roleid, mode, &is_missing);
2270 
2271  if (is_missing)
2272  PG_RETURN_NULL();
2273 
2274  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2275 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_name()

Datum has_sequence_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2221 of file acl.c.

2222 {
2223  Oid roleid = PG_GETARG_OID(0);
2224  text *sequencename = PG_GETARG_TEXT_PP(1);
2225  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2226  Oid sequenceoid;
2227  AclMode mode;
2228  AclResult aclresult;
2229 
2230  mode = convert_sequence_priv_string(priv_type_text);
2231  sequenceoid = convert_table_name(sequencename);
2232  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2233  ereport(ERROR,
2234  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2235  errmsg("\"%s\" is not a sequence",
2236  text_to_cstring(sequencename))));
2237 
2238  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2239 
2240  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2241 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name()

Datum has_sequence_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2120 of file acl.c.

2121 {
2122  text *sequencename = PG_GETARG_TEXT_PP(0);
2123  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2124  Oid roleid;
2125  Oid sequenceoid;
2126  AclMode mode;
2127  AclResult aclresult;
2128 
2129  roleid = GetUserId();
2130  mode = convert_sequence_priv_string(priv_type_text);
2131  sequenceoid = convert_table_name(sequencename);
2132  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2133  ereport(ERROR,
2134  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2135  errmsg("\"%s\" is not a sequence",
2136  text_to_cstring(sequencename))));
2137 
2138  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2139 
2140  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2141 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name_id()

Datum has_sequence_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2149 of file acl.c.

2150 {
2152  Oid sequenceoid = PG_GETARG_OID(1);
2153  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2154  Oid roleid;
2155  AclMode mode;
2156  AclResult aclresult;
2157  char relkind;
2158  bool is_missing = false;
2159 
2161  mode = convert_sequence_priv_string(priv_type_text);
2162  relkind = get_rel_relkind(sequenceoid);
2163  if (relkind == '\0')
2164  PG_RETURN_NULL();
2165  else if (relkind != RELKIND_SEQUENCE)
2166  ereport(ERROR,
2167  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2168  errmsg("\"%s\" is not a sequence",
2169  get_rel_name(sequenceoid))));
2170 
2171  aclresult = pg_class_aclcheck_ext(sequenceoid, roleid, mode, &is_missing);
2172 
2173  if (is_missing)
2174  PG_RETURN_NULL();
2175 
2176  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2177 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_sequence_privilege_name_name()

Datum has_sequence_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2089 of file acl.c.

2090 {
2091  Name rolename = PG_GETARG_NAME(0);
2092  text *sequencename = PG_GETARG_TEXT_PP(1);
2093  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2094  Oid roleid;
2095  Oid sequenceoid;
2096  AclMode mode;
2097  AclResult aclresult;
2098 
2099  roleid = get_role_oid_or_public(NameStr(*rolename));
2100  mode = convert_sequence_priv_string(priv_type_text);
2101  sequenceoid = convert_table_name(sequencename);
2102  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2103  ereport(ERROR,
2104  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2105  errmsg("\"%s\" is not a sequence",
2106  text_to_cstring(sequencename))));
2107 
2108  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2109 
2110  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2111 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_server_privilege_id()

Datum has_server_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4068 of file acl.c.

4069 {
4070  Oid serverid = PG_GETARG_OID(0);
4071  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4072  Oid roleid;
4073  AclMode mode;
4074  AclResult aclresult;
4075  bool is_missing = false;
4076 
4077  roleid = GetUserId();
4078  mode = convert_server_priv_string(priv_type_text);
4079 
4080  aclresult = object_aclcheck_ext(ForeignServerRelationId, serverid,
4081  roleid, mode,
4082  &is_missing);
4083 
4084  if (is_missing)
4085  PG_RETURN_NULL();
4086 
4087  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4088 }
static AclMode convert_server_priv_string(text *priv_type_text)
Definition: acl.c:4160

References ACLCHECK_OK, convert_server_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_server_privilege_id_id()

Datum has_server_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4119 of file acl.c.

4120 {
4121  Oid roleid = PG_GETARG_OID(0);
4122  Oid serverid = PG_GETARG_OID(1);
4123  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4124  AclMode mode;
4125  AclResult aclresult;
4126  bool is_missing = false;
4127 
4128  mode = convert_server_priv_string(priv_type_text);
4129 
4130  aclresult = object_aclcheck_ext(ForeignServerRelationId, serverid,
4131  roleid, mode,
4132  &is_missing);
4133 
4134  if (is_missing)
4135  PG_RETURN_NULL();
4136 
4137  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4138 }

References ACLCHECK_OK, convert_server_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_server_privilege_id_name()

Datum has_server_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4096 of file acl.c.

4097 {
4098  Oid roleid = PG_GETARG_OID(0);
4099  text *servername = PG_GETARG_TEXT_PP(1);
4100  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4101  Oid serverid;
4102  AclMode mode;
4103  AclResult aclresult;
4104 
4105  serverid = convert_server_name(servername);
4106  mode = convert_server_priv_string(priv_type_text);
4107 
4108  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4109 
4110  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4111 }
static Oid convert_server_name(text *servername)
Definition: acl.c:4148

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name()

Datum has_server_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4014 of file acl.c.

4015 {
4016  text *servername = PG_GETARG_TEXT_PP(0);
4017  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4018  Oid roleid;
4019  Oid serverid;
4020  AclMode mode;
4021  AclResult aclresult;
4022 
4023  roleid = GetUserId();
4024  serverid = convert_server_name(servername);
4025  mode = convert_server_priv_string(priv_type_text);
4026 
4027  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4028 
4029  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4030 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name_id()

Datum has_server_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 4038 of file acl.c.

4039 {
4041  Oid serverid = PG_GETARG_OID(1);
4042  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4043  Oid roleid;
4044  AclMode mode;
4045  AclResult aclresult;
4046  bool is_missing = false;
4047 
4049  mode = convert_server_priv_string(priv_type_text);
4050 
4051  aclresult = object_aclcheck_ext(ForeignServerRelationId, serverid,
4052  roleid, mode,
4053  &is_missing);
4054 
4055  if (is_missing)
4056  PG_RETURN_NULL();
4057 
4058  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4059 }

References ACLCHECK_OK, convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_server_privilege_name_name()

Datum has_server_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3988 of file acl.c.

3989 {
3991  text *servername = PG_GETARG_TEXT_PP(1);
3992  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3993  Oid roleid;
3994  Oid serverid;
3995  AclMode mode;
3996  AclResult aclresult;
3997 
3999  serverid = convert_server_name(servername);
4000  mode = convert_server_priv_string(priv_type_text);
4001 
4002  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4003 
4004  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4005 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_table_privilege_id()

Datum has_table_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 1956 of file acl.c.

1957 {
1958  Oid tableoid = PG_GETARG_OID(0);
1959  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1960  Oid roleid;
1961  AclMode mode;
1962  AclResult aclresult;
1963  bool is_missing = false;
1964 
1965  roleid = GetUserId();
1966  mode = convert_table_priv_string(priv_type_text);
1967 
1968  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
1969 
1970  if (is_missing)
1971  PG_RETURN_NULL();
1972 
1973  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1974 }
static AclMode convert_table_priv_string(text *priv_type_text)
Definition: acl.c:2047

References ACLCHECK_OK, convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_table_privilege_id_id()

Datum has_table_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2005 of file acl.c.

2006 {
2007  Oid roleid = PG_GETARG_OID(0);
2008  Oid tableoid = PG_GETARG_OID(1);
2009  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2010  AclMode mode;
2011  AclResult aclresult;
2012  bool is_missing = false;
2013 
2014  mode = convert_table_priv_string(priv_type_text);
2015 
2016  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2017 
2018  if (is_missing)
2019  PG_RETURN_NULL();
2020 
2021  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2022 }

References ACLCHECK_OK, convert_table_priv_string(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_table_privilege_id_name()

Datum has_table_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 1982 of file acl.c.

1983 {
1984  Oid roleid = PG_GETARG_OID(0);
1985  text *tablename = PG_GETARG_TEXT_PP(1);
1986  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1987  Oid tableoid;
1988  AclMode mode;
1989  AclResult aclresult;
1990 
1991  tableoid = convert_table_name(tablename);
1992  mode = convert_table_priv_string(priv_type_text);
1993 
1994  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1995 
1996  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1997 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name()

Datum has_table_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 1904 of file acl.c.

1905 {
1906  text *tablename = PG_GETARG_TEXT_PP(0);
1907  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1908  Oid roleid;
1909  Oid tableoid;
1910  AclMode mode;
1911  AclResult aclresult;
1912 
1913  roleid = GetUserId();
1914  tableoid = convert_table_name(tablename);
1915  mode = convert_table_priv_string(priv_type_text);
1916 
1917  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1918 
1919  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1920 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name_id()