PostgreSQL Source Code  git master
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_database.h"
#include "catalog/pg_foreign_data_wrapper.h"
#include "catalog/pg_foreign_server.h"
#include "catalog/pg_language.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_parameter_acl.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_tablespace.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/guc.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Enumerations

enum  RoleRecurseType { ROLERECURSE_MEMBERS = 0 , ROLERECURSE_PRIVS = 1 , ROLERECURSE_SETROLE = 2 }
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_parameter_priv_string (text *priv_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
static bool has_param_priv_byname (Oid roleid, const text *parameter, AclMode priv)
 
Datum has_parameter_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static Listroles_is_member_of (Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool member_can_set_role (Oid member, Oid role)
 
void check_can_set_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
Oid select_best_admin (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_role [] = {InvalidOid, InvalidOid, InvalidOid}
 
static Listcached_roles [] = {NIL, NIL, NIL}
 
static uint32 cached_db_hash
 

Enumeration Type Documentation

◆ RoleRecurseType

Enumerator
ROLERECURSE_MEMBERS 
ROLERECURSE_PRIVS 
ROLERECURSE_SETROLE 

Definition at line 73 of file acl.c.

74 {
75  ROLERECURSE_MEMBERS = 0, /* recurse unconditionally */
76  ROLERECURSE_PRIVS = 1, /* recurse through inheritable grants */
77  ROLERECURSE_SETROLE = 2 /* recurse through grants with set_option */
78 };
@ ROLERECURSE_PRIVS
Definition: acl.c:76
@ ROLERECURSE_MEMBERS
Definition: acl.c:75
@ ROLERECURSE_SETROLE
Definition: acl.c:77

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 434 of file acl.c.

435 {
436  Acl *result_acl;
437 
438  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
439 
440  memcpy(ACL_DAT(result_acl),
441  ACL_DAT(left_acl),
442  ACL_NUM(left_acl) * sizeof(AclItem));
443 
444  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
445  ACL_DAT(right_acl),
446  ACL_NUM(right_acl) * sizeof(AclItem));
447 
448  return result_acl;
449 }
static Acl * allocacl(int n)
Definition: acl.c:383
#define ACL_DAT(ACL)
Definition: acl.h:109
#define ACL_NUM(ACL)
Definition: acl.h:108
Definition: acl.h:55

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1558 of file acl.c.

1559 {
1560  Acl *acl = PG_GETARG_ACL_P(0);
1561  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1562  AclItem *aidat;
1563  int i,
1564  num;
1565 
1566  check_acl(acl);
1567  num = ACL_NUM(acl);
1568  aidat = ACL_DAT(acl);
1569  for (i = 0; i < num; ++i)
1570  {
1571  if (aip->ai_grantee == aidat[i].ai_grantee &&
1572  aip->ai_grantor == aidat[i].ai_grantor &&
1573  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1574  PG_RETURN_BOOL(true);
1575  }
1576  PG_RETURN_BOOL(false);
1577 }
static void check_acl(const Acl *acl)
Definition: acl.c:547
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
int i
Definition: isn.c:73
Oid ai_grantee
Definition: acl.h:56
Oid ai_grantor
Definition: acl.h:57

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 414 of file acl.c.

415 {
416  Acl *result_acl;
417 
418  result_acl = allocacl(ACL_NUM(orig_acl));
419 
420  memcpy(ACL_DAT(result_acl),
421  ACL_DAT(orig_acl),
422  ACL_NUM(orig_acl) * sizeof(AclItem));
423 
424  return result_acl;
425 }

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 755 of file acl.c.

756 {
757  AclMode world_default;
758  AclMode owner_default;
759  int nacl;
760  Acl *acl;
761  AclItem *aip;
762 
763  switch (objtype)
764  {
765  case OBJECT_COLUMN:
766  /* by default, columns have no extra privileges */
767  world_default = ACL_NO_RIGHTS;
768  owner_default = ACL_NO_RIGHTS;
769  break;
770  case OBJECT_TABLE:
771  world_default = ACL_NO_RIGHTS;
772  owner_default = ACL_ALL_RIGHTS_RELATION;
773  break;
774  case OBJECT_SEQUENCE:
775  world_default = ACL_NO_RIGHTS;
776  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
777  break;
778  case OBJECT_DATABASE:
779  /* for backwards compatibility, grant some rights by default */
780  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
781  owner_default = ACL_ALL_RIGHTS_DATABASE;
782  break;
783  case OBJECT_FUNCTION:
784  /* Grant EXECUTE by default, for now */
785  world_default = ACL_EXECUTE;
786  owner_default = ACL_ALL_RIGHTS_FUNCTION;
787  break;
788  case OBJECT_LANGUAGE:
789  /* Grant USAGE by default, for now */
790  world_default = ACL_USAGE;
791  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
792  break;
793  case OBJECT_LARGEOBJECT:
794  world_default = ACL_NO_RIGHTS;
795  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
796  break;
797  case OBJECT_SCHEMA:
798  world_default = ACL_NO_RIGHTS;
799  owner_default = ACL_ALL_RIGHTS_SCHEMA;
800  break;
801  case OBJECT_TABLESPACE:
802  world_default = ACL_NO_RIGHTS;
803  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
804  break;
805  case OBJECT_FDW:
806  world_default = ACL_NO_RIGHTS;
807  owner_default = ACL_ALL_RIGHTS_FDW;
808  break;
810  world_default = ACL_NO_RIGHTS;
811  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
812  break;
813  case OBJECT_DOMAIN:
814  case OBJECT_TYPE:
815  world_default = ACL_USAGE;
816  owner_default = ACL_ALL_RIGHTS_TYPE;
817  break;
819  world_default = ACL_NO_RIGHTS;
820  owner_default = ACL_ALL_RIGHTS_PARAMETER_ACL;
821  break;
822  default:
823  elog(ERROR, "unrecognized object type: %d", (int) objtype);
824  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
825  owner_default = ACL_NO_RIGHTS;
826  break;
827  }
828 
829  nacl = 0;
830  if (world_default != ACL_NO_RIGHTS)
831  nacl++;
832  if (owner_default != ACL_NO_RIGHTS)
833  nacl++;
834 
835  acl = allocacl(nacl);
836  aip = ACL_DAT(acl);
837 
838  if (world_default != ACL_NO_RIGHTS)
839  {
840  aip->ai_grantee = ACL_ID_PUBLIC;
841  aip->ai_grantor = ownerId;
842  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
843  aip++;
844  }
845 
846  /*
847  * Note that the owner's entry shows all ordinary privileges but no grant
848  * options. This is because his grant options come "from the system" and
849  * not from his own efforts. (The SQL spec says that the owner's rights
850  * come from a "_SYSTEM" authid.) However, we do consider that the
851  * owner's ordinary privileges are self-granted; this lets him revoke
852  * them. We implement the owner's grant options without any explicit
853  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
854  * wherever we are testing grant options.
855  */
856  if (owner_default != ACL_NO_RIGHTS)
857  {
858  aip->ai_grantee = ownerId;
859  aip->ai_grantor = ownerId;
860  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
861  }
862 
863  return acl;
864 }
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:165
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:171
#define ACL_ALL_RIGHTS_PARAMETER_ACL
Definition: acl.h:169
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:170
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:162
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:163
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:166
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:167
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:172
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:164
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:161
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:168
#define ERROR
Definition: elog.h:35
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93
uint64 AclMode
Definition: parsenodes.h:81
#define ACL_USAGE
Definition: parsenodes.h:91
#define ACL_NO_RIGHTS
Definition: parsenodes.h:100
@ OBJECT_FDW
Definition: parsenodes.h:1878
@ OBJECT_SCHEMA
Definition: parsenodes.h:1898
@ OBJECT_DOMAIN
Definition: parsenodes.h:1874
@ OBJECT_COLUMN
Definition: parsenodes.h:1868
@ OBJECT_TABLESPACE
Definition: parsenodes.h:1904
@ OBJECT_LARGEOBJECT
Definition: parsenodes.h:1884
@ OBJECT_DATABASE
Definition: parsenodes.h:1871
@ OBJECT_SEQUENCE
Definition: parsenodes.h:1899
@ OBJECT_LANGUAGE
Definition: parsenodes.h:1883
@ OBJECT_FOREIGN_SERVER
Definition: parsenodes.h:1879
@ OBJECT_TABLE
Definition: parsenodes.h:1903
@ OBJECT_PARAMETER_ACL
Definition: parsenodes.h:1889
@ OBJECT_TYPE
Definition: parsenodes.h:1911
@ OBJECT_FUNCTION
Definition: parsenodes.h:1881
#define ACL_CONNECT
Definition: parsenodes.h:94
#define ACL_EXECUTE
Definition: parsenodes.h:90

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_PARAMETER_ACL, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog(), ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), buildDefaultACLCommands(), dumpACL(), dumpRoleGUCPrivs(), dumpTable(), dumpTablespaces(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Parameter(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), object_aclmask(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask(), and SetDefaultACL().

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 872 of file acl.c.

873 {
874  char objtypec = PG_GETARG_CHAR(0);
875  Oid owner = PG_GETARG_OID(1);
876  ObjectType objtype = 0;
877 
878  switch (objtypec)
879  {
880  case 'c':
881  objtype = OBJECT_COLUMN;
882  break;
883  case 'r':
884  objtype = OBJECT_TABLE;
885  break;
886  case 's':
887  objtype = OBJECT_SEQUENCE;
888  break;
889  case 'd':
890  objtype = OBJECT_DATABASE;
891  break;
892  case 'f':
893  objtype = OBJECT_FUNCTION;
894  break;
895  case 'l':
896  objtype = OBJECT_LANGUAGE;
897  break;
898  case 'L':
899  objtype = OBJECT_LARGEOBJECT;
900  break;
901  case 'n':
902  objtype = OBJECT_SCHEMA;
903  break;
904  case 'p':
905  objtype = OBJECT_PARAMETER_ACL;
906  break;
907  case 't':
908  objtype = OBJECT_TABLESPACE;
909  break;
910  case 'F':
911  objtype = OBJECT_FDW;
912  break;
913  case 'S':
914  objtype = OBJECT_FOREIGN_SERVER;
915  break;
916  case 'T':
917  objtype = OBJECT_TYPE;
918  break;
919  default:
920  elog(ERROR, "unrecognized object type abbreviation: %c", objtypec);
921  }
922 
923  PG_RETURN_ACL_P(acldefault(objtype, owner));
924 }
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:755
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273
ObjectType
Definition: parsenodes.h:1861
unsigned int Oid
Definition: postgres_ext.h:31

References acldefault(), elog(), ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 516 of file acl.c.

517 {
518  /* Check for cases where one or both are empty/null */
519  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
520  {
521  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
522  return true;
523  else
524  return false;
525  }
526  else
527  {
528  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
529  return false;
530  }
531 
532  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
533  return false;
534 
535  if (memcmp(ACL_DAT(left_acl),
536  ACL_DAT(right_acl),
537  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
538  return true;
539 
540  return false;
541 }

References ACL_DAT, and ACL_NUM.

Referenced by ExecGrant_Parameter(), get_user_default_acl(), and SetDefaultACL().

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1740 of file acl.c.

1741 {
1742  Acl *acl = PG_GETARG_ACL_P(0);
1743  FuncCallContext *funcctx;
1744  int *idx;
1745  AclItem *aidat;
1746 
1747  if (SRF_IS_FIRSTCALL())
1748  {
1749  TupleDesc tupdesc;
1750  MemoryContext oldcontext;
1751 
1752  check_acl(acl);
1753 
1754  funcctx = SRF_FIRSTCALL_INIT();
1755  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1756 
1757  /*
1758  * build tupdesc for result tuples (matches out parameters in pg_proc
1759  * entry)
1760  */
1761  tupdesc = CreateTemplateTupleDesc(4);
1762  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1763  OIDOID, -1, 0);
1764  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1765  OIDOID, -1, 0);
1766  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1767  TEXTOID, -1, 0);
1768  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1769  BOOLOID, -1, 0);
1770 
1771  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1772 
1773  /* allocate memory for user context */
1774  idx = (int *) palloc(sizeof(int[2]));
1775  idx[0] = 0; /* ACL array item index */
1776  idx[1] = -1; /* privilege type counter */
1777  funcctx->user_fctx = (void *) idx;
1778 
1779  MemoryContextSwitchTo(oldcontext);
1780  }
1781 
1782  funcctx = SRF_PERCALL_SETUP();
1783  idx = (int *) funcctx->user_fctx;
1784  aidat = ACL_DAT(acl);
1785 
1786  /* need test here in case acl has no items */
1787  while (idx[0] < ACL_NUM(acl))
1788  {
1789  AclItem *aidata;
1790  AclMode priv_bit;
1791 
1792  idx[1]++;
1793  if (idx[1] == N_ACL_RIGHTS)
1794  {
1795  idx[1] = 0;
1796  idx[0]++;
1797  if (idx[0] >= ACL_NUM(acl)) /* done */
1798  break;
1799  }
1800  aidata = &aidat[idx[0]];
1801  priv_bit = UINT64CONST(1) << idx[1];
1802 
1803  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1804  {
1805  Datum result;
1806  Datum values[4];
1807  bool nulls[4] = {0};
1808  HeapTuple tuple;
1809 
1810  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1811  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1813  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1814 
1815  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1816  result = HeapTupleGetDatum(tuple);
1817 
1818  SRF_RETURN_NEXT(funcctx, result);
1819  }
1820  }
1821 
1822  SRF_RETURN_DONE(funcctx);
1823 }
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1682
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
int16 AttrNumber
Definition: attnum.h:21
static Datum values[MAXATTR]
Definition: bootstrap.c:156
#define CStringGetTextDatum(s)
Definition: builtins.h:85
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2071
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:303
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:307
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:309
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:305
static Datum HeapTupleGetDatum(const HeapTupleData *tuple)
Definition: funcapi.h:230
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:327
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
void * palloc(Size size)
Definition: mcxt.c:1199
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:135
#define N_ACL_RIGHTS
Definition: parsenodes.h:99
uintptr_t Datum
Definition: postgres.h:412
static Datum BoolGetDatum(bool X)
Definition: postgres.h:450
static Datum ObjectIdGetDatum(Oid X)
Definition: postgres.h:600
void * user_fctx
Definition: funcapi.h:82
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
TupleDesc tuple_desc
Definition: funcapi.h:112
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:45
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:583

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum(), check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum(), idx(), MemoryContextSwitchTo(), FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum(), palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1538 of file acl.c.

1539 {
1540  ereport(ERROR,
1541  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1542  errmsg("aclinsert is no longer supported")));
1543 
1544  PG_RETURN_NULL(); /* keep compiler quiet */
1545 }
int errcode(int sqlerrcode)
Definition: elog.c:695
int errmsg(const char *fmt,...)
Definition: elog.c:906
#define ereport(elevel,...)
Definition: elog.h:145
#define PG_RETURN_NULL()
Definition: fmgr.h:345

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 700 of file acl.c.

701 {
704  bool result;
705 
706  result = a1->ai_privs == a2->ai_privs &&
707  a1->ai_grantee == a2->ai_grantee &&
708  a1->ai_grantor == a2->ai_grantor;
709  PG_RETURN_BOOL(result);
710 }
static const FormData_pg_attribute a1
Definition: heap.c:141
static const FormData_pg_attribute a2
Definition: heap.c:155

References a1, a2, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 665 of file acl.c.

666 {
667  return a1->ai_grantee == a2->ai_grantee &&
668  a1->ai_grantor == a2->ai_grantor;
669 }

References a1, and a2.

Referenced by aclnewowner(), and aclupdate().

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 676 of file acl.c.

677 {
678  const AclItem *a1 = (const AclItem *) arg1;
679  const AclItem *a2 = (const AclItem *) arg2;
680 
681  if (a1->ai_grantee > a2->ai_grantee)
682  return 1;
683  if (a1->ai_grantee < a2->ai_grantee)
684  return -1;
685  if (a1->ai_grantor > a2->ai_grantor)
686  return 1;
687  if (a1->ai_grantor < a2->ai_grantor)
688  return -1;
689  if (a1->ai_privs > a2->ai_privs)
690  return 1;
691  if (a1->ai_privs < a2->ai_privs)
692  return -1;
693  return 0;
694 }

References a1, and a2.

Referenced by aclitemsort().

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 572 of file acl.c.

573 {
574  const char *s = PG_GETARG_CSTRING(0);
575  AclItem *aip;
576 
577  aip = (AclItem *) palloc(sizeof(AclItem));
578  s = aclparse(s, aip);
579  while (isspace((unsigned char) *s))
580  ++s;
581  if (*s)
582  ereport(ERROR,
583  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
584  errmsg("extra garbage at the end of the ACL specification")));
585 
586  PG_RETURN_ACLITEM_P(aip);
587 }
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:241
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 598 of file acl.c.

599 {
600  AclItem *aip = PG_GETARG_ACLITEM_P(0);
601  char *p;
602  char *out;
603  HeapTuple htup;
604  unsigned i;
605 
606  out = palloc(strlen("=/") +
607  2 * N_ACL_RIGHTS +
608  2 * (2 * NAMEDATALEN + 2) +
609  1);
610 
611  p = out;
612  *p = '\0';
613 
614  if (aip->ai_grantee != ACL_ID_PUBLIC)
615  {
617  if (HeapTupleIsValid(htup))
618  {
619  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
620  ReleaseSysCache(htup);
621  }
622  else
623  {
624  /* Generate numeric OID if we don't find an entry */
625  sprintf(p, "%u", aip->ai_grantee);
626  }
627  }
628  while (*p)
629  ++p;
630 
631  *p++ = '=';
632 
633  for (i = 0; i < N_ACL_RIGHTS; ++i)
634  {
635  if (ACLITEM_GET_PRIVS(*aip) & (UINT64CONST(1) << i))
636  *p++ = ACL_ALL_RIGHTS_STR[i];
637  if (ACLITEM_GET_GOPTIONS(*aip) & (UINT64CONST(1) << i))
638  *p++ = '*';
639  }
640 
641  *p++ = '/';
642  *p = '\0';
643 
645  if (HeapTupleIsValid(htup))
646  {
647  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
648  ReleaseSysCache(htup);
649  }
650  else
651  {
652  /* Generate numeric OID if we don't find an entry */
653  sprintf(p, "%u", aip->ai_grantor);
654  }
655 
656  PG_RETURN_CSTRING(out);
657 }
static void putid(char *p, const char *s)
Definition: acl.c:192
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:155
#define NameStr(name)
Definition: c.h:682
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
#define GETSTRUCT(TUP)
Definition: htup_details.h:649
NameData rolname
Definition: pg_authid.h:34
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
#define NAMEDATALEN
#define sprintf
Definition: port.h:240
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1221
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1173
@ AUTHOID
Definition: syscache.h:45

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum(), palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 502 of file acl.c.

503 {
504  if (acl != NULL && ACL_NUM(acl) > 1)
505  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
506 }
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:676
#define qsort(a, b, c, d)
Definition: port.h:445

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1334 of file acl.c.

1336 {
1337  AclMode result;
1339  AclItem *aidat;
1340  int i,
1341  num;
1342 
1343  /*
1344  * Null ACL should not happen, since caller should have inserted
1345  * appropriate default
1346  */
1347  if (acl == NULL)
1348  elog(ERROR, "null ACL");
1349 
1350  check_acl(acl);
1351 
1352  /* Quick exit for mask == 0 */
1353  if (mask == 0)
1354  return 0;
1355 
1356  result = 0;
1357 
1358  /* Owner always implicitly has all grant options */
1359  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1360  has_privs_of_role(roleid, ownerId))
1361  {
1362  result = mask & ACLITEM_ALL_GOPTION_BITS;
1363  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1364  return result;
1365  }
1366 
1367  num = ACL_NUM(acl);
1368  aidat = ACL_DAT(acl);
1369 
1370  /*
1371  * Check privileges granted directly to roleid or to public
1372  */
1373  for (i = 0; i < num; i++)
1374  {
1375  AclItem *aidata = &aidat[i];
1376 
1377  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1378  aidata->ai_grantee == roleid)
1379  {
1380  result |= aidata->ai_privs & mask;
1381  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1382  return result;
1383  }
1384  }
1385 
1386  /*
1387  * Check privileges granted indirectly via role memberships. We do this in
1388  * a separate pass to minimize expensive indirect membership tests. In
1389  * particular, it's worth testing whether a given ACL entry grants any
1390  * privileges still of interest before we perform the has_privs_of_role
1391  * test.
1392  */
1393  remaining = mask & ~result;
1394  for (i = 0; i < num; i++)
1395  {
1396  AclItem *aidata = &aidat[i];
1397 
1398  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1399  aidata->ai_grantee == roleid)
1400  continue; /* already checked it */
1401 
1402  if ((aidata->ai_privs & remaining) &&
1403  has_privs_of_role(roleid, aidata->ai_grantee))
1404  {
1405  result |= aidata->ai_privs & mask;
1406  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1407  return result;
1408  remaining = mask & ~result;
1409  }
1410  }
1411 
1412  return result;
1413 }
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4949
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
@ ACLMASK_ALL
Definition: acl.h:177
int remaining
Definition: informix.c:667
AclMode ai_privs
Definition: acl.h:58

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog(), ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), object_aclmask(), pg_attribute_aclmask_ext(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask(), and recursive_revoke().

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1423 of file acl.c.

1425 {
1426  AclMode result;
1427  AclItem *aidat;
1428  int i,
1429  num;
1430 
1431  /*
1432  * Null ACL should not happen, since caller should have inserted
1433  * appropriate default
1434  */
1435  if (acl == NULL)
1436  elog(ERROR, "null ACL");
1437 
1438  check_acl(acl);
1439 
1440  /* Quick exit for mask == 0 */
1441  if (mask == 0)
1442  return 0;
1443 
1444  result = 0;
1445 
1446  /* Owner always implicitly has all grant options */
1447  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1448  roleid == ownerId)
1449  {
1450  result = mask & ACLITEM_ALL_GOPTION_BITS;
1451  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1452  return result;
1453  }
1454 
1455  num = ACL_NUM(acl);
1456  aidat = ACL_DAT(acl);
1457 
1458  /*
1459  * Check privileges granted directly to roleid (and not to public)
1460  */
1461  for (i = 0; i < num; i++)
1462  {
1463  AclItem *aidata = &aidat[i];
1464 
1465  if (aidata->ai_grantee == roleid)
1466  {
1467  result |= aidata->ai_privs & mask;
1468  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1469  return result;
1470  }
1471  }
1472 
1473  return result;
1474 }

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog(), ERROR, and i.

Referenced by select_best_grantor().

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1486 of file acl.c.

1487 {
1488  Oid *list;
1489  const AclItem *acldat;
1490  int i,
1491  j;
1492 
1493  if (acl == NULL || ACL_NUM(acl) == 0)
1494  {
1495  *roleids = NULL;
1496  return 0;
1497  }
1498 
1499  check_acl(acl);
1500 
1501  /* Allocate the worst-case space requirement */
1502  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1503  acldat = ACL_DAT(acl);
1504 
1505  /*
1506  * Walk the ACL collecting mentioned RoleIds.
1507  */
1508  j = 0;
1509  for (i = 0; i < ACL_NUM(acl); i++)
1510  {
1511  const AclItem *ai = &acldat[i];
1512 
1513  if (ai->ai_grantee != ACL_ID_PUBLIC)
1514  list[j++] = ai->ai_grantee;
1515  /* grantor is currently never PUBLIC, but let's check anyway */
1516  if (ai->ai_grantor != ACL_ID_PUBLIC)
1517  list[j++] = ai->ai_grantor;
1518  }
1519 
1520  /* Sort the array */
1521  qsort(list, j, sizeof(Oid), oid_cmp);
1522 
1523  /*
1524  * We could repalloc the array down to minimum size, but it's hardly worth
1525  * it since it's only transient memory.
1526  */
1527  *roleids = list;
1528 
1529  /* Remove duplicates from the array */
1530  return qunique(list, j, sizeof(Oid), oid_cmp);
1531 }
int j
Definition: isn.c:74
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, j, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Parameter(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), recordDependencyOnNewAcl(), and SetDefaultACL().

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 458 of file acl.c.

459 {
460  Acl *result_acl;
461  AclItem *aip;
462  int i,
463  num;
464 
465  /* Check for cases where one or both are empty/null */
466  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
467  {
468  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
469  return NULL;
470  else
471  return aclcopy(right_acl);
472  }
473  else
474  {
475  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
476  return aclcopy(left_acl);
477  }
478 
479  /* Merge them the hard way, one item at a time */
480  result_acl = aclcopy(left_acl);
481 
482  aip = ACL_DAT(right_acl);
483  num = ACL_NUM(right_acl);
484 
485  for (i = 0; i < num; i++, aip++)
486  {
487  Acl *tmp_acl;
488 
489  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
490  ownerId, DROP_RESTRICT);
491  pfree(result_acl);
492  result_acl = tmp_acl;
493  }
494 
495  return result_acl;
496 }
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:944
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:414
#define ACL_MODECHG_ADD
Definition: acl.h:129
void pfree(void *pointer)
Definition: mcxt.c:1306
@ DROP_RESTRICT
Definition: parsenodes.h:1935

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1065 of file acl.c.

1066 {
1067  Acl *new_acl;
1068  AclItem *new_aip;
1069  AclItem *old_aip;
1070  AclItem *dst_aip;
1071  AclItem *src_aip;
1072  AclItem *targ_aip;
1073  bool newpresent = false;
1074  int dst,
1075  src,
1076  targ,
1077  num;
1078 
1079  check_acl(old_acl);
1080 
1081  /*
1082  * Make a copy of the given ACL, substituting new owner ID for old
1083  * wherever it appears as either grantor or grantee. Also note if the new
1084  * owner ID is already present.
1085  */
1086  num = ACL_NUM(old_acl);
1087  old_aip = ACL_DAT(old_acl);
1088  new_acl = allocacl(num);
1089  new_aip = ACL_DAT(new_acl);
1090  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1091  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1092  {
1093  if (dst_aip->ai_grantor == oldOwnerId)
1094  dst_aip->ai_grantor = newOwnerId;
1095  else if (dst_aip->ai_grantor == newOwnerId)
1096  newpresent = true;
1097  if (dst_aip->ai_grantee == oldOwnerId)
1098  dst_aip->ai_grantee = newOwnerId;
1099  else if (dst_aip->ai_grantee == newOwnerId)
1100  newpresent = true;
1101  }
1102 
1103  /*
1104  * If the old ACL contained any references to the new owner, then we may
1105  * now have generated an ACL containing duplicate entries. Find them and
1106  * merge them so that there are not duplicates. (This is relatively
1107  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1108  * be the normal case.)
1109  *
1110  * To simplify deletion of duplicate entries, we temporarily leave them in
1111  * the array but set their privilege masks to zero; when we reach such an
1112  * entry it's just skipped. (Thus, a side effect of this code will be to
1113  * remove privilege-free entries, should there be any in the input.) dst
1114  * is the next output slot, targ is the currently considered input slot
1115  * (always >= dst), and src scans entries to the right of targ looking for
1116  * duplicates. Once an entry has been emitted to dst it is known
1117  * duplicate-free and need not be considered anymore.
1118  */
1119  if (newpresent)
1120  {
1121  dst = 0;
1122  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1123  {
1124  /* ignore if deleted in an earlier pass */
1125  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1126  continue;
1127  /* find and merge any duplicates */
1128  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1129  src++, src_aip++)
1130  {
1131  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1132  continue;
1133  if (aclitem_match(targ_aip, src_aip))
1134  {
1135  ACLITEM_SET_RIGHTS(*targ_aip,
1136  ACLITEM_GET_RIGHTS(*targ_aip) |
1137  ACLITEM_GET_RIGHTS(*src_aip));
1138  /* mark the duplicate deleted */
1139  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1140  }
1141  }
1142  /* and emit to output */
1143  new_aip[dst] = *targ_aip;
1144  dst++;
1145  }
1146  /* Adjust array size to be 'dst' items */
1147  ARR_DIMS(new_acl)[0] = dst;
1148  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1149  }
1150 
1151  return new_acl;
1152 }
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:665
#define ACL_N_SIZE(N)
Definition: acl.h:110
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
#define ARR_DIMS(a)
Definition: array.h:287
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:343

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 241 of file acl.c.

242 {
243  AclMode privs,
244  goption,
245  read;
246  char name[NAMEDATALEN];
247  char name2[NAMEDATALEN];
248 
249  Assert(s && aip);
250 
251  s = getid(s, name);
252  if (*s != '=')
253  {
254  /* we just read a keyword, not a name */
255  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
256  ereport(ERROR,
257  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
258  errmsg("unrecognized key word: \"%s\"", name),
259  errhint("ACL key word must be \"group\" or \"user\".")));
260  s = getid(s, name); /* move s to the name beyond the keyword */
261  if (name[0] == '\0')
262  ereport(ERROR,
263  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
264  errmsg("missing name"),
265  errhint("A name must follow the \"group\" or \"user\" key word.")));
266  }
267 
268  if (*s != '=')
269  ereport(ERROR,
270  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
271  errmsg("missing \"=\" sign")));
272 
273  privs = goption = ACL_NO_RIGHTS;
274 
275  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
276  {
277  switch (*s)
278  {
279  case '*':
280  goption |= read;
281  break;
282  case ACL_INSERT_CHR:
283  read = ACL_INSERT;
284  break;
285  case ACL_SELECT_CHR:
286  read = ACL_SELECT;
287  break;
288  case ACL_UPDATE_CHR:
289  read = ACL_UPDATE;
290  break;
291  case ACL_DELETE_CHR:
292  read = ACL_DELETE;
293  break;
294  case ACL_TRUNCATE_CHR:
295  read = ACL_TRUNCATE;
296  break;
297  case ACL_REFERENCES_CHR:
299  break;
300  case ACL_TRIGGER_CHR:
301  read = ACL_TRIGGER;
302  break;
303  case ACL_EXECUTE_CHR:
304  read = ACL_EXECUTE;
305  break;
306  case ACL_USAGE_CHR:
307  read = ACL_USAGE;
308  break;
309  case ACL_CREATE_CHR:
310  read = ACL_CREATE;
311  break;
312  case ACL_CREATE_TEMP_CHR:
314  break;
315  case ACL_CONNECT_CHR:
316  read = ACL_CONNECT;
317  break;
318  case ACL_SET_CHR:
319  read = ACL_SET;
320  break;
323  break;
324  case ACL_VACUUM_CHR:
325  read = ACL_VACUUM;
326  break;
327  case ACL_ANALYZE_CHR:
328  read = ACL_ANALYZE;
329  break;
330  case 'R': /* ignore old RULE privileges */
331  read = 0;
332  break;
333  default:
334  ereport(ERROR,
335  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
336  errmsg("invalid mode character: must be one of \"%s\"",
338  }
339 
340  privs |= read;
341  }
342 
343  if (name[0] == '\0')
344  aip->ai_grantee = ACL_ID_PUBLIC;
345  else
346  aip->ai_grantee = get_role_oid(name, false);
347 
348  /*
349  * XXX Allow a degree of backward compatibility by defaulting the grantor
350  * to the superuser.
351  */
352  if (*s == '/')
353  {
354  s = getid(s + 1, name2);
355  if (name2[0] == '\0')
356  ereport(ERROR,
357  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
358  errmsg("a name must follow the \"/\" sign")));
359  aip->ai_grantor = get_role_oid(name2, false);
360  }
361  else
362  {
363  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
365  (errcode(ERRCODE_INVALID_GRANTOR),
366  errmsg("defaulting grantor to user ID %u",
367  BOOTSTRAP_SUPERUSERID)));
368  }
369 
370  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
371 
372  return s;
373 }
static const char * getid(const char *s, char *n)
Definition: acl.c:140
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5235
#define ACL_CREATE_CHR
Definition: acl.h:146
#define ACL_SET_CHR
Definition: acl.h:149
#define ACL_REFERENCES_CHR
Definition: acl.h:142
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
#define ACL_SELECT_CHR
Definition: acl.h:138
#define ACL_EXECUTE_CHR
Definition: acl.h:144
#define ACL_VACUUM_CHR
Definition: acl.h:151
#define ACL_DELETE_CHR
Definition: acl.h:140
#define ACL_ANALYZE_CHR
Definition: acl.h:152
#define ACL_INSERT_CHR
Definition: acl.h:137
#define ACL_UPDATE_CHR
Definition: acl.h:139
#define ACL_ALTER_SYSTEM_CHR
Definition: acl.h:150
#define ACL_USAGE_CHR
Definition: acl.h:145
#define ACL_CONNECT_CHR
Definition: acl.h:148
#define ACL_TRIGGER_CHR
Definition: acl.h:143
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
int errhint(const char *fmt,...)
Definition: elog.c:1153
#define WARNING
Definition: elog.h:32
const char * name
Definition: encode.c:561
#define read(a, b, c)
Definition: win32.h:13
Assert(fmt[strlen(fmt) - 1] !='\n')
#define ACL_SET
Definition: parsenodes.h:95
#define ACL_DELETE
Definition: parsenodes.h:86
#define ACL_INSERT
Definition: parsenodes.h:83
#define ACL_UPDATE
Definition: parsenodes.h:85
#define ACL_ANALYZE
Definition: parsenodes.h:98
#define ACL_ALTER_SYSTEM
Definition: parsenodes.h:96
#define ACL_REFERENCES
Definition: parsenodes.h:88
#define ACL_SELECT
Definition: parsenodes.h:84
#define ACL_VACUUM
Definition: parsenodes.h:97
#define ACL_TRUNCATE
Definition: parsenodes.h:87
#define ACL_CREATE
Definition: parsenodes.h:92
#define ACL_TRIGGER
Definition: parsenodes.h:89

References ACL_ALL_RIGHTS_STR, ACL_ALTER_SYSTEM, ACL_ALTER_SYSTEM_CHR, ACL_ANALYZE, ACL_ANALYZE_CHR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_SET, ACL_SET_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACL_VACUUM, ACL_VACUUM_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert(), ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1548 of file acl.c.

1549 {
1550  ereport(ERROR,
1551  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1552  errmsg("aclremove is no longer supported")));
1553 
1554  PG_RETURN_NULL(); /* keep compiler quiet */
1555 }

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 944 of file acl.c.

946 {
947  Acl *new_acl = NULL;
948  AclItem *old_aip,
949  *new_aip = NULL;
950  AclMode old_rights,
951  old_goptions,
952  new_rights,
953  new_goptions;
954  int dst,
955  num;
956 
957  /* Caller probably already checked old_acl, but be safe */
958  check_acl(old_acl);
959 
960  /* If granting grant options, check for circularity */
961  if (modechg != ACL_MODECHG_DEL &&
962  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
963  check_circularity(old_acl, mod_aip, ownerId);
964 
965  num = ACL_NUM(old_acl);
966  old_aip = ACL_DAT(old_acl);
967 
968  /*
969  * Search the ACL for an existing entry for this grantee and grantor. If
970  * one exists, just modify the entry in-place (well, in the same position,
971  * since we actually return a copy); otherwise, insert the new entry at
972  * the end.
973  */
974 
975  for (dst = 0; dst < num; ++dst)
976  {
977  if (aclitem_match(mod_aip, old_aip + dst))
978  {
979  /* found a match, so modify existing item */
980  new_acl = allocacl(num);
981  new_aip = ACL_DAT(new_acl);
982  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
983  break;
984  }
985  }
986 
987  if (dst == num)
988  {
989  /* need to append a new item */
990  new_acl = allocacl(num + 1);
991  new_aip = ACL_DAT(new_acl);
992  memcpy(new_aip, old_aip, num * sizeof(AclItem));
993 
994  /* initialize the new entry with no permissions */
995  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
996  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
997  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
999  num++; /* set num to the size of new_acl */
1000  }
1001 
1002  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1003  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1004 
1005  /* apply the specified permissions change */
1006  switch (modechg)
1007  {
1008  case ACL_MODECHG_ADD:
1009  ACLITEM_SET_RIGHTS(new_aip[dst],
1010  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
1011  break;
1012  case ACL_MODECHG_DEL:
1013  ACLITEM_SET_RIGHTS(new_aip[dst],
1014  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1015  break;
1016  case ACL_MODECHG_EQL:
1017  ACLITEM_SET_RIGHTS(new_aip[dst],
1018  ACLITEM_GET_RIGHTS(*mod_aip));
1019  break;
1020  }
1021 
1022  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1023  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1024 
1025  /*
1026  * If the adjusted entry has no permissions, delete it from the list.
1027  */
1028  if (new_rights == ACL_NO_RIGHTS)
1029  {
1030  memmove(new_aip + dst,
1031  new_aip + dst + 1,
1032  (num - dst - 1) * sizeof(AclItem));
1033  /* Adjust array size to be 'num - 1' items */
1034  ARR_DIMS(new_acl)[0] = num - 1;
1035  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1036  }
1037 
1038  /*
1039  * Remove abandoned privileges (cascading revoke). Currently we can only
1040  * handle this when the grantee is not PUBLIC.
1041  */
1042  if ((old_goptions & ~new_goptions) != 0)
1043  {
1044  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1045  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1046  (old_goptions & ~new_goptions),
1047  ownerId, behavior);
1048  }
1049 
1050  return new_acl;
1051 }
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1248
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1168
#define ACL_SIZE(ACL)
Definition: acl.h:111
#define ACL_MODECHG_DEL
Definition: acl.h:130
#define ACL_MODECHG_EQL
Definition: acl.h:131

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert(), check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 383 of file acl.c.

384 {
385  Acl *new_acl;
386  Size size;
387 
388  if (n < 0)
389  elog(ERROR, "invalid size: %d", n);
390  size = ACL_N_SIZE(n);
391  new_acl = (Acl *) palloc0(size);
392  SET_VARSIZE(new_acl, size);
393  new_acl->ndim = 1;
394  new_acl->dataoffset = 0; /* we never put in any nulls */
395  new_acl->elemtype = ACLITEMOID;
396  ARR_LBOUND(new_acl)[0] = 1;
397  ARR_DIMS(new_acl)[0] = n;
398  return new_acl;
399 }
#define ARR_LBOUND(a)
Definition: array.h:289
size_t Size
Definition: c.h:541
void * palloc0(Size size)
Definition: mcxt.c:1230
Oid elemtype
Definition: array.h:90
int ndim
Definition: array.h:88
int32 dataoffset
Definition: array.h:89

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog(), ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 547 of file acl.c.

548 {
549  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
550  ereport(ERROR,
551  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
552  errmsg("ACL array contains wrong data type")));
553  if (ARR_NDIM(acl) != 1)
554  ereport(ERROR,
555  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
556  errmsg("ACL arrays must be one-dimensional")));
557  if (ARR_HASNULL(acl))
558  ereport(ERROR,
559  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
560  errmsg("ACL arrays must not contain null values")));
561 }
#define ARR_NDIM(a)
Definition: array.h:283
#define ARR_ELEMTYPE(a)
Definition: array.h:285
#define ARR_HASNULL(a)
Definition: array.h:284

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

◆ check_can_set_role()

void check_can_set_role ( Oid  member,
Oid  role 
)

Definition at line 5006 of file acl.c.

5007 {
5008  if (!member_can_set_role(member, role))
5009  ereport(ERROR,
5010  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
5011  errmsg("must be able to SET ROLE \"%s\"",
5012  GetUserNameFromId(role, false))));
5013 }
bool member_can_set_role(Oid member, Oid role)
Definition: acl.c:4983
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:967

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and member_can_set_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), and CreateSchemaCommand().

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1168 of file acl.c.

1170 {
1171  Acl *acl;
1172  AclItem *aip;
1173  int i,
1174  num;
1175  AclMode own_privs;
1176 
1177  check_acl(old_acl);
1178 
1179  /*
1180  * For now, grant options can only be granted to roles, not PUBLIC.
1181  * Otherwise we'd have to work a bit harder here.
1182  */
1183  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1184 
1185  /* The owner always has grant options, no need to check */
1186  if (mod_aip->ai_grantor == ownerId)
1187  return;
1188 
1189  /* Make a working copy */
1190  acl = allocacl(ACL_NUM(old_acl));
1191  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1192 
1193  /* Zap all grant options of target grantee, plus what depends on 'em */
1194 cc_restart:
1195  num = ACL_NUM(acl);
1196  aip = ACL_DAT(acl);
1197  for (i = 0; i < num; i++)
1198  {
1199  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1201  {
1202  Acl *new_acl;
1203 
1204  /* We'll actually zap ordinary privs too, but no matter */
1205  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1206  ownerId, DROP_CASCADE);
1207 
1208  pfree(acl);
1209  acl = new_acl;
1210 
1211  goto cc_restart;
1212  }
1213  }
1214 
1215  /* Now we can compute grantor's independently-derived privileges */
1216  own_privs = aclmask(acl,
1217  mod_aip->ai_grantor,
1218  ownerId,
1220  ACLMASK_ALL);
1221  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1222 
1223  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1224  ereport(ERROR,
1225  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1226  errmsg("grant options cannot be granted back to your own grantor")));
1227 
1228  pfree(acl);
1229 }
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1334
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
@ DROP_CASCADE
Definition: parsenodes.h:1936

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert(), check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5376 of file acl.c.

5377 {
5378  if (!role)
5379  return;
5380 
5381  if (role->roletype != ROLESPEC_CSTRING)
5382  return;
5383 
5384  if (IsReservedName(role->rolename))
5385  {
5386  if (detail_msg)
5387  ereport(ERROR,
5388  (errcode(ERRCODE_RESERVED_NAME),
5389  errmsg("role name \"%s\" is reserved",
5390  role->rolename),
5391  errdetail_internal("%s", detail_msg)));
5392  else
5393  ereport(ERROR,
5394  (errcode(ERRCODE_RESERVED_NAME),
5395  errmsg("role name \"%s\" is reserved",
5396  role->rolename)));
5397  }
5398 }
bool IsReservedName(const char *name)
Definition: catalog.c:219
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1066
@ ROLESPEC_CSTRING
Definition: parsenodes.h:359
RoleSpecType roletype
Definition: parsenodes.h:369
char * rolename
Definition: parsenodes.h:370

References ereport, errcode(), errdetail_internal(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2462 of file acl.c.

2464 {
2465  AclResult aclresult;
2466  bool is_missing = false;
2467 
2468  /*
2469  * If convert_column_name failed, we can just return -1 immediately.
2470  */
2471  if (attnum == InvalidAttrNumber)
2472  return -1;
2473 
2474  /*
2475  * Check for column-level privileges first. This serves in part as a check
2476  * on whether the column even exists, so we need to do it before checking
2477  * table-level privilege.
2478  */
2479  aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
2480  mode, &is_missing);
2481  if (aclresult == ACLCHECK_OK)
2482  return 1;
2483  else if (is_missing)
2484  return -1;
2485 
2486  /* Next check if we have the privilege at the table level */
2487  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2488  if (aclresult == ACLCHECK_OK)
2489  return 1;
2490  else if (is_missing)
2491  return -1;
2492  else
2493  return 0;
2494 }
AclResult
Definition: acl.h:183
@ ACLCHECK_OK
Definition: acl.h:184
AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:4758
AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:4631
#define InvalidAttrNumber
Definition: attnum.h:23
int16 attnum
Definition: pg_attribute.h:83
static PgChecksumMode mode
Definition: pg_checksums.c:65

References ACLCHECK_OK, attnum, InvalidAttrNumber, mode, pg_attribute_aclcheck_ext(), and pg_class_aclcheck_ext().

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1682 of file acl.c.

1683 {
1684  switch (aclright)
1685  {
1686  case ACL_INSERT:
1687  return "INSERT";
1688  case ACL_SELECT:
1689  return "SELECT";
1690  case ACL_UPDATE:
1691  return "UPDATE";
1692  case ACL_DELETE:
1693  return "DELETE";
1694  case ACL_TRUNCATE:
1695  return "TRUNCATE";
1696  case ACL_REFERENCES:
1697  return "REFERENCES";
1698  case ACL_TRIGGER:
1699  return "TRIGGER";
1700  case ACL_EXECUTE:
1701  return "EXECUTE";
1702  case ACL_USAGE:
1703  return "USAGE";
1704  case ACL_CREATE:
1705  return "CREATE";
1706  case ACL_CREATE_TEMP:
1707  return "TEMPORARY";
1708  case ACL_CONNECT:
1709  return "CONNECT";
1710  case ACL_SET:
1711  return "SET";
1712  case ACL_ALTER_SYSTEM:
1713  return "ALTER SYSTEM";
1714  case ACL_VACUUM:
1715  return "VACUUM";
1716  case ACL_ANALYZE:
1717  return "ANALYZE";
1718  default:
1719  elog(ERROR, "unrecognized aclright: %d", aclright);
1720  return NULL;
1721  }
1722 }

References ACL_ALTER_SYSTEM, ACL_ANALYZE, ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_SET, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ACL_VACUUM, elog(), and ERROR.

Referenced by aclexplode().

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1634 of file acl.c.

1636 {
1637  AclMode result = 0;
1638  char *priv_type = text_to_cstring(priv_type_text);
1639  char *chunk;
1640  char *next_chunk;
1641 
1642  /* We rely on priv_type being a private, modifiable string */
1643  for (chunk = priv_type; chunk; chunk = next_chunk)
1644  {
1645  int chunk_len;
1646  const priv_map *this_priv;
1647 
1648  /* Split string at commas */
1649  next_chunk = strchr(chunk, ',');
1650  if (next_chunk)
1651  *next_chunk++ = '\0';
1652 
1653  /* Drop leading/trailing whitespace in this chunk */
1654  while (*chunk && isspace((unsigned char) *chunk))
1655  chunk++;
1656  chunk_len = strlen(chunk);
1657  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1658  chunk_len--;
1659  chunk[chunk_len] = '\0';
1660 
1661  /* Match to the privileges list */
1662  for (this_priv = privileges; this_priv->name; this_priv++)
1663  {
1664  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1665  {
1666  result |= this_priv->value;
1667  break;
1668  }
1669  }
1670  if (!this_priv->name)
1671  ereport(ERROR,
1672  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1673  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1674  }
1675 
1676  pfree(priv_type);
1677  return result;
1678 }
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
Definition: acl.c:54
const char * name
Definition: acl.c:55
AclMode value
Definition: acl.c:56
char * text_to_cstring(const text *t)
Definition: varlena.c:222

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_parameter_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), convert_type_priv_string(), and makeaclitem().

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2822 of file acl.c.

2823 {
2824  char *colname;
2825  HeapTuple attTuple;
2827 
2828  colname = text_to_cstring(column);
2829 
2830  /*
2831  * We don't use get_attnum() here because it will report that dropped
2832  * columns don't exist. We need to treat dropped columns differently from
2833  * nonexistent columns.
2834  */
2835  attTuple = SearchSysCache2(ATTNAME,
2836  ObjectIdGetDatum(tableoid),
2837  CStringGetDatum(colname));
2838  if (HeapTupleIsValid(attTuple))
2839  {
2840  Form_pg_attribute attributeForm;
2841 
2842  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2843  /* We want to return NULL for dropped columns */
2844  if (attributeForm->attisdropped)
2846  else
2847  attnum = attributeForm->attnum;
2848  ReleaseSysCache(attTuple);
2849  }
2850  else
2851  {
2852  char *tablename = get_rel_name(tableoid);
2853 
2854  /*
2855  * If the table OID is bogus, or it's just been dropped, we'll get
2856  * NULL back. In such cases we want has_column_privilege to return
2857  * NULL too, so just return InvalidAttrNumber.
2858  */
2859  if (tablename != NULL)
2860  {
2861  /* tableoid exists, colname does not, so throw error */
2862  ereport(ERROR,
2863  (errcode(ERRCODE_UNDEFINED_COLUMN),
2864  errmsg("column \"%s\" of relation \"%s\" does not exist",
2865  colname, tablename)));
2866  }
2867  /* tableoid doesn't exist, so act like attisdropped case */
2869  }
2870 
2871  pfree(colname);
2872  return attnum;
2873 }
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1910
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:207
static Datum CStringGetDatum(const char *X)
Definition: postgres.h:698
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1184
@ ATTNAME
Definition: syscache.h:40

References ATTNAME, attnum, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum(), pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2880 of file acl.c.

2881 {
2882  static const priv_map column_priv_map[] = {
2883  {"SELECT", ACL_SELECT},
2884  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2885  {"INSERT", ACL_INSERT},
2886  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2887  {"UPDATE", ACL_UPDATE},
2888  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2889  {"REFERENCES", ACL_REFERENCES},
2890  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2891  {NULL, 0}
2892  };
2893 
2894  return convert_any_priv_string(priv_type_text, column_priv_map);
2895 }
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1634

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3065 of file acl.c.

3066 {
3067  char *dbname = text_to_cstring(databasename);
3068 
3069  return get_database_oid(dbname, false);
3070 }
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2934
char * dbname
Definition: streamutil.c:51

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3077 of file acl.c.

3078 {
3079  static const priv_map database_priv_map[] = {
3080  {"CREATE", ACL_CREATE},
3081  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3082  {"TEMPORARY", ACL_CREATE_TEMP},
3083  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3084  {"TEMP", ACL_CREATE_TEMP},
3085  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3086  {"CONNECT", ACL_CONNECT},
3087  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3088  {NULL, 0}
3089  };
3090 
3091  return convert_any_priv_string(priv_type_text, database_priv_map);
3092 }

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3262 of file acl.c.

3263 {
3264  char *fdwstr = text_to_cstring(fdwname);
3265 
3266  return get_foreign_data_wrapper_oid(fdwstr, false);
3267 }
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:667

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3274 of file acl.c.

3275 {
3276  static const priv_map foreign_data_wrapper_priv_map[] = {
3277  {"USAGE", ACL_USAGE},
3278  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3279  {NULL, 0}
3280  };
3281 
3282  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3283 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3453 of file acl.c.

3454 {
3455  char *funcname = text_to_cstring(functionname);
3456  Oid oid;
3457 
3459  CStringGetDatum(funcname)));
3460 
3461  if (!OidIsValid(oid))
3462  ereport(ERROR,
3463  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3464  errmsg("function \"%s\" does not exist", funcname)));
3465 
3466  return oid;
3467 }
#define OidIsValid(objectId)
Definition: c.h:711
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:642
static Oid DatumGetObjectId(Datum X)
Definition: postgres.h:590
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:230

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3474 of file acl.c.

3475 {
3476  static const priv_map function_priv_map[] = {
3477  {"EXECUTE", ACL_EXECUTE},
3478  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3479  {NULL, 0}
3480  };
3481 
3482  return convert_any_priv_string(priv_type_text, function_priv_map);
3483 }

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3653 of file acl.c.

3654 {
3655  char *langname = text_to_cstring(languagename);
3656 
3657  return get_language_oid(langname, false);
3658 }
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:228

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3665 of file acl.c.

3666 {
3667  static const priv_map language_priv_map[] = {
3668  {"USAGE", ACL_USAGE},
3669  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3670  {NULL, 0}
3671  };
3672 
3673  return convert_any_priv_string(priv_type_text, language_priv_map);
3674 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

◆ convert_parameter_priv_string()

static AclMode convert_parameter_priv_string ( text priv_text)
static

Definition at line 4528 of file acl.c.

4529 {
4530  static const priv_map parameter_priv_map[] = {
4531  {"SET", ACL_SET},
4532  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SET)},
4533  {"ALTER SYSTEM", ACL_ALTER_SYSTEM},
4534  {"ALTER SYSTEM WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_ALTER_SYSTEM)},
4535  {NULL, 0}
4536  };
4537 
4538  return convert_any_priv_string(priv_text, parameter_priv_map);
4539 }

References ACL_ALTER_SYSTEM, ACL_GRANT_OPTION_FOR, ACL_SET, and convert_any_priv_string().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4706 of file acl.c.

4707 {
4708  static const priv_map role_priv_map[] = {
4709  {"USAGE", ACL_USAGE},
4710  {"MEMBER", ACL_CREATE},
4711  {"SET", ACL_SET},
4712  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4713  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4714  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4715  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4716  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4717  {"SET WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4718  {NULL, 0}
4719  };
4720 
4721  return convert_any_priv_string(priv_type_text, role_priv_map);
4722 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_SET, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3844 of file acl.c.

3845 {
3846  char *nspname = text_to_cstring(schemaname);
3847 
3848  return get_namespace_oid(nspname, false);
3849 }
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3086

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3856 of file acl.c.

3857 {
3858  static const priv_map schema_priv_map[] = {
3859  {"CREATE", ACL_CREATE},
3860  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3861  {"USAGE", ACL_USAGE},
3862  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3863  {NULL, 0}
3864  };
3865 
3866  return convert_any_priv_string(priv_type_text, schema_priv_map);
3867 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2237 of file acl.c.

2238 {
2239  static const priv_map sequence_priv_map[] = {
2240  {"USAGE", ACL_USAGE},
2241  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2242  {"SELECT", ACL_SELECT},
2243  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2244  {"UPDATE", ACL_UPDATE},
2245  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2246  {NULL, 0}
2247  };
2248 
2249  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2250 }

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4037 of file acl.c.

4038 {
4039  char *serverstr = text_to_cstring(servername);
4040 
4041  return get_foreign_server_oid(serverstr, false);
4042 }
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:690

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4049 of file acl.c.

4050 {
4051  static const priv_map server_priv_map[] = {
4052  {"USAGE", ACL_USAGE},
4053  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4054  {NULL, 0}
4055  };
4056 
4057  return convert_any_priv_string(priv_type_text, server_priv_map);
4058 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2010 of file acl.c.

2011 {
2012  static const priv_map table_priv_map[] = {
2013  {"SELECT", ACL_SELECT},
2014  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2015  {"INSERT", ACL_INSERT},
2016  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2017  {"UPDATE", ACL_UPDATE},
2018  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2019  {"DELETE", ACL_DELETE},
2020  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2021  {"TRUNCATE", ACL_TRUNCATE},
2022  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2023  {"REFERENCES", ACL_REFERENCES},
2024  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2025  {"TRIGGER", ACL_TRIGGER},
2026  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2027  {"VACUUM", ACL_VACUUM},
2028  {"VACUUM WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_VACUUM)},
2029  {"ANALYZE", ACL_ANALYZE},
2030  {"ANALYZE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_ANALYZE)},
2031  {"RULE", 0}, /* ignore old RULE privileges */
2032  {"RULE WITH GRANT OPTION", 0},
2033  {NULL, 0}
2034  };
2035 
2036  return convert_any_priv_string(priv_type_text, table_priv_map);
2037 }

References ACL_ANALYZE, ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_VACUUM, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4228 of file acl.c.

4229 {
4230  char *spcname = text_to_cstring(tablespacename);
4231 
4232  return get_tablespace_oid(spcname, false);
4233 }
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1432

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4240 of file acl.c.

4241 {
4242  static const priv_map tablespace_priv_map[] = {
4243  {"CREATE", ACL_CREATE},
4244  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4245  {NULL, 0}
4246  };
4247 
4248  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4249 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4418 of file acl.c.

4419 {
4420  char *typname = text_to_cstring(typename);
4421  Oid oid;
4422 
4425 
4426  if (!OidIsValid(oid))
4427  ereport(ERROR,
4428  (errcode(ERRCODE_UNDEFINED_OBJECT),
4429  errmsg("type \"%s\" does not exist", typname)));
4430 
4431  return oid;
4432 }
NameData typname
Definition: pg_type.h:41
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1251

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4439 of file acl.c.

4440 {
4441  static const priv_map type_priv_map[] = {
4442  {"USAGE", ACL_USAGE},
4443  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4444  {NULL, 0}
4445  };
4446 
4447  return convert_any_priv_string(priv_type_text, type_priv_map);
4448 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5119 of file acl.c.

5120 {
5121  int nbits = 0;
5122 
5123  /* this code relies on AclMode being an unsigned type */
5124  while (mask)
5125  {
5126  if (mask & 1)
5127  nbits++;
5128  mask >>= 1;
5129  }
5130  return nbits;
5131 }

Referenced by select_best_grantor().

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5235 of file acl.c.

5236 {
5237  Oid oid;
5238 
5239  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5241  if (!OidIsValid(oid) && !missing_ok)
5242  ereport(ERROR,
5243  (errcode(ERRCODE_UNDEFINED_OBJECT),
5244  errmsg("role \"%s\" does not exist", rolname)));
5245  return oid;
5246 }
@ AUTHNAME
Definition: syscache.h:44
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:197

References AUTHNAME, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, OidIsValid, and rolname.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), shell_check_detail(), and to_regrole().

◆ get_role_oid_or_public()

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5354 of file acl.c.

5355 {
5356  HeapTuple tp;
5357  Form_pg_authid authForm;
5358  char *rolename;
5359 
5360  tp = get_rolespec_tuple(role);
5361  authForm = (Form_pg_authid) GETSTRUCT(tp);
5362  rolename = pstrdup(NameStr(authForm->rolname));
5363  ReleaseSysCache(tp);
5364 
5365  return rolename;
5366 }
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5308
char * pstrdup(const char *in)
Definition: mcxt.c:1483

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5269 of file acl.c.

5270 {
5271  Oid oid;
5272 
5273  switch (role->roletype)
5274  {
5275  case ROLESPEC_CSTRING:
5276  Assert(role->rolename);
5277  oid = get_role_oid(role->rolename, missing_ok);
5278  break;
5279 
5280  case ROLESPEC_CURRENT_ROLE:
5281  case ROLESPEC_CURRENT_USER:
5282  oid = GetUserId();
5283  break;
5284 
5285  case ROLESPEC_SESSION_USER:
5286  oid = GetSessionUserId();
5287  break;
5288 
5289  case ROLESPEC_PUBLIC:
5290  ereport(ERROR,
5291  (errcode(ERRCODE_UNDEFINED_OBJECT),
5292  errmsg("role \"%s\" does not exist", "public")));
5293  oid = InvalidOid; /* make compiler happy */
5294  break;
5295 
5296  default:
5297  elog(ERROR, "unexpected role type %d", role->roletype);
5298  }
5299 
5300  return oid;
5301 }
Oid GetUserId(void)
Definition: miscinit.c:497
Oid GetSessionUserId(void)
Definition: miscinit.c:531
@ ROLESPEC_CURRENT_USER
Definition: parsenodes.h:361
@ ROLESPEC_SESSION_USER
Definition: parsenodes.h:362
@ ROLESPEC_CURRENT_ROLE
Definition: parsenodes.h:360
@ ROLESPEC_PUBLIC
Definition: parsenodes.h:363
#define InvalidOid
Definition: postgres_ext.h:36

References Assert(), elog(), ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5308 of file acl.c.

5309 {
5310  HeapTuple tuple;
5311 
5312  switch (role->roletype)
5313  {
5314  case ROLESPEC_CSTRING:
5315  Assert(role->rolename);
5317  if (!HeapTupleIsValid(tuple))
5318  ereport(ERROR,
5319  (errcode(ERRCODE_UNDEFINED_OBJECT),
5320  errmsg("role \"%s\" does not exist", role->rolename)));
5321  break;
5322 
5323  case ROLESPEC_CURRENT_ROLE:
5324  case ROLESPEC_CURRENT_USER:
5325  tuple = SearchSysCache1(AUTHOID, GetUserId());
5326  if (!HeapTupleIsValid(tuple))
5327  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5328  break;
5329 
5330  case ROLESPEC_SESSION_USER:
5332  if (!HeapTupleIsValid(tuple))
5333  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5334  break;
5335 
5336  case ROLESPEC_PUBLIC:
5337  ereport(ERROR,
5338  (errcode(ERRCODE_UNDEFINED_OBJECT),
5339  errmsg("role \"%s\" does not exist", "public")));
5340  tuple = NULL; /* make compiler happy */
5341  break;
5342 
5343  default:
5344  elog(ERROR, "unexpected role type %d", role->roletype);
5345  }
5346 
5347  return tuple;
5348 }

References Assert(), AUTHNAME, AUTHOID, CStringGetDatum(), elog(), ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

◆ getid()

static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 140 of file acl.c.

141 {
142  int len = 0;
143  bool in_quotes = false;
144 
145  Assert(s && n);
146 
147  while (isspace((unsigned char) *s))
148  s++;
149  /* This code had better match what putid() does, below */
150  for (;
151  *s != '\0' &&
152  (isalnum((unsigned char) *s) ||
153  *s == '_' ||
154  *s == '"' ||
155  in_quotes);
156  s++)
157  {
158  if (*s == '"')
159  {
160  /* safe to look at next char (could be '\0' though) */
161  if (*(s + 1) != '"')
162  {
163  in_quotes = !in_quotes;
164  continue;
165  }
166  /* it's an escaped double quote; skip the escaping char */
167  s++;
168  }
169 
170  /* Add the character to the string */
171  if (len >= NAMEDATALEN - 1)
172  ereport(ERROR,
173  (errcode(ERRCODE_NAME_TOO_LONG),
174  errmsg("identifier too long"),
175  errdetail("Identifier must be less than %d characters.",
176  NAMEDATALEN)));
177 
178  n[len++] = *s;
179  }
180  n[len] = '\0';
181  while (isspace((unsigned char) *s))
182  s++;
183  return s;
184 }
int errdetail(const char *fmt,...)
Definition: elog.c:1039
const void size_t len

References Assert(), ereport, errcode(), errdetail(), errmsg(), ERROR, len, and NAMEDATALEN.

Referenced by aclparse().

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2359 of file acl.c.

2360 {
2361  Oid tableoid = PG_GETARG_OID(0);
2362  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2363  Oid roleid;
2364  AclMode mode;
2365  AclResult aclresult;
2366 
2367  roleid = GetUserId();
2368  mode = convert_column_priv_string(priv_type_text);
2369 
2371  PG_RETURN_NULL();
2372 
2373  /* First check at table level, then examine each column if needed */
2374  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2375  if (aclresult != ACLCHECK_OK)
2376  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2377  ACLMASK_ANY);
2378 
2379  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2380 }
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2880
@ ACLMASK_ANY
Definition: acl.h:178
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4661
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4746
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
Definition: c.h:623
@ RELOID
Definition: syscache.h:89
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:188

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2415 of file acl.c.

2416 {
2417  Oid roleid = PG_GETARG_OID(0);
2418  Oid tableoid = PG_GETARG_OID(1);
2419  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2420  AclMode mode;
2421  AclResult aclresult;
2422 
2423  mode = convert_column_priv_string(priv_type_text);
2424 
2426  PG_RETURN_NULL();
2427 
2428  /* First check at table level, then examine each column if needed */
2429  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2430  if (aclresult != ACLCHECK_OK)
2431  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2432  ACLMASK_ANY);
2433 
2434  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2435 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2388 of file acl.c.

2389 {
2390  Oid roleid = PG_GETARG_OID(0);
2391  text *tablename = PG_GETARG_TEXT_PP(1);
2392  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2393  Oid tableoid;
2394  AclMode mode;
2395  AclResult aclresult;
2396 
2397  tableoid = convert_table_name(tablename);
2398  mode = convert_column_priv_string(priv_type_text);
2399 
2400  /* First check at table level, then examine each column if needed */
2401  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2402  if (aclresult != ACLCHECK_OK)
2403  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2404  ACLMASK_ANY);
2405 
2406  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2407 }
static Oid convert_table_name(text *tablename)
Definition: acl.c:1995

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2300 of file acl.c.

2301 {
2302  text *tablename = PG_GETARG_TEXT_PP(0);
2303  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2304  Oid roleid;
2305  Oid tableoid;
2306  AclMode mode;
2307  AclResult aclresult;
2308 
2309  roleid = GetUserId();
2310  tableoid = convert_table_name(tablename);
2311  mode = convert_column_priv_string(priv_type_text);
2312 
2313  /* First check at table level, then examine each column if needed */
2314  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2315  if (aclresult != ACLCHECK_OK)
2316  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2317  ACLMASK_ANY);
2318 
2319  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2320 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2328 of file acl.c.

2329 {
2331  Oid tableoid = PG_GETARG_OID(1);
2332  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2333  Oid roleid;
2334  AclMode mode;
2335  AclResult aclresult;
2336 
2338  mode = convert_column_priv_string(priv_type_text);
2339 
2341  PG_RETURN_NULL();
2342 
2343  /* First check at table level, then examine each column if needed */
2344  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2345  if (aclresult != ACLCHECK_OK)
2346  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2347  ACLMASK_ANY);
2348 
2349  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2350 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5253
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278
const char * username
Definition: pgbench.c:305
Definition: c.h:677

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2270 of file acl.c.

2271 {
2272  Name rolename = PG_GETARG_NAME(0);
2273  text *tablename = PG_GETARG_TEXT_PP(1);
2274  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2275  Oid roleid;
2276  Oid tableoid;
2277  AclMode mode;
2278  AclResult aclresult;
2279 
2280  roleid = get_role_oid_or_public(NameStr(*rolename));
2281  tableoid = convert_table_name(tablename);
2282  mode = convert_column_priv_string(priv_type_text);
2283 
2284  /* First check at table level, then examine each column if needed */
2285  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2286  if (aclresult != ACLCHECK_OK)
2287  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2288  ACLMASK_ANY);
2289 
2290  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2291 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2794 of file acl.c.

2795 {
2796  Oid tableoid = PG_GETARG_OID(0);
2797  AttrNumber colattnum = PG_GETARG_INT16(1);
2798  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2799  Oid roleid;
2800  AclMode mode;
2801  int privresult;
2802 
2803  roleid = GetUserId();
2804  mode = convert_column_priv_string(priv_type_text);
2805 
2806  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2807  if (privresult < 0)
2808  PG_RETURN_NULL();
2809  PG_RETURN_BOOL(privresult);
2810 }
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2687 of file acl.c.

2688 {
2689  Oid roleid = PG_GETARG_OID(0);
2690  Oid tableoid = PG_GETARG_OID(1);
2691  AttrNumber colattnum = PG_GETARG_INT16(2);
2692  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2693  AclMode mode;
2694  int privresult;
2695 
2696  mode = convert_column_priv_string(priv_type_text);
2697 
2698  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2699  if (privresult < 0)
2700  PG_RETURN_NULL();
2701  PG_RETURN_BOOL(privresult);
2702 }

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2662 of file acl.c.

2663 {
2664  Oid roleid = PG_GETARG_OID(0);
2665  Oid tableoid = PG_GETARG_OID(1);
2666  text *column = PG_GETARG_TEXT_PP(2);
2667  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2668  AttrNumber colattnum;
2669  AclMode mode;
2670  int privresult;
2671 
2672  colattnum = convert_column_name(tableoid, column);
2673  mode = convert_column_priv_string(priv_type_text);
2674 
2675  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2676  if (privresult < 0)
2677  PG_RETURN_NULL();
2678  PG_RETURN_BOOL(privresult);
2679 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2822

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2767 of file acl.c.

2768 {
2769  Oid tableoid = PG_GETARG_OID(0);
2770  text *column = PG_GETARG_TEXT_PP(1);
2771  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2772  Oid roleid;
2773  AttrNumber colattnum;
2774  AclMode mode;
2775  int privresult;
2776 
2777  roleid = GetUserId();
2778  colattnum = convert_column_name(tableoid, column);
2779  mode = convert_column_priv_string(priv_type_text);
2780 
2781  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2782  if (privresult < 0)
2783  PG_RETURN_NULL();
2784  PG_RETURN_BOOL(privresult);
2785 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2637 of file acl.c.

2638 {
2639  Oid roleid = PG_GETARG_OID(0);
2640  text *tablename = PG_GETARG_TEXT_PP(1);
2641  AttrNumber colattnum = PG_GETARG_INT16(2);
2642  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2643  Oid tableoid;
2644  AclMode mode;
2645  int privresult;
2646 
2647  tableoid = convert_table_name(tablename);
2648  mode = convert_column_priv_string(priv_type_text);
2649 
2650  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2651  if (privresult < 0)
2652  PG_RETURN_NULL();
2653  PG_RETURN_BOOL(privresult);
2654 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2610 of file acl.c.

2611 {
2612  Oid roleid = PG_GETARG_OID(0);
2613  text *tablename = PG_GETARG_TEXT_PP(1);
2614  text *column = PG_GETARG_TEXT_PP(2);
2615  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2616  Oid tableoid;
2617  AttrNumber colattnum;
2618  AclMode mode;
2619  int privresult;
2620 
2621  tableoid = convert_table_name(tablename);
2622  colattnum = convert_column_name(tableoid, column);
2623  mode = convert_column_priv_string(priv_type_text);
2624 
2625  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2626  if (privresult < 0)
2627  PG_RETURN_NULL();
2628  PG_RETURN_BOOL(privresult);
2629 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2740 of file acl.c.

2741 {
2742  text *tablename = PG_GETARG_TEXT_PP(0);
2743  AttrNumber colattnum = PG_GETARG_INT16(1);
2744  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2745  Oid roleid;
2746  Oid tableoid;
2747  AclMode mode;
2748  int privresult;
2749 
2750  roleid = GetUserId();
2751  tableoid = convert_table_name(tablename);
2752  mode = convert_column_priv_string(priv_type_text);
2753 
2754  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2755  if (privresult < 0)
2756  PG_RETURN_NULL();
2757  PG_RETURN_BOOL(privresult);
2758 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2585 of file acl.c.

2586 {
2588  Oid tableoid = PG_GETARG_OID(1);
2589  AttrNumber colattnum = PG_GETARG_INT16(2);
2590  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2591  Oid roleid;
2592  AclMode mode;
2593  int privresult;
2594 
2596  mode = convert_column_priv_string(priv_type_text);
2597 
2598  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2599  if (privresult < 0)
2600  PG_RETURN_NULL();
2601  PG_RETURN_BOOL(privresult);
2602 }

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2558 of file acl.c.

2559 {
2561  Oid tableoid = PG_GETARG_OID(1);
2562  text *column = PG_GETARG_TEXT_PP(2);
2563  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2564  Oid roleid;
2565  AttrNumber colattnum;
2566  AclMode mode;
2567  int privresult;
2568 
2570  colattnum = convert_column_name(tableoid, column);
2571  mode = convert_column_priv_string(priv_type_text);
2572 
2573  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2574  if (privresult < 0)
2575  PG_RETURN_NULL();
2576  PG_RETURN_BOOL(privresult);
2577 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2711 of file acl.c.

2712 {
2713  text *tablename = PG_GETARG_TEXT_PP(0);
2714  text *column = PG_GETARG_TEXT_PP(1);
2715  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2716  Oid roleid;
2717  Oid tableoid;
2718  AttrNumber colattnum;
2719  AclMode mode;
2720  int privresult;
2721 
2722  roleid = GetUserId();
2723  tableoid = convert_table_name(tablename);
2724  colattnum = convert_column_name(tableoid, column);
2725  mode = convert_column_priv_string(priv_type_text);
2726 
2727  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2728  if (privresult < 0)
2729  PG_RETURN_NULL();
2730  PG_RETURN_BOOL(privresult);
2731 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2531 of file acl.c.

2532 {
2533  Name rolename = PG_GETARG_NAME(0);
2534  text *tablename = PG_GETARG_TEXT_PP(1);
2535  AttrNumber colattnum = PG_GETARG_INT16(2);
2536  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2537  Oid roleid;
2538  Oid tableoid;
2539  AclMode mode;
2540  int privresult;
2541 
2542  roleid = get_role_oid_or_public(NameStr(*rolename));
2543  tableoid = convert_table_name(tablename);
2544  mode = convert_column_priv_string(priv_type_text);
2545 
2546  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2547  if (privresult < 0)
2548  PG_RETURN_NULL();
2549  PG_RETURN_BOOL(privresult);
2550 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2502 of file acl.c.

2503 {
2504  Name rolename = PG_GETARG_NAME(0);
2505  text *tablename = PG_GETARG_TEXT_PP(1);
2506  text *column = PG_GETARG_TEXT_PP(2);
2507  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2508  Oid roleid;
2509  Oid tableoid;
2510  AttrNumber colattnum;
2511  AclMode mode;
2512  int privresult;
2513 
2514  roleid = get_role_oid_or_public(NameStr(*rolename));
2515  tableoid = convert_table_name(tablename);
2516  colattnum = convert_column_name(tableoid, column);
2517  mode = convert_column_priv_string(priv_type_text);
2518 
2519  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2520  if (privresult < 0)
2521  PG_RETURN_NULL();
2522  PG_RETURN_BOOL(privresult);
2523 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2991 of file acl.c.

2992 {
2993  Oid databaseoid = PG_GETARG_OID(0);
2994  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2995  Oid roleid;
2996  AclMode mode;
2997  AclResult aclresult;
2998 
2999  roleid = GetUserId();
3000  mode = convert_database_priv_string(priv_type_text);
3001 
3003  PG_RETURN_NULL();
3004 
3005  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3006 
3007  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3008 }
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3077
AclResult object_aclcheck(Oid classid, Oid objectid, Oid roleid, AclMode mode)
Definition: aclchk.c:4598
@ DATABASEOID
Definition: syscache.h:55

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3039 of file acl.c.

3040 {
3041  Oid roleid = PG_GETARG_OID(0);
3042  Oid databaseoid = PG_GETARG_OID(1);
3043  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3044  AclMode mode;
3045  AclResult aclresult;
3046 
3047  mode = convert_database_priv_string(priv_type_text);
3048 
3050  PG_RETURN_NULL();
3051 
3052  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3053 
3054  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3055 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3016 of file acl.c.

3017 {
3018  Oid roleid = PG_GETARG_OID(0);
3019  text *databasename = PG_GETARG_TEXT_PP(1);
3020  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3021  Oid databaseoid;
3022  AclMode mode;
3023  AclResult aclresult;
3024 
3025  databaseoid = convert_database_name(databasename);
3026  mode = convert_database_priv_string(priv_type_text);
3027 
3028  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3029 
3030  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3031 }
static Oid convert_database_name(text *databasename)
Definition: acl.c:3065

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2940 of file acl.c.

2941 {
2942  text *databasename = PG_GETARG_TEXT_PP(0);
2943  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2944  Oid roleid;
2945  Oid databaseoid;
2946  AclMode mode;
2947  AclResult aclresult;
2948 
2949  roleid = GetUserId();
2950  databaseoid = convert_database_name(databasename);
2951  mode = convert_database_priv_string(priv_type_text);
2952 
2953  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2954 
2955  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2956 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2964 of file acl.c.

2965 {
2967  Oid databaseoid = PG_GETARG_OID(1);
2968  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2969  Oid roleid;
2970  AclMode mode;
2971  AclResult aclresult;
2972 
2974  mode = convert_database_priv_string(priv_type_text);
2975 
2977  PG_RETURN_NULL();
2978 
2979  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2980 
2981  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2982 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2914 of file acl.c.

2915 {
2917  text *databasename = PG_GETARG_TEXT_PP(1);
2918  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2919  Oid roleid;
2920  Oid databaseoid;
2921  AclMode mode;
2922  AclResult aclresult;
2923 
2925  databaseoid = convert_database_name(databasename);
2926  mode = convert_database_priv_string(priv_type_text);
2927 
2928  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2929 
2930  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2931 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3188 of file acl.c.

3189 {
3190  Oid fdwid = PG_GETARG_OID(0);
3191  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3192  Oid roleid;
3193  AclMode mode;
3194  AclResult aclresult;
3195 
3196  roleid = GetUserId();
3198 
3200  PG_RETURN_NULL();
3201 
3202  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3203 
3204  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3205 }
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3274
@ FOREIGNDATAWRAPPEROID
Definition: syscache.h:62

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3236 of file acl.c.

3237 {
3238  Oid roleid = PG_GETARG_OID(0);
3239  Oid fdwid = PG_GETARG_OID(1);
3240  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3241  AclMode mode;
3242  AclResult aclresult;
3243 
3245 
3247  PG_RETURN_NULL();
3248 
3249  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3250 
3251  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3252 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3213 of file acl.c.

3214 {
3215  Oid roleid = PG_GETARG_OID(0);
3216  text *fdwname = PG_GETARG_TEXT_PP(1);
3217  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3218  Oid fdwid;
3219  AclMode mode;
3220  AclResult aclresult;
3221 
3222  fdwid = convert_foreign_data_wrapper_name(fdwname);
3224 
3225  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3226 
3227  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3228 }
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3262

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3137 of file acl.c.

3138 {
3139  text *fdwname = PG_GETARG_TEXT_PP(0);
3140  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3141  Oid roleid;
3142  Oid fdwid;
3143  AclMode mode;
3144  AclResult aclresult;
3145 
3146  roleid = GetUserId();
3147  fdwid = convert_foreign_data_wrapper_name(fdwname);
3149 
3150  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3151 
3152  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3153 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3161 of file acl.c.

3162 {
3164  Oid fdwid = PG_GETARG_OID(1);
3165  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3166  Oid roleid;
3167  AclMode mode;
3168  AclResult aclresult;
3169 
3172 
3174  PG_RETURN_NULL();
3175 
3176  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3177 
3178  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3179 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3111 of file acl.c.

3112 {
3114  text *fdwname = PG_GETARG_TEXT_PP(1);
3115  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3116  Oid roleid;
3117  Oid fdwid;
3118  AclMode mode;
3119  AclResult aclresult;
3120 
3122  fdwid = convert_foreign_data_wrapper_name(fdwname);
3124 
3125  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3126 
3127  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3128 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3379 of file acl.c.

3380 {
3381  Oid functionoid = PG_GETARG_OID(0);
3382  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3383  Oid roleid;
3384  AclMode mode;
3385  AclResult aclresult;
3386 
3387  roleid = GetUserId();
3388  mode = convert_function_priv_string(priv_type_text);
3389 
3390  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3391  PG_RETURN_NULL();
3392 
3393  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3394 
3395  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3396 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3474
@ PROCOID
Definition: syscache.h:79

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_id()

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3427 of file acl.c.

3428 {
3429  Oid roleid = PG_GETARG_OID(0);
3430  Oid functionoid = PG_GETARG_OID(1);
3431  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3432  AclMode mode;
3433  AclResult aclresult;
3434 
3435  mode = convert_function_priv_string(priv_type_text);
3436 
3437  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3438  PG_RETURN_NULL();
3439 
3440  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3441 
3442  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3443 }

References ACLCHECK_OK, convert_function_priv_string(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_name()

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3404 of file acl.c.

3405 {
3406  Oid roleid = PG_GETARG_OID(0);
3407  text *functionname = PG_GETARG_TEXT_PP(1);
3408  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3409  Oid functionoid;
3410  AclMode mode;
3411  AclResult aclresult;
3412 
3413  functionoid = convert_function_name(functionname);
3414  mode = convert_function_priv_string(priv_type_text);
3415 
3416  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3417 
3418  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3419 }
static Oid convert_function_name(text *functionname)
Definition: acl.c:3453

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name()

Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3328 of file acl.c.

3329 {
3330  text *functionname = PG_GETARG_TEXT_PP(0);
3331  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3332  Oid roleid;
3333  Oid functionoid;
3334  AclMode mode;
3335  AclResult aclresult;
3336 
3337  roleid = GetUserId();
3338  functionoid = convert_function_name(functionname);
3339  mode = convert_function_priv_string(priv_type_text);
3340 
3341  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3342 
3343  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3344 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name_id()

Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3352 of file acl.c.

3353 {
3355  Oid functionoid = PG_GETARG_OID(1);
3356  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3357  Oid roleid;
3358  AclMode mode;
3359  AclResult aclresult;
3360 
3362  mode = convert_function_priv_string(priv_type_text);
3363 
3364  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3365  PG_RETURN_NULL();
3366 
3367  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3368 
3369  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3370 }

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, SearchSysCacheExists1, and username.

◆ has_function_privilege_name_name()

Datum has_function_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3302 of file acl.c.

3303 {
3305  text *functionname = PG_GETARG_TEXT_PP(1);
3306  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3307  Oid roleid;
3308  Oid functionoid;
3309  AclMode mode;
3310  AclResult aclresult;
3311 
3313  functionoid = convert_function_name(functionname);
3314  mode = convert_function_priv_string(priv_type_text);
3315 
3316  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3317 
3318  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3319 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_language_privilege_id()

Datum has_language_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3579 of file acl.c.

3580 {
3581  Oid languageoid = PG_GETARG_OID(0);
3582  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3583  Oid roleid;
3584  AclMode mode;
3585  AclResult aclresult;
3586 
3587  roleid = GetUserId();
3588  mode = convert_language_priv_string(priv_type_text);
3589 
3590  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3591  PG_RETURN_NULL();
3592 
3593  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3594 
3595  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3596 }
static AclMode convert_language_priv_string(text *priv_type_text)
Definition: acl.c:3665
@ LANGOID
Definition: syscache.h:68

References ACLCHECK_OK, convert_language_priv_string(), GetUserId(), LANGOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_id()

Datum has_language_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3627 of file acl.c.

3628 {
3629  Oid roleid = PG_GETARG_OID(0);
3630  Oid languageoid = PG_GETARG_OID(1);
3631  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3632  AclMode mode;
3633  AclResult aclresult;
3634 
3635  mode = convert_language_priv_string(priv_type_text);
3636 
3637  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3638  PG_RETURN_NULL();
3639 
3640  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3641 
3642  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3643 }

References ACLCHECK_OK, convert_language_priv_string(), LANGOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_name()

Datum has_language_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3604 of file acl.c.

3605 {
3606  Oid roleid = PG_GETARG_OID(0);
3607  text *languagename = PG_GETARG_TEXT_PP(1);
3608  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3609  Oid languageoid;
3610  AclMode mode;
3611  AclResult aclresult;
3612 
3613  languageoid = convert_language_name(languagename);
3614  mode = convert_language_priv_string(priv_type_text);
3615 
3616  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3617 
3618  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3619 }
static Oid convert_language_name(text *languagename)
Definition: acl.c:3653

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name()

Datum has_language_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3528 of file acl.c.

3529 {
3530  text *languagename = PG_GETARG_TEXT_PP(0);
3531  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3532  Oid roleid;
3533  Oid languageoid;
3534  AclMode mode;
3535  AclResult aclresult;
3536 
3537  roleid = GetUserId();
3538  languageoid = convert_language_name(languagename);
3539  mode = convert_language_priv_string(priv_type_text);
3540 
3541  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3542 
3543  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3544 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name_id()

Datum has_language_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3552 of file acl.c.

3553 {
3555  Oid languageoid = PG_GETARG_OID(1);
3556  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3557  Oid roleid;
3558  AclMode mode;
3559  AclResult aclresult;
3560 
3562  mode = convert_language_priv_string(priv_type_text);
3563 
3564  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3565  PG_RETURN_NULL();
3566 
3567  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3568 
3569  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3570 }

References ACLCHECK_OK, convert_language_priv_string(), get_role_oid_or_public(), LANGOID, mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_language_privilege_name_name()

Datum has_language_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3502 of file acl.c.

3503 {
3505  text *languagename = PG_GETARG_TEXT_PP(1);
3506  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3507  Oid roleid;
3508  Oid languageoid;
3509  AclMode mode;
3510  AclResult aclresult;
3511 
3513  languageoid = convert_language_name(languagename);
3514  mode = convert_language_priv_string(priv_type_text);
3515 
3516  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3517 
3518  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3519 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_param_priv_byname()

static bool has_param_priv_byname ( Oid  roleid,
const text parameter,
AclMode  priv 
)
static

Definition at line 4467 of file acl.c.

4468 {
4469  char *paramstr = text_to_cstring(parameter);
4470 
4471  return pg_parameter_aclcheck(paramstr, roleid, priv) == ACLCHECK_OK;
4472 }
AclResult pg_parameter_aclcheck(const char *name, Oid roleid, AclMode mode)
Definition: aclchk.c:4773

References ACLCHECK_OK, pg_parameter_aclcheck(), and text_to_cstring().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ has_parameter_privilege_id_name()

Datum has_parameter_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4510 of file acl.c.

4511 {
4512  Oid roleid = PG_GETARG_OID(0);
4513  text *parameter = PG_GETARG_TEXT_PP(1);
4515 
4516  PG_RETURN_BOOL(has_param_priv_byname(roleid, parameter, priv));
4517 }
static bool has_param_priv_byname(Oid roleid, const text *parameter, AclMode priv)
Definition: acl.c:4467
static AclMode convert_parameter_priv_string(text *priv_text)
Definition: acl.c:4528

References convert_parameter_priv_string(), has_param_priv_byname(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name()

Datum has_parameter_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4496 of file acl.c.

4497 {
4498  text *parameter = PG_GETARG_TEXT_PP(0);
4500 
4501  PG_RETURN_BOOL(has_param_priv_byname(GetUserId(), parameter, priv));
4502 }

References convert_parameter_priv_string(), GetUserId(), has_param_priv_byname(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name_name()

Datum has_parameter_privilege_name_name ( PG_FUNCTION_ARGS  )

◆ has_privs_of_role()

bool has_privs_of_role ( Oid  member,
Oid  role 
)

Definition at line 4949 of file acl.c.

4950 {
4951  /* Fast path for simple case */
4952  if (member == role)
4953  return true;
4954 
4955  /* Superusers have every privilege, so are part of every role */
4956  if (superuser_arg(member))
4957  return true;
4958 
4959  /*
4960  * Find all the roles that member has the privileges of, including
4961  * multi-level recursion, then see if target role is any one of them.
4962  */
4964  InvalidOid, NULL),
4965  role);
4966 }
static List * roles_is_member_of(Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
Definition: acl.c:4824
bool list_member_oid(const List *list, Oid datum)
Definition: list.c:721
bool superuser_arg(Oid roleid)
Definition: superuser.c:56

References InvalidOid, list_member_oid(), ROLERECURSE_PRIVS, roles_is_member_of(), and superuser_arg().

Referenced by aclmask(), AlterObjectNamespace_internal(), AlterObjectOwner_internal(), AlterObjectRename_internal(), bbsink_server_new(), calculate_database_size(), calculate_tablespace_size(), check_role_for_policy(), check_role_grantor(), convert_and_check_filename(), DoCopy(), DropOwnedObjects(), ExecAlterDefaultPrivilegesStmt(), file_fdw_validator(), get_explain_guc_options(), GetConfigOption(), GetConfigOptionByName(), GetConfigOptionResetString(), GetConfigOptionValues(), object_ownercheck(), pg_class_aclmask_ext(), pg_namespace_aclmask(), pg_role_aclcheck(), pg_signal_backend(), pg_stat_get_wal_receiver(), pg_stat_get_wal_senders(), pg_stat_statements_internal(), pgrowlocks(), ReassignOwnedObjects(), shell_check_detail(), ShowAllGUCConfig(), standard_ProcessUtility(), and TerminateOtherDBBackends().

◆ has_schema_privilege_id()

Datum has_schema_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3770 of file acl.c.

3771 {
3772  Oid schemaoid = PG_GETARG_OID(0);
3773  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3774  Oid roleid;
3775  AclMode mode;
3776  AclResult aclresult;
3777 
3778  roleid = GetUserId();
3779  mode = convert_schema_priv_string(priv_type_text);
3780 
3782  PG_RETURN_NULL();
3783 
3784  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3785 
3786  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3787 }
static AclMode convert_schema_priv_string(text *priv_type_text)
Definition: acl.c:3856
@ NAMESPACEOID
Definition: syscache.h:70

References ACLCHECK_OK, convert_schema_priv_string(), GetUserId(), mode, NAMESPACEOID, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_id()

Datum has_schema_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3818 of file acl.c.

3819 {
3820  Oid roleid = PG_GETARG_OID(0);
3821  Oid schemaoid = PG_GETARG_OID(1);
3822  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3823  AclMode mode;
3824  AclResult aclresult;
3825 
3826  mode = convert_schema_priv_string(priv_type_text);
3827 
3829  PG_RETURN_NULL();
3830 
3831  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3832 
3833  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3834 }

References ACLCHECK_OK, convert_schema_priv_string(), mode, NAMESPACEOID, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_name()

Datum has_schema_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3795 of file acl.c.

3796 {
3797  Oid roleid = PG_GETARG_OID(0);
3798  text *schemaname = PG_GETARG_TEXT_PP(1);
3799  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3800  Oid schemaoid;
3801  AclMode mode;
3802  AclResult aclresult;
3803 
3804  schemaoid = convert_schema_name(schemaname);
3805  mode = convert_schema_priv_string(priv_type_text);
3806 
3807  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3808 
3809  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3810 }
static Oid convert_schema_name(text *schemaname)
Definition: acl.c:3844

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name()

Datum has_schema_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3719 of file acl.c.

3720 {
3721  text *schemaname = PG_GETARG_TEXT_PP(0);
3722  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3723  Oid roleid;
3724  Oid schemaoid;
3725  AclMode mode;
3726  AclResult aclresult;
3727 
3728  roleid = GetUserId();
3729  schemaoid = convert_schema_name(schemaname);
3730  mode = convert_schema_priv_string(priv_type_text);
3731 
3732  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3733 
3734  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3735 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name_id()

Datum has_schema_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3743 of file acl.c.

3744 {
3746  Oid schemaoid = PG_GETARG_OID(1);
3747  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3748  Oid roleid;
3749  AclMode mode;
3750  AclResult aclresult;
3751 
3753  mode = convert_schema_priv_string(priv_type_text);
3754 
3756  PG_RETURN_NULL();
3757 
3758  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3759 
3760  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3761 }

References ACLCHECK_OK, convert_schema_priv_string(), get_role_oid_or_public(), mode, NAMESPACEOID, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_schema_privilege_name_name()

Datum has_schema_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3693 of file acl.c.

3694 {
3696  text *schemaname = PG_GETARG_TEXT_PP(1);
3697  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3698  Oid roleid;
3699  Oid schemaoid;
3700  AclMode mode;
3701  AclResult aclresult;
3702 
3704  schemaoid = convert_schema_name(schemaname);
3705  mode = convert_schema_priv_string(priv_type_text);
3706 
3707  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3708 
3709  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3710 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_sequence_privilege_id()

Datum has_sequence_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2149 of file acl.c.

2150 {
2151  Oid sequenceoid = PG_GETARG_OID(0);
2152  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2153  Oid roleid;
2154  AclMode mode;
2155  AclResult aclresult;
2156  char relkind;
2157 
2158  roleid = GetUserId();
2159  mode = convert_sequence_priv_string(priv_type_text);
2160  relkind = get_rel_relkind(sequenceoid);
2161  if (relkind == '\0')
2162  PG_RETURN_NULL();
2163  else if (relkind != RELKIND_SEQUENCE)
2164  ereport(ERROR,
2165  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2166  errmsg("\"%s\" is not a sequence",
2167  get_rel_name(sequenceoid))));
2168 
2169  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2170 
2171  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2172 }
static AclMode convert_sequence_priv_string(text *priv_type_text)
Definition: acl.c:2237
char get_rel_relkind(Oid relid)
Definition: lsyscache.c:1985

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_id()

Datum has_sequence_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2208 of file acl.c.

2209 {
2210  Oid roleid = PG_GETARG_OID(0);
2211  Oid sequenceoid = PG_GETARG_OID(1);
2212  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2213  AclMode mode;
2214  AclResult aclresult;
2215  char relkind;
2216 
2217  mode = convert_sequence_priv_string(priv_type_text);
2218  relkind = get_rel_relkind(sequenceoid);
2219  if (relkind == '\0')
2220  PG_RETURN_NULL();
2221  else if (relkind != RELKIND_SEQUENCE)
2222  ereport(ERROR,
2223  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2224  errmsg("\"%s\" is not a sequence",
2225  get_rel_name(sequenceoid))));
2226 
2227  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2228 
2229  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2230 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_name()

Datum has_sequence_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2180 of file acl.c.

2181 {
2182  Oid roleid = PG_GETARG_OID(0);
2183  text *sequencename = PG_GETARG_TEXT_PP(1);
2184  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2185  Oid sequenceoid;
2186  AclMode mode;
2187  AclResult aclresult;
2188 
2189  mode = convert_sequence_priv_string(priv_type_text);
2190  sequenceoid = convert_table_name(sequencename);
2191  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2192  ereport(ERROR,
2193  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2194  errmsg("\"%s\" is not a sequence",
2195  text_to_cstring(sequencename))));
2196 
2197  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2198 
2199  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2200 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name()

Datum has_sequence_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2087 of file acl.c.

2088 {
2089  text *sequencename = PG_GETARG_TEXT_PP(0);
2090  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2091  Oid roleid;
2092  Oid sequenceoid;
2093  AclMode mode;
2094  AclResult aclresult;
2095 
2096  roleid = GetUserId();
2097  mode = convert_sequence_priv_string(priv_type_text);
2098  sequenceoid = convert_table_name(sequencename);
2099  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2100  ereport(ERROR,
2101  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2102  errmsg("\"%s\" is not a sequence",
2103  text_to_cstring(sequencename))));
2104 
2105  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2106 
2107  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2108 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name_id()

Datum has_sequence_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2116 of file acl.c.

2117 {
2119  Oid sequenceoid = PG_GETARG_OID(1);
2120  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2121  Oid roleid;
2122  AclMode mode;
2123  AclResult aclresult;
2124  char relkind;
2125 
2127  mode = convert_sequence_priv_string(priv_type_text);
2128  relkind = get_rel_relkind(sequenceoid);
2129  if (relkind == '\0')
2130  PG_RETURN_NULL();
2131  else if (relkind != RELKIND_SEQUENCE)
2132  ereport(ERROR,
2133  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2134  errmsg("\"%s\" is not a sequence",
2135  get_rel_name(sequenceoid))));
2136 
2137  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2138 
2139  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2140 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_sequence_privilege_name_name()

Datum has_sequence_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2056 of file acl.c.

2057 {
2058  Name rolename = PG_GETARG_NAME(0);
2059  text *sequencename = PG_GETARG_TEXT_PP(1);
2060  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2061  Oid roleid;
2062  Oid sequenceoid;
2063  AclMode mode;
2064  AclResult aclresult;
2065 
2066  roleid = get_role_oid_or_public(NameStr(*rolename));
2067  mode = convert_sequence_priv_string(priv_type_text);
2068  sequenceoid = convert_table_name(sequencename);
2069  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2070  ereport(ERROR,
2071  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2072  errmsg("\"%s\" is not a sequence",
2073  text_to_cstring(sequencename))));
2074 
2075  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2076 
2077  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2078 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_server_privilege_id()

Datum has_server_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3963 of file acl.c.

3964 {
3965  Oid serverid = PG_GETARG_OID(0);
3966  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3967  Oid roleid;
3968  AclMode mode;
3969  AclResult aclresult;
3970 
3971  roleid = GetUserId();
3972  mode = convert_server_priv_string(priv_type_text);
3973 
3975  PG_RETURN_NULL();
3976 
3977  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3978 
3979  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3980 }
static AclMode convert_server_priv_string(text *priv_type_text)
Definition: acl.c:4049
@ FOREIGNSERVEROID
Definition: syscache.h:64

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_id()

Datum has_server_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4011 of file acl.c.

4012 {
4013  Oid roleid = PG_GETARG_OID(0);
4014  Oid serverid = PG_GETARG_OID(1);
4015  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4016  AclMode mode;
4017  AclResult aclresult;
4018 
4019  mode = convert_server_priv_string(priv_type_text);
4020 
4022  PG_RETURN_NULL();
4023 
4024  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4025 
4026  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4027 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_name()

Datum has_server_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3988 of file acl.c.

3989 {
3990  Oid roleid = PG_GETARG_OID(0);
3991  text *servername = PG_GETARG_TEXT_PP(1);
3992  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3993  Oid serverid;
3994  AclMode mode;
3995  AclResult aclresult;
3996 
3997  serverid = convert_server_name(servername);
3998  mode = convert_server_priv_string(priv_type_text);
3999 
4000  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4001 
4002  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4003 }
static Oid convert_server_name(text *servername)
Definition: acl.c:4037

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name()

Datum has_server_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3912 of file acl.c.

3913 {
3914  text *servername = PG_GETARG_TEXT_PP(0);
3915  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3916  Oid roleid;
3917  Oid serverid;
3918  AclMode mode;
3919  AclResult aclresult;
3920 
3921  roleid = GetUserId();
3922  serverid = convert_server_name(servername);
3923  mode = convert_server_priv_string(priv_type_text);
3924 
3925  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3926 
3927  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3928 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name_id()

Datum has_server_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3936 of file acl.c.

3937 {
3939  Oid serverid = PG_GETARG_OID(1);
3940  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3941  Oid roleid;
3942  AclMode mode;
3943  AclResult aclresult;
3944 
3946  mode = convert_server_priv_string(priv_type_text);
3947 
3949  PG_RETURN_NULL();
3950 
3951  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3952 
3953  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3954 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_server_privilege_name_name()

Datum has_server_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3886 of file acl.c.

3887 {
3889  text *servername = PG_GETARG_TEXT_PP(1);
3890  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3891  Oid roleid;
3892  Oid serverid;
3893  AclMode mode;
3894  AclResult aclresult;
3895 
3897  serverid = convert_server_name(servername);
3898  mode = convert_server_priv_string(priv_type_text);
3899 
3900  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3901 
3902  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3903 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_table_privilege_id()

Datum has_table_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 1921 of file acl.c.

1922 {
1923  Oid tableoid = PG_GETARG_OID(0);
1924  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1925  Oid roleid;
1926  AclMode mode;
1927  AclResult aclresult;
1928 
1929  roleid = GetUserId();
1930  mode = convert_table_priv_string(priv_type_text);
1931 
1933  PG_RETURN_NULL();
1934 
1935  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1936 
1937  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1938 }
static AclMode convert_table_priv_string(text *priv_type_text)
Definition: acl.c:2010

References ACLCHECK_OK, convert_table_priv_string(), GetUserId(), mode, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_id()

Datum has_table_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 1969 of file acl.c.

1970 {
1971  Oid roleid = PG_GETARG_OID(0);
1972  Oid tableoid = PG_GETARG_OID(1);
1973  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1974  AclMode mode;
1975  AclResult aclresult;
1976 
1977  mode = convert_table_priv_string(priv_type_text);
1978 
1980  PG_RETURN_NULL();
1981 
1982  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1983 
1984  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1985 }

References ACLCHECK_OK, convert_table_priv_string(), mode, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_name()

Datum has_table_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 1946 of file acl.c.

1947 {
1948  Oid roleid = PG_GETARG_OID(0);
1949  text *tablename = PG_GETARG_TEXT_PP(1);
1950  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1951  Oid tableoid;
1952  AclMode mode;
1953  AclResult aclresult;
1954 
1955  tableoid = convert_table_name(tablename);
1956  mode = convert_table_priv_string(priv_type_text);
1957 
1958  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1959 
1960  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1961 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name()

Datum has_table_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 1870 of file acl.c.

1871 {
1872  text *tablename = PG_GETARG_TEXT_PP(0);
1873  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1874  Oid roleid;
1875  Oid tableoid;
1876  AclMode mode;
1877  AclResult aclresult;
1878 
1879  roleid = GetUserId();
1880  tableoid = convert_table_name(tablename);
1881  mode = convert_table_priv_string(priv_type_text);
1882 
1883  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1884 
1885  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1886 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name_id()

Datum has_table_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 1894 of file acl.c.

1895 {
1897  Oid tableoid = PG_GETARG_OID(1);
1898  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1899  Oid roleid;
1900  AclMode mode;
1901  AclResult aclresult;
1902 
1904  mode = convert_table_priv_string(priv_type_text);
1905 
1907  PG_RETURN_NULL();
1908 
1909  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1910 
1911  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1912 }

References ACLCHECK_OK, convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_table_privilege_name_name()

Datum has_table_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 1844 of file acl.c.

1845 {
1846  Name rolename = PG_GETARG_NAME(0);
1847  text *tablename = PG_GETARG_TEXT_PP(1);
1848  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1849  Oid roleid;
1850  Oid tableoid;
1851  AclMode mode;
1852  AclResult aclresult;
1853 
1854  roleid = get_role_oid_or_public(NameStr(*rolename));
1855  tableoid = convert_table_name(tablename);
1856  mode = convert_table_priv_string(priv_type_text);
1857 
1858  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1859 
1860  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1861 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_id()

Datum has_tablespace_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4154 of file acl.c.

4155 {
4156  Oid tablespaceoid = PG_GETARG_OID(0);
4157  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4158  Oid roleid;
4159  AclMode mode;
4160  AclResult aclresult;
4161 
4162  roleid = GetUserId();
4163  mode = convert_tablespace_priv_string(priv_type_text);
4164 
4166  PG_RETURN_NULL();
4167 
4168  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4169 
4170  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4171 }
static AclMode convert_tablespace_priv_string(text *priv_type_text)
Definition: acl.c:4240
@ TABLESPACEOID
Definition: syscache.h:101

References ACLCHECK_OK, convert_tablespace_priv_string(), GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and TABLESPACEOID.

◆ has_tablespace_privilege_id_id()

Datum has_tablespace_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4202 of file acl.c.

4203 {
4204  Oid roleid = PG_GETARG_OID(0);
4205  Oid tablespaceoid = PG_GETARG_OID(1);
4206  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4207  AclMode mode;
4208  AclResult aclresult;
4209 
4210  mode = convert_tablespace_priv_string(priv_type_text);
4211 
4213  PG_RETURN_NULL();
4214 
4215  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4216 
4217  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4218 }

References ACLCHECK_OK, convert_tablespace_priv_string(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and TABLESPACEOID.

◆ has_tablespace_privilege_id_name()

Datum has_tablespace_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4179 of file acl.c.

4180 {
4181  Oid roleid = PG_GETARG_OID(0);
4182  text *tablespacename = PG_GETARG_TEXT_PP(1);
4183  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4184  Oid tablespaceoid;
4185  AclMode mode;
4186  AclResult aclresult;
4187 
4188  tablespaceoid = convert_tablespace_name(tablespacename);
4189  mode = convert_tablespace_priv_string(priv_type_text);
4190 
4191  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4192 
4193  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4194 }
static Oid convert_tablespace_name(text *tablespacename)
Definition: acl.c:4228

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_name()

Datum has_tablespace_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4103 of file acl.c.

4104 {
4105  text *tablespacename = PG_GETARG_TEXT_PP(0);
4106  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4107  Oid roleid;
4108  Oid tablespaceoid;
4109  AclMode mode;
4110  AclResult aclresult;
4111 
4112  roleid = GetUserId();
4113  tablespaceoid = convert_tablespace_name(tablespacename);
4114  mode = convert_tablespace_priv_string(priv_type_text);
4115 
4116  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4117 
4118  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4119 }

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.