PostgreSQL Source Code  git master
Data Structures | Functions | Variables
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_has_privs_of (Oid roleid)
 
static Listroles_is_member_of (Oid roleid)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_privs_role = InvalidOid
 
static Listcached_privs_roles = NIL
 
static Oid cached_member_role = InvalidOid
 
static Listcached_membership_roles = NIL
 

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 420 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

421 {
422  Acl *result_acl;
423 
424  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
425 
426  memcpy(ACL_DAT(result_acl),
427  ACL_DAT(left_acl),
428  ACL_NUM(left_acl) * sizeof(AclItem));
429 
430  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
431  ACL_DAT(right_acl),
432  ACL_NUM(right_acl) * sizeof(AclItem));
433 
434  return result_acl;
435 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:369
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1537 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

1538 {
1539  Acl *acl = PG_GETARG_ACL_P(0);
1540  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1541  AclItem *aidat;
1542  int i,
1543  num;
1544 
1545  check_acl(acl);
1546  num = ACL_NUM(acl);
1547  aidat = ACL_DAT(acl);
1548  for (i = 0; i < num; ++i)
1549  {
1550  if (aip->ai_grantee == aidat[i].ai_grantee &&
1551  aip->ai_grantor == aidat[i].ai_grantor &&
1552  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1553  PG_RETURN_BOOL(true);
1554  }
1555  PG_RETURN_BOOL(false);
1556 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
i
int i
Definition: preproc-comment.c:23
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 400 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

401 {
402  Acl *result_acl;
403 
404  result_acl = allocacl(ACL_NUM(orig_acl));
405 
406  memcpy(ACL_DAT(result_acl),
407  ACL_DAT(orig_acl),
408  ACL_NUM(orig_acl) * sizeof(AclItem));
409 
410  return result_acl;
411 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:369
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 741 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

742 {
743  AclMode world_default;
744  AclMode owner_default;
745  int nacl;
746  Acl *acl;
747  AclItem *aip;
748 
749  switch (objtype)
750  {
751  case OBJECT_COLUMN:
752  /* by default, columns have no extra privileges */
753  world_default = ACL_NO_RIGHTS;
754  owner_default = ACL_NO_RIGHTS;
755  break;
756  case OBJECT_TABLE:
757  world_default = ACL_NO_RIGHTS;
758  owner_default = ACL_ALL_RIGHTS_RELATION;
759  break;
760  case OBJECT_SEQUENCE:
761  world_default = ACL_NO_RIGHTS;
762  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
763  break;
764  case OBJECT_DATABASE:
765  /* for backwards compatibility, grant some rights by default */
766  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
767  owner_default = ACL_ALL_RIGHTS_DATABASE;
768  break;
769  case OBJECT_FUNCTION:
770  /* Grant EXECUTE by default, for now */
771  world_default = ACL_EXECUTE;
772  owner_default = ACL_ALL_RIGHTS_FUNCTION;
773  break;
774  case OBJECT_LANGUAGE:
775  /* Grant USAGE by default, for now */
776  world_default = ACL_USAGE;
777  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
778  break;
779  case OBJECT_LARGEOBJECT:
780  world_default = ACL_NO_RIGHTS;
781  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
782  break;
783  case OBJECT_SCHEMA:
784  world_default = ACL_NO_RIGHTS;
785  owner_default = ACL_ALL_RIGHTS_SCHEMA;
786  break;
787  case OBJECT_TABLESPACE:
788  world_default = ACL_NO_RIGHTS;
789  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
790  break;
791  case OBJECT_FDW:
792  world_default = ACL_NO_RIGHTS;
793  owner_default = ACL_ALL_RIGHTS_FDW;
794  break;
795  case OBJECT_FOREIGN_SERVER:
796  world_default = ACL_NO_RIGHTS;
797  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
798  break;
799  case OBJECT_DOMAIN:
800  case OBJECT_TYPE:
801  world_default = ACL_USAGE;
802  owner_default = ACL_ALL_RIGHTS_TYPE;
803  break;
804  default:
805  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
806  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
807  owner_default = ACL_NO_RIGHTS;
808  break;
809  }
810 
811  nacl = 0;
812  if (world_default != ACL_NO_RIGHTS)
813  nacl++;
814  if (owner_default != ACL_NO_RIGHTS)
815  nacl++;
816 
817  acl = allocacl(nacl);
818  aip = ACL_DAT(acl);
819 
820  if (world_default != ACL_NO_RIGHTS)
821  {
822  aip->ai_grantee = ACL_ID_PUBLIC;
823  aip->ai_grantor = ownerId;
824  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
825  aip++;
826  }
827 
828  /*
829  * Note that the owner's entry shows all ordinary privileges but no grant
830  * options. This is because his grant options come "from the system" and
831  * not from his own efforts. (The SQL spec says that the owner's rights
832  * come from a "_SYSTEM" authid.) However, we do consider that the
833  * owner's ordinary privileges are self-granted; this lets him revoke
834  * them. We implement the owner's grant options without any explicit
835  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
836  * wherever we are testing grant options.
837  */
838  if (owner_default != ACL_NO_RIGHTS)
839  {
840  aip->ai_grantee = ownerId;
841  aip->ai_grantor = ownerId;
842  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
843  }
844 
845  return acl;
846 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_ALL_RIGHTS_FUNCTION
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:162
allocacl
static Acl * allocacl(int n)
Definition: acl.c:369
ACL_ALL_RIGHTS_TABLESPACE
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:166
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_ALL_RIGHTS_LANGUAGE
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:163
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:43
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_ALL_RIGHTS_SCHEMA
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:165
ACL_ALL_RIGHTS_TYPE
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:167
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
ACL_ALL_RIGHTS_SEQUENCE
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:158
AclItem
Definition: acl.h:54
ACL_ALL_RIGHTS_LARGEOBJECT
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:164
ACL_ALL_RIGHTS_DATABASE
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:159
ACL_ALL_RIGHTS_FOREIGN_SERVER
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:161
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
elog
#define elog(elevel,...)
Definition: elog.h:214
ACL_ALL_RIGHTS_RELATION
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:157
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
ACL_ALL_RIGHTS_FDW
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:160
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 854 of file acl.c.

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

855 {
856  char objtypec = PG_GETARG_CHAR(0);
857  Oid owner = PG_GETARG_OID(1);
858  ObjectType objtype = 0;
859 
860  switch (objtypec)
861  {
862  case 'c':
863  objtype = OBJECT_COLUMN;
864  break;
865  case 'r':
866  objtype = OBJECT_TABLE;
867  break;
868  case 's':
869  objtype = OBJECT_SEQUENCE;
870  break;
871  case 'd':
872  objtype = OBJECT_DATABASE;
873  break;
874  case 'f':
875  objtype = OBJECT_FUNCTION;
876  break;
877  case 'l':
878  objtype = OBJECT_LANGUAGE;
879  break;
880  case 'L':
881  objtype = OBJECT_LARGEOBJECT;
882  break;
883  case 'n':
884  objtype = OBJECT_SCHEMA;
885  break;
886  case 't':
887  objtype = OBJECT_TABLESPACE;
888  break;
889  case 'F':
890  objtype = OBJECT_FDW;
891  break;
892  case 'S':
893  objtype = OBJECT_FOREIGN_SERVER;
894  break;
895  case 'T':
896  objtype = OBJECT_TYPE;
897  break;
898  default:
899  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
900  }
901 
902  PG_RETURN_ACL_P(acldefault(objtype, owner));
903 }
PG_RETURN_ACL_P
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
acldefault
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:741
Oid
unsigned int Oid
Definition: postgres_ext.h:31
ERROR
#define ERROR
Definition: elog.h:43
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
ObjectType
ObjectType
Definition: parsenodes.h:1694
elog
#define elog(elevel,...)
Definition: elog.h:214
PG_GETARG_CHAR
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 502 of file acl.c.

References ACL_DAT, and ACL_NUM.

Referenced by get_user_default_acl(), and SetDefaultACL().

503 {
504  /* Check for cases where one or both are empty/null */
505  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
506  {
507  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
508  return true;
509  else
510  return false;
511  }
512  else
513  {
514  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
515  return false;
516  }
517 
518  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
519  return false;
520 
521  if (memcmp(ACL_DAT(left_acl),
522  ACL_DAT(right_acl),
523  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
524  return true;
525 
526  return false;
527 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1730 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

1731 {
1732  Acl *acl = PG_GETARG_ACL_P(0);
1733  FuncCallContext *funcctx;
1734  int *idx;
1735  AclItem *aidat;
1736 
1737  if (SRF_IS_FIRSTCALL())
1738  {
1739  TupleDesc tupdesc;
1740  MemoryContext oldcontext;
1741 
1742  check_acl(acl);
1743 
1744  funcctx = SRF_FIRSTCALL_INIT();
1745  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1746 
1747  /*
1748  * build tupdesc for result tuples (matches out parameters in pg_proc
1749  * entry)
1750  */
1751  tupdesc = CreateTemplateTupleDesc(4);
1752  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1753  OIDOID, -1, 0);
1754  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1755  OIDOID, -1, 0);
1756  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1757  TEXTOID, -1, 0);
1758  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1759  BOOLOID, -1, 0);
1760 
1761  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1762 
1763  /* allocate memory for user context */
1764  idx = (int *) palloc(sizeof(int[2]));
1765  idx[0] = 0; /* ACL array item index */
1766  idx[1] = -1; /* privilege type counter */
1767  funcctx->user_fctx = (void *) idx;
1768 
1769  MemoryContextSwitchTo(oldcontext);
1770  }
1771 
1772  funcctx = SRF_PERCALL_SETUP();
1773  idx = (int *) funcctx->user_fctx;
1774  aidat = ACL_DAT(acl);
1775 
1776  /* need test here in case acl has no items */
1777  while (idx[0] < ACL_NUM(acl))
1778  {
1779  AclItem *aidata;
1780  AclMode priv_bit;
1781 
1782  idx[1]++;
1783  if (idx[1] == N_ACL_RIGHTS)
1784  {
1785  idx[1] = 0;
1786  idx[0]++;
1787  if (idx[0] >= ACL_NUM(acl)) /* done */
1788  break;
1789  }
1790  aidata = &aidat[idx[0]];
1791  priv_bit = 1 << idx[1];
1792 
1793  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1794  {
1795  Datum result;
1796  Datum values[4];
1797  bool nulls[4];
1798  HeapTuple tuple;
1799 
1800  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1801  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1802  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1803  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1804 
1805  MemSet(nulls, 0, sizeof(nulls));
1806 
1807  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1808  result = HeapTupleGetDatum(tuple);
1809 
1810  SRF_RETURN_NEXT(funcctx, result);
1811  }
1812  }
1813 
1814  SRF_RETURN_DONE(funcctx);
1815 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
convert_aclright_to_string
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1680
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
CreateTemplateTupleDesc
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:44
SRF_IS_FIRSTCALL
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:294
MemoryContextSwitchTo
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
MemSet
#define MemSet(start, val, len)
Definition: c.h:950
idx
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
heap_form_tuple
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
SRF_PERCALL_SETUP
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:298
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
FuncCallContext::tuple_desc
TupleDesc tuple_desc
Definition: funcapi.h:112
SRF_RETURN_NEXT
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:300
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
BlessTupleDesc
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2052
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
TupleDescInitEntry
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:603
Datum
uintptr_t Datum
Definition: postgres.h:367
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
BoolGetDatum
#define BoolGetDatum(X)
Definition: postgres.h:402
AclItem
Definition: acl.h:54
FuncCallContext::multi_call_memory_ctx
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
HeapTupleGetDatum
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:221
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
values
static Datum values[MAXATTR]
Definition: bootstrap.c:165
FuncCallContext::user_fctx
void * user_fctx
Definition: funcapi.h:82
palloc
void * palloc(Size size)
Definition: mcxt.c:950
CStringGetTextDatum
#define CStringGetTextDatum(s)
Definition: builtins.h:86
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533
SRF_RETURN_DONE
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:318
SRF_FIRSTCALL_INIT
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:296

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1517 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1518 {
1519  ereport(ERROR,
1520  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1521  errmsg("aclinsert is no longer supported")));
1522 
1523  PG_RETURN_NULL(); /* keep compiler quiet */
1524 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel,...)
Definition: elog.h:144
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 686 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

687 {
688  AclItem *a1 = PG_GETARG_ACLITEM_P(0);
689  AclItem *a2 = PG_GETARG_ACLITEM_P(1);
690  bool result;
691 
692  result = a1->ai_privs == a2->ai_privs &&
693  a1->ai_grantee == a2->ai_grantee &&
694  a1->ai_grantor == a2->ai_grantor;
695  PG_RETURN_BOOL(result);
696 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
a2
static const FormData_pg_attribute a2
Definition: heap.c:165
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
AclItem
Definition: acl.h:54
a1
static const FormData_pg_attribute a1
Definition: heap.c:151

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 651 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

652 {
653  return a1->ai_grantee == a2->ai_grantee &&
654  a1->ai_grantor == a2->ai_grantor;
655 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 662 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

663 {
664  const AclItem *a1 = (const AclItem *) arg1;
665  const AclItem *a2 = (const AclItem *) arg2;
666 
667  if (a1->ai_grantee > a2->ai_grantee)
668  return 1;
669  if (a1->ai_grantee < a2->ai_grantee)
670  return -1;
671  if (a1->ai_grantor > a2->ai_grantor)
672  return 1;
673  if (a1->ai_grantor < a2->ai_grantor)
674  return -1;
675  if (a1->ai_privs > a2->ai_privs)
676  return 1;
677  if (a1->ai_privs < a2->ai_privs)
678  return -1;
679  return 0;
680 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
a2
static const FormData_pg_attribute a2
Definition: heap.c:165
AclItem
Definition: acl.h:54
a1
static const FormData_pg_attribute a1
Definition: heap.c:151

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 558 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

559 {
560  const char *s = PG_GETARG_CSTRING(0);
561  AclItem *aip;
562 
563  aip = (AclItem *) palloc(sizeof(AclItem));
564  s = aclparse(s, aip);
565  while (isspace((unsigned char) *s))
566  ++s;
567  if (*s)
568  ereport(ERROR,
569  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
570  errmsg("extra garbage at the end of the ACL specification")));
571 
572  PG_RETURN_ACLITEM_P(aip);
573 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
ERROR
#define ERROR
Definition: elog.h:43
aclparse
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:239
ereport
#define ereport(elevel,...)
Definition: elog.h:144
AclItem
Definition: acl.h:54
PG_RETURN_ACLITEM_P
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
palloc
void * palloc(Size size)
Definition: mcxt.c:950
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
PG_GETARG_CSTRING
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 584 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

585 {
586  AclItem *aip = PG_GETARG_ACLITEM_P(0);
587  char *p;
588  char *out;
589  HeapTuple htup;
590  unsigned i;
591 
592  out = palloc(strlen("=/") +
593  2 * N_ACL_RIGHTS +
594  2 * (2 * NAMEDATALEN + 2) +
595  1);
596 
597  p = out;
598  *p = '\0';
599 
600  if (aip->ai_grantee != ACL_ID_PUBLIC)
601  {
602  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
603  if (HeapTupleIsValid(htup))
604  {
605  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
606  ReleaseSysCache(htup);
607  }
608  else
609  {
610  /* Generate numeric OID if we don't find an entry */
611  sprintf(p, "%u", aip->ai_grantee);
612  }
613  }
614  while (*p)
615  ++p;
616 
617  *p++ = '=';
618 
619  for (i = 0; i < N_ACL_RIGHTS; ++i)
620  {
621  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
622  *p++ = ACL_ALL_RIGHTS_STR[i];
623  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
624  *p++ = '*';
625  }
626 
627  *p++ = '/';
628  *p = '\0';
629 
630  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
631  if (HeapTupleIsValid(htup))
632  {
633  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
634  ReleaseSysCache(htup);
635  }
636  else
637  {
638  /* Generate numeric OID if we don't find an entry */
639  sprintf(p, "%u", aip->ai_grantor);
640  }
641 
642  PG_RETURN_CSTRING(out);
643 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
putid
static void putid(char *p, const char *s)
Definition: acl.c:190
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
rolname
NameData rolname
Definition: pg_authid.h:34
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
sprintf
#define sprintf
Definition: port.h:217
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1116
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
AclItem
Definition: acl.h:54
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
PG_RETURN_CSTRING
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:361
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
palloc
void * palloc(Size size)
Definition: mcxt.c:950
i
int i
Definition: preproc-comment.c:23
NameStr
#define NameStr(name)
Definition: c.h:623
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 488 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

489 {
490  if (acl != NULL && ACL_NUM(acl) > 1)
491  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
492 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
qsort
#define qsort(a, b, c, d)
Definition: port.h:497
aclitemComparator
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:662

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1313 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

1315 {
1316  AclMode result;
1317  AclMode remaining;
1318  AclItem *aidat;
1319  int i,
1320  num;
1321 
1322  /*
1323  * Null ACL should not happen, since caller should have inserted
1324  * appropriate default
1325  */
1326  if (acl == NULL)
1327  elog(ERROR, "null ACL");
1328 
1329  check_acl(acl);
1330 
1331  /* Quick exit for mask == 0 */
1332  if (mask == 0)
1333  return 0;
1334 
1335  result = 0;
1336 
1337  /* Owner always implicitly has all grant options */
1338  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1339  has_privs_of_role(roleid, ownerId))
1340  {
1341  result = mask & ACLITEM_ALL_GOPTION_BITS;
1342  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1343  return result;
1344  }
1345 
1346  num = ACL_NUM(acl);
1347  aidat = ACL_DAT(acl);
1348 
1349  /*
1350  * Check privileges granted directly to roleid or to public
1351  */
1352  for (i = 0; i < num; i++)
1353  {
1354  AclItem *aidata = &aidat[i];
1355 
1356  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1357  aidata->ai_grantee == roleid)
1358  {
1359  result |= aidata->ai_privs & mask;
1360  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1361  return result;
1362  }
1363  }
1364 
1365  /*
1366  * Check privileges granted indirectly via role memberships. We do this in
1367  * a separate pass to minimize expensive indirect membership tests. In
1368  * particular, it's worth testing whether a given ACL entry grants any
1369  * privileges still of interest before we perform the has_privs_of_role
1370  * test.
1371  */
1372  remaining = mask & ~result;
1373  for (i = 0; i < num; i++)
1374  {
1375  AclItem *aidata = &aidat[i];
1376 
1377  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1378  aidata->ai_grantee == roleid)
1379  continue; /* already checked it */
1380 
1381  if ((aidata->ai_privs & remaining) &&
1382  has_privs_of_role(roleid, aidata->ai_grantee))
1383  {
1384  result |= aidata->ai_privs & mask;
1385  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1386  return result;
1387  remaining = mask & ~result;
1388  }
1389  }
1390 
1391  return result;
1392 }
remaining
int remaining
Definition: informix.c:667
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
has_privs_of_role
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4892
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:43
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
elog
#define elog(elevel,...)
Definition: elog.h:214
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1402 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

1404 {
1405  AclMode result;
1406  AclItem *aidat;
1407  int i,
1408  num;
1409 
1410  /*
1411  * Null ACL should not happen, since caller should have inserted
1412  * appropriate default
1413  */
1414  if (acl == NULL)
1415  elog(ERROR, "null ACL");
1416 
1417  check_acl(acl);
1418 
1419  /* Quick exit for mask == 0 */
1420  if (mask == 0)
1421  return 0;
1422 
1423  result = 0;
1424 
1425  /* Owner always implicitly has all grant options */
1426  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1427  roleid == ownerId)
1428  {
1429  result = mask & ACLITEM_ALL_GOPTION_BITS;
1430  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1431  return result;
1432  }
1433 
1434  num = ACL_NUM(acl);
1435  aidat = ACL_DAT(acl);
1436 
1437  /*
1438  * Check privileges granted directly to roleid (and not to public)
1439  */
1440  for (i = 0; i < num; i++)
1441  {
1442  AclItem *aidata = &aidat[i];
1443 
1444  if (aidata->ai_grantee == roleid)
1445  {
1446  result |= aidata->ai_privs & mask;
1447  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1448  return result;
1449  }
1450  }
1451 
1452  return result;
1453 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:43
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
elog
#define elog(elevel,...)
Definition: elog.h:214
i
int i
Definition: preproc-comment.c:23
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1465 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), recordDependencyOnNewAcl(), and SetDefaultACL().

1466 {
1467  Oid *list;
1468  const AclItem *acldat;
1469  int i,
1470  j;
1471 
1472  if (acl == NULL || ACL_NUM(acl) == 0)
1473  {
1474  *roleids = NULL;
1475  return 0;
1476  }
1477 
1478  check_acl(acl);
1479 
1480  /* Allocate the worst-case space requirement */
1481  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1482  acldat = ACL_DAT(acl);
1483 
1484  /*
1485  * Walk the ACL collecting mentioned RoleIds.
1486  */
1487  j = 0;
1488  for (i = 0; i < ACL_NUM(acl); i++)
1489  {
1490  const AclItem *ai = &acldat[i];
1491 
1492  if (ai->ai_grantee != ACL_ID_PUBLIC)
1493  list[j++] = ai->ai_grantee;
1494  /* grantor is currently never PUBLIC, but let's check anyway */
1495  if (ai->ai_grantor != ACL_ID_PUBLIC)
1496  list[j++] = ai->ai_grantor;
1497  }
1498 
1499  /* Sort the array */
1500  qsort(list, j, sizeof(Oid), oid_cmp);
1501 
1502  /*
1503  * We could repalloc the array down to minimum size, but it's hardly worth
1504  * it since it's only transient memory.
1505  */
1506  *roleids = list;
1507 
1508  /* Remove duplicates from the array */
1509  return qunique(list, j, sizeof(Oid), oid_cmp);
1510 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
Oid
unsigned int Oid
Definition: postgres_ext.h:31
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
oid_cmp
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
qunique
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21
palloc
void * palloc(Size size)
Definition: mcxt.c:950
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
qsort
#define qsort(a, b, c, d)
Definition: port.h:497
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 444 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

445 {
446  Acl *result_acl;
447  AclItem *aip;
448  int i,
449  num;
450 
451  /* Check for cases where one or both are empty/null */
452  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
453  {
454  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
455  return NULL;
456  else
457  return aclcopy(right_acl);
458  }
459  else
460  {
461  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
462  return aclcopy(left_acl);
463  }
464 
465  /* Merge them the hard way, one item at a time */
466  result_acl = aclcopy(left_acl);
467 
468  aip = ACL_DAT(right_acl);
469  num = ACL_NUM(right_acl);
470 
471  for (i = 0; i < num; i++, aip++)
472  {
473  Acl *tmp_acl;
474 
475  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
476  ownerId, DROP_RESTRICT);
477  pfree(result_acl);
478  result_acl = tmp_acl;
479  }
480 
481  return result_acl;
482 }
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:129
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
aclcopy
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:400
i
int i
Definition: preproc-comment.c:23
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:923

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1044 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

1045 {
1046  Acl *new_acl;
1047  AclItem *new_aip;
1048  AclItem *old_aip;
1049  AclItem *dst_aip;
1050  AclItem *src_aip;
1051  AclItem *targ_aip;
1052  bool newpresent = false;
1053  int dst,
1054  src,
1055  targ,
1056  num;
1057 
1058  check_acl(old_acl);
1059 
1060  /*
1061  * Make a copy of the given ACL, substituting new owner ID for old
1062  * wherever it appears as either grantor or grantee. Also note if the new
1063  * owner ID is already present.
1064  */
1065  num = ACL_NUM(old_acl);
1066  old_aip = ACL_DAT(old_acl);
1067  new_acl = allocacl(num);
1068  new_aip = ACL_DAT(new_acl);
1069  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1070  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1071  {
1072  if (dst_aip->ai_grantor == oldOwnerId)
1073  dst_aip->ai_grantor = newOwnerId;
1074  else if (dst_aip->ai_grantor == newOwnerId)
1075  newpresent = true;
1076  if (dst_aip->ai_grantee == oldOwnerId)
1077  dst_aip->ai_grantee = newOwnerId;
1078  else if (dst_aip->ai_grantee == newOwnerId)
1079  newpresent = true;
1080  }
1081 
1082  /*
1083  * If the old ACL contained any references to the new owner, then we may
1084  * now have generated an ACL containing duplicate entries. Find them and
1085  * merge them so that there are not duplicates. (This is relatively
1086  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1087  * be the normal case.)
1088  *
1089  * To simplify deletion of duplicate entries, we temporarily leave them in
1090  * the array but set their privilege masks to zero; when we reach such an
1091  * entry it's just skipped. (Thus, a side effect of this code will be to
1092  * remove privilege-free entries, should there be any in the input.) dst
1093  * is the next output slot, targ is the currently considered input slot
1094  * (always >= dst), and src scans entries to the right of targ looking for
1095  * duplicates. Once an entry has been emitted to dst it is known
1096  * duplicate-free and need not be considered anymore.
1097  */
1098  if (newpresent)
1099  {
1100  dst = 0;
1101  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1102  {
1103  /* ignore if deleted in an earlier pass */
1104  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1105  continue;
1106  /* find and merge any duplicates */
1107  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1108  src++, src_aip++)
1109  {
1110  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1111  continue;
1112  if (aclitem_match(targ_aip, src_aip))
1113  {
1114  ACLITEM_SET_RIGHTS(*targ_aip,
1115  ACLITEM_GET_RIGHTS(*targ_aip) |
1116  ACLITEM_GET_RIGHTS(*src_aip));
1117  /* mark the duplicate deleted */
1118  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1119  }
1120  }
1121  /* and emit to output */
1122  new_aip[dst] = *targ_aip;
1123  dst++;
1124  }
1125  /* Adjust array size to be 'dst' items */
1126  ARR_DIMS(new_acl)[0] = dst;
1127  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1128  }
1129 
1130  return new_acl;
1131 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
allocacl
static Acl * allocacl(int n)
Definition: acl.c:369
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:282
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:651
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 239 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

240 {
241  AclMode privs,
242  goption,
243  read;
244  char name[NAMEDATALEN];
245  char name2[NAMEDATALEN];
246 
247  Assert(s && aip);
248 
249  s = getid(s, name);
250  if (*s != '=')
251  {
252  /* we just read a keyword, not a name */
253  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
254  ereport(ERROR,
255  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
256  errmsg("unrecognized key word: \"%s\"", name),
257  errhint("ACL key word must be \"group\" or \"user\".")));
258  s = getid(s, name); /* move s to the name beyond the keyword */
259  if (name[0] == '\0')
260  ereport(ERROR,
261  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
262  errmsg("missing name"),
263  errhint("A name must follow the \"group\" or \"user\" key word.")));
264  }
265 
266  if (*s != '=')
267  ereport(ERROR,
268  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
269  errmsg("missing \"=\" sign")));
270 
271  privs = goption = ACL_NO_RIGHTS;
272 
273  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
274  {
275  switch (*s)
276  {
277  case '*':
278  goption |= read;
279  break;
280  case ACL_INSERT_CHR:
281  read = ACL_INSERT;
282  break;
283  case ACL_SELECT_CHR:
284  read = ACL_SELECT;
285  break;
286  case ACL_UPDATE_CHR:
287  read = ACL_UPDATE;
288  break;
289  case ACL_DELETE_CHR:
290  read = ACL_DELETE;
291  break;
292  case ACL_TRUNCATE_CHR:
293  read = ACL_TRUNCATE;
294  break;
295  case ACL_REFERENCES_CHR:
296  read = ACL_REFERENCES;
297  break;
298  case ACL_TRIGGER_CHR:
299  read = ACL_TRIGGER;
300  break;
301  case ACL_EXECUTE_CHR:
302  read = ACL_EXECUTE;
303  break;
304  case ACL_USAGE_CHR:
305  read = ACL_USAGE;
306  break;
307  case ACL_CREATE_CHR:
308  read = ACL_CREATE;
309  break;
310  case ACL_CREATE_TEMP_CHR:
311  read = ACL_CREATE_TEMP;
312  break;
313  case ACL_CONNECT_CHR:
314  read = ACL_CONNECT;
315  break;
316  case 'R': /* ignore old RULE privileges */
317  read = 0;
318  break;
319  default:
320  ereport(ERROR,
321  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
322  errmsg("invalid mode character: must be one of \"%s\"",
323  ACL_ALL_RIGHTS_STR)));
324  }
325 
326  privs |= read;
327  }
328 
329  if (name[0] == '\0')
330  aip->ai_grantee = ACL_ID_PUBLIC;
331  else
332  aip->ai_grantee = get_role_oid(name, false);
333 
334  /*
335  * XXX Allow a degree of backward compatibility by defaulting the grantor
336  * to the superuser.
337  */
338  if (*s == '/')
339  {
340  s = getid(s + 1, name2);
341  if (name2[0] == '\0')
342  ereport(ERROR,
343  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
344  errmsg("a name must follow the \"/\" sign")));
345  aip->ai_grantor = get_role_oid(name2, false);
346  }
347  else
348  {
349  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
350  ereport(WARNING,
351  (errcode(ERRCODE_INVALID_GRANTOR),
352  errmsg("defaulting grantor to user ID %u",
353  BOOTSTRAP_SUPERUSERID)));
354  }
355 
356  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
357 
358  return s;
359 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_INSERT_CHR
#define ACL_INSERT_CHR
Definition: acl.h:137
errhint
int errhint(const char *fmt,...)
Definition: elog.c:1068
ACL_CONNECT_CHR
#define ACL_CONNECT_CHR
Definition: acl.h:148
ACL_DELETE_CHR
#define ACL_DELETE_CHR
Definition: acl.h:140
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5175
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ACL_CREATE_TEMP_CHR
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
ERROR
#define ERROR
Definition: elog.h:43
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
getid
static const char * getid(const char *s, char *n)
Definition: acl.c:138
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_TRUNCATE_CHR
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
ACL_REFERENCES_CHR
#define ACL_REFERENCES_CHR
Definition: acl.h:142
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
WARNING
#define WARNING
Definition: elog.h:40
ACL_SELECT_CHR
#define ACL_SELECT_CHR
Definition: acl.h:138
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
ACL_USAGE_CHR
#define ACL_USAGE_CHR
Definition: acl.h:145
ereport
#define ereport(elevel,...)
Definition: elog.h:144
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
Assert
#define Assert(condition)
Definition: c.h:746
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_UPDATE_CHR
#define ACL_UPDATE_CHR
Definition: acl.h:139
name
const char * name
Definition: encode.c:561
ACL_TRIGGER_CHR
#define ACL_TRIGGER_CHR
Definition: acl.h:143
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
read
#define read(a, b, c)
Definition: win32.h:13
ACL_EXECUTE_CHR
#define ACL_EXECUTE_CHR
Definition: acl.h:144
ACL_CREATE_CHR
#define ACL_CREATE_CHR
Definition: acl.h:146
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1527 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1528 {
1529  ereport(ERROR,
1530  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1531  errmsg("aclremove is no longer supported")));
1532 
1533  PG_RETURN_NULL(); /* keep compiler quiet */
1534 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel,...)
Definition: elog.h:144
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 923 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

925 {
926  Acl *new_acl = NULL;
927  AclItem *old_aip,
928  *new_aip = NULL;
929  AclMode old_rights,
930  old_goptions,
931  new_rights,
932  new_goptions;
933  int dst,
934  num;
935 
936  /* Caller probably already checked old_acl, but be safe */
937  check_acl(old_acl);
938 
939  /* If granting grant options, check for circularity */
940  if (modechg != ACL_MODECHG_DEL &&
941  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
942  check_circularity(old_acl, mod_aip, ownerId);
943 
944  num = ACL_NUM(old_acl);
945  old_aip = ACL_DAT(old_acl);
946 
947  /*
948  * Search the ACL for an existing entry for this grantee and grantor. If
949  * one exists, just modify the entry in-place (well, in the same position,
950  * since we actually return a copy); otherwise, insert the new entry at
951  * the end.
952  */
953 
954  for (dst = 0; dst < num; ++dst)
955  {
956  if (aclitem_match(mod_aip, old_aip + dst))
957  {
958  /* found a match, so modify existing item */
959  new_acl = allocacl(num);
960  new_aip = ACL_DAT(new_acl);
961  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
962  break;
963  }
964  }
965 
966  if (dst == num)
967  {
968  /* need to append a new item */
969  new_acl = allocacl(num + 1);
970  new_aip = ACL_DAT(new_acl);
971  memcpy(new_aip, old_aip, num * sizeof(AclItem));
972 
973  /* initialize the new entry with no permissions */
974  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
975  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
976  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
977  ACL_NO_RIGHTS, ACL_NO_RIGHTS);
978  num++; /* set num to the size of new_acl */
979  }
980 
981  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
982  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
983 
984  /* apply the specified permissions change */
985  switch (modechg)
986  {
987  case ACL_MODECHG_ADD:
988  ACLITEM_SET_RIGHTS(new_aip[dst],
989  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
990  break;
991  case ACL_MODECHG_DEL:
992  ACLITEM_SET_RIGHTS(new_aip[dst],
993  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
994  break;
995  case ACL_MODECHG_EQL:
996  ACLITEM_SET_RIGHTS(new_aip[dst],
997  ACLITEM_GET_RIGHTS(*mod_aip));
998  break;
999  }
1000 
1001  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1002  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1003 
1004  /*
1005  * If the adjusted entry has no permissions, delete it from the list.
1006  */
1007  if (new_rights == ACL_NO_RIGHTS)
1008  {
1009  memmove(new_aip + dst,
1010  new_aip + dst + 1,
1011  (num - dst - 1) * sizeof(AclItem));
1012  /* Adjust array size to be 'num - 1' items */
1013  ARR_DIMS(new_acl)[0] = num - 1;
1014  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1015  }
1016 
1017  /*
1018  * Remove abandoned privileges (cascading revoke). Currently we can only
1019  * handle this when the grantee is not PUBLIC.
1020  */
1021  if ((old_goptions & ~new_goptions) != 0)
1022  {
1023  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1024  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1025  (old_goptions & ~new_goptions),
1026  ownerId, behavior);
1027  }
1028 
1029  return new_acl;
1030 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_MODECHG_EQL
#define ACL_MODECHG_EQL
Definition: acl.h:131
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
allocacl
static Acl * allocacl(int n)
Definition: acl.c:369
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:130
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:111
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclMode
uint32 AclMode
Definition: parsenodes.h:72
check_circularity
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1147
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:282
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:129
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
Assert
#define Assert(condition)
Definition: c.h:746
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:651
recursive_revoke
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1227
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 369 of file acl.c.

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

370 {
371  Acl *new_acl;
372  Size size;
373 
374  if (n < 0)
375  elog(ERROR, "invalid size: %d", n);
376  size = ACL_N_SIZE(n);
377  new_acl = (Acl *) palloc0(size);
378  SET_VARSIZE(new_acl, size);
379  new_acl->ndim = 1;
380  new_acl->dataoffset = 0; /* we never put in any nulls */
381  new_acl->elemtype = ACLITEMOID;
382  ARR_LBOUND(new_acl)[0] = 1;
383  ARR_DIMS(new_acl)[0] = n;
384  return new_acl;
385 }
ArrayType::dataoffset
int32 dataoffset
Definition: array.h:84
ARR_LBOUND
#define ARR_LBOUND(a)
Definition: array.h:284
ERROR
#define ERROR
Definition: elog.h:43
ArrayType::elemtype
Oid elemtype
Definition: array.h:85
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:282
palloc0
void * palloc0(Size size)
Definition: mcxt.c:981
Size
size_t Size
Definition: c.h:474
elog
#define elog(elevel,...)
Definition: elog.h:214
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
ArrayType::ndim
int ndim
Definition: array.h:83

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 533 of file acl.c.

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

534 {
535  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
536  ereport(ERROR,
537  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
538  errmsg("ACL array contains wrong data type")));
539  if (ARR_NDIM(acl) != 1)
540  ereport(ERROR,
541  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
542  errmsg("ACL arrays must be one-dimensional")));
543  if (ARR_HASNULL(acl))
544  ereport(ERROR,
545  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
546  errmsg("ACL arrays must not contain null values")));
547 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
ERROR
#define ERROR
Definition: elog.h:43
ARR_HASNULL
#define ARR_HASNULL(a)
Definition: array.h:279
ereport
#define ereport(elevel,...)
Definition: elog.h:144
ARR_NDIM
#define ARR_NDIM(a)
Definition: array.h:278
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
ARR_ELEMTYPE
#define ARR_ELEMTYPE(a)
Definition: array.h:280

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1147 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

1149 {
1150  Acl *acl;
1151  AclItem *aip;
1152  int i,
1153  num;
1154  AclMode own_privs;
1155 
1156  check_acl(old_acl);
1157 
1158  /*
1159  * For now, grant options can only be granted to roles, not PUBLIC.
1160  * Otherwise we'd have to work a bit harder here.
1161  */
1162  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1163 
1164  /* The owner always has grant options, no need to check */
1165  if (mod_aip->ai_grantor == ownerId)
1166  return;
1167 
1168  /* Make a working copy */
1169  acl = allocacl(ACL_NUM(old_acl));
1170  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1171 
1172  /* Zap all grant options of target grantee, plus what depends on 'em */
1173 cc_restart:
1174  num = ACL_NUM(acl);
1175  aip = ACL_DAT(acl);
1176  for (i = 0; i < num; i++)
1177  {
1178  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1179  ACLITEM_GET_GOPTIONS(aip[i]) != ACL_NO_RIGHTS)
1180  {
1181  Acl *new_acl;
1182 
1183  /* We'll actually zap ordinary privs too, but no matter */
1184  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1185  ownerId, DROP_CASCADE);
1186 
1187  pfree(acl);
1188  acl = new_acl;
1189 
1190  goto cc_restart;
1191  }
1192  }
1193 
1194  /* Now we can compute grantor's independently-derived privileges */
1195  own_privs = aclmask(acl,
1196  mod_aip->ai_grantor,
1197  ownerId,
1198  ACL_GRANT_OPTION_FOR(ACLITEM_GET_GOPTIONS(*mod_aip)),
1199  ACLMASK_ALL);
1200  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1201 
1202  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1203  ereport(ERROR,
1204  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1205  errmsg("grant options cannot be granted back to your own grantor")));
1206 
1207  pfree(acl);
1208 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
allocacl
static Acl * allocacl(int n)
Definition: acl.c:369
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:130
aclmask
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1313
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:111
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclMode
uint32 AclMode
Definition: parsenodes.h:72
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ERROR
#define ERROR
Definition: elog.h:43
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
ereport
#define ereport(elevel,...)
Definition: elog.h:144
AclItem
Definition: acl.h:54
ACL_OPTION_TO_PRIVS
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
Assert
#define Assert(condition)
Definition: c.h:746
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:923
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:533

◆ check_is_member_of_role()

void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 4938 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

4939 {
4940  if (!is_member_of_role(member, role))
4941  ereport(ERROR,
4942  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4943  errmsg("must be member of role \"%s\"",
4944  GetUserNameFromId(role, false))));
4945 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
member
Oid member
Definition: pg_auth_members.h:33
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel,...)
Definition: elog.h:144
is_member_of_role
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4916
GetUserNameFromId
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:891
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5316 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

5317 {
5318  if (!role)
5319  return;
5320 
5321  if (role->roletype != ROLESPEC_CSTRING)
5322  return;
5323 
5324  if (IsReservedName(role->rolename))
5325  {
5326  if (detail_msg)
5327  ereport(ERROR,
5328  (errcode(ERRCODE_RESERVED_NAME),
5329  errmsg("role name \"%s\" is reserved",
5330  role->rolename),
5331  errdetail("%s", detail_msg)));
5332  else
5333  ereport(ERROR,
5334  (errcode(ERRCODE_RESERVED_NAME),
5335  errmsg("role name \"%s\" is reserved",
5336  role->rolename)));
5337  }
5338 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
IsReservedName
bool IsReservedName(const char *name)
Definition: catalog.c:212
ERROR
#define ERROR
Definition: elog.h:43
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:954
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:330
ereport
#define ereport(elevel,...)
Definition: elog.h:144
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:331
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2450 of file acl.c.

References ACLCHECK_OK, ATTNUM, GETSTRUCT, HeapTupleIsValid, Int16GetDatum, InvalidAttrNumber, ObjectIdGetDatum, pg_attribute_aclcheck(), pg_class_aclcheck(), ReleaseSysCache(), RELOID, SearchSysCache2(), and SearchSysCacheExists1.

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2452 {
2453  AclResult aclresult;
2454  HeapTuple attTuple;
2455  Form_pg_attribute attributeForm;
2456 
2457  /*
2458  * If convert_column_name failed, we can just return -1 immediately.
2459  */
2460  if (attnum == InvalidAttrNumber)
2461  return -1;
2462 
2463  /*
2464  * First check if we have the privilege at the table level. We check
2465  * existence of the pg_class row before risking calling pg_class_aclcheck.
2466  * Note: it might seem there's a race condition against concurrent DROP,
2467  * but really it's safe because there will be no syscache flush between
2468  * here and there. So if we see the row in the syscache, so will
2469  * pg_class_aclcheck.
2470  */
2471  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2472  return -1;
2473 
2474  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2475 
2476  if (aclresult == ACLCHECK_OK)
2477  return true;
2478 
2479  /*
2480  * No table privilege, so try per-column privileges. Again, we have to
2481  * check for dropped attribute first, and we rely on the syscache not to
2482  * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
2483  */
2484  attTuple = SearchSysCache2(ATTNUM,
2485  ObjectIdGetDatum(tableoid),
2486  Int16GetDatum(attnum));
2487  if (!HeapTupleIsValid(attTuple))
2488  return -1;
2489  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2490  if (attributeForm->attisdropped)
2491  {
2492  ReleaseSysCache(attTuple);
2493  return -1;
2494  }
2495  ReleaseSysCache(attTuple);
2496 
2497  aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
2498 
2499  return (aclresult == ACLCHECK_OK);
2500 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
pg_attribute_aclcheck
AclResult pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: aclchk.c:4449
Int16GetDatum
#define Int16GetDatum(X)
Definition: postgres.h:451
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:193
AclResult
AclResult
Definition: acl.h:177
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
attnum
int16 attnum
Definition: pg_attribute.h:79
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
SearchSysCache2
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1127
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1680 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

1681 {
1682  switch (aclright)
1683  {
1684  case ACL_INSERT:
1685  return "INSERT";
1686  case ACL_SELECT:
1687  return "SELECT";
1688  case ACL_UPDATE:
1689  return "UPDATE";
1690  case ACL_DELETE:
1691  return "DELETE";
1692  case ACL_TRUNCATE:
1693  return "TRUNCATE";
1694  case ACL_REFERENCES:
1695  return "REFERENCES";
1696  case ACL_TRIGGER:
1697  return "TRIGGER";
1698  case ACL_EXECUTE:
1699  return "EXECUTE";
1700  case ACL_USAGE:
1701  return "USAGE";
1702  case ACL_CREATE:
1703  return "CREATE";
1704  case ACL_CREATE_TEMP:
1705  return "TEMPORARY";
1706  case ACL_CONNECT:
1707  return "CONNECT";
1708  default:
1709  elog(ERROR, "unrecognized aclright: %d", aclright);
1710  return NULL;
1711  }
1712 }
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
ERROR
#define ERROR
Definition: elog.h:43
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
elog
#define elog(elevel,...)
Definition: elog.h:214
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1632 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

1634 {
1635  AclMode result = 0;
1636  char *priv_type = text_to_cstring(priv_type_text);
1637  char *chunk;
1638  char *next_chunk;
1639 
1640  /* We rely on priv_type being a private, modifiable string */
1641  for (chunk = priv_type; chunk; chunk = next_chunk)
1642  {
1643  int chunk_len;
1644  const priv_map *this_priv;
1645 
1646  /* Split string at commas */
1647  next_chunk = strchr(chunk, ',');
1648  if (next_chunk)
1649  *next_chunk++ = '\0';
1650 
1651  /* Drop leading/trailing whitespace in this chunk */
1652  while (*chunk && isspace((unsigned char) *chunk))
1653  chunk++;
1654  chunk_len = strlen(chunk);
1655  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1656  chunk_len--;
1657  chunk[chunk_len] = '\0';
1658 
1659  /* Match to the privileges list */
1660  for (this_priv = privileges; this_priv->name; this_priv++)
1661  {
1662  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1663  {
1664  result |= this_priv->value;
1665  break;
1666  }
1667  }
1668  if (!this_priv->name)
1669  ereport(ERROR,
1670  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1671  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1672  }
1673 
1674  pfree(priv_type);
1675  return result;
1676 }
priv_map
Definition: acl.c:44
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
priv_map::name
const char * name
Definition: acl.c:46
AclMode
uint32 AclMode
Definition: parsenodes.h:72
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ERROR
#define ERROR
Definition: elog.h:43
priv_map::value
AclMode value
Definition: acl.c:47
ereport
#define ereport(elevel,...)
Definition: elog.h:144
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2828 of file acl.c.

References ATTNAME, attnum, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum, pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

2829 {
2830  char *colname;
2831  HeapTuple attTuple;
2832  AttrNumber attnum;
2833 
2834  colname = text_to_cstring(column);
2835 
2836  /*
2837  * We don't use get_attnum() here because it will report that dropped
2838  * columns don't exist. We need to treat dropped columns differently from
2839  * nonexistent columns.
2840  */
2841  attTuple = SearchSysCache2(ATTNAME,
2842  ObjectIdGetDatum(tableoid),
2843  CStringGetDatum(colname));
2844  if (HeapTupleIsValid(attTuple))
2845  {
2846  Form_pg_attribute attributeForm;
2847 
2848  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2849  /* We want to return NULL for dropped columns */
2850  if (attributeForm->attisdropped)
2851  attnum = InvalidAttrNumber;
2852  else
2853  attnum = attributeForm->attnum;
2854  ReleaseSysCache(attTuple);
2855  }
2856  else
2857  {
2858  char *tablename = get_rel_name(tableoid);
2859 
2860  /*
2861  * If the table OID is bogus, or it's just been dropped, we'll get
2862  * NULL back. In such cases we want has_column_privilege to return
2863  * NULL too, so just return InvalidAttrNumber.
2864  */
2865  if (tablename != NULL)
2866  {
2867  /* tableoid exists, colname does not, so throw error */
2868  ereport(ERROR,
2869  (errcode(ERRCODE_UNDEFINED_COLUMN),
2870  errmsg("column \"%s\" of relation \"%s\" does not exist",
2871  colname, tablename)));
2872  }
2873  /* tableoid doesn't exist, so act like attisdropped case */
2874  attnum = InvalidAttrNumber;
2875  }
2876 
2877  pfree(colname);
2878  return attnum;
2879 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
ERROR
#define ERROR
Definition: elog.h:43
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:193
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
attnum
int16 attnum
Definition: pg_attribute.h:79
ereport
#define ereport(elevel,...)
Definition: elog.h:144
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
SearchSysCache2
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1127
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
get_rel_name
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1840
AttrNumber
int16 AttrNumber
Definition: attnum.h:21

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2886 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2887 {
2888  static const priv_map column_priv_map[] = {
2889  {"SELECT", ACL_SELECT},
2890  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2891  {"INSERT", ACL_INSERT},
2892  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2893  {"UPDATE", ACL_UPDATE},
2894  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2895  {"REFERENCES", ACL_REFERENCES},
2896  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2897  {NULL, 0}
2898  };
2899 
2900  return convert_any_priv_string(priv_type_text, column_priv_map);
2901 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3071 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

3072 {
3073  char *dbname = text_to_cstring(databasename);
3074 
3075  return get_database_oid(dbname, false);
3076 }
get_database_oid
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2108
dbname
char * dbname
Definition: streamutil.c:51
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3083 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

3084 {
3085  static const priv_map database_priv_map[] = {
3086  {"CREATE", ACL_CREATE},
3087  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3088  {"TEMPORARY", ACL_CREATE_TEMP},
3089  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3090  {"TEMP", ACL_CREATE_TEMP},
3091  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3092  {"CONNECT", ACL_CONNECT},
3093  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3094  {NULL, 0}
3095  };
3096 
3097  return convert_any_priv_string(priv_type_text, database_priv_map);
3098 
3099 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3269 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

3270 {
3271  char *fdwstr = text_to_cstring(fdwname);
3272 
3273  return get_foreign_data_wrapper_oid(fdwstr, false);
3274 }
get_foreign_data_wrapper_oid
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:691
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3281 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

3282 {
3283  static const priv_map foreign_data_wrapper_priv_map[] = {
3284  {"USAGE", ACL_USAGE},
3285  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3286  {NULL, 0}
3287  };
3288 
3289  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3290 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3460 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

3461 {
3462  char *funcname = text_to_cstring(functionname);
3463  Oid oid;
3464 
3465  oid = DatumGetObjectId(DirectFunctionCall1(regprocedurein,
3466  CStringGetDatum(funcname)));
3467 
3468  if (!OidIsValid(oid))
3469  ereport(ERROR,
3470  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3471  errmsg("function \"%s\" does not exist", funcname)));
3472 
3473  return oid;
3474 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:500
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:624
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:652
ERROR
#define ERROR
Definition: elog.h:43
regprocedurein
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:230
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
ereport
#define ereport(elevel,...)
Definition: elog.h:144
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3481 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

3482 {
3483  static const priv_map function_priv_map[] = {
3484  {"EXECUTE", ACL_EXECUTE},
3485  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3486  {NULL, 0}
3487  };
3488 
3489  return convert_any_priv_string(priv_type_text, function_priv_map);
3490 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3660 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

3661 {
3662  char *langname = text_to_cstring(languagename);
3663 
3664  return get_language_oid(langname, false);
3665 }
get_language_oid
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:228
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3672 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

3673 {
3674  static const priv_map language_priv_map[] = {
3675  {"USAGE", ACL_USAGE},
3676  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3677  {NULL, 0}
3678  };
3679 
3680  return convert_any_priv_string(priv_type_text, language_priv_map);
3681 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_priv_string()

static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1582 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

1583 {
1584  char *priv_type = text_to_cstring(priv_type_text);
1585 
1586  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1587  return ACL_SELECT;
1588  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1589  return ACL_INSERT;
1590  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1591  return ACL_UPDATE;
1592  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1593  return ACL_DELETE;
1594  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1595  return ACL_TRUNCATE;
1596  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1597  return ACL_REFERENCES;
1598  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1599  return ACL_TRIGGER;
1600  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1601  return ACL_EXECUTE;
1602  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1603  return ACL_USAGE;
1604  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1605  return ACL_CREATE;
1606  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1607  return ACL_CREATE_TEMP;
1608  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1609  return ACL_CREATE_TEMP;
1610  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1611  return ACL_CONNECT;
1612  if (pg_strcasecmp(priv_type, "RULE") == 0)
1613  return 0; /* ignore old RULE privileges */
1614 
1615  ereport(ERROR,
1616  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1617  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1618  return ACL_NO_RIGHTS; /* keep compiler quiet */
1619 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
ERROR
#define ERROR
Definition: elog.h:43
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ereport
#define ereport(elevel,...)
Definition: elog.h:144
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4623 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

4624 {
4625  static const priv_map role_priv_map[] = {
4626  {"USAGE", ACL_USAGE},
4627  {"MEMBER", ACL_CREATE},
4628  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4629  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4630  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4631  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4632  {NULL, 0}
4633  };
4634 
4635  return convert_any_priv_string(priv_type_text, role_priv_map);
4636 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3851 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

3852 {
3853  char *nspname = text_to_cstring(schemaname);
3854 
3855  return get_namespace_oid(nspname, false);
3856 }
get_namespace_oid
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3042
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3863 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

3864 {
3865  static const priv_map schema_priv_map[] = {
3866  {"CREATE", ACL_CREATE},
3867  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3868  {"USAGE", ACL_USAGE},
3869  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3870  {NULL, 0}
3871  };
3872 
3873  return convert_any_priv_string(priv_type_text, schema_priv_map);
3874 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2225 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

2226 {
2227  static const priv_map sequence_priv_map[] = {
2228  {"USAGE", ACL_USAGE},
2229  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2230  {"SELECT", ACL_SELECT},
2231  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2232  {"UPDATE", ACL_UPDATE},
2233  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2234  {NULL, 0}
2235  };
2236 
2237  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2238 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4044 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

4045 {
4046  char *serverstr = text_to_cstring(servername);
4047 
4048  return get_foreign_server_oid(serverstr, false);
4049 }
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221
get_foreign_server_oid
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:714

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4056 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

4057 {
4058  static const priv_map server_priv_map[] = {
4059  {"USAGE", ACL_USAGE},
4060  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4061  {NULL, 0}
4062  };
4063 
4064  return convert_any_priv_string(priv_type_text, server_priv_map);
4065 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

Definition at line 1987 of file acl.c.

References makeRangeVarFromNameList(), NoLock, RangeVarGetRelid, and textToQualifiedNameList().

Referenced by has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_name(), has_table_privilege_id_name(), has_table_privilege_name(), and has_table_privilege_name_name().

1988 {
1989  RangeVar *relrv;
1990 
1991  relrv = makeRangeVarFromNameList(textToQualifiedNameList(tablename));
1992 
1993  /* We might not even have permissions on this relation; don't lock it. */
1994  return RangeVarGetRelid(relrv, NoLock, false);
1995 }
RangeVarGetRelid
#define RangeVarGetRelid(relation, lockmode, missing_ok)
Definition: namespace.h:78
makeRangeVarFromNameList
RangeVar * makeRangeVarFromNameList(List *names)
Definition: namespace.c:3061
NoLock
#define NoLock
Definition: lockdefs.h:34
textToQualifiedNameList
List * textToQualifiedNameList(text *textval)
Definition: varlena.c:3644

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2002 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

2003 {
2004  static const priv_map table_priv_map[] = {
2005  {"SELECT", ACL_SELECT},
2006  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2007  {"INSERT", ACL_INSERT},
2008  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2009  {"UPDATE", ACL_UPDATE},
2010  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2011  {"DELETE", ACL_DELETE},
2012  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2013  {"TRUNCATE", ACL_TRUNCATE},
2014  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2015  {"REFERENCES", ACL_REFERENCES},
2016  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2017  {"TRIGGER", ACL_TRIGGER},
2018  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2019  {"RULE", 0}, /* ignore old RULE privileges */
2020  {"RULE WITH GRANT OPTION", 0},
2021  {NULL, 0}
2022  };
2023 
2024  return convert_any_priv_string(priv_type_text, table_priv_map);
2025 }
priv_map
Definition: acl.c:44
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4235 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

4236 {
4237  char *spcname = text_to_cstring(tablespacename);
4238 
4239  return get_tablespace_oid(spcname, false);
4240 }
get_tablespace_oid
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1421
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4247 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

4248 {
4249  static const priv_map tablespace_priv_map[] = {
4250  {"CREATE", ACL_CREATE},
4251  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4252  {NULL, 0}
4253  };
4254 
4255  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4256 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4425 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

4426 {
4427  char *typname = text_to_cstring(typename);
4428  Oid oid;
4429 
4430  oid = DatumGetObjectId(DirectFunctionCall1(regtypein,
4431  CStringGetDatum(typname)));
4432 
4433  if (!OidIsValid(oid))
4434  ereport(ERROR,
4435  (errcode(ERRCODE_UNDEFINED_OBJECT),
4436  errmsg("type \"%s\" does not exist", typname)));
4437 
4438  return oid;
4439 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:500
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:624
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:652
ERROR
#define ERROR
Definition: elog.h:43
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
typname
NameData typname
Definition: pg_type.h:41
regtypein
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1250
ereport
#define ereport(elevel,...)
Definition: elog.h:144
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:221
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4446 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

4447 {
4448  static const priv_map type_priv_map[] = {
4449  {"USAGE", ACL_USAGE},
4450  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4451  {NULL, 0}
4452  };
4453 
4454  return convert_any_priv_string(priv_type_text, type_priv_map);
4455 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1632
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5060 of file acl.c.

Referenced by select_best_grantor().

5061 {
5062  int nbits = 0;
5063 
5064  /* this code relies on AclMode being an unsigned type */
5065  while (mask)
5066  {
5067  if (mask & 1)
5068  nbits++;
5069  mask >>= 1;
5070  }
5071  return nbits;
5072 }

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5175 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

5176 {
5177  Oid oid;
5178 
5179  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5180  CStringGetDatum(rolname));
5181  if (!OidIsValid(oid) && !missing_ok)
5182  ereport(ERROR,
5183  (errcode(ERRCODE_UNDEFINED_OBJECT),
5184  errmsg("role \"%s\" does not exist", rolname)));
5185  return oid;
5186 }
rolname
NameData rolname
Definition: pg_authid.h:34
GetSysCacheOid1
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:192
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:652
ERROR
#define ERROR
Definition: elog.h:43
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
ereport
#define ereport(elevel,...)
Definition: elog.h:144
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821

◆ get_role_oid_or_public()

Oid get_role_oid_or_public ( const char *  rolname)

Definition at line 5193 of file acl.c.

References ACL_ID_PUBLIC, and get_role_oid().

Referenced by has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_database_privilege_name_id(), has_database_privilege_name_name(), has_foreign_data_wrapper_privilege_name_id(), has_foreign_data_wrapper_privilege_name_name(), has_function_privilege_name_id(), has_function_privilege_name_name(), has_language_privilege_name_id(), has_language_privilege_name_name(), has_schema_privilege_name_id(), has_schema_privilege_name_name(), has_sequence_privilege_name_id(), has_sequence_privilege_name_name(), has_server_privilege_name_id(), has_server_privilege_name_name(), has_table_privilege_name_id(), has_table_privilege_name_name(), has_tablespace_privilege_name_id(), has_tablespace_privilege_name_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

5194 {
5195  if (strcmp(rolname, "public") == 0)
5196  return ACL_ID_PUBLIC;
5197 
5198  return get_role_oid(rolname, false);
5199 }
rolname
NameData rolname
Definition: pg_authid.h:34
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5175
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5294 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

5295 {
5296  HeapTuple tp;
5297  Form_pg_authid authForm;
5298  char *rolename;
5299 
5300  tp = get_rolespec_tuple(role);
5301  authForm = (Form_pg_authid) GETSTRUCT(tp);
5302  rolename = pstrdup(NameStr(authForm->rolname));
5303  ReleaseSysCache(tp);
5304 
5305  return rolename;
5306 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1187
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1164
get_rolespec_tuple
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5248
NameStr
#define NameStr(name)
Definition: c.h:623

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5209 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

5210 {
5211  Oid oid;
5212 
5213  switch (role->roletype)
5214  {
5215  case ROLESPEC_CSTRING:
5216  Assert(role->rolename);
5217  oid = get_role_oid(role->rolename, missing_ok);
5218  break;
5219 
5220  case ROLESPEC_CURRENT_ROLE:
5221  case ROLESPEC_CURRENT_USER:
5222  oid = GetUserId();
5223  break;
5224 
5225  case ROLESPEC_SESSION_USER:
5226  oid = GetSessionUserId();
5227  break;
5228 
5229  case ROLESPEC_PUBLIC:
5230  ereport(ERROR,
5231  (errcode(ERRCODE_UNDEFINED_OBJECT),
5232  errmsg("role \"%s\" does not exist", "public")));
5233  oid = InvalidOid; /* make compiler happy */
5234  break;
5235 
5236  default:
5237  elog(ERROR, "unexpected role type %d", role->roletype);
5238  }
5239 
5240  return oid;
5241 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
Oid
unsigned int Oid
Definition: postgres_ext.h:31
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:510
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5175
ERROR
#define ERROR
Definition: elog.h:43
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:330
InvalidOid
#define InvalidOid
Definition: postgres_ext.h:36
ereport
#define ereport(elevel,...)
Definition: elog.h:144
Assert
#define Assert(condition)
Definition: c.h:746
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:331
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
elog
#define elog(elevel,...)
Definition: elog.h:214

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5248 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

5249 {
5250  HeapTuple tuple;
5251 
5252  switch (role->roletype)
5253  {
5254  case ROLESPEC_CSTRING:
5255  Assert(role->rolename);
5256  tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
5257  if (!HeapTupleIsValid(tuple))
5258  ereport(ERROR,
5259  (errcode(ERRCODE_UNDEFINED_OBJECT),
5260  errmsg("role \"%s\" does not exist", role->rolename)));
5261  break;
5262 
5263  case ROLESPEC_CURRENT_ROLE:
5264  case ROLESPEC_CURRENT_USER:
5265  tuple = SearchSysCache1(AUTHOID, GetUserId());
5266  if (!HeapTupleIsValid(tuple))
5267  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5268  break;
5269 
5270  case ROLESPEC_SESSION_USER:
5271  tuple = SearchSysCache1(AUTHOID, GetSessionUserId());
5272  if (!HeapTupleIsValid(tuple))
5273  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5274  break;
5275 
5276  case ROLESPEC_PUBLIC:
5277  ereport(ERROR,
5278  (errcode(ERRCODE_UNDEFINED_OBJECT),
5279  errmsg("role \"%s\" does not exist", "public")));
5280  tuple = NULL; /* make compiler happy */
5281  break;
5282 
5283  default:
5284  elog(ERROR, "unexpected role type %d", role->roletype);
5285  }
5286 
5287  return tuple;
5288 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:510
ERROR
#define ERROR
Definition: elog.h:43
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1116
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:330
ereport
#define ereport(elevel,...)
Definition: elog.h:144
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
Assert
#define Assert(condition)
Definition: c.h:746
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:331
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821
elog
#define elog(elevel,...)
Definition: elog.h:214

◆ getid()

static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 138 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

139 {
140  int len = 0;
141  bool in_quotes = false;
142 
143  Assert(s && n);
144 
145  while (isspace((unsigned char) *s))
146  s++;
147  /* This code had better match what putid() does, below */
148  for (;
149  *s != '\0' &&
150  (isalnum((unsigned char) *s) ||
151  *s == '_' ||
152  *s == '"' ||
153  in_quotes);
154  s++)
155  {
156  if (*s == '"')
157  {
158  /* safe to look at next char (could be '\0' though) */
159  if (*(s + 1) != '"')
160  {
161  in_quotes = !in_quotes;
162  continue;
163  }
164  /* it's an escaped double quote; skip the escaping char */
165  s++;
166  }
167 
168  /* Add the character to the string */
169  if (len >= NAMEDATALEN - 1)
170  ereport(ERROR,
171  (errcode(ERRCODE_NAME_TOO_LONG),
172  errmsg("identifier too long"),
173  errdetail("Identifier must be less than %d characters.",
174  NAMEDATALEN)));
175 
176  n[len++] = *s;
177  }
178  n[len] = '\0';
179  while (isspace((unsigned char) *s))
180  s++;
181  return s;
182 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:610
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
ERROR
#define ERROR
Definition: elog.h:43
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:954
ereport
#define ereport(elevel,...)
Definition: elog.h:144
Assert
#define Assert(condition)
Definition: c.h:746
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:821

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2347 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2348 {
2349  Oid tableoid = PG_GETARG_OID(0);
2350  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2351  Oid roleid;
2352  AclMode mode;
2353  AclResult aclresult;
2354 
2355  roleid = GetUserId();
2356  mode = convert_column_priv_string(priv_type_text);
2357 
2358  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2359  PG_RETURN_NULL();
2360 
2361  /* First check at table level, then examine each column if needed */
2362  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2363  if (aclresult != ACLCHECK_OK)
2364  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2365  ACLMASK_ANY);
2366 
2367  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2368 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2403 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2404 {
2405  Oid roleid = PG_GETARG_OID(0);
2406  Oid tableoid = PG_GETARG_OID(1);
2407  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2408  AclMode mode;
2409  AclResult aclresult;
2410 
2411  mode = convert_column_priv_string(priv_type_text);
2412 
2413  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2414  PG_RETURN_NULL();
2415 
2416  /* First check at table level, then examine each column if needed */
2417  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2418  if (aclresult != ACLCHECK_OK)
2419  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2420  ACLMASK_ANY);
2421 
2422  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2423 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2376 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2377 {
2378  Oid roleid = PG_GETARG_OID(0);
2379  text *tablename = PG_GETARG_TEXT_PP(1);
2380  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2381  Oid tableoid;
2382  AclMode mode;
2383  AclResult aclresult;
2384 
2385  tableoid = convert_table_name(tablename);
2386  mode = convert_column_priv_string(priv_type_text);
2387 
2388  /* First check at table level, then examine each column if needed */
2389  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2390  if (aclresult != ACLCHECK_OK)
2391  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2392  ACLMASK_ANY);
2393 
2394  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2395 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2288 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2289 {
2290  text *tablename = PG_GETARG_TEXT_PP(0);
2291  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2292  Oid roleid;
2293  Oid tableoid;
2294  AclMode mode;
2295  AclResult aclresult;
2296 
2297  roleid = GetUserId();
2298  tableoid = convert_table_name(tablename);
2299  mode = convert_column_priv_string(priv_type_text);
2300 
2301  /* First check at table level, then examine each column if needed */
2302  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2303  if (aclresult != ACLCHECK_OK)
2304  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2305  ACLMASK_ANY);
2306 
2307  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2308 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2316 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

2317 {
2318  Name username = PG_GETARG_NAME(0);
2319  Oid tableoid = PG_GETARG_OID(1);
2320  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2321  Oid roleid;
2322  AclMode mode;
2323  AclResult aclresult;
2324 
2325  roleid = get_role_oid_or_public(NameStr(*username));
2326  mode = convert_column_priv_string(priv_type_text);
2327 
2328  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2329  PG_RETURN_NULL();
2330 
2331  /* First check at table level, then examine each column if needed */
2332  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2333  if (aclresult != ACLCHECK_OK)
2334  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2335  ACLMASK_ANY);
2336 
2337  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2338 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
nameData
Definition: c.h:617
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
username
static char * username
Definition: initdb.c:134
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2258 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2259 {
2260  Name rolename = PG_GETARG_NAME(0);
2261  text *tablename = PG_GETARG_TEXT_PP(1);
2262  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2263  Oid roleid;
2264  Oid tableoid;
2265  AclMode mode;
2266  AclResult aclresult;
2267 
2268  roleid = get_role_oid_or_public(NameStr(*rolename));
2269  tableoid = convert_table_name(tablename);
2270  mode = convert_column_priv_string(priv_type_text);
2271 
2272  /* First check at table level, then examine each column if needed */
2273  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2274  if (aclresult != ACLCHECK_OK)
2275  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2276  ACLMASK_ANY);
2277 
2278  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2279 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:617
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2800 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2801 {
2802  Oid tableoid = PG_GETARG_OID(0);
2803  AttrNumber colattnum = PG_GETARG_INT16(1);
2804  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2805  Oid roleid;
2806  AclMode mode;
2807  int privresult;
2808 
2809  roleid = GetUserId();
2810  mode = convert_column_priv_string(priv_type_text);
2811 
2812  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2813  if (privresult < 0)
2814  PG_RETURN_NULL();
2815  PG_RETURN_BOOL(privresult);
2816 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2693 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2694 {
2695  Oid roleid = PG_GETARG_OID(0);
2696  Oid tableoid = PG_GETARG_OID(1);
2697  AttrNumber colattnum = PG_GETARG_INT16(2);
2698  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2699  AclMode mode;
2700  int privresult;
2701 
2702  mode = convert_column_priv_string(priv_type_text);
2703 
2704  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2705  if (privresult < 0)
2706  PG_RETURN_NULL();
2707  PG_RETURN_BOOL(privresult);
2708 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2668 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2669 {
2670  Oid roleid = PG_GETARG_OID(0);
2671  Oid tableoid = PG_GETARG_OID(1);
2672  text *column = PG_GETARG_TEXT_PP(2);
2673  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2674  AttrNumber colattnum;
2675  AclMode mode;
2676  int privresult;
2677 
2678  colattnum = convert_column_name(tableoid, column);
2679  mode = convert_column_priv_string(priv_type_text);
2680 
2681  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2682  if (privresult < 0)
2683  PG_RETURN_NULL();
2684  PG_RETURN_BOOL(privresult);
2685 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2773 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2774 {
2775  Oid tableoid = PG_GETARG_OID(0);
2776  text *column = PG_GETARG_TEXT_PP(1);
2777  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2778  Oid roleid;
2779  AttrNumber colattnum;
2780  AclMode mode;
2781  int privresult;
2782 
2783  roleid = GetUserId();
2784  colattnum = convert_column_name(tableoid, column);
2785  mode = convert_column_priv_string(priv_type_text);
2786 
2787  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2788  if (privresult < 0)
2789  PG_RETURN_NULL();
2790  PG_RETURN_BOOL(privresult);
2791 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2643 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2644 {
2645  Oid roleid = PG_GETARG_OID(0);
2646  text *tablename = PG_GETARG_TEXT_PP(1);
2647  AttrNumber colattnum = PG_GETARG_INT16(2);
2648  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2649  Oid tableoid;
2650  AclMode mode;
2651  int privresult;
2652 
2653  tableoid = convert_table_name(tablename);
2654  mode = convert_column_priv_string(priv_type_text);
2655 
2656  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2657  if (privresult < 0)
2658  PG_RETURN_NULL();
2659  PG_RETURN_BOOL(privresult);
2660 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2616 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2617 {
2618  Oid roleid = PG_GETARG_OID(0);
2619  text *tablename = PG_GETARG_TEXT_PP(1);
2620  text *column = PG_GETARG_TEXT_PP(2);
2621  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2622  Oid tableoid;
2623  AttrNumber colattnum;
2624  AclMode mode;
2625  int privresult;
2626 
2627  tableoid = convert_table_name(tablename);
2628  colattnum = convert_column_name(tableoid, column);
2629  mode = convert_column_priv_string(priv_type_text);
2630 
2631  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2632  if (privresult < 0)
2633  PG_RETURN_NULL();
2634  PG_RETURN_BOOL(privresult);
2635 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2746 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2747 {
2748  text *tablename = PG_GETARG_TEXT_PP(0);
2749  AttrNumber colattnum = PG_GETARG_INT16(1);
2750  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2751  Oid roleid;
2752  Oid tableoid;
2753  AclMode mode;
2754  int privresult;
2755 
2756  roleid = GetUserId();
2757  tableoid = convert_table_name(tablename);
2758  mode = convert_column_priv_string(priv_type_text);
2759 
2760  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2761  if (privresult < 0)
2762  PG_RETURN_NULL();
2763  PG_RETURN_BOOL(privresult);
2764 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2591 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2592 {
2593  Name username = PG_GETARG_NAME(0);
2594  Oid tableoid = PG_GETARG_OID(1);
2595  AttrNumber colattnum = PG_GETARG_INT16(2);
2596  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2597  Oid roleid;
2598  AclMode mode;
2599  int privresult;
2600 
2601  roleid = get_role_oid_or_public(NameStr(*username));
2602  mode = convert_column_priv_string(priv_type_text);
2603 
2604  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2605  if (privresult < 0)
2606  PG_RETURN_NULL();
2607  PG_RETURN_BOOL(privresult);
2608 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:617
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
username
static char * username
Definition: initdb.c:134
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2564 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2565 {
2566  Name username = PG_GETARG_NAME(0);
2567  Oid tableoid = PG_GETARG_OID(1);
2568  text *column = PG_GETARG_TEXT_PP(2);
2569  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2570  Oid roleid;
2571  AttrNumber colattnum;
2572  AclMode mode;
2573  int privresult;
2574 
2575  roleid = get_role_oid_or_public(NameStr(*username));
2576  colattnum = convert_column_name(tableoid, column);
2577  mode = convert_column_priv_string(priv_type_text);
2578 
2579  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2580  if (privresult < 0)
2581  PG_RETURN_NULL();
2582  PG_RETURN_BOOL(privresult);
2583 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:617
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
username
static char * username
Definition: initdb.c:134
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2717 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2718 {
2719  text *tablename = PG_GETARG_TEXT_PP(0);
2720  text *column = PG_GETARG_TEXT_PP(1);
2721  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2722  Oid roleid;
2723  Oid tableoid;
2724  AttrNumber colattnum;
2725  AclMode mode;
2726  int privresult;
2727 
2728  roleid = GetUserId();
2729  tableoid = convert_table_name(tablename);
2730  colattnum = convert_column_name(tableoid, column);
2731  mode = convert_column_priv_string(priv_type_text);
2732 
2733  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2734  if (privresult < 0)
2735  PG_RETURN_NULL();
2736  PG_RETURN_BOOL(privresult);
2737 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2537 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2538 {
2539  Name rolename = PG_GETARG_NAME(0);
2540  text *tablename = PG_GETARG_TEXT_PP(1);
2541  AttrNumber colattnum = PG_GETARG_INT16(2);
2542  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2543  Oid roleid;
2544  Oid tableoid;
2545  AclMode mode;
2546  int privresult;
2547 
2548  roleid = get_role_oid_or_public(NameStr(*rolename));
2549  tableoid = convert_table_name(tablename);
2550  mode = convert_column_priv_string(priv_type_text);
2551 
2552  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2553  if (privresult < 0)
2554  PG_RETURN_NULL();
2555  PG_RETURN_BOOL(privresult);
2556 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:617
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2508 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2509 {
2510  Name rolename = PG_GETARG_NAME(0);
2511  text *tablename = PG_GETARG_TEXT_PP(1);
2512  text *column = PG_GETARG_TEXT_PP(2);
2513  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2514  Oid roleid;
2515  Oid tableoid;
2516  AttrNumber colattnum;
2517  AclMode mode;
2518  int privresult;
2519 
2520  roleid = get_role_oid_or_public(NameStr(*rolename));
2521  tableoid = convert_table_name(tablename);
2522  colattnum = convert_column_name(tableoid, column);
2523  mode = convert_column_priv_string(priv_type_text);
2524 
2525  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2526  if (privresult < 0)
2527  PG_RETURN_NULL();
2528  PG_RETURN_BOOL(privresult);
2529 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:617
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1987
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2450
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2886
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2997 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

2998 {
2999  Oid databaseoid = PG_GETARG_OID(0);
3000  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3001  Oid roleid;
3002  AclMode mode;
3003  AclResult aclresult;
3004 
3005  roleid = GetUserId();
3006  mode = convert_database_priv_string(priv_type_text);
3007 
3008  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3009  PG_RETURN_NULL();
3010 
3011  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3012 
3013  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3014 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3083
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:563
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3045 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3046 {
3047  Oid roleid = PG_GETARG_OID(0);
3048  Oid databaseoid = PG_GETARG_OID(1);
3049  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3050  AclMode mode;
3051  AclResult aclresult;
3052 
3053  mode = convert_database_priv_string(priv_type_text);
3054 
3055  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3056  PG_RETURN_NULL();
3057 
3058  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3059 
3060  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3061 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3083
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:563
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3022 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3023 {
3024  Oid roleid = PG_GETARG_OID(0);
3025  text *databasename = PG_GETARG_TEXT_PP(1);
3026  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3027  Oid databaseoid;
3028  AclMode mode;
3029  AclResult aclresult;
3030 
3031  databaseoid = convert_database_name(databasename);
3032  mode = convert_database_priv_string(priv_type_text);
3033 
3034  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3035 
3036  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3037 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3071
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3083
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:563

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2946 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2947 {
2948  text *databasename = PG_GETARG_TEXT_PP(0);
2949  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2950  Oid roleid;
2951  Oid databaseoid;
2952  AclMode mode;
2953  AclResult aclresult;
2954 
2955  roleid = GetUserId();
2956  databaseoid = convert_database_name(databasename);
2957  mode = convert_database_priv_string(priv_type_text);
2958 
2959  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2960 
2961  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2962 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3071
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3083
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:563

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2970 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

2971 {
2972  Name username = PG_GETARG_NAME(0);
2973  Oid databaseoid = PG_GETARG_OID(1);
2974  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2975  Oid roleid;
2976  AclMode mode;
2977  AclResult aclresult;
2978 
2979  roleid = get_role_oid_or_public(NameStr(*username));
2980  mode = convert_database_priv_string(priv_type_text);
2981 
2982  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
2983  PG_RETURN_NULL();
2984 
2985  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2986 
2987  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2988 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
nameData
Definition: c.h:617
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3083
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
username
static char * username
Definition: initdb.c:134
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2920 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

2921 {
2922  Name username = PG_GETARG_NAME(0);
2923  text *databasename = PG_GETARG_TEXT_PP(1);
2924  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2925  Oid roleid;
2926  Oid databaseoid;
2927  AclMode mode;
2928  AclResult aclresult;
2929 
2930  roleid = get_role_oid_or_public(NameStr(*username));
2931  databaseoid = convert_database_name(databasename);
2932  mode = convert_database_priv_string(priv_type_text);
2933 
2934  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2935 
2936  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2937 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:617
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3071
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3083
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
username
static char * username
Definition: initdb.c:134
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3195 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3196 {
3197  Oid fdwid = PG_GETARG_OID(0);
3198  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3199  Oid roleid;
3200  AclMode mode;
3201  AclResult aclresult;
3202 
3203  roleid = GetUserId();
3204  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3205 
3206  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3207  PG_RETURN_NULL();
3208 
3209  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3210 
3211  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3212 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3281
varlena
Definition: c.h:563
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3243 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3244 {
3245  Oid roleid = PG_GETARG_OID(0);
3246  Oid fdwid = PG_GETARG_OID(1);
3247  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3248  AclMode mode;
3249  AclResult aclresult;
3250 
3251  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3252 
3253  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3254  PG_RETURN_NULL();
3255 
3256  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3257 
3258  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3259 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3281
varlena
Definition: c.h:563
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3220 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3221 {
3222  Oid roleid = PG_GETARG_OID(0);
3223  text *fdwname = PG_GETARG_TEXT_PP(1);
3224  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3225  Oid fdwid;
3226  AclMode mode;
3227  AclResult aclresult;
3228 
3229  fdwid = convert_foreign_data_wrapper_name(fdwname);
3230  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3231 
3232  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3233 
3234  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3235 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3269
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3281
varlena
Definition: c.h:563

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3144 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3145 {
3146  text *fdwname = PG_GETARG_TEXT_PP(0);
3147  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3148  Oid roleid;
3149  Oid fdwid;
3150  AclMode mode;
3151  AclResult aclresult;
3152 
3153  roleid = GetUserId();
3154  fdwid = convert_foreign_data_wrapper_name(fdwname);
3155  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3156 
3157  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3158 
3159  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3160 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3269
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3281
varlena
Definition: c.h:563

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3168 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

3169 {
3170  Name username = PG_GETARG_NAME(0);
3171  Oid fdwid = PG_GETARG_OID(1);
3172  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3173  Oid roleid;
3174  AclMode mode;
3175  AclResult aclresult;
3176 
3177  roleid = get_role_oid_or_public(NameStr(*username));
3178  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3179 
3180  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3181  PG_RETURN_NULL();
3182 
3183  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3184 
3185  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3186 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:183
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
nameData
Definition: c.h:617
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:358
username
static char * username
Definition: initdb.c:134
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3281
NameStr
#define NameStr(name)
Definition: c.h:623
varlena
Definition: c.h:563
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:344
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3118 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3119 {
3120  Name username = PG_GETARG_NAME(0);
3121  text *fdwname = PG_GETARG_TEXT_PP(1);
3122  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3123  Oid roleid;
3124  Oid fdwid;
3125  AclMode mode;
3126  AclResult aclresult;
3127 
3128  roleid = get_role_oid_or_public(NameStr(*username));
3129  fdwid = convert_foreign_data_wrapper_name(fdwname);
3130  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3131 
3132  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3133 
3134  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3135 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3269
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5193
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:308
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:617
AclResult
AclResult
Definition: acl.h:177