PostgreSQL Source Code  git master
Data Structures | Enumerations | Functions | Variables
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_database.h"
#include "catalog/pg_foreign_data_wrapper.h"
#include "catalog/pg_foreign_server.h"
#include "catalog/pg_language.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_parameter_acl.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_tablespace.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/guc.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Enumerations

enum  RoleRecurseType { ROLERECURSE_MEMBERS = 0 , ROLERECURSE_PRIVS = 1 , ROLERECURSE_SETROLE = 2 }
 

Functions

static const char * getid (const char *s, char *n, Node *escontext)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip, Node *escontext)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_parameter_priv_string (text *priv_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
static bool has_param_priv_byname (Oid roleid, const text *parameter, AclMode priv)
 
Datum has_parameter_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static Listroles_is_member_of (Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool member_can_set_role (Oid member, Oid role)
 
void check_can_set_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
Oid select_best_admin (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_role [] = {InvalidOid, InvalidOid, InvalidOid}
 
static Listcached_roles [] = {NIL, NIL, NIL}
 
static uint32 cached_db_hash
 

Enumeration Type Documentation

◆ RoleRecurseType

enum RoleRecurseType
Enumerator
ROLERECURSE_MEMBERS 
ROLERECURSE_PRIVS 
ROLERECURSE_SETROLE 

Definition at line 73 of file acl.c.

74 {
75  ROLERECURSE_MEMBERS = 0, /* recurse unconditionally */
76  ROLERECURSE_PRIVS = 1, /* recurse through inheritable grants */
77  ROLERECURSE_SETROLE = 2 /* recurse through grants with set_option */
78 };
ROLERECURSE_PRIVS
@ ROLERECURSE_PRIVS
Definition: acl.c:76
ROLERECURSE_MEMBERS
@ ROLERECURSE_MEMBERS
Definition: acl.c:75
ROLERECURSE_SETROLE
@ ROLERECURSE_SETROLE
Definition: acl.c:77

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 451 of file acl.c.

452 {
453  Acl *result_acl;
454 
455  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
456 
457  memcpy(ACL_DAT(result_acl),
458  ACL_DAT(left_acl),
459  ACL_NUM(left_acl) * sizeof(AclItem));
460 
461  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
462  ACL_DAT(right_acl),
463  ACL_NUM(right_acl) * sizeof(AclItem));
464 
465  return result_acl;
466 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:400
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
AclItem
Definition: acl.h:55

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1580 of file acl.c.

1581 {
1582  Acl *acl = PG_GETARG_ACL_P(0);
1583  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1584  AclItem *aidat;
1585  int i,
1586  num;
1587 
1588  check_acl(acl);
1589  num = ACL_NUM(acl);
1590  aidat = ACL_DAT(acl);
1591  for (i = 0; i < num; ++i)
1592  {
1593  if (aip->ai_grantee == aidat[i].ai_grantee &&
1594  aip->ai_grantor == aidat[i].ai_grantor &&
1595  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1596  PG_RETURN_BOOL(true);
1597  }
1598  PG_RETURN_BOOL(false);
1599 }
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:564
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
i
int i
Definition: isn.c:73
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 431 of file acl.c.

432 {
433  Acl *result_acl;
434 
435  result_acl = allocacl(ACL_NUM(orig_acl));
436 
437  memcpy(ACL_DAT(result_acl),
438  ACL_DAT(orig_acl),
439  ACL_NUM(orig_acl) * sizeof(AclItem));
440 
441  return result_acl;
442 }

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 777 of file acl.c.

778 {
779  AclMode world_default;
780  AclMode owner_default;
781  int nacl;
782  Acl *acl;
783  AclItem *aip;
784 
785  switch (objtype)
786  {
787  case OBJECT_COLUMN:
788  /* by default, columns have no extra privileges */
789  world_default = ACL_NO_RIGHTS;
790  owner_default = ACL_NO_RIGHTS;
791  break;
792  case OBJECT_TABLE:
793  world_default = ACL_NO_RIGHTS;
794  owner_default = ACL_ALL_RIGHTS_RELATION;
795  break;
796  case OBJECT_SEQUENCE:
797  world_default = ACL_NO_RIGHTS;
798  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
799  break;
800  case OBJECT_DATABASE:
801  /* for backwards compatibility, grant some rights by default */
802  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
803  owner_default = ACL_ALL_RIGHTS_DATABASE;
804  break;
805  case OBJECT_FUNCTION:
806  /* Grant EXECUTE by default, for now */
807  world_default = ACL_EXECUTE;
808  owner_default = ACL_ALL_RIGHTS_FUNCTION;
809  break;
810  case OBJECT_LANGUAGE:
811  /* Grant USAGE by default, for now */
812  world_default = ACL_USAGE;
813  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
814  break;
815  case OBJECT_LARGEOBJECT:
816  world_default = ACL_NO_RIGHTS;
817  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
818  break;
819  case OBJECT_SCHEMA:
820  world_default = ACL_NO_RIGHTS;
821  owner_default = ACL_ALL_RIGHTS_SCHEMA;
822  break;
823  case OBJECT_TABLESPACE:
824  world_default = ACL_NO_RIGHTS;
825  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
826  break;
827  case OBJECT_FDW:
828  world_default = ACL_NO_RIGHTS;
829  owner_default = ACL_ALL_RIGHTS_FDW;
830  break;
831  case OBJECT_FOREIGN_SERVER:
832  world_default = ACL_NO_RIGHTS;
833  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
834  break;
835  case OBJECT_DOMAIN:
836  case OBJECT_TYPE:
837  world_default = ACL_USAGE;
838  owner_default = ACL_ALL_RIGHTS_TYPE;
839  break;
840  case OBJECT_PARAMETER_ACL:
841  world_default = ACL_NO_RIGHTS;
842  owner_default = ACL_ALL_RIGHTS_PARAMETER_ACL;
843  break;
844  default:
845  elog(ERROR, "unrecognized object type: %d", (int) objtype);
846  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
847  owner_default = ACL_NO_RIGHTS;
848  break;
849  }
850 
851  nacl = 0;
852  if (world_default != ACL_NO_RIGHTS)
853  nacl++;
854  if (owner_default != ACL_NO_RIGHTS)
855  nacl++;
856 
857  acl = allocacl(nacl);
858  aip = ACL_DAT(acl);
859 
860  if (world_default != ACL_NO_RIGHTS)
861  {
862  aip->ai_grantee = ACL_ID_PUBLIC;
863  aip->ai_grantor = ownerId;
864  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
865  aip++;
866  }
867 
868  /*
869  * Note that the owner's entry shows all ordinary privileges but no grant
870  * options. This is because his grant options come "from the system" and
871  * not from his own efforts. (The SQL spec says that the owner's rights
872  * come from a "_SYSTEM" authid.) However, we do consider that the
873  * owner's ordinary privileges are self-granted; this lets him revoke
874  * them. We implement the owner's grant options without any explicit
875  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
876  * wherever we are testing grant options.
877  */
878  if (owner_default != ACL_NO_RIGHTS)
879  {
880  aip->ai_grantee = ownerId;
881  aip->ai_grantor = ownerId;
882  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
883  }
884 
885  return acl;
886 }
ACL_ALL_RIGHTS_FOREIGN_SERVER
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:163
ACL_ALL_RIGHTS_TABLESPACE
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:169
ACL_ALL_RIGHTS_PARAMETER_ACL
#define ACL_ALL_RIGHTS_PARAMETER_ACL
Definition: acl.h:167
ACL_ALL_RIGHTS_SCHEMA
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:168
ACL_ALL_RIGHTS_SEQUENCE
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:160
ACL_ALL_RIGHTS_DATABASE
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:161
ACL_ALL_RIGHTS_FUNCTION
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:164
ACL_ALL_RIGHTS_LANGUAGE
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:165
ACL_ALL_RIGHTS_TYPE
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:170
ACL_ALL_RIGHTS_FDW
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:162
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
ACL_ALL_RIGHTS_RELATION
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:159
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
ACL_ALL_RIGHTS_LARGEOBJECT
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:166
ERROR
#define ERROR
Definition: elog.h:39
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93
AclMode
uint64 AclMode
Definition: parsenodes.h:81
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:91
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:98
OBJECT_FDW
@ OBJECT_FDW
Definition: parsenodes.h:2136
OBJECT_SCHEMA
@ OBJECT_SCHEMA
Definition: parsenodes.h:2156
OBJECT_DOMAIN
@ OBJECT_DOMAIN
Definition: parsenodes.h:2132
OBJECT_COLUMN
@ OBJECT_COLUMN
Definition: parsenodes.h:2126
OBJECT_TABLESPACE
@ OBJECT_TABLESPACE
Definition: parsenodes.h:2162
OBJECT_LARGEOBJECT
@ OBJECT_LARGEOBJECT
Definition: parsenodes.h:2142
OBJECT_DATABASE
@ OBJECT_DATABASE
Definition: parsenodes.h:2129
OBJECT_SEQUENCE
@ OBJECT_SEQUENCE
Definition: parsenodes.h:2157
OBJECT_LANGUAGE
@ OBJECT_LANGUAGE
Definition: parsenodes.h:2141
OBJECT_FOREIGN_SERVER
@ OBJECT_FOREIGN_SERVER
Definition: parsenodes.h:2137
OBJECT_TABLE
@ OBJECT_TABLE
Definition: parsenodes.h:2161
OBJECT_PARAMETER_ACL
@ OBJECT_PARAMETER_ACL
Definition: parsenodes.h:2147
OBJECT_TYPE
@ OBJECT_TYPE
Definition: parsenodes.h:2169
OBJECT_FUNCTION
@ OBJECT_FUNCTION
Definition: parsenodes.h:2139
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:94
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:90

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_PARAMETER_ACL, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog(), ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), buildDefaultACLCommands(), dumpACL(), dumpRoleGUCPrivs(), dumpTable(), dumpTablespaces(), ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), get_user_default_acl(), object_aclmask(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask(), and SetDefaultACL().

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 894 of file acl.c.

895 {
896  char objtypec = PG_GETARG_CHAR(0);
897  Oid owner = PG_GETARG_OID(1);
898  ObjectType objtype = 0;
899 
900  switch (objtypec)
901  {
902  case 'c':
903  objtype = OBJECT_COLUMN;
904  break;
905  case 'r':
906  objtype = OBJECT_TABLE;
907  break;
908  case 's':
909  objtype = OBJECT_SEQUENCE;
910  break;
911  case 'd':
912  objtype = OBJECT_DATABASE;
913  break;
914  case 'f':
915  objtype = OBJECT_FUNCTION;
916  break;
917  case 'l':
918  objtype = OBJECT_LANGUAGE;
919  break;
920  case 'L':
921  objtype = OBJECT_LARGEOBJECT;
922  break;
923  case 'n':
924  objtype = OBJECT_SCHEMA;
925  break;
926  case 'p':
927  objtype = OBJECT_PARAMETER_ACL;
928  break;
929  case 't':
930  objtype = OBJECT_TABLESPACE;
931  break;
932  case 'F':
933  objtype = OBJECT_FDW;
934  break;
935  case 'S':
936  objtype = OBJECT_FOREIGN_SERVER;
937  break;
938  case 'T':
939  objtype = OBJECT_TYPE;
940  break;
941  default:
942  elog(ERROR, "unrecognized object type abbreviation: %c", objtypec);
943  }
944 
945  PG_RETURN_ACL_P(acldefault(objtype, owner));
946 }
acldefault
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:777
PG_RETURN_ACL_P
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_GETARG_CHAR
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273
ObjectType
ObjectType
Definition: parsenodes.h:2119
Oid
unsigned int Oid
Definition: postgres_ext.h:31

References acldefault(), elog(), ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 533 of file acl.c.

534 {
535  /* Check for cases where one or both are empty/null */
536  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
537  {
538  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
539  return true;
540  else
541  return false;
542  }
543  else
544  {
545  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
546  return false;
547  }
548 
549  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
550  return false;
551 
552  if (memcmp(ACL_DAT(left_acl),
553  ACL_DAT(right_acl),
554  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
555  return true;
556 
557  return false;
558 }

References ACL_DAT, and ACL_NUM.

Referenced by ExecGrant_Parameter(), get_user_default_acl(), and SetDefaultACL().

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1756 of file acl.c.

1757 {
1758  Acl *acl = PG_GETARG_ACL_P(0);
1759  FuncCallContext *funcctx;
1760  int *idx;
1761  AclItem *aidat;
1762 
1763  if (SRF_IS_FIRSTCALL())
1764  {
1765  TupleDesc tupdesc;
1766  MemoryContext oldcontext;
1767 
1768  check_acl(acl);
1769 
1770  funcctx = SRF_FIRSTCALL_INIT();
1771  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1772 
1773  /*
1774  * build tupdesc for result tuples (matches out parameters in pg_proc
1775  * entry)
1776  */
1777  tupdesc = CreateTemplateTupleDesc(4);
1778  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1779  OIDOID, -1, 0);
1780  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1781  OIDOID, -1, 0);
1782  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1783  TEXTOID, -1, 0);
1784  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1785  BOOLOID, -1, 0);
1786 
1787  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1788 
1789  /* allocate memory for user context */
1790  idx = (int *) palloc(sizeof(int[2]));
1791  idx[0] = 0; /* ACL array item index */
1792  idx[1] = -1; /* privilege type counter */
1793  funcctx->user_fctx = (void *) idx;
1794 
1795  MemoryContextSwitchTo(oldcontext);
1796  }
1797 
1798  funcctx = SRF_PERCALL_SETUP();
1799  idx = (int *) funcctx->user_fctx;
1800  aidat = ACL_DAT(acl);
1801 
1802  /* need test here in case acl has no items */
1803  while (idx[0] < ACL_NUM(acl))
1804  {
1805  AclItem *aidata;
1806  AclMode priv_bit;
1807 
1808  idx[1]++;
1809  if (idx[1] == N_ACL_RIGHTS)
1810  {
1811  idx[1] = 0;
1812  idx[0]++;
1813  if (idx[0] >= ACL_NUM(acl)) /* done */
1814  break;
1815  }
1816  aidata = &aidat[idx[0]];
1817  priv_bit = UINT64CONST(1) << idx[1];
1818 
1819  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1820  {
1821  Datum result;
1822  Datum values[4];
1823  bool nulls[4] = {0};
1824  HeapTuple tuple;
1825 
1826  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1827  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1828  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1829  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1830 
1831  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1832  result = HeapTupleGetDatum(tuple);
1833 
1834  SRF_RETURN_NEXT(funcctx, result);
1835  }
1836  }
1837 
1838  SRF_RETURN_DONE(funcctx);
1839 }
idx
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
convert_aclright_to_string
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1702
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
values
static Datum values[MAXATTR]
Definition: bootstrap.c:156
CStringGetTextDatum
#define CStringGetTextDatum(s)
Definition: builtins.h:94
BlessTupleDesc
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2072
SRF_IS_FIRSTCALL
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:304
SRF_PERCALL_SETUP
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:308
SRF_RETURN_NEXT
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:310
SRF_FIRSTCALL_INIT
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:306
HeapTupleGetDatum
static Datum HeapTupleGetDatum(const HeapTupleData *tuple)
Definition: funcapi.h:230
SRF_RETURN_DONE
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:328
heap_form_tuple
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1108
palloc
void * palloc(Size size)
Definition: mcxt.c:1226
MemoryContextSwitchTo
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:138
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:97
Datum
uintptr_t Datum
Definition: postgres.h:64
BoolGetDatum
static Datum BoolGetDatum(bool X)
Definition: postgres.h:102
ObjectIdGetDatum
static Datum ObjectIdGetDatum(Oid X)
Definition: postgres.h:252
FuncCallContext::user_fctx
void * user_fctx
Definition: funcapi.h:82
FuncCallContext::multi_call_memory_ctx
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
FuncCallContext::tuple_desc
TupleDesc tuple_desc
Definition: funcapi.h:112
CreateTemplateTupleDesc
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:45
TupleDescInitEntry
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:583

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum(), check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum(), idx(), MemoryContextSwitchTo(), FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum(), palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1560 of file acl.c.

1561 {
1562  ereport(ERROR,
1563  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1564  errmsg("aclinsert is no longer supported")));
1565 
1566  PG_RETURN_NULL(); /* keep compiler quiet */
1567 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:858
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:1069
ereport
#define ereport(elevel,...)
Definition: elog.h:149
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 722 of file acl.c.

723 {
724  AclItem *a1 = PG_GETARG_ACLITEM_P(0);
725  AclItem *a2 = PG_GETARG_ACLITEM_P(1);
726  bool result;
727 
728  result = a1->ai_privs == a2->ai_privs &&
729  a1->ai_grantee == a2->ai_grantee &&
730  a1->ai_grantor == a2->ai_grantor;
731  PG_RETURN_BOOL(result);
732 }
a1
static const FormData_pg_attribute a1
Definition: heap.c:141
a2
static const FormData_pg_attribute a2
Definition: heap.c:155

References a1, a2, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 687 of file acl.c.

688 {
689  return a1->ai_grantee == a2->ai_grantee &&
690  a1->ai_grantor == a2->ai_grantor;
691 }

References a1, and a2.

Referenced by aclnewowner(), and aclupdate().

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 698 of file acl.c.

699 {
700  const AclItem *a1 = (const AclItem *) arg1;
701  const AclItem *a2 = (const AclItem *) arg2;
702 
703  if (a1->ai_grantee > a2->ai_grantee)
704  return 1;
705  if (a1->ai_grantee < a2->ai_grantee)
706  return -1;
707  if (a1->ai_grantor > a2->ai_grantor)
708  return 1;
709  if (a1->ai_grantor < a2->ai_grantor)
710  return -1;
711  if (a1->ai_privs > a2->ai_privs)
712  return 1;
713  if (a1->ai_privs < a2->ai_privs)
714  return -1;
715  return 0;
716 }

References a1, and a2.

Referenced by aclitemsort().

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 589 of file acl.c.

590 {
591  const char *s = PG_GETARG_CSTRING(0);
592  Node *escontext = fcinfo->context;
593  AclItem *aip;
594 
595  aip = (AclItem *) palloc(sizeof(AclItem));
596 
597  s = aclparse(s, aip, escontext);
598  if (s == NULL)
599  PG_RETURN_NULL();
600 
601  while (isspace((unsigned char) *s))
602  ++s;
603  if (*s)
604  ereturn(escontext, (Datum) 0,
605  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
606  errmsg("extra garbage at the end of the ACL specification")));
607 
608  PG_RETURN_ACLITEM_P(aip);
609 }
aclparse
static const char * aclparse(const char *s, AclItem *aip, Node *escontext)
Definition: acl.c:247
PG_RETURN_ACLITEM_P
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
ereturn
#define ereturn(context, dummy_value,...)
Definition: elog.h:276
PG_GETARG_CSTRING
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277
Node
Definition: nodes.h:129

References aclparse(), ereturn, errcode(), errmsg(), palloc(), PG_GETARG_CSTRING, PG_RETURN_ACLITEM_P, and PG_RETURN_NULL.

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 620 of file acl.c.

621 {
622  AclItem *aip = PG_GETARG_ACLITEM_P(0);
623  char *p;
624  char *out;
625  HeapTuple htup;
626  unsigned i;
627 
628  out = palloc(strlen("=/") +
629  2 * N_ACL_RIGHTS +
630  2 * (2 * NAMEDATALEN + 2) +
631  1);
632 
633  p = out;
634  *p = '\0';
635 
636  if (aip->ai_grantee != ACL_ID_PUBLIC)
637  {
638  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
639  if (HeapTupleIsValid(htup))
640  {
641  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
642  ReleaseSysCache(htup);
643  }
644  else
645  {
646  /* Generate numeric OID if we don't find an entry */
647  sprintf(p, "%u", aip->ai_grantee);
648  }
649  }
650  while (*p)
651  ++p;
652 
653  *p++ = '=';
654 
655  for (i = 0; i < N_ACL_RIGHTS; ++i)
656  {
657  if (ACLITEM_GET_PRIVS(*aip) & (UINT64CONST(1) << i))
658  *p++ = ACL_ALL_RIGHTS_STR[i];
659  if (ACLITEM_GET_GOPTIONS(*aip) & (UINT64CONST(1) << i))
660  *p++ = '*';
661  }
662 
663  *p++ = '/';
664  *p = '\0';
665 
666  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
667  if (HeapTupleIsValid(htup))
668  {
669  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
670  ReleaseSysCache(htup);
671  }
672  else
673  {
674  /* Generate numeric OID if we don't find an entry */
675  sprintf(p, "%u", aip->ai_grantor);
676  }
677 
678  PG_RETURN_CSTRING(out);
679 }
putid
static void putid(char *p, const char *s)
Definition: acl.c:195
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:153
NameStr
#define NameStr(name)
Definition: c.h:735
PG_RETURN_CSTRING
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:653
rolname
NameData rolname
Definition: pg_authid.h:34
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
sprintf
#define sprintf
Definition: port.h:240
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:868
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:820
AUTHOID
@ AUTHOID
Definition: syscache.h:45

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum(), palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 519 of file acl.c.

520 {
521  if (acl != NULL && ACL_NUM(acl) > 1)
522  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
523 }
aclitemComparator
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:698
qsort
#define qsort(a, b, c, d)
Definition: port.h:445

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1356 of file acl.c.

1358 {
1359  AclMode result;
1360  AclMode remaining;
1361  AclItem *aidat;
1362  int i,
1363  num;
1364 
1365  /*
1366  * Null ACL should not happen, since caller should have inserted
1367  * appropriate default
1368  */
1369  if (acl == NULL)
1370  elog(ERROR, "null ACL");
1371 
1372  check_acl(acl);
1373 
1374  /* Quick exit for mask == 0 */
1375  if (mask == 0)
1376  return 0;
1377 
1378  result = 0;
1379 
1380  /* Owner always implicitly has all grant options */
1381  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1382  has_privs_of_role(roleid, ownerId))
1383  {
1384  result = mask & ACLITEM_ALL_GOPTION_BITS;
1385  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1386  return result;
1387  }
1388 
1389  num = ACL_NUM(acl);
1390  aidat = ACL_DAT(acl);
1391 
1392  /*
1393  * Check privileges granted directly to roleid or to public
1394  */
1395  for (i = 0; i < num; i++)
1396  {
1397  AclItem *aidata = &aidat[i];
1398 
1399  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1400  aidata->ai_grantee == roleid)
1401  {
1402  result |= aidata->ai_privs & mask;
1403  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1404  return result;
1405  }
1406  }
1407 
1408  /*
1409  * Check privileges granted indirectly via role memberships. We do this in
1410  * a separate pass to minimize expensive indirect membership tests. In
1411  * particular, it's worth testing whether a given ACL entry grants any
1412  * privileges still of interest before we perform the has_privs_of_role
1413  * test.
1414  */
1415  remaining = mask & ~result;
1416  for (i = 0; i < num; i++)
1417  {
1418  AclItem *aidata = &aidat[i];
1419 
1420  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1421  aidata->ai_grantee == roleid)
1422  continue; /* already checked it */
1423 
1424  if ((aidata->ai_privs & remaining) &&
1425  has_privs_of_role(roleid, aidata->ai_grantee))
1426  {
1427  result |= aidata->ai_privs & mask;
1428  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1429  return result;
1430  remaining = mask & ~result;
1431  }
1432  }
1433 
1434  return result;
1435 }
has_privs_of_role
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4961
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
ACLMASK_ALL
@ ACLMASK_ALL
Definition: acl.h:175
remaining
int remaining
Definition: informix.c:667
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog(), ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), object_aclmask(), pg_attribute_aclmask_ext(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask(), and recursive_revoke().

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1445 of file acl.c.

1447 {
1448  AclMode result;
1449  AclItem *aidat;
1450  int i,
1451  num;
1452 
1453  /*
1454  * Null ACL should not happen, since caller should have inserted
1455  * appropriate default
1456  */
1457  if (acl == NULL)
1458  elog(ERROR, "null ACL");
1459 
1460  check_acl(acl);
1461 
1462  /* Quick exit for mask == 0 */
1463  if (mask == 0)
1464  return 0;
1465 
1466  result = 0;
1467 
1468  /* Owner always implicitly has all grant options */
1469  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1470  roleid == ownerId)
1471  {
1472  result = mask & ACLITEM_ALL_GOPTION_BITS;
1473  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1474  return result;
1475  }
1476 
1477  num = ACL_NUM(acl);
1478  aidat = ACL_DAT(acl);
1479 
1480  /*
1481  * Check privileges granted directly to roleid (and not to public)
1482  */
1483  for (i = 0; i < num; i++)
1484  {
1485  AclItem *aidata = &aidat[i];
1486 
1487  if (aidata->ai_grantee == roleid)
1488  {
1489  result |= aidata->ai_privs & mask;
1490  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1491  return result;
1492  }
1493  }
1494 
1495  return result;
1496 }

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog(), ERROR, and i.

Referenced by select_best_grantor().

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1508 of file acl.c.

1509 {
1510  Oid *list;
1511  const AclItem *acldat;
1512  int i,
1513  j;
1514 
1515  if (acl == NULL || ACL_NUM(acl) == 0)
1516  {
1517  *roleids = NULL;
1518  return 0;
1519  }
1520 
1521  check_acl(acl);
1522 
1523  /* Allocate the worst-case space requirement */
1524  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1525  acldat = ACL_DAT(acl);
1526 
1527  /*
1528  * Walk the ACL collecting mentioned RoleIds.
1529  */
1530  j = 0;
1531  for (i = 0; i < ACL_NUM(acl); i++)
1532  {
1533  const AclItem *ai = &acldat[i];
1534 
1535  if (ai->ai_grantee != ACL_ID_PUBLIC)
1536  list[j++] = ai->ai_grantee;
1537  /* grantor is currently never PUBLIC, but let's check anyway */
1538  if (ai->ai_grantor != ACL_ID_PUBLIC)
1539  list[j++] = ai->ai_grantor;
1540  }
1541 
1542  /* Sort the array */
1543  qsort(list, j, sizeof(Oid), oid_cmp);
1544 
1545  /*
1546  * We could repalloc the array down to minimum size, but it's hardly worth
1547  * it since it's only transient memory.
1548  */
1549  *roleids = list;
1550 
1551  /* Remove duplicates from the array */
1552  return qunique(list, j, sizeof(Oid), oid_cmp);
1553 }
j
int j
Definition: isn.c:74
oid_cmp
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:257
qunique
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, j, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), recordDependencyOnNewAcl(), and SetDefaultACL().

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 475 of file acl.c.

476 {
477  Acl *result_acl;
478  AclItem *aip;
479  int i,
480  num;
481 
482  /* Check for cases where one or both are empty/null */
483  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
484  {
485  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
486  return NULL;
487  else
488  return aclcopy(right_acl);
489  }
490  else
491  {
492  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
493  return aclcopy(left_acl);
494  }
495 
496  /* Merge them the hard way, one item at a time */
497  result_acl = aclcopy(left_acl);
498 
499  aip = ACL_DAT(right_acl);
500  num = ACL_NUM(right_acl);
501 
502  for (i = 0; i < num; i++, aip++)
503  {
504  Acl *tmp_acl;
505 
506  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
507  ownerId, DROP_RESTRICT);
508  pfree(result_acl);
509  result_acl = tmp_acl;
510  }
511 
512  return result_acl;
513 }
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:966
aclcopy
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:431
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:129
pfree
void pfree(void *pointer)
Definition: mcxt.c:1456
DROP_RESTRICT
@ DROP_RESTRICT
Definition: parsenodes.h:2193

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1087 of file acl.c.

1088 {
1089  Acl *new_acl;
1090  AclItem *new_aip;
1091  AclItem *old_aip;
1092  AclItem *dst_aip;
1093  AclItem *src_aip;
1094  AclItem *targ_aip;
1095  bool newpresent = false;
1096  int dst,
1097  src,
1098  targ,
1099  num;
1100 
1101  check_acl(old_acl);
1102 
1103  /*
1104  * Make a copy of the given ACL, substituting new owner ID for old
1105  * wherever it appears as either grantor or grantee. Also note if the new
1106  * owner ID is already present.
1107  */
1108  num = ACL_NUM(old_acl);
1109  old_aip = ACL_DAT(old_acl);
1110  new_acl = allocacl(num);
1111  new_aip = ACL_DAT(new_acl);
1112  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1113  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1114  {
1115  if (dst_aip->ai_grantor == oldOwnerId)
1116  dst_aip->ai_grantor = newOwnerId;
1117  else if (dst_aip->ai_grantor == newOwnerId)
1118  newpresent = true;
1119  if (dst_aip->ai_grantee == oldOwnerId)
1120  dst_aip->ai_grantee = newOwnerId;
1121  else if (dst_aip->ai_grantee == newOwnerId)
1122  newpresent = true;
1123  }
1124 
1125  /*
1126  * If the old ACL contained any references to the new owner, then we may
1127  * now have generated an ACL containing duplicate entries. Find them and
1128  * merge them so that there are not duplicates. (This is relatively
1129  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1130  * be the normal case.)
1131  *
1132  * To simplify deletion of duplicate entries, we temporarily leave them in
1133  * the array but set their privilege masks to zero; when we reach such an
1134  * entry it's just skipped. (Thus, a side effect of this code will be to
1135  * remove privilege-free entries, should there be any in the input.) dst
1136  * is the next output slot, targ is the currently considered input slot
1137  * (always >= dst), and src scans entries to the right of targ looking for
1138  * duplicates. Once an entry has been emitted to dst it is known
1139  * duplicate-free and need not be considered anymore.
1140  */
1141  if (newpresent)
1142  {
1143  dst = 0;
1144  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1145  {
1146  /* ignore if deleted in an earlier pass */
1147  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1148  continue;
1149  /* find and merge any duplicates */
1150  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1151  src++, src_aip++)
1152  {
1153  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1154  continue;
1155  if (aclitem_match(targ_aip, src_aip))
1156  {
1157  ACLITEM_SET_RIGHTS(*targ_aip,
1158  ACLITEM_GET_RIGHTS(*targ_aip) |
1159  ACLITEM_GET_RIGHTS(*src_aip));
1160  /* mark the duplicate deleted */
1161  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1162  }
1163  }
1164  /* and emit to output */
1165  new_aip[dst] = *targ_aip;
1166  dst++;
1167  }
1168  /* Adjust array size to be 'dst' items */
1169  ARR_DIMS(new_acl)[0] = dst;
1170  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1171  }
1172 
1173  return new_acl;
1174 }
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:687
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:287
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: varatt.h:305

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip,
Node escontext 
)
static

Definition at line 247 of file acl.c.

248 {
249  AclMode privs,
250  goption,
251  read;
252  char name[NAMEDATALEN];
253  char name2[NAMEDATALEN];
254 
255  Assert(s && aip);
256 
257  s = getid(s, name, escontext);
258  if (s == NULL)
259  return NULL;
260  if (*s != '=')
261  {
262  /* we just read a keyword, not a name */
263  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
264  ereturn(escontext, NULL,
265  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
266  errmsg("unrecognized key word: \"%s\"", name),
267  errhint("ACL key word must be \"group\" or \"user\".")));
268  /* move s to the name beyond the keyword */
269  s = getid(s, name, escontext);
270  if (s == NULL)
271  return NULL;
272  if (name[0] == '\0')
273  ereturn(escontext, NULL,
274  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
275  errmsg("missing name"),
276  errhint("A name must follow the \"group\" or \"user\" key word.")));
277  }
278 
279  if (*s != '=')
280  ereturn(escontext, NULL,
281  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
282  errmsg("missing \"=\" sign")));
283 
284  privs = goption = ACL_NO_RIGHTS;
285 
286  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
287  {
288  switch (*s)
289  {
290  case '*':
291  goption |= read;
292  break;
293  case ACL_INSERT_CHR:
294  read = ACL_INSERT;
295  break;
296  case ACL_SELECT_CHR:
297  read = ACL_SELECT;
298  break;
299  case ACL_UPDATE_CHR:
300  read = ACL_UPDATE;
301  break;
302  case ACL_DELETE_CHR:
303  read = ACL_DELETE;
304  break;
305  case ACL_TRUNCATE_CHR:
306  read = ACL_TRUNCATE;
307  break;
308  case ACL_REFERENCES_CHR:
309  read = ACL_REFERENCES;
310  break;
311  case ACL_TRIGGER_CHR:
312  read = ACL_TRIGGER;
313  break;
314  case ACL_EXECUTE_CHR:
315  read = ACL_EXECUTE;
316  break;
317  case ACL_USAGE_CHR:
318  read = ACL_USAGE;
319  break;
320  case ACL_CREATE_CHR:
321  read = ACL_CREATE;
322  break;
323  case ACL_CREATE_TEMP_CHR:
324  read = ACL_CREATE_TEMP;
325  break;
326  case ACL_CONNECT_CHR:
327  read = ACL_CONNECT;
328  break;
329  case ACL_SET_CHR:
330  read = ACL_SET;
331  break;
332  case ACL_ALTER_SYSTEM_CHR:
333  read = ACL_ALTER_SYSTEM;
334  break;
335  case 'R': /* ignore old RULE privileges */
336  read = 0;
337  break;
338  default:
339  ereturn(escontext, NULL,
340  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
341  errmsg("invalid mode character: must be one of \"%s\"",
342  ACL_ALL_RIGHTS_STR)));
343  }
344 
345  privs |= read;
346  }
347 
348  if (name[0] == '\0')
349  aip->ai_grantee = ACL_ID_PUBLIC;
350  else
351  {
352  aip->ai_grantee = get_role_oid(name, true);
353  if (!OidIsValid(aip->ai_grantee))
354  ereturn(escontext, NULL,
355  (errcode(ERRCODE_UNDEFINED_OBJECT),
356  errmsg("role \"%s\" does not exist", name)));
357  }
358 
359  /*
360  * XXX Allow a degree of backward compatibility by defaulting the grantor
361  * to the superuser.
362  */
363  if (*s == '/')
364  {
365  s = getid(s + 1, name2, escontext);
366  if (s == NULL)
367  return NULL;
368  if (name2[0] == '\0')
369  ereturn(escontext, NULL,
370  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
371  errmsg("a name must follow the \"/\" sign")));
372  aip->ai_grantor = get_role_oid(name2, true);
373  if (!OidIsValid(aip->ai_grantor))
374  ereturn(escontext, NULL,
375  (errcode(ERRCODE_UNDEFINED_OBJECT),
376  errmsg("role \"%s\" does not exist", name2)));
377  }
378  else
379  {
380  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
381  ereport(WARNING,
382  (errcode(ERRCODE_INVALID_GRANTOR),
383  errmsg("defaulting grantor to user ID %u",
384  BOOTSTRAP_SUPERUSERID)));
385  }
386 
387  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
388 
389  return s;
390 }
getid
static const char * getid(const char *s, char *n, Node *escontext)
Definition: acl.c:143
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5247
ACL_CREATE_CHR
#define ACL_CREATE_CHR
Definition: acl.h:146
ACL_SET_CHR
#define ACL_SET_CHR
Definition: acl.h:149
ACL_REFERENCES_CHR
#define ACL_REFERENCES_CHR
Definition: acl.h:142
ACL_TRUNCATE_CHR
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
ACL_SELECT_CHR
#define ACL_SELECT_CHR
Definition: acl.h:138
ACL_EXECUTE_CHR
#define ACL_EXECUTE_CHR
Definition: acl.h:144
ACL_DELETE_CHR
#define ACL_DELETE_CHR
Definition: acl.h:140
ACL_INSERT_CHR
#define ACL_INSERT_CHR
Definition: acl.h:137
ACL_UPDATE_CHR
#define ACL_UPDATE_CHR
Definition: acl.h:139
ACL_ALTER_SYSTEM_CHR
#define ACL_ALTER_SYSTEM_CHR
Definition: acl.h:150
ACL_USAGE_CHR
#define ACL_USAGE_CHR
Definition: acl.h:145
ACL_CONNECT_CHR
#define ACL_CONNECT_CHR
Definition: acl.h:148
ACL_TRIGGER_CHR
#define ACL_TRIGGER_CHR
Definition: acl.h:143
ACL_CREATE_TEMP_CHR
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:764
errhint
int errhint(const char *fmt,...)
Definition: elog.c:1316
WARNING
#define WARNING
Definition: elog.h:36
read
#define read(a, b, c)
Definition: win32.h:13
Assert
Assert(fmt[strlen(fmt) - 1] !='\n')
ACL_SET
#define ACL_SET
Definition: parsenodes.h:95
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:86
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:83
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:85
ACL_ALTER_SYSTEM
#define ACL_ALTER_SYSTEM
Definition: parsenodes.h:96
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:88
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:84
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:87
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:92
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:89
name
const char * name
Definition: wait_event_funcs.c:28

References ACL_ALL_RIGHTS_STR, ACL_ALTER_SYSTEM, ACL_ALTER_SYSTEM_CHR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_SET, ACL_SET_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert(), ereport, ereturn, errcode(), errhint(), errmsg(), get_role_oid(), getid(), name, NAMEDATALEN, OidIsValid, read, and WARNING.

Referenced by aclitemin().

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1570 of file acl.c.

1571 {
1572  ereport(ERROR,
1573  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1574  errmsg("aclremove is no longer supported")));
1575 
1576  PG_RETURN_NULL(); /* keep compiler quiet */
1577 }

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 966 of file acl.c.

968 {
969  Acl *new_acl = NULL;
970  AclItem *old_aip,
971  *new_aip = NULL;
972  AclMode old_rights,
973  old_goptions,
974  new_rights,
975  new_goptions;
976  int dst,
977  num;
978 
979  /* Caller probably already checked old_acl, but be safe */
980  check_acl(old_acl);
981 
982  /* If granting grant options, check for circularity */
983  if (modechg != ACL_MODECHG_DEL &&
984  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
985  check_circularity(old_acl, mod_aip, ownerId);
986 
987  num = ACL_NUM(old_acl);
988  old_aip = ACL_DAT(old_acl);
989 
990  /*
991  * Search the ACL for an existing entry for this grantee and grantor. If
992  * one exists, just modify the entry in-place (well, in the same position,
993  * since we actually return a copy); otherwise, insert the new entry at
994  * the end.
995  */
996 
997  for (dst = 0; dst < num; ++dst)
998  {
999  if (aclitem_match(mod_aip, old_aip + dst))
1000  {
1001  /* found a match, so modify existing item */
1002  new_acl = allocacl(num);
1003  new_aip = ACL_DAT(new_acl);
1004  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
1005  break;
1006  }
1007  }
1008 
1009  if (dst == num)
1010  {
1011  /* need to append a new item */
1012  new_acl = allocacl(num + 1);
1013  new_aip = ACL_DAT(new_acl);
1014  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1015 
1016  /* initialize the new entry with no permissions */
1017  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
1018  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
1019  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
1020  ACL_NO_RIGHTS, ACL_NO_RIGHTS);
1021  num++; /* set num to the size of new_acl */
1022  }
1023 
1024  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1025  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1026 
1027  /* apply the specified permissions change */
1028  switch (modechg)
1029  {
1030  case ACL_MODECHG_ADD:
1031  ACLITEM_SET_RIGHTS(new_aip[dst],
1032  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
1033  break;
1034  case ACL_MODECHG_DEL:
1035  ACLITEM_SET_RIGHTS(new_aip[dst],
1036  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1037  break;
1038  case ACL_MODECHG_EQL:
1039  ACLITEM_SET_RIGHTS(new_aip[dst],
1040  ACLITEM_GET_RIGHTS(*mod_aip));
1041  break;
1042  }
1043 
1044  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1045  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1046 
1047  /*
1048  * If the adjusted entry has no permissions, delete it from the list.
1049  */
1050  if (new_rights == ACL_NO_RIGHTS)
1051  {
1052  memmove(new_aip + dst,
1053  new_aip + dst + 1,
1054  (num - dst - 1) * sizeof(AclItem));
1055  /* Adjust array size to be 'num - 1' items */
1056  ARR_DIMS(new_acl)[0] = num - 1;
1057  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1058  }
1059 
1060  /*
1061  * Remove abandoned privileges (cascading revoke). Currently we can only
1062  * handle this when the grantee is not PUBLIC.
1063  */
1064  if ((old_goptions & ~new_goptions) != 0)
1065  {
1066  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1067  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1068  (old_goptions & ~new_goptions),
1069  ownerId, behavior);
1070  }
1071 
1072  return new_acl;
1073 }
recursive_revoke
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1270
check_circularity
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1190
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:111
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:130
ACL_MODECHG_EQL
#define ACL_MODECHG_EQL
Definition: acl.h:131

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert(), check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 400 of file acl.c.

401 {
402  Acl *new_acl;
403  Size size;
404 
405  if (n < 0)
406  elog(ERROR, "invalid size: %d", n);
407  size = ACL_N_SIZE(n);
408  new_acl = (Acl *) palloc0(size);
409  SET_VARSIZE(new_acl, size);
410  new_acl->ndim = 1;
411  new_acl->dataoffset = 0; /* we never put in any nulls */
412  new_acl->elemtype = ACLITEMOID;
413  ARR_LBOUND(new_acl)[0] = 1;
414  ARR_DIMS(new_acl)[0] = n;
415  return new_acl;
416 }
ARR_LBOUND
#define ARR_LBOUND(a)
Definition: array.h:289
Size
size_t Size
Definition: c.h:594
palloc0
void * palloc0(Size size)
Definition: mcxt.c:1257
ArrayType::elemtype
Oid elemtype
Definition: array.h:90
ArrayType::ndim
int ndim
Definition: array.h:88
ArrayType::dataoffset
int32 dataoffset
Definition: array.h:89

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog(), ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 564 of file acl.c.

565 {
566  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
567  ereport(ERROR,
568  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
569  errmsg("ACL array contains wrong data type")));
570  if (ARR_NDIM(acl) != 1)
571  ereport(ERROR,
572  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
573  errmsg("ACL arrays must be one-dimensional")));
574  if (ARR_HASNULL(acl))
575  ereport(ERROR,
576  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
577  errmsg("ACL arrays must not contain null values")));
578 }
ARR_NDIM
#define ARR_NDIM(a)
Definition: array.h:283
ARR_ELEMTYPE
#define ARR_ELEMTYPE(a)
Definition: array.h:285
ARR_HASNULL
#define ARR_HASNULL(a)
Definition: array.h:284

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

◆ check_can_set_role()

void check_can_set_role ( Oid  member,
Oid  role 
)

Definition at line 5018 of file acl.c.

5019 {
5020  if (!member_can_set_role(member, role))
5021  ereport(ERROR,
5022  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
5023  errmsg("must be able to SET ROLE \"%s\"",
5024  GetUserNameFromId(role, false))));
5025 }
member_can_set_role
bool member_can_set_role(Oid member, Oid role)
Definition: acl.c:4995
GetUserNameFromId
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:966

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and member_can_set_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterSubscriptionOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), and CreateSchemaCommand().

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1190 of file acl.c.

1192 {
1193  Acl *acl;
1194  AclItem *aip;
1195  int i,
1196  num;
1197  AclMode own_privs;
1198 
1199  check_acl(old_acl);
1200 
1201  /*
1202  * For now, grant options can only be granted to roles, not PUBLIC.
1203  * Otherwise we'd have to work a bit harder here.
1204  */
1205  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1206 
1207  /* The owner always has grant options, no need to check */
1208  if (mod_aip->ai_grantor == ownerId)
1209  return;
1210 
1211  /* Make a working copy */
1212  acl = allocacl(ACL_NUM(old_acl));
1213  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1214 
1215  /* Zap all grant options of target grantee, plus what depends on 'em */
1216 cc_restart:
1217  num = ACL_NUM(acl);
1218  aip = ACL_DAT(acl);
1219  for (i = 0; i < num; i++)
1220  {
1221  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1222  ACLITEM_GET_GOPTIONS(aip[i]) != ACL_NO_RIGHTS)
1223  {
1224  Acl *new_acl;
1225 
1226  /* We'll actually zap ordinary privs too, but no matter */
1227  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1228  ownerId, DROP_CASCADE);
1229 
1230  pfree(acl);
1231  acl = new_acl;
1232 
1233  goto cc_restart;
1234  }
1235  }
1236 
1237  /* Now we can compute grantor's independently-derived privileges */
1238  own_privs = aclmask(acl,
1239  mod_aip->ai_grantor,
1240  ownerId,
1241  ACL_GRANT_OPTION_FOR(ACLITEM_GET_GOPTIONS(*mod_aip)),
1242  ACLMASK_ALL);
1243  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1244 
1245  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1246  ereport(ERROR,
1247  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1248  errmsg("grant options cannot be granted back to your own grantor")));
1249 
1250  pfree(acl);
1251 }
aclmask
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1356
ACL_OPTION_TO_PRIVS
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
DROP_CASCADE
@ DROP_CASCADE
Definition: parsenodes.h:2194

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert(), check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5388 of file acl.c.

5389 {
5390  if (!role)
5391  return;
5392 
5393  if (role->roletype != ROLESPEC_CSTRING)
5394  return;
5395 
5396  if (IsReservedName(role->rolename))
5397  {
5398  if (detail_msg)
5399  ereport(ERROR,
5400  (errcode(ERRCODE_RESERVED_NAME),
5401  errmsg("role name \"%s\" is reserved",
5402  role->rolename),
5403  errdetail_internal("%s", detail_msg)));
5404  else
5405  ereport(ERROR,
5406  (errcode(ERRCODE_RESERVED_NAME),
5407  errmsg("role name \"%s\" is reserved",
5408  role->rolename)));
5409  }
5410 }
IsReservedName
bool IsReservedName(const char *name)
Definition: catalog.c:219
errdetail_internal
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1229
ROLESPEC_CSTRING
@ ROLESPEC_CSTRING
Definition: parsenodes.h:391
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:401
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:402

References ereport, errcode(), errdetail_internal(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2474 of file acl.c.

2476 {
2477  AclResult aclresult;
2478  bool is_missing = false;
2479 
2480  /*
2481  * If convert_column_name failed, we can just return -1 immediately.
2482  */
2483  if (attnum == InvalidAttrNumber)
2484  return -1;
2485 
2486  /*
2487  * Check for column-level privileges first. This serves in part as a check
2488  * on whether the column even exists, so we need to do it before checking
2489  * table-level privilege.
2490  */
2491  aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
2492  mode, &is_missing);
2493  if (aclresult == ACLCHECK_OK)
2494  return 1;
2495  else if (is_missing)
2496  return -1;
2497 
2498  /* Next check if we have the privilege at the table level */
2499  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2500  if (aclresult == ACLCHECK_OK)
2501  return 1;
2502  else if (is_missing)
2503  return -1;
2504  else
2505  return 0;
2506 }
AclResult
AclResult
Definition: acl.h:181
ACLCHECK_OK
@ ACLCHECK_OK
Definition: acl.h:182
pg_class_aclcheck_ext
AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3920
pg_attribute_aclcheck_ext
AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3793
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23
attnum
int16 attnum
Definition: pg_attribute.h:74
mode
static PgChecksumMode mode
Definition: pg_checksums.c:56

References ACLCHECK_OK, attnum, InvalidAttrNumber, mode, pg_attribute_aclcheck_ext(), and pg_class_aclcheck_ext().

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1702 of file acl.c.

1703 {
1704  switch (aclright)
1705  {
1706  case ACL_INSERT:
1707  return "INSERT";
1708  case ACL_SELECT:
1709  return "SELECT";
1710  case ACL_UPDATE:
1711  return "UPDATE";
1712  case ACL_DELETE:
1713  return "DELETE";
1714  case ACL_TRUNCATE:
1715  return "TRUNCATE";
1716  case ACL_REFERENCES:
1717  return "REFERENCES";
1718  case ACL_TRIGGER:
1719  return "TRIGGER";
1720  case ACL_EXECUTE:
1721  return "EXECUTE";
1722  case ACL_USAGE:
1723  return "USAGE";
1724  case ACL_CREATE:
1725  return "CREATE";
1726  case ACL_CREATE_TEMP:
1727  return "TEMPORARY";
1728  case ACL_CONNECT:
1729  return "CONNECT";
1730  case ACL_SET:
1731  return "SET";
1732  case ACL_ALTER_SYSTEM:
1733  return "ALTER SYSTEM";
1734  default:
1735  elog(ERROR, "unrecognized aclright: %d", aclright);
1736  return NULL;
1737  }
1738 }

References ACL_ALTER_SYSTEM, ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_SET, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog(), and ERROR.

Referenced by aclexplode().

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1654 of file acl.c.

1656 {
1657  AclMode result = 0;
1658  char *priv_type = text_to_cstring(priv_type_text);
1659  char *chunk;
1660  char *next_chunk;
1661 
1662  /* We rely on priv_type being a private, modifiable string */
1663  for (chunk = priv_type; chunk; chunk = next_chunk)
1664  {
1665  int chunk_len;
1666  const priv_map *this_priv;
1667 
1668  /* Split string at commas */
1669  next_chunk = strchr(chunk, ',');
1670  if (next_chunk)
1671  *next_chunk++ = '\0';
1672 
1673  /* Drop leading/trailing whitespace in this chunk */
1674  while (*chunk && isspace((unsigned char) *chunk))
1675  chunk++;
1676  chunk_len = strlen(chunk);
1677  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1678  chunk_len--;
1679  chunk[chunk_len] = '\0';
1680 
1681  /* Match to the privileges list */
1682  for (this_priv = privileges; this_priv->name; this_priv++)
1683  {
1684  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1685  {
1686  result |= this_priv->value;
1687  break;
1688  }
1689  }
1690  if (!this_priv->name)
1691  ereport(ERROR,
1692  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1693  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1694  }
1695 
1696  pfree(priv_type);
1697  return result;
1698 }
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
priv_map
Definition: acl.c:54
priv_map::name
const char * name
Definition: acl.c:55
priv_map::value
AclMode value
Definition: acl.c:56
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:215

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_parameter_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), convert_type_priv_string(), and makeaclitem().

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2834 of file acl.c.

2835 {
2836  char *colname;
2837  HeapTuple attTuple;
2838  AttrNumber attnum;
2839 
2840  colname = text_to_cstring(column);
2841 
2842  /*
2843  * We don't use get_attnum() here because it will report that dropped
2844  * columns don't exist. We need to treat dropped columns differently from
2845  * nonexistent columns.
2846  */
2847  attTuple = SearchSysCache2(ATTNAME,
2848  ObjectIdGetDatum(tableoid),
2849  CStringGetDatum(colname));
2850  if (HeapTupleIsValid(attTuple))
2851  {
2852  Form_pg_attribute attributeForm;
2853 
2854  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2855  /* We want to return NULL for dropped columns */
2856  if (attributeForm->attisdropped)
2857  attnum = InvalidAttrNumber;
2858  else
2859  attnum = attributeForm->attnum;
2860  ReleaseSysCache(attTuple);
2861  }
2862  else
2863  {
2864  char *tablename = get_rel_name(tableoid);
2865 
2866  /*
2867  * If the table OID is bogus, or it's just been dropped, we'll get
2868  * NULL back. In such cases we want has_column_privilege to return
2869  * NULL too, so just return InvalidAttrNumber.
2870  */
2871  if (tablename != NULL)
2872  {
2873  /* tableoid exists, colname does not, so throw error */
2874  ereport(ERROR,
2875  (errcode(ERRCODE_UNDEFINED_COLUMN),
2876  errmsg("column \"%s\" of relation \"%s\" does not exist",
2877  colname, tablename)));
2878  }
2879  /* tableoid doesn't exist, so act like attisdropped case */
2880  attnum = InvalidAttrNumber;
2881  }
2882 
2883  pfree(colname);
2884  return attnum;
2885 }
get_rel_name
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1932
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:209
CStringGetDatum
static Datum CStringGetDatum(const char *X)
Definition: postgres.h:350
SearchSysCache2
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:831
ATTNAME
@ ATTNAME
Definition: syscache.h:40

References ATTNAME, attnum, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum(), pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2892 of file acl.c.

2893 {
2894  static const priv_map column_priv_map[] = {
2895  {"SELECT", ACL_SELECT},
2896  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2897  {"INSERT", ACL_INSERT},
2898  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2899  {"UPDATE", ACL_UPDATE},
2900  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2901  {"REFERENCES", ACL_REFERENCES},
2902  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2903  {NULL, 0}
2904  };
2905 
2906  return convert_any_priv_string(priv_type_text, column_priv_map);
2907 }
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1654

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3077 of file acl.c.

3078 {
3079  char *dbname = text_to_cstring(databasename);
3080 
3081  return get_database_oid(dbname, false);
3082 }
get_database_oid
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:3037
dbname
char * dbname
Definition: streamutil.c:51

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3089 of file acl.c.

3090 {
3091  static const priv_map database_priv_map[] = {
3092  {"CREATE", ACL_CREATE},
3093  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3094  {"TEMPORARY", ACL_CREATE_TEMP},
3095  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3096  {"TEMP", ACL_CREATE_TEMP},
3097  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3098  {"CONNECT", ACL_CONNECT},
3099  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3100  {NULL, 0}
3101  };
3102 
3103  return convert_any_priv_string(priv_type_text, database_priv_map);
3104 }

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3274 of file acl.c.

3275 {
3276  char *fdwstr = text_to_cstring(fdwname);
3277 
3278  return get_foreign_data_wrapper_oid(fdwstr, false);
3279 }
get_foreign_data_wrapper_oid
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:668

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3286 of file acl.c.

3287 {
3288  static const priv_map foreign_data_wrapper_priv_map[] = {
3289  {"USAGE", ACL_USAGE},
3290  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3291  {NULL, 0}
3292  };
3293 
3294  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3295 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3465 of file acl.c.

3466 {
3467  char *funcname = text_to_cstring(functionname);
3468  Oid oid;
3469 
3470  oid = DatumGetObjectId(DirectFunctionCall1(regprocedurein,
3471  CStringGetDatum(funcname)));
3472 
3473  if (!OidIsValid(oid))
3474  ereport(ERROR,
3475  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3476  errmsg("function \"%s\" does not exist", funcname)));
3477 
3478  return oid;
3479 }
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:642
funcname
#define funcname
Definition: indent_codes.h:69
DatumGetObjectId
static Oid DatumGetObjectId(Datum X)
Definition: postgres.h:242
regprocedurein
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:224

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, funcname, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3486 of file acl.c.

3487 {
3488  static const priv_map function_priv_map[] = {
3489  {"EXECUTE", ACL_EXECUTE},
3490  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3491  {NULL, 0}
3492  };
3493 
3494  return convert_any_priv_string(priv_type_text, function_priv_map);
3495 }

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3665 of file acl.c.

3666 {
3667  char *langname = text_to_cstring(languagename);
3668 
3669  return get_language_oid(langname, false);
3670 }
get_language_oid
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:228

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3677 of file acl.c.

3678 {
3679  static const priv_map language_priv_map[] = {
3680  {"USAGE", ACL_USAGE},
3681  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3682  {NULL, 0}
3683  };
3684 
3685  return convert_any_priv_string(priv_type_text, language_priv_map);
3686 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

◆ convert_parameter_priv_string()

static AclMode convert_parameter_priv_string ( text priv_text)
static

Definition at line 4540 of file acl.c.

4541 {
4542  static const priv_map parameter_priv_map[] = {
4543  {"SET", ACL_SET},
4544  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SET)},
4545  {"ALTER SYSTEM", ACL_ALTER_SYSTEM},
4546  {"ALTER SYSTEM WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_ALTER_SYSTEM)},
4547  {NULL, 0}
4548  };
4549 
4550  return convert_any_priv_string(priv_text, parameter_priv_map);
4551 }

References ACL_ALTER_SYSTEM, ACL_GRANT_OPTION_FOR, ACL_SET, and convert_any_priv_string().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4718 of file acl.c.

4719 {
4720  static const priv_map role_priv_map[] = {
4721  {"USAGE", ACL_USAGE},
4722  {"MEMBER", ACL_CREATE},
4723  {"SET", ACL_SET},
4724  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4725  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4726  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4727  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4728  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4729  {"SET WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4730  {NULL, 0}
4731  };
4732 
4733  return convert_any_priv_string(priv_type_text, role_priv_map);
4734 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_SET, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3856 of file acl.c.

3857 {
3858  char *nspname = text_to_cstring(schemaname);
3859 
3860  return get_namespace_oid(nspname, false);
3861 }
get_namespace_oid
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3068

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3868 of file acl.c.

3869 {
3870  static const priv_map schema_priv_map[] = {
3871  {"CREATE", ACL_CREATE},
3872  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3873  {"USAGE", ACL_USAGE},
3874  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3875  {NULL, 0}
3876  };
3877 
3878  return convert_any_priv_string(priv_type_text, schema_priv_map);
3879 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2249 of file acl.c.

2250 {
2251  static const priv_map sequence_priv_map[] = {
2252  {"USAGE", ACL_USAGE},
2253  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2254  {"SELECT", ACL_SELECT},
2255  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2256  {"UPDATE", ACL_UPDATE},
2257  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2258  {NULL, 0}
2259  };
2260 
2261  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2262 }

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4049 of file acl.c.

4050 {
4051  char *serverstr = text_to_cstring(servername);
4052 
4053  return get_foreign_server_oid(serverstr, false);
4054 }
get_foreign_server_oid
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:691

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4061 of file acl.c.

4062 {
4063  static const priv_map server_priv_map[] = {
4064  {"USAGE", ACL_USAGE},
4065  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4066  {NULL, 0}
4067  };
4068 
4069  return convert_any_priv_string(priv_type_text, server_priv_map);
4070 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

Definition at line 2011 of file acl.c.

2012 {
2013  RangeVar *relrv;
2014 
2015  relrv = makeRangeVarFromNameList(textToQualifiedNameList(tablename));
2016 
2017  /* We might not even have permissions on this relation; don't lock it. */
2018  return RangeVarGetRelid(relrv, NoLock, false);
2019 }
NoLock
#define NoLock
Definition: lockdefs.h:34
makeRangeVarFromNameList
RangeVar * makeRangeVarFromNameList(const List *names)
Definition: namespace.c:3087
RangeVarGetRelid
#define RangeVarGetRelid(relation, lockmode, missing_ok)
Definition: namespace.h:79
textToQualifiedNameList
List * textToQualifiedNameList(text *textval)
Definition: varlena.c:3396

References makeRangeVarFromNameList(), NoLock, RangeVarGetRelid, and textToQualifiedNameList().

Referenced by has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_name(), has_table_privilege_id_name(), has_table_privilege_name(), and has_table_privilege_name_name().

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2026 of file acl.c.

2027 {
2028  static const priv_map table_priv_map[] = {
2029  {"SELECT", ACL_SELECT},
2030  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2031  {"INSERT", ACL_INSERT},
2032  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2033  {"UPDATE", ACL_UPDATE},
2034  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2035  {"DELETE", ACL_DELETE},
2036  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2037  {"TRUNCATE", ACL_TRUNCATE},
2038  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2039  {"REFERENCES", ACL_REFERENCES},
2040  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2041  {"TRIGGER", ACL_TRIGGER},
2042  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2043  {"RULE", 0}, /* ignore old RULE privileges */
2044  {"RULE WITH GRANT OPTION", 0},
2045  {NULL, 0}
2046  };
2047 
2048  return convert_any_priv_string(priv_type_text, table_priv_map);
2049 }

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4240 of file acl.c.

4241 {
4242  char *spcname = text_to_cstring(tablespacename);
4243 
4244  return get_tablespace_oid(spcname, false);
4245 }
get_tablespace_oid
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1432

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4252 of file acl.c.

4253 {
4254  static const priv_map tablespace_priv_map[] = {
4255  {"CREATE", ACL_CREATE},
4256  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4257  {NULL, 0}
4258  };
4259 
4260  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4261 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4430 of file acl.c.

4431 {
4432  char *typname = text_to_cstring(typename);
4433  Oid oid;
4434 
4435  oid = DatumGetObjectId(DirectFunctionCall1(regtypein,
4436  CStringGetDatum(typname)));
4437 
4438  if (!OidIsValid(oid))
4439  ereport(ERROR,
4440  (errcode(ERRCODE_UNDEFINED_OBJECT),
4441  errmsg("type \"%s\" does not exist", typname)));
4442 
4443  return oid;
4444 }
typname
NameData typname
Definition: pg_type.h:41
regtypein
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1176

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4451 of file acl.c.

4452 {
4453  static const priv_map type_priv_map[] = {
4454  {"USAGE", ACL_USAGE},
4455  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4456  {NULL, 0}
4457  };
4458 
4459  return convert_any_priv_string(priv_type_text, type_priv_map);
4460 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5131 of file acl.c.

5132 {
5133  int nbits = 0;
5134 
5135  /* this code relies on AclMode being an unsigned type */
5136  while (mask)
5137  {
5138  if (mask & 1)
5139  nbits++;
5140  mask >>= 1;
5141  }
5142  return nbits;
5143 }

Referenced by select_best_grantor().

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5247 of file acl.c.

5248 {
5249  Oid oid;
5250 
5251  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5252  CStringGetDatum(rolname));
5253  if (!OidIsValid(oid) && !missing_ok)
5254  ereport(ERROR,
5255  (errcode(ERRCODE_UNDEFINED_OBJECT),
5256  errmsg("role \"%s\" does not exist", rolname)));
5257  return oid;
5258 }
AUTHNAME
@ AUTHNAME
Definition: syscache.h:44
GetSysCacheOid1
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:200

References AUTHNAME, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, OidIsValid, and rolname.

Referenced by aclparse(), check_hba(), check_ident_usermap(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and shell_check_detail().

◆ get_role_oid_or_public()

Oid get_role_oid_or_public ( const char *  rolname)

Definition at line 5265 of file acl.c.

5266 {
5267  if (strcmp(rolname, "public") == 0)
5268  return ACL_ID_PUBLIC;
5269 
5270  return get_role_oid(rolname, false);
5271 }

References ACL_ID_PUBLIC, get_role_oid(), and rolname.

Referenced by has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_database_privilege_name_id(), has_database_privilege_name_name(), has_foreign_data_wrapper_privilege_name_id(), has_foreign_data_wrapper_privilege_name_name(), has_function_privilege_name_id(), has_function_privilege_name_name(), has_language_privilege_name_id(), has_language_privilege_name_name(), has_parameter_privilege_name_name(), has_schema_privilege_name_id(), has_schema_privilege_name_name(), has_sequence_privilege_name_id(), has_sequence_privilege_name_name(), has_server_privilege_name_id(), has_server_privilege_name_name(), has_table_privilege_name_id(), has_table_privilege_name_name(), has_tablespace_privilege_name_id(), has_tablespace_privilege_name_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5366 of file acl.c.

5367 {
5368  HeapTuple tp;
5369  Form_pg_authid authForm;
5370  char *rolename;
5371 
5372  tp = get_rolespec_tuple(role);
5373  authForm = (Form_pg_authid) GETSTRUCT(tp);
5374  rolename = pstrdup(NameStr(authForm->rolname));
5375  ReleaseSysCache(tp);
5376 
5377  return rolename;
5378 }
get_rolespec_tuple
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5320
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1644

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5281 of file acl.c.

5282 {
5283  Oid oid;
5284 
5285  switch (role->roletype)
5286  {
5287  case ROLESPEC_CSTRING:
5288  Assert(role->rolename);
5289  oid = get_role_oid(role->rolename, missing_ok);
5290  break;
5291 
5292  case ROLESPEC_CURRENT_ROLE:
5293  case ROLESPEC_CURRENT_USER:
5294  oid = GetUserId();
5295  break;
5296 
5297  case ROLESPEC_SESSION_USER:
5298  oid = GetSessionUserId();
5299  break;
5300 
5301  case ROLESPEC_PUBLIC:
5302  ereport(ERROR,
5303  (errcode(ERRCODE_UNDEFINED_OBJECT),
5304  errmsg("role \"%s\" does not exist", "public")));
5305  oid = InvalidOid; /* make compiler happy */
5306  break;
5307 
5308  default:
5309  elog(ERROR, "unexpected role type %d", role->roletype);
5310  }
5311 
5312  return oid;
5313 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:509
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:543
ROLESPEC_CURRENT_USER
@ ROLESPEC_CURRENT_USER
Definition: parsenodes.h:393
ROLESPEC_SESSION_USER
@ ROLESPEC_SESSION_USER
Definition: parsenodes.h:394
ROLESPEC_CURRENT_ROLE
@ ROLESPEC_CURRENT_ROLE
Definition: parsenodes.h:392
ROLESPEC_PUBLIC
@ ROLESPEC_PUBLIC
Definition: parsenodes.h:395
InvalidOid
#define InvalidOid
Definition: postgres_ext.h:36

References Assert(), elog(), ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5320 of file acl.c.

5321 {
5322  HeapTuple tuple;
5323 
5324  switch (role->roletype)
5325  {
5326  case ROLESPEC_CSTRING:
5327  Assert(role->rolename);
5328  tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
5329  if (!HeapTupleIsValid(tuple))
5330  ereport(ERROR,
5331  (errcode(ERRCODE_UNDEFINED_OBJECT),
5332  errmsg("role \"%s\" does not exist", role->rolename)));
5333  break;
5334 
5335  case ROLESPEC_CURRENT_ROLE:
5336  case ROLESPEC_CURRENT_USER:
5337  tuple = SearchSysCache1(AUTHOID, ObjectIdGetDatum(GetUserId()));
5338  if (!HeapTupleIsValid(tuple))
5339  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5340  break;
5341 
5342  case ROLESPEC_SESSION_USER:
5343  tuple = SearchSysCache1(AUTHOID, ObjectIdGetDatum(GetSessionUserId()));
5344  if (!HeapTupleIsValid(tuple))
5345  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5346  break;
5347 
5348  case ROLESPEC_PUBLIC:
5349  ereport(ERROR,
5350  (errcode(ERRCODE_UNDEFINED_OBJECT),
5351  errmsg("role \"%s\" does not exist", "public")));
5352  tuple = NULL; /* make compiler happy */
5353  break;
5354 
5355  default:
5356  elog(ERROR, "unexpected role type %d", role->roletype);
5357  }
5358 
5359  return tuple;
5360 }

References Assert(), AUTHNAME, AUTHOID, CStringGetDatum(), elog(), ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, ObjectIdGetDatum(), RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

◆ getid()

static const char * getid ( const char *  s,
char *  n,
Node escontext 
)
static

Definition at line 143 of file acl.c.

144 {
145  int len = 0;
146  bool in_quotes = false;
147 
148  Assert(s && n);
149 
150  while (isspace((unsigned char) *s))
151  s++;
152  /* This code had better match what putid() does, below */
153  for (;
154  *s != '\0' &&
155  (isalnum((unsigned char) *s) ||
156  *s == '_' ||
157  *s == '"' ||
158  in_quotes);
159  s++)
160  {
161  if (*s == '"')
162  {
163  /* safe to look at next char (could be '\0' though) */
164  if (*(s + 1) != '"')
165  {
166  in_quotes = !in_quotes;
167  continue;
168  }
169  /* it's an escaped double quote; skip the escaping char */
170  s++;
171  }
172 
173  /* Add the character to the string */
174  if (len >= NAMEDATALEN - 1)
175  ereturn(escontext, NULL,
176  (errcode(ERRCODE_NAME_TOO_LONG),
177  errmsg("identifier too long"),
178  errdetail("Identifier must be less than %d characters.",
179  NAMEDATALEN)));
180 
181  n[len++] = *s;
182  }
183  n[len] = '\0';
184  while (isspace((unsigned char) *s))
185  s++;
186  return s;
187 }
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:1202
len
const void size_t len
Definition: pg_crc32c_sse42.c:24

References Assert(), ereturn, errcode(), errdetail(), errmsg(), len, and NAMEDATALEN.

Referenced by aclparse().

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2371 of file acl.c.

2372 {
2373  Oid tableoid = PG_GETARG_OID(0);
2374  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2375  Oid roleid;
2376  AclMode mode;
2377  AclResult aclresult;
2378 
2379  roleid = GetUserId();
2380  mode = convert_column_priv_string(priv_type_text);
2381 
2382  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2383  PG_RETURN_NULL();
2384 
2385  /* First check at table level, then examine each column if needed */
2386  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2387  if (aclresult != ACLCHECK_OK)
2388  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2389  ACLMASK_ANY);
2390 
2391  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2392 }
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2892
ACLMASK_ANY
@ ACLMASK_ANY
Definition: acl.h:176
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:3823
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:3908
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
varlena
Definition: c.h:676
RELOID
@ RELOID
Definition: syscache.h:89
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:191

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2427 of file acl.c.

2428 {
2429  Oid roleid = PG_GETARG_OID(0);
2430  Oid tableoid = PG_GETARG_OID(1);
2431  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2432  AclMode mode;
2433  AclResult aclresult;
2434 
2435  mode = convert_column_priv_string(priv_type_text);
2436 
2437  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2438  PG_RETURN_NULL();
2439 
2440  /* First check at table level, then examine each column if needed */
2441  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2442  if (aclresult != ACLCHECK_OK)
2443  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2444  ACLMASK_ANY);
2445 
2446  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2447 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2400 of file acl.c.

2401 {
2402  Oid roleid = PG_GETARG_OID(0);
2403  text *tablename = PG_GETARG_TEXT_PP(1);
2404  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2405  Oid tableoid;
2406  AclMode mode;
2407  AclResult aclresult;
2408 
2409  tableoid = convert_table_name(tablename);
2410  mode = convert_column_priv_string(priv_type_text);
2411 
2412  /* First check at table level, then examine each column if needed */
2413  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2414  if (aclresult != ACLCHECK_OK)
2415  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2416  ACLMASK_ANY);
2417 
2418  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2419 }
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2011

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2312 of file acl.c.

2313 {
2314  text *tablename = PG_GETARG_TEXT_PP(0);
2315  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2316  Oid roleid;
2317  Oid tableoid;
2318  AclMode mode;
2319  AclResult aclresult;
2320 
2321  roleid = GetUserId();
2322  tableoid = convert_table_name(tablename);
2323  mode = convert_column_priv_string(priv_type_text);
2324 
2325  /* First check at table level, then examine each column if needed */
2326  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2327  if (aclresult != ACLCHECK_OK)
2328  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2329  ACLMASK_ANY);
2330 
2331  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2332 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2340 of file acl.c.

2341 {
2342  Name username = PG_GETARG_NAME(0);
2343  Oid tableoid = PG_GETARG_OID(1);
2344  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2345  Oid roleid;
2346  AclMode mode;
2347  AclResult aclresult;
2348 
2349  roleid = get_role_oid_or_public(NameStr(*username));
2350  mode = convert_column_priv_string(priv_type_text);
2351 
2352  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2353  PG_RETURN_NULL();
2354 
2355  /* First check at table level, then examine each column if needed */
2356  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2357  if (aclresult != ACLCHECK_OK)
2358  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2359  ACLMASK_ANY);
2360 
2361  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2362 }
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5265
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278
username
const char * username
Definition: pgbench.c:296
nameData
Definition: c.h:730

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2282 of file acl.c.

2283 {
2284  Name rolename = PG_GETARG_NAME(0);
2285  text *tablename = PG_GETARG_TEXT_PP(1);
2286  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2287  Oid roleid;
2288  Oid tableoid;
2289  AclMode mode;
2290  AclResult aclresult;
2291 
2292  roleid = get_role_oid_or_public(NameStr(*rolename));
2293  tableoid = convert_table_name(tablename);
2294  mode = convert_column_priv_string(priv_type_text);
2295 
2296  /* First check at table level, then examine each column if needed */
2297  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2298  if (aclresult != ACLCHECK_OK)
2299  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2300  ACLMASK_ANY);
2301 
2302  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2303 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2806 of file acl.c.

2807 {
2808  Oid tableoid = PG_GETARG_OID(0);
2809  AttrNumber colattnum = PG_GETARG_INT16(1);
2810  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2811  Oid roleid;
2812  AclMode mode;
2813  int privresult;
2814 
2815  roleid = GetUserId();
2816  mode = convert_column_priv_string(priv_type_text);
2817 
2818  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2819  if (privresult < 0)
2820  PG_RETURN_NULL();
2821  PG_RETURN_BOOL(privresult);
2822 }
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2474
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2699 of file acl.c.

2700 {
2701  Oid roleid = PG_GETARG_OID(0);
2702  Oid tableoid = PG_GETARG_OID(1);
2703  AttrNumber colattnum = PG_GETARG_INT16(2);
2704  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2705  AclMode mode;
2706  int privresult;
2707 
2708  mode = convert_column_priv_string(priv_type_text);
2709 
2710  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2711  if (privresult < 0)
2712  PG_RETURN_NULL();
2713  PG_RETURN_BOOL(privresult);
2714 }

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2674 of file acl.c.

2675 {
2676  Oid roleid = PG_GETARG_OID(0);
2677  Oid tableoid = PG_GETARG_OID(1);
2678  text *column = PG_GETARG_TEXT_PP(2);
2679  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2680  AttrNumber colattnum;
2681  AclMode mode;
2682  int privresult;
2683 
2684  colattnum = convert_column_name(tableoid, column);
2685  mode = convert_column_priv_string(priv_type_text);
2686 
2687  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2688  if (privresult < 0)
2689  PG_RETURN_NULL();
2690  PG_RETURN_BOOL(privresult);
2691 }
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2834

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2779 of file acl.c.

2780 {
2781  Oid tableoid = PG_GETARG_OID(0);
2782  text *column = PG_GETARG_TEXT_PP(1);
2783  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2784  Oid roleid;
2785  AttrNumber colattnum;
2786  AclMode mode;
2787  int privresult;
2788 
2789  roleid = GetUserId();
2790  colattnum = convert_column_name(tableoid, column);
2791  mode = convert_column_priv_string(priv_type_text);
2792 
2793  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2794  if (privresult < 0)
2795  PG_RETURN_NULL();
2796  PG_RETURN_BOOL(privresult);
2797 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2649 of file acl.c.

2650 {
2651  Oid roleid = PG_GETARG_OID(0);
2652  text *tablename = PG_GETARG_TEXT_PP(1);
2653  AttrNumber colattnum = PG_GETARG_INT16(2);
2654  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2655  Oid tableoid;
2656  AclMode mode;
2657  int privresult;
2658 
2659  tableoid = convert_table_name(tablename);
2660  mode = convert_column_priv_string(priv_type_text);
2661 
2662  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2663  if (privresult < 0)
2664  PG_RETURN_NULL();
2665  PG_RETURN_BOOL(privresult);
2666 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2622 of file acl.c.

2623 {
2624  Oid roleid = PG_GETARG_OID(0);
2625  text *tablename = PG_GETARG_TEXT_PP(1);
2626  text *column = PG_GETARG_TEXT_PP(2);
2627  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2628  Oid tableoid;
2629  AttrNumber colattnum;
2630  AclMode mode;
2631  int privresult;
2632 
2633  tableoid = convert_table_name(tablename);
2634  colattnum = convert_column_name(tableoid, column);
2635  mode = convert_column_priv_string(priv_type_text);
2636 
2637  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2638  if (privresult < 0)
2639  PG_RETURN_NULL();
2640  PG_RETURN_BOOL(privresult);
2641 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2752 of file acl.c.

2753 {
2754  text *tablename = PG_GETARG_TEXT_PP(0);
2755  AttrNumber colattnum = PG_GETARG_INT16(1);
2756  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2757  Oid roleid;
2758  Oid tableoid;
2759  AclMode mode;
2760  int privresult;
2761 
2762  roleid = GetUserId();
2763  tableoid = convert_table_name(tablename);
2764  mode = convert_column_priv_string(priv_type_text);
2765 
2766  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2767  if (privresult < 0)
2768  PG_RETURN_NULL();
2769  PG_RETURN_BOOL(privresult);
2770 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2597 of file acl.c.

2598 {
2599  Name username = PG_GETARG_NAME(0);
2600  Oid tableoid = PG_GETARG_OID(1);
2601  AttrNumber colattnum = PG_GETARG_INT16(2);
2602  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2603  Oid roleid;
2604  AclMode mode;
2605  int privresult;
2606 
2607  roleid = get_role_oid_or_public(NameStr(*username));
2608  mode = convert_column_priv_string(priv_type_text);
2609 
2610  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2611  if (privresult < 0)
2612  PG_RETURN_NULL();
2613  PG_RETURN_BOOL(privresult);
2614 }

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2570 of file acl.c.

2571 {
2572  Name username = PG_GETARG_NAME(0);
2573  Oid tableoid = PG_GETARG_OID(1);
2574  text *column = PG_GETARG_TEXT_PP(2);
2575  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2576  Oid roleid;
2577  AttrNumber colattnum;
2578  AclMode mode;
2579  int privresult;
2580 
2581  roleid = get_role_oid_or_public(NameStr(*username));
2582  colattnum = convert_column_name(tableoid, column);
2583  mode = convert_column_priv_string(priv_type_text);
2584 
2585  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2586  if (privresult < 0)
2587  PG_RETURN_NULL();
2588  PG_RETURN_BOOL(privresult);
2589 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2723 of file acl.c.

2724 {
2725  text *tablename = PG_GETARG_TEXT_PP(0);
2726  text *column = PG_GETARG_TEXT_PP(1);
2727  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2728  Oid roleid;
2729  Oid tableoid;
2730  AttrNumber colattnum;
2731  AclMode mode;
2732  int privresult;
2733 
2734  roleid = GetUserId();
2735  tableoid = convert_table_name(tablename);
2736  colattnum = convert_column_name(tableoid, column);
2737  mode = convert_column_priv_string(priv_type_text);
2738 
2739  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2740  if (privresult < 0)
2741  PG_RETURN_NULL();
2742  PG_RETURN_BOOL(privresult);
2743 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2543 of file acl.c.

2544 {
2545  Name rolename = PG_GETARG_NAME(0);
2546  text *tablename = PG_GETARG_TEXT_PP(1);
2547  AttrNumber colattnum = PG_GETARG_INT16(2);
2548  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2549  Oid roleid;
2550  Oid tableoid;
2551  AclMode mode;
2552  int privresult;
2553 
2554  roleid = get_role_oid_or_public(NameStr(*rolename));
2555  tableoid = convert_table_name(tablename);
2556  mode = convert_column_priv_string(priv_type_text);
2557 
2558  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2559  if (privresult < 0)
2560  PG_RETURN_NULL();
2561  PG_RETURN_BOOL(privresult);
2562 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2514 of file acl.c.

2515 {
2516  Name rolename = PG_GETARG_NAME(0);
2517  text *tablename = PG_GETARG_TEXT_PP(1);
2518  text *column = PG_GETARG_TEXT_PP(2);
2519  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2520  Oid roleid;
2521  Oid tableoid;
2522  AttrNumber colattnum;
2523  AclMode mode;
2524  int privresult;
2525 
2526  roleid = get_role_oid_or_public(NameStr(*rolename));
2527  tableoid = convert_table_name(tablename);
2528  colattnum = convert_column_name(tableoid, column);
2529  mode = convert_column_priv_string(priv_type_text);
2530 
2531  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2532  if (privresult < 0)
2533  PG_RETURN_NULL();
2534  PG_RETURN_BOOL(privresult);
2535 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3003 of file acl.c.

3004 {
3005  Oid databaseoid = PG_GETARG_OID(0);
3006  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3007  Oid roleid;
3008  AclMode mode;
3009  AclResult aclresult;
3010 
3011  roleid = GetUserId();
3012  mode = convert_database_priv_string(priv_type_text);
3013 
3014  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3015  PG_RETURN_NULL();
3016 
3017  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3018 
3019  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3020 }
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3089
object_aclcheck
AclResult object_aclcheck(Oid classid, Oid objectid, Oid roleid, AclMode mode)
Definition: aclchk.c:3760
DATABASEOID
@ DATABASEOID
Definition: syscache.h:55

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3051 of file acl.c.

3052 {
3053  Oid roleid = PG_GETARG_OID(0);
3054  Oid databaseoid = PG_GETARG_OID(1);
3055  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3056  AclMode mode;
3057  AclResult aclresult;
3058 
3059  mode = convert_database_priv_string(priv_type_text);
3060 
3061  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3062  PG_RETURN_NULL();
3063 
3064  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3065 
3066  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3067 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3028 of file acl.c.

3029 {
3030  Oid roleid = PG_GETARG_OID(0);
3031  text *databasename = PG_GETARG_TEXT_PP(1);
3032  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3033  Oid databaseoid;
3034  AclMode mode;
3035  AclResult aclresult;
3036 
3037  databaseoid = convert_database_name(databasename);
3038  mode = convert_database_priv_string(priv_type_text);
3039 
3040  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3041 
3042  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3043 }
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3077

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2952 of file acl.c.

2953 {
2954  text *databasename = PG_GETARG_TEXT_PP(0);
2955  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2956  Oid roleid;
2957  Oid databaseoid;
2958  AclMode mode;
2959  AclResult aclresult;
2960 
2961  roleid = GetUserId();
2962  databaseoid = convert_database_name(databasename);
2963  mode = convert_database_priv_string(priv_type_text);
2964 
2965  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2966 
2967  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2968 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2976 of file acl.c.

2977 {
2978  Name username = PG_GETARG_NAME(0);
2979  Oid databaseoid = PG_GETARG_OID(1);
2980  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2981  Oid roleid;
2982  AclMode mode;
2983  AclResult aclresult;
2984 
2985  roleid = get_role_oid_or_public(NameStr(*username));
2986  mode = convert_database_priv_string(priv_type_text);
2987 
2988  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
2989  PG_RETURN_NULL();
2990 
2991  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2992 
2993  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2994 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2926 of file acl.c.

2927 {
2928  Name username = PG_GETARG_NAME(0);
2929  text *databasename = PG_GETARG_TEXT_PP(1);
2930  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2931  Oid roleid;
2932  Oid databaseoid;
2933  AclMode mode;
2934  AclResult aclresult;
2935 
2936  roleid = get_role_oid_or_public(NameStr(*username));
2937  databaseoid = convert_database_name(databasename);
2938  mode = convert_database_priv_string(priv_type_text);
2939 
2940  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2941 
2942  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2943 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3200 of file acl.c.

3201 {
3202  Oid fdwid = PG_GETARG_OID(0);
3203  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3204  Oid roleid;
3205  AclMode mode;
3206  AclResult aclresult;
3207 
3208  roleid = GetUserId();
3209  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3210 
3211  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3212  PG_RETURN_NULL();
3213 
3214  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3215 
3216  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3217 }
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3286
FOREIGNDATAWRAPPEROID
@ FOREIGNDATAWRAPPEROID
Definition: syscache.h:62

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3248 of file acl.c.

3249 {
3250  Oid roleid = PG_GETARG_OID(0);
3251  Oid fdwid = PG_GETARG_OID(1);
3252  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3253  AclMode mode;
3254  AclResult aclresult;
3255 
3256  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3257 
3258  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3259  PG_RETURN_NULL();
3260 
3261  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3262 
3263  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3264 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3225 of file acl.c.

3226 {
3227  Oid roleid = PG_GETARG_OID(0);
3228  text *fdwname = PG_GETARG_TEXT_PP(1);
3229  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3230  Oid fdwid;
3231  AclMode mode;
3232  AclResult aclresult;
3233 
3234  fdwid = convert_foreign_data_wrapper_name(fdwname);
3235  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3236 
3237  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3238 
3239  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3240 }
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3274

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3149 of file acl.c.

3150 {
3151  text *fdwname = PG_GETARG_TEXT_PP(0);
3152  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3153  Oid roleid;
3154  Oid fdwid;
3155  AclMode mode;
3156  AclResult aclresult;
3157 
3158  roleid = GetUserId();
3159  fdwid = convert_foreign_data_wrapper_name(fdwname);
3160  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3161 
3162  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3163 
3164  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3165 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3173 of file acl.c.

3174 {
3175  Name username = PG_GETARG_NAME(0);
3176  Oid fdwid = PG_GETARG_OID(1);
3177  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3178  Oid roleid;
3179  AclMode mode;
3180  AclResult aclresult;
3181 
3182  roleid = get_role_oid_or_public(NameStr(*username));
3183  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3184 
3185  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3186  PG_RETURN_NULL();
3187 
3188  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3189 
3190  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3191 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3123 of file acl.c.

3124 {
3125  Name username = PG_GETARG_NAME(0);
3126  text *fdwname = PG_GETARG_TEXT_PP(1);
3127  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3128  Oid roleid;
3129  Oid fdwid;
3130  AclMode mode;
3131  AclResult aclresult;
3132 
3133  roleid = get_role_oid_or_public(NameStr(*username));
3134  fdwid = convert_foreign_data_wrapper_name(fdwname);
3135  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3136 
3137  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3138 
3139  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3140 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3391 of file acl.c.

3392 {
3393  Oid functionoid = PG_GETARG_OID(0);
3394  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3395  Oid roleid;
3396  AclMode mode;
3397  AclResult aclresult;
3398 
3399  roleid = GetUserId();
3400  mode = convert_function_priv_string(priv_type_text);
3401 
3402  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3403  PG_RETURN_NULL();
3404 
3405  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3406 
3407  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3408 }
convert_function_priv_string
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3486
PROCOID
@ PROCOID
Definition: syscache.h:79

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_id()

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3439 of file acl.c.

3440 {
3441  Oid roleid = PG_GETARG_OID(0);
3442  Oid functionoid = PG_GETARG_OID(1);
3443  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3444  AclMode mode;
3445  AclResult aclresult;
3446 
3447  mode = convert_function_priv_string(priv_type_text);
3448 
3449  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3450  PG_RETURN_NULL();
3451 
3452  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3453 
3454  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3455 }

References ACLCHECK_OK, convert_function_priv_string(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_name()

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3416 of file acl.c.

3417 {
3418  Oid roleid = PG_GETARG_OID(0);
3419  text *functionname = PG_GETARG_TEXT_PP(1);
3420  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3421  Oid functionoid;
3422  AclMode mode;
3423  AclResult aclresult;
3424 
3425  functionoid = convert_function_name(functionname);
3426  mode = convert_function_priv_string(priv_type_text);
3427 
3428  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3429 
3430  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3431 }
convert_function_name
static Oid convert_function_name(text *functionname)
Definition: acl.c:3465

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name()

Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3340 of file acl.c.

3341 {
3342  text *functionname = PG_GETARG_TEXT_PP(0);
3343  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3344  Oid roleid;
3345  Oid functionoid;
3346  AclMode mode;
3347  AclResult aclresult;
3348 
3349  roleid = GetUserId();
3350  functionoid = convert_function_name(functionname);
3351  mode = convert_function_priv_string(priv_type_text);
3352 
3353  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3354 
3355  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3356 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name_id()

Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3364 of file acl.c.

3365 {
3366  Name username = PG_GETARG_NAME(0);
3367  Oid functionoid = PG_GETARG_OID(1);
3368  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3369  Oid roleid;
3370  AclMode mode;
3371  AclResult aclresult;
3372 
3373  roleid = get_role_oid_or_public(NameStr(*username));
3374  mode = convert_function_priv_string(priv_type_text);
3375 
3376  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3377  PG_RETURN_NULL();
3378 
3379  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3380 
3381  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3382 }

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, SearchSysCacheExists1, and username.

◆ has_function_privilege_name_name()

Datum has_function_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3314 of file acl.c.

3315 {
3316  Name username = PG_GETARG_NAME(0);
3317  text *functionname = PG_GETARG_TEXT_PP(1);
3318  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3319  Oid roleid;
3320  Oid functionoid;
3321  AclMode mode;
3322  AclResult aclresult;
3323 
3324  roleid = get_role_oid_or_public(NameStr(*username));
3325  functionoid = convert_function_name(functionname);
3326  mode = convert_function_priv_string(priv_type_text);
3327 
3328  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3329 
3330  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3331 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_language_privilege_id()

Datum has_language_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3591 of file acl.c.

3592 {
3593  Oid languageoid = PG_GETARG_OID(0);
3594  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3595  Oid roleid;
3596  AclMode mode;
3597  AclResult aclresult;
3598 
3599  roleid = GetUserId();
3600  mode = convert_language_priv_string(priv_type_text);
3601 
3602  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3603  PG_RETURN_NULL();
3604 
3605  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3606 
3607  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3608 }
convert_language_priv_string
static AclMode convert_language_priv_string(text *priv_type_text)
Definition: acl.c:3677
LANGOID
@ LANGOID
Definition: syscache.h:68

References ACLCHECK_OK, convert_language_priv_string(), GetUserId(), LANGOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_id()

Datum has_language_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3639 of file acl.c.

3640 {
3641  Oid roleid = PG_GETARG_OID(0);
3642  Oid languageoid = PG_GETARG_OID(1);
3643  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3644  AclMode mode;
3645  AclResult aclresult;
3646 
3647  mode = convert_language_priv_string(priv_type_text);
3648 
3649  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3650  PG_RETURN_NULL();
3651 
3652  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3653 
3654  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3655 }

References ACLCHECK_OK, convert_language_priv_string(), LANGOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_name()

Datum has_language_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3616 of file acl.c.

3617 {
3618  Oid roleid = PG_GETARG_OID(0);
3619  text *languagename = PG_GETARG_TEXT_PP(1);
3620  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3621  Oid languageoid;
3622  AclMode mode;
3623  AclResult aclresult;
3624 
3625  languageoid = convert_language_name(languagename);
3626  mode = convert_language_priv_string(priv_type_text);
3627 
3628  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3629 
3630  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3631 }
convert_language_name
static Oid convert_language_name(text *languagename)
Definition: acl.c:3665

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name()

Datum has_language_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3540 of file acl.c.

3541 {
3542  text *languagename = PG_GETARG_TEXT_PP(0);
3543  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3544  Oid roleid;
3545  Oid languageoid;
3546  AclMode mode;
3547  AclResult aclresult;
3548 
3549  roleid = GetUserId();
3550  languageoid = convert_language_name(languagename);
3551  mode = convert_language_priv_string(priv_type_text);
3552 
3553  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3554 
3555  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3556 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name_id()

Datum has_language_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3564 of file acl.c.

3565 {
3566  Name username = PG_GETARG_NAME(0);
3567  Oid languageoid = PG_GETARG_OID(1);
3568  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3569  Oid roleid;
3570  AclMode mode;
3571  AclResult aclresult;
3572 
3573  roleid = get_role_oid_or_public(NameStr(*username));
3574  mode = convert_language_priv_string(priv_type_text);
3575 
3576  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3577  PG_RETURN_NULL();
3578 
3579  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3580 
3581  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3582 }

References ACLCHECK_OK, convert_language_priv_string(), get_role_oid_or_public(), LANGOID, mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_language_privilege_name_name()

Datum has_language_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3514 of file acl.c.

3515 {
3516  Name username = PG_GETARG_NAME(0);
3517  text *languagename = PG_GETARG_TEXT_PP(1);
3518  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3519  Oid roleid;
3520  Oid languageoid;
3521  AclMode mode;
3522  AclResult aclresult;
3523 
3524  roleid = get_role_oid_or_public(NameStr(*username));
3525  languageoid = convert_language_name(languagename);
3526  mode = convert_language_priv_string(priv_type_text);
3527 
3528  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3529 
3530  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3531 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_param_priv_byname()

static bool has_param_priv_byname ( Oid  roleid,
const text parameter,
AclMode  priv 
)
static

Definition at line 4479 of file acl.c.

4480 {
4481  char *paramstr = text_to_cstring(parameter);
4482 
4483  return pg_parameter_aclcheck(paramstr, roleid, priv) == ACLCHECK_OK;
4484 }
pg_parameter_aclcheck
AclResult pg_parameter_aclcheck(const char *name, Oid roleid, AclMode mode)
Definition: aclchk.c:3935

References ACLCHECK_OK, pg_parameter_aclcheck(), and text_to_cstring().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ has_parameter_privilege_id_name()

Datum has_parameter_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4522 of file acl.c.

4523 {
4524  Oid roleid = PG_GETARG_OID(0);
4525  text *parameter = PG_GETARG_TEXT_PP(1);
4526  AclMode priv = convert_parameter_priv_string(PG_GETARG_TEXT_PP(2));
4527 
4528  PG_RETURN_BOOL(has_param_priv_byname(roleid, parameter, priv));
4529 }
has_param_priv_byname
static bool has_param_priv_byname(Oid roleid, const text *parameter, AclMode priv)
Definition: acl.c:4479
convert_parameter_priv_string
static AclMode convert_parameter_priv_string(text *priv_text)
Definition: acl.c:4540

References convert_parameter_priv_string(), has_param_priv_byname(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name()

Datum has_parameter_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4508 of file acl.c.

4509 {
4510  text *parameter = PG_GETARG_TEXT_PP(0);
4511  AclMode priv = convert_parameter_priv_string(PG_GETARG_TEXT_PP(1));
4512 
4513  PG_RETURN_BOOL(has_param_priv_byname(GetUserId(), parameter, priv));
4514 }

References convert_parameter_priv_string(), GetUserId(), has_param_priv_byname(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name_name()

Datum has_parameter_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 4492 of file acl.c.

4493 {
4494  Name username = PG_GETARG_NAME(0);
4495  text *parameter = PG_GETARG_TEXT_PP(1);
4496  AclMode priv = convert_parameter_priv_string(PG_GETARG_TEXT_PP(2));
4497  Oid roleid = get_role_oid_or_public(NameStr(*username));
4498 
4499  PG_RETURN_BOOL(has_param_priv_byname(roleid, parameter, priv));
4500 }

References convert_parameter_priv_string(), get_role_oid_or_public(), has_param_priv_byname(), NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_privs_of_role()

bool has_privs_of_role ( Oid  member,
Oid  role 
)

Definition at line 4961 of file acl.c.

4962 {
4963  /* Fast path for simple case */
4964  if (member == role)
4965  return true;
4966 
4967  /* Superusers have every privilege, so are part of every role */
4968  if (superuser_arg(member))
4969  return true;
4970 
4971  /*
4972  * Find all the roles that member has the privileges of, including
4973  * multi-level recursion, then see if target role is any one of them.
4974  */
4975  return list_member_oid(roles_is_member_of(member, ROLERECURSE_PRIVS,
4976  InvalidOid, NULL),
4977  role);
4978 }
roles_is_member_of
static List * roles_is_member_of(Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
Definition: acl.c:4836
list_member_oid
bool list_member_oid(const List *list, Oid datum)
Definition: list.c:721
superuser_arg
bool superuser_arg(Oid roleid)
Definition: superuser.c:56

References InvalidOid, list_member_oid(), ROLERECURSE_PRIVS, roles_is_member_of(), and superuser_arg().

Referenced by aclmask(), AlterObjectNamespace_internal(), AlterObjectOwner_internal(), AlterObjectRename_internal(), bbsink_server_new(), calculate_database_size(), calculate_tablespace_size(), check_role_for_policy(), check_role_grantor(), ConfigOptionIsVisible(), convert_and_check_filename(), CreateSubscription(), DoCopy(), DropOwnedObjects(), ExecAlterDefaultPrivilegesStmt(), file_fdw_validator(), GetConfigOptionValues(), InitPostgres(), object_ownercheck(), pg_class_aclmask_ext(), pg_namespace_aclmask(), pg_role_aclcheck(), pg_signal_backend(), pg_stat_get_wal_receiver(), pg_stat_get_wal_senders(), pg_stat_statements_internal(), pgrowlocks(), ReassignOwnedObjects(), shell_check_detail(), standard_ProcessUtility(), and TerminateOtherDBBackends().

◆ has_schema_privilege_id()

Datum has_schema_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3782 of file acl.c.

3783 {
3784  Oid schemaoid = PG_GETARG_OID(0);
3785  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3786  Oid roleid;
3787  AclMode mode;
3788  AclResult aclresult;
3789 
3790  roleid = GetUserId();
3791  mode = convert_schema_priv_string(priv_type_text);
3792 
3793  if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(schemaoid)))
3794  PG_RETURN_NULL();
3795 
3796  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3797 
3798  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3799 }
convert_schema_priv_string
static AclMode convert_schema_priv_string(text *priv_type_text)
Definition: acl.c:3868
NAMESPACEOID
@ NAMESPACEOID
Definition: syscache.h:70

References ACLCHECK_OK, convert_schema_priv_string(), GetUserId(), mode, NAMESPACEOID, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_id()

Datum has_schema_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3830 of file acl.c.

3831 {
3832  Oid roleid = PG_GETARG_OID(0);
3833  Oid schemaoid = PG_GETARG_OID(1);
3834  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3835  AclMode mode;
3836  AclResult aclresult;
3837 
3838  mode = convert_schema_priv_string(priv_type_text);
3839 
3840  if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(schemaoid)))
3841  PG_RETURN_NULL();
3842 
3843  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3844 
3845  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3846 }

References ACLCHECK_OK, convert_schema_priv_string(), mode, NAMESPACEOID, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_name()

Datum has_schema_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3807 of file acl.c.

3808 {
3809  Oid roleid = PG_GETARG_OID(0);
3810  text *schemaname = PG_GETARG_TEXT_PP(1);
3811  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3812  Oid schemaoid;
3813  AclMode mode;
3814  AclResult aclresult;
3815 
3816  schemaoid = convert_schema_name(schemaname);
3817  mode = convert_schema_priv_string(priv_type_text);
3818 
3819  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3820 
3821  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3822 }
convert_schema_name
static Oid convert_schema_name(text *schemaname)
Definition: acl.c:3856

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name()

Datum has_schema_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3731 of file acl.c.

3732 {
3733  text *schemaname = PG_GETARG_TEXT_PP(0);
3734  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3735  Oid roleid;
3736  Oid schemaoid;
3737  AclMode mode;
3738  AclResult aclresult;
3739 
3740  roleid = GetUserId();
3741  schemaoid = convert_schema_name(schemaname);
3742  mode = convert_schema_priv_string(priv_type_text);
3743 
3744  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3745 
3746  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3747 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name_id()

Datum has_schema_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3755 of file acl.c.

3756 {
3757  Name username = PG_GETARG_NAME(0);
3758  Oid schemaoid = PG_GETARG_OID(1);
3759  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3760  Oid roleid;
3761  AclMode mode;
3762  AclResult aclresult;
3763 
3764  roleid = get_role_oid_or_public(NameStr(*username));
3765  mode = convert_schema_priv_string(priv_type_text);
3766 
3767  if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(schemaoid)))
3768  PG_RETURN_NULL();
3769 
3770  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3771 
3772  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3773 }

References ACLCHECK_OK, convert_schema_priv_string(), get_role_oid_or_public(), mode, NAMESPACEOID, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_schema_privilege_name_name()

Datum has_schema_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3705 of file acl.c.

3706 {
3707  Name username = PG_GETARG_NAME(0);
3708  text *schemaname = PG_GETARG_TEXT_PP(1);
3709  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3710  Oid roleid;
3711  Oid schemaoid;
3712  AclMode mode;
3713  AclResult aclresult;
3714 
3715  roleid = get_role_oid_or_public(NameStr(*username));
3716  schemaoid = convert_schema_name(schemaname);
3717  mode = convert_schema_priv_string(priv_type_text);
3718 
3719  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3720 
3721  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3722 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_sequence_privilege_id()

Datum has_sequence_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2161 of file acl.c.

2162 {
2163  Oid sequenceoid = PG_GETARG_OID(0);
2164  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2165  Oid roleid;
2166  AclMode mode;
2167  AclResult aclresult;
2168  char relkind;
2169 
2170  roleid = GetUserId();
2171  mode = convert_sequence_priv_string(priv_type_text);
2172  relkind = get_rel_relkind(sequenceoid);
2173  if (relkind == '\0')
2174  PG_RETURN_NULL();
2175  else if (relkind != RELKIND_SEQUENCE)
2176  ereport(ERROR,
2177  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2178  errmsg("\"%s\" is not a sequence",
2179  get_rel_name(sequenceoid))));
2180 
2181  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2182 
2183  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2184 }
convert_sequence_priv_string
static AclMode convert_sequence_priv_string(text *priv_type_text)
Definition: acl.c:2249
get_rel_relkind
char get_rel_relkind(Oid relid)
Definition: lsyscache.c:2007

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_id()

Datum has_sequence_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2220 of file acl.c.

2221 {
2222  Oid roleid = PG_GETARG_OID(0);
2223  Oid sequenceoid = PG_GETARG_OID(1);
2224  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2225  AclMode mode;
2226  AclResult aclresult;
2227  char relkind;
2228 
2229  mode = convert_sequence_priv_string(priv_type_text);
2230  relkind = get_rel_relkind(sequenceoid);
2231  if (relkind == '\0')
2232  PG_RETURN_NULL();
2233  else if (relkind != RELKIND_SEQUENCE)
2234  ereport(ERROR,
2235  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2236  errmsg("\"%s\" is not a sequence",
2237  get_rel_name(sequenceoid))));
2238 
2239  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2240 
2241  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2242 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_name()

Datum has_sequence_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2192 of file acl.c.

2193 {
2194  Oid roleid = PG_GETARG_OID(0);
2195  text *sequencename = PG_GETARG_TEXT_PP(1);
2196  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2197  Oid sequenceoid;
2198  AclMode mode;
2199  AclResult aclresult;
2200 
2201  mode = convert_sequence_priv_string(priv_type_text);
2202  sequenceoid = convert_table_name(sequencename);
2203  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2204  ereport(ERROR,
2205  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2206  errmsg("\"%s\" is not a sequence",
2207  text_to_cstring(sequencename))));
2208 
2209  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2210 
2211  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2212 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name()

Datum has_sequence_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2099 of file acl.c.

2100 {
2101  text *sequencename = PG_GETARG_TEXT_PP(0);
2102  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2103  Oid roleid;
2104  Oid sequenceoid;
2105  AclMode mode;
2106  AclResult aclresult;
2107 
2108  roleid = GetUserId();
2109  mode = convert_sequence_priv_string(priv_type_text);
2110  sequenceoid = convert_table_name(sequencename);
2111  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2112  ereport(ERROR,
2113  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2114  errmsg("\"%s\" is not a sequence",
2115  text_to_cstring(sequencename))));
2116 
2117  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2118 
2119  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2120 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name_id()

Datum has_sequence_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2128 of file acl.c.

2129 {
2130  Name username = PG_GETARG_NAME(0);
2131  Oid sequenceoid = PG_GETARG_OID(1);
2132  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2133  Oid roleid;
2134  AclMode mode;
2135  AclResult aclresult;
2136  char relkind;
2137 
2138  roleid = get_role_oid_or_public(NameStr(*username));
2139  mode = convert_sequence_priv_string(priv_type_text);
2140  relkind = get_rel_relkind(sequenceoid);
2141  if (relkind == '\0')
2142  PG_RETURN_NULL();
2143  else if (relkind != RELKIND_SEQUENCE)
2144  ereport(ERROR,
2145  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2146  errmsg("\"%s\" is not a sequence",
2147  get_rel_name(sequenceoid))));
2148 
2149  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2150 
2151  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2152 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_sequence_privilege_name_name()

Datum has_sequence_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2068 of file acl.c.

2069 {
2070  Name rolename = PG_GETARG_NAME(0);
2071  text *sequencename = PG_GETARG_TEXT_PP(1);
2072  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2073  Oid roleid;
2074  Oid sequenceoid;
2075  AclMode mode;
2076  AclResult aclresult;
2077 
2078  roleid = get_role_oid_or_public(NameStr(*rolename));
2079  mode = convert_sequence_priv_string(priv_type_text);
2080  sequenceoid = convert_table_name(sequencename);
2081  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2082  ereport(ERROR,
2083  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2084  errmsg("\"%s\" is not a sequence",
2085  text_to_cstring(sequencename))));
2086 
2087  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2088 
2089  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2090 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_server_privilege_id()

Datum has_server_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3975 of file acl.c.

3976 {
3977  Oid serverid = PG_GETARG_OID(0);
3978  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3979  Oid roleid;
3980  AclMode mode;
3981  AclResult aclresult;
3982 
3983  roleid = GetUserId();
3984  mode = convert_server_priv_string(priv_type_text);
3985 
3986  if (!SearchSysCacheExists1(FOREIGNSERVEROID, ObjectIdGetDatum(serverid)))
3987  PG_RETURN_NULL();
3988 
3989  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3990 
3991  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3992 }
convert_server_priv_string
static AclMode convert_server_priv_string(text *priv_type_text)
Definition: acl.c:4061
FOREIGNSERVEROID
@ FOREIGNSERVEROID
Definition: syscache.h:64

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_id()

Datum has_server_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4023 of file acl.c.

4024 {
4025  Oid roleid = PG_GETARG_OID(0);
4026  Oid serverid = PG_GETARG_OID(1);
4027  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4028  AclMode mode;
4029  AclResult aclresult;
4030 
4031  mode = convert_server_priv_string(priv_type_text);
4032 
4033  if (!SearchSysCacheExists1(FOREIGNSERVEROID, ObjectIdGetDatum(serverid)))
4034  PG_RETURN_NULL();
4035 
4036  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4037 
4038  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4039 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_name()

Datum has_server_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4000 of file acl.c.

4001 {
4002  Oid roleid = PG_GETARG_OID(0);
4003  text *servername = PG_GETARG_TEXT_PP(1);
4004  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4005  Oid serverid;
4006  AclMode mode;
4007  AclResult aclresult;
4008 
4009  serverid = convert_server_name(servername);
4010  mode = convert_server_priv_string(priv_type_text);
4011 
4012  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4013 
4014  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4015 }
convert_server_name
static Oid convert_server_name(text *servername)
Definition: acl.c:4049

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name()

Datum has_server_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3924 of file acl.c.

3925 {
3926  text *servername = PG_GETARG_TEXT_PP(0);
3927  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3928  Oid roleid;
3929  Oid serverid;
3930  AclMode mode;
3931  AclResult aclresult;
3932 
3933  roleid = GetUserId();
3934  serverid = convert_server_name(servername);
3935  mode = convert_server_priv_string(priv_type_text);
3936 
3937  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3938 
3939  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3940 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name_id()

Datum has_server_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3948 of file acl.c.

3949 {
3950  Name username = PG_GETARG_NAME(0);
3951  Oid serverid = PG_GETARG_OID(1);
3952  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3953  Oid roleid;
3954  AclMode mode;
3955  AclResult aclresult;
3956 
3957  roleid = get_role_oid_or_public(NameStr(*username));
3958  mode = convert_server_priv_string(priv_type_text);
3959 
3960  if (!SearchSysCacheExists1(FOREIGNSERVEROID, ObjectIdGetDatum(serverid)))
3961  PG_RETURN_NULL();
3962 
3963  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3964 
3965  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3966 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_server_privilege_name_name()

Datum has_server_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3898 of file acl.c.

3899 {
3900  Name username = PG_GETARG_NAME(0);
3901  text *servername = PG_GETARG_TEXT_PP(1);
3902  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3903  Oid roleid;
3904  Oid serverid;
3905  AclMode mode;
3906  AclResult aclresult;
3907 
3908  roleid = get_role_oid_or_public(NameStr(*username));
3909  serverid = convert_server_name(servername);
3910  mode = convert_server_priv_string(priv_type_text);
3911 
3912  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3913 
3914  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3915 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_table_privilege_id()

Datum has_table_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 1937 of file acl.c.

1938 {
1939  Oid tableoid = PG_GETARG_OID(0);
1940  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1941  Oid roleid;
1942  AclMode mode;
1943  AclResult aclresult;
1944 
1945  roleid = GetUserId();
1946  mode = convert_table_priv_string(priv_type_text);
1947 
1948  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
1949  PG_RETURN_NULL();
1950 
1951  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1952 
1953  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1954 }
convert_table_priv_string
static AclMode convert_table_priv_string(text *priv_type_text)
Definition: acl.c:2026

References ACLCHECK_OK, convert_table_priv_string(), GetUserId(), mode, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_id()

Datum has_table_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 1985 of file acl.c.

1986 {
1987  Oid roleid = PG_GETARG_OID(0);
1988  Oid tableoid = PG_GETARG_OID(1);
1989  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1990  AclMode mode;
1991  AclResult aclresult;
1992 
1993  mode = convert_table_priv_string(priv_type_text);
1994 
1995  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
1996  PG_RETURN_NULL();
1997 
1998  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1999 
2000  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2001 }

References ACLCHECK_OK, convert_table_priv_string(), mode, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_name()

Datum has_table_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 1962 of file acl.c.

1963 {
1964  Oid roleid = PG_GETARG_OID(0);
1965  text *tablename = PG_GETARG_TEXT_PP(1);
1966  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1967  Oid tableoid;
1968  AclMode mode;
1969  AclResult aclresult;
1970 
1971  tableoid = convert_table_name(tablename);
1972  mode = convert_table_priv_string(priv_type_text);
1973 
1974  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1975 
1976  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1977 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name()

Datum has_table_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 1886 of file acl.c.

1887 {
1888  text *tablename = PG_GETARG_TEXT_PP(0);
1889  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1890  Oid roleid;
1891  Oid tableoid;
1892  AclMode mode;
1893  AclResult aclresult;
1894 
1895  roleid = GetUserId();
1896  tableoid = convert_table_name(tablename);
1897  mode = convert_table_priv_string(priv_type_text);
1898 
1899  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1900 
1901  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1902 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name_id()

Datum has_table_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 1910 of file acl.c.

1911 {
1912  Name username = PG_GETARG_NAME(0);
1913  Oid tableoid = PG_GETARG_OID(1);
1914  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1915  Oid roleid;
1916  AclMode mode;
1917  AclResult aclresult;
1918 
1919  roleid = get_role_oid_or_public(NameStr(*username));
1920  mode = convert_table_priv_string(priv_type_text);
1921 
1922  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
1923  PG_RETURN_NULL();
1924 
1925  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1926 
1927  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1928 }

References ACLCHECK_OK, convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_table_privilege_name_name()

Datum has_table_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 1860 of file acl.c.

1861 {
1862  Name rolename = PG_GETARG_NAME(0);
1863  text *tablename = PG_GETARG_TEXT_PP(1);
1864  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1865  Oid roleid;
1866  Oid tableoid;
1867  AclMode mode;
1868  AclResult aclresult;
1869 
1870  roleid = get_role_oid_or_public(NameStr(*rolename));
1871  tableoid = convert_table_name(tablename);
1872  mode = convert_table_priv_string(priv_type_text);
1873 
1874  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1875 
1876  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1877 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_id()

Datum has_tablespace_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4166 of file acl.c.

4167 {
4168  Oid tablespaceoid = PG_GETARG_OID(0);
4169  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4170  Oid roleid;
4171  AclMode mode;
4172  AclResult aclresult;
4173 
4174  roleid = GetUserId();
4175  mode = convert_tablespace_priv_string(priv_type_text);
4176 
4177  if (!SearchSysCacheExists1(TABLESPACEOID, ObjectIdGetDatum(tablespaceoid)))
4178  PG_RETURN_NULL();
4179 
4180  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4181 
4182  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4183 }
convert_tablespace_priv_string
static AclMode convert_tablespace_priv_string(text *priv_type_text)
Definition: acl.c:4252
TABLESPACEOID
@ TABLESPACEOID
Definition: syscache.h:101

References ACLCHECK_OK, convert_tablespace_priv_string(), GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and TABLESPACEOID.

◆ has_tablespace_privilege_id_id()

Datum has_tablespace_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4214 of file acl.c.

4215 {
4216  Oid roleid = PG_GETARG_OID(0);
4217  Oid tablespaceoid = PG_GETARG_OID(1);
4218  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4219  AclMode mode;
4220  AclResult aclresult;
4221 
4222  mode = convert_tablespace_priv_string(priv_type_text);
4223 
4224  if (!SearchSysCacheExists1(TABLESPACEOID, ObjectIdGetDatum(tablespaceoid)))
4225  PG_RETURN_NULL();
4226 
4227  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4228 
4229  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4230 }

References ACLCHECK_OK, convert_tablespace_priv_string(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and TABLESPACEOID.

◆ has_tablespace_privilege_id_name()

Datum has_tablespace_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4191 of file acl.c.

4192 {
4193  Oid roleid = PG_GETARG_OID(0);
4194  text *tablespacename = PG_GETARG_TEXT_PP(1);
4195  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4196  Oid tablespaceoid;
4197  AclMode mode;
4198  AclResult aclresult;
4199 
4200  tablespaceoid = convert_tablespace_name(tablespacename);
4201  mode = convert_tablespace_priv_string(priv_type_text);
4202 
4203  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4204 
4205  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4206 }
convert_tablespace_name
static Oid convert_tablespace_name(text *tablespacename)
Definition: acl.c:4240

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_name()

Datum has_tablespace_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4115 of file acl.c.

4116 {
4117  text *tablespacename = PG_GETARG_TEXT_PP(0);
4118  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4119  Oid roleid;
4120  Oid tablespaceoid;
4121  AclMode mode;
4122  AclResult aclresult;
4123 
4124  roleid = GetUserId();
4125  tablespaceoid = convert_tablespace_name(tablespacename);
4126  mode = convert_tablespace_priv_string(priv_type_text);
4127 
4128  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4129 
4130  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4131 }

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.