PostgreSQL Source Code  git master
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/hash.h"
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_type.h"
#include "catalog/pg_class.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (GrantObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_has_privs_of (Oid roleid)
 
static Listroles_is_member_of (Oid roleid)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_privs_role = InvalidOid
 
static Listcached_privs_roles = NIL
 
static Oid cached_member_role = InvalidOid
 
static Listcached_membership_roles = NIL
 

Function Documentation

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 427 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

428 {
429  Acl *result_acl;
430 
431  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
432 
433  memcpy(ACL_DAT(result_acl),
434  ACL_DAT(left_acl),
435  ACL_NUM(left_acl) * sizeof(AclItem));
436 
437  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
438  ACL_DAT(right_acl),
439  ACL_NUM(right_acl) * sizeof(AclItem));
440 
441  return result_acl;
442 }
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1551 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

1552 {
1553  Acl *acl = PG_GETARG_ACL_P(0);
1554  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1555  AclItem *aidat;
1556  int i,
1557  num;
1558 
1559  check_acl(acl);
1560  num = ACL_NUM(acl);
1561  aidat = ACL_DAT(acl);
1562  for (i = 0; i < num; ++i)
1563  {
1564  if (aip->ai_grantee == aidat[i].ai_grantee &&
1565  aip->ai_grantor == aidat[i].ai_grantor &&
1566  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1567  PG_RETURN_BOOL(true);
1568  }
1569  PG_RETURN_BOOL(false);
1570 }
Oid ai_grantee
Definition: acl.h:57
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:118
Oid ai_grantor
Definition: acl.h:58
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:69
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
#define PG_GETARG_ACL_P(n)
Definition: acl.h:123
int i
static void check_acl(const Acl *acl)
Definition: acl.c:540
Acl* aclcopy ( const Acl orig_acl)

Definition at line 407 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

408 {
409  Acl *result_acl;
410 
411  result_acl = allocacl(ACL_NUM(orig_acl));
412 
413  memcpy(ACL_DAT(result_acl),
414  ACL_DAT(orig_acl),
415  ACL_NUM(orig_acl) * sizeof(AclItem));
416 
417  return result_acl;
418 }
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
Acl* acldefault ( GrantObjectType  objtype,
Oid  ownerId 
)

Definition at line 746 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_NAMESPACE, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_OBJECT_COLUMN, ACL_OBJECT_DATABASE, ACL_OBJECT_DOMAIN, ACL_OBJECT_FDW, ACL_OBJECT_FOREIGN_SERVER, ACL_OBJECT_FUNCTION, ACL_OBJECT_LANGUAGE, ACL_OBJECT_LARGEOBJECT, ACL_OBJECT_NAMESPACE, ACL_OBJECT_RELATION, ACL_OBJECT_SEQUENCE, ACL_OBJECT_TABLESPACE, ACL_OBJECT_TYPE, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, and ERROR.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

747 {
748  AclMode world_default;
749  AclMode owner_default;
750  int nacl;
751  Acl *acl;
752  AclItem *aip;
753 
754  switch (objtype)
755  {
756  case ACL_OBJECT_COLUMN:
757  /* by default, columns have no extra privileges */
758  world_default = ACL_NO_RIGHTS;
759  owner_default = ACL_NO_RIGHTS;
760  break;
761  case ACL_OBJECT_RELATION:
762  world_default = ACL_NO_RIGHTS;
763  owner_default = ACL_ALL_RIGHTS_RELATION;
764  break;
765  case ACL_OBJECT_SEQUENCE:
766  world_default = ACL_NO_RIGHTS;
767  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
768  break;
769  case ACL_OBJECT_DATABASE:
770  /* for backwards compatibility, grant some rights by default */
771  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
772  owner_default = ACL_ALL_RIGHTS_DATABASE;
773  break;
774  case ACL_OBJECT_FUNCTION:
775  /* Grant EXECUTE by default, for now */
776  world_default = ACL_EXECUTE;
777  owner_default = ACL_ALL_RIGHTS_FUNCTION;
778  break;
779  case ACL_OBJECT_LANGUAGE:
780  /* Grant USAGE by default, for now */
781  world_default = ACL_USAGE;
782  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
783  break;
785  world_default = ACL_NO_RIGHTS;
786  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
787  break;
789  world_default = ACL_NO_RIGHTS;
790  owner_default = ACL_ALL_RIGHTS_NAMESPACE;
791  break;
793  world_default = ACL_NO_RIGHTS;
794  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
795  break;
796  case ACL_OBJECT_FDW:
797  world_default = ACL_NO_RIGHTS;
798  owner_default = ACL_ALL_RIGHTS_FDW;
799  break;
801  world_default = ACL_NO_RIGHTS;
802  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
803  break;
804  case ACL_OBJECT_DOMAIN:
805  case ACL_OBJECT_TYPE:
806  world_default = ACL_USAGE;
807  owner_default = ACL_ALL_RIGHTS_TYPE;
808  break;
809  default:
810  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
811  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
812  owner_default = ACL_NO_RIGHTS;
813  break;
814  }
815 
816  nacl = 0;
817  if (world_default != ACL_NO_RIGHTS)
818  nacl++;
819  if (owner_default != ACL_NO_RIGHTS)
820  nacl++;
821 
822  acl = allocacl(nacl);
823  aip = ACL_DAT(acl);
824 
825  if (world_default != ACL_NO_RIGHTS)
826  {
827  aip->ai_grantee = ACL_ID_PUBLIC;
828  aip->ai_grantor = ownerId;
829  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
830  aip++;
831  }
832 
833  /*
834  * Note that the owner's entry shows all ordinary privileges but no grant
835  * options. This is because his grant options come "from the system" and
836  * not from his own efforts. (The SQL spec says that the owner's rights
837  * come from a "_SYSTEM" authid.) However, we do consider that the
838  * owner's ordinary privileges are self-granted; this lets him revoke
839  * them. We implement the owner's grant options without any explicit
840  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
841  * wherever we are testing grant options.
842  */
843  if (owner_default != ACL_NO_RIGHTS)
844  {
845  aip->ai_grantee = ownerId;
846  aip->ai_grantor = ownerId;
847  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
848  }
849 
850  return acl;
851 }
Oid ai_grantee
Definition: acl.h:57
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:163
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:167
Oid ai_grantor
Definition: acl.h:58
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:164
uint32 AclMode
Definition: parsenodes.h:70
#define ERROR
Definition: elog.h:43
#define ACL_NO_RIGHTS
Definition: parsenodes.h:86
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:168
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_CONNECT
Definition: parsenodes.h:84
#define ACL_ALL_RIGHTS_NAMESPACE
Definition: acl.h:166
#define ACL_DAT(ACL)
Definition: acl.h:110
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:159
Definition: acl.h:55
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:165
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:160
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:162
#define ACL_EXECUTE
Definition: parsenodes.h:79
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:158
#define ACL_CREATE_TEMP
Definition: parsenodes.h:83
#define ACL_ID_PUBLIC
Definition: acl.h:47
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:161
#define elog
Definition: elog.h:219
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:83
Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 860 of file acl.c.

References ACL_OBJECT_COLUMN, ACL_OBJECT_DATABASE, ACL_OBJECT_FDW, ACL_OBJECT_FOREIGN_SERVER, ACL_OBJECT_FUNCTION, ACL_OBJECT_LANGUAGE, ACL_OBJECT_LARGEOBJECT, ACL_OBJECT_NAMESPACE, ACL_OBJECT_RELATION, ACL_OBJECT_SEQUENCE, ACL_OBJECT_TABLESPACE, ACL_OBJECT_TYPE, acldefault(), elog, ERROR, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

861 {
862  char objtypec = PG_GETARG_CHAR(0);
863  Oid owner = PG_GETARG_OID(1);
864  GrantObjectType objtype = 0;
865 
866  switch (objtypec)
867  {
868  case 'c':
869  objtype = ACL_OBJECT_COLUMN;
870  break;
871  case 'r':
872  objtype = ACL_OBJECT_RELATION;
873  break;
874  case 's':
875  objtype = ACL_OBJECT_SEQUENCE;
876  break;
877  case 'd':
878  objtype = ACL_OBJECT_DATABASE;
879  break;
880  case 'f':
881  objtype = ACL_OBJECT_FUNCTION;
882  break;
883  case 'l':
884  objtype = ACL_OBJECT_LANGUAGE;
885  break;
886  case 'L':
887  objtype = ACL_OBJECT_LARGEOBJECT;
888  break;
889  case 'n':
890  objtype = ACL_OBJECT_NAMESPACE;
891  break;
892  case 't':
893  objtype = ACL_OBJECT_TABLESPACE;
894  break;
895  case 'F':
896  objtype = ACL_OBJECT_FDW;
897  break;
898  case 'S':
899  objtype = ACL_OBJECT_FOREIGN_SERVER;
900  break;
901  case 'T':
902  objtype = ACL_OBJECT_TYPE;
903  break;
904  default:
905  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
906  }
907 
908  PG_RETURN_ACL_P(acldefault(objtype, owner));
909 }
GrantObjectType
Definition: parsenodes.h:1839
#define PG_RETURN_ACL_P(x)
Definition: acl.h:125
Acl * acldefault(GrantObjectType objtype, Oid ownerId)
Definition: acl.c:746
unsigned int Oid
Definition: postgres_ext.h:31
#define ERROR
Definition: elog.h:43
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define elog
Definition: elog.h:219
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:238
bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 509 of file acl.c.

References ACL_DAT, and ACL_NUM.

Referenced by get_user_default_acl(), and SetDefaultACL().

510 {
511  /* Check for cases where one or both are empty/null */
512  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
513  {
514  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
515  return true;
516  else
517  return false;
518  }
519  else
520  {
521  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
522  return false;
523  }
524 
525  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
526  return false;
527 
528  if (memcmp(ACL_DAT(left_acl),
529  ACL_DAT(right_acl),
530  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
531  return true;
532 
533  return false;
534 }
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1744 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, BOOLOID, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, OIDOID, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, TEXTOID, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

1745 {
1746  Acl *acl = PG_GETARG_ACL_P(0);
1747  FuncCallContext *funcctx;
1748  int *idx;
1749  AclItem *aidat;
1750 
1751  if (SRF_IS_FIRSTCALL())
1752  {
1753  TupleDesc tupdesc;
1754  MemoryContext oldcontext;
1755 
1756  check_acl(acl);
1757 
1758  funcctx = SRF_FIRSTCALL_INIT();
1759  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1760 
1761  /*
1762  * build tupdesc for result tuples (matches out parameters in pg_proc
1763  * entry)
1764  */
1765  tupdesc = CreateTemplateTupleDesc(4, false);
1766  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1767  OIDOID, -1, 0);
1768  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1769  OIDOID, -1, 0);
1770  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1771  TEXTOID, -1, 0);
1772  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1773  BOOLOID, -1, 0);
1774 
1775  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1776 
1777  /* allocate memory for user context */
1778  idx = (int *) palloc(sizeof(int[2]));
1779  idx[0] = 0; /* ACL array item index */
1780  idx[1] = -1; /* privilege type counter */
1781  funcctx->user_fctx = (void *) idx;
1782 
1783  MemoryContextSwitchTo(oldcontext);
1784  }
1785 
1786  funcctx = SRF_PERCALL_SETUP();
1787  idx = (int *) funcctx->user_fctx;
1788  aidat = ACL_DAT(acl);
1789 
1790  /* need test here in case acl has no items */
1791  while (idx[0] < ACL_NUM(acl))
1792  {
1793  AclItem *aidata;
1794  AclMode priv_bit;
1795 
1796  idx[1]++;
1797  if (idx[1] == N_ACL_RIGHTS)
1798  {
1799  idx[1] = 0;
1800  idx[0]++;
1801  if (idx[0] >= ACL_NUM(acl)) /* done */
1802  break;
1803  }
1804  aidata = &aidat[idx[0]];
1805  priv_bit = 1 << idx[1];
1806 
1807  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1808  {
1809  Datum result;
1810  Datum values[4];
1811  bool nulls[4];
1812  HeapTuple tuple;
1813 
1814  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1815  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1816  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1817  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1818 
1819  MemSet(nulls, 0, sizeof(nulls));
1820 
1821  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1822  result = HeapTupleGetDatum(tuple);
1823 
1824  SRF_RETURN_NEXT(funcctx, result);
1825  }
1826  }
1827 
1828  SRF_RETURN_DONE(funcctx);
1829 }
Oid ai_grantee
Definition: acl.h:57
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1694
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
#define OIDOID
Definition: pg_type.h:328
#define TEXTOID
Definition: pg_type.h:324
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:285
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
#define MemSet(start, val, len)
Definition: c.h:846
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:264
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:695
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:289
Oid ai_grantor
Definition: acl.h:58
TupleDesc tuple_desc
Definition: funcapi.h:120
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:291
uint32 AclMode
Definition: parsenodes.h:70
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define ACL_NUM(ACL)
Definition: acl.h:109
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:1032
#define N_ACL_RIGHTS
Definition: parsenodes.h:85
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:505
uintptr_t Datum
Definition: postgres.h:372
#define ACL_DAT(ACL)
Definition: acl.h:110
#define BoolGetDatum(X)
Definition: postgres.h:408
Definition: acl.h:55
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:109
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:67
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:222
#define BOOLOID
Definition: pg_type.h:288
TupleDesc CreateTemplateTupleDesc(int natts, bool hasoid)
Definition: tupdesc.c:43
#define PG_GETARG_ACL_P(n)
Definition: acl.h:123
static Datum values[MAXATTR]
Definition: bootstrap.c:164
void * user_fctx
Definition: funcapi.h:90
void * palloc(Size size)
Definition: mcxt.c:848
#define CStringGetTextDatum(s)
Definition: builtins.h:91
int16 AttrNumber
Definition: attnum.h:21
static void check_acl(const Acl *acl)
Definition: acl.c:540
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:309
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:287
Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1531 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1532 {
1533  ereport(ERROR,
1534  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1535  errmsg("aclinsert is no longer supported")));
1536 
1537  PG_RETURN_NULL(); /* keep compiler quiet */
1538 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 693 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

694 {
697  bool result;
698 
699  result = a1->ai_privs == a2->ai_privs &&
700  a1->ai_grantee == a2->ai_grantee &&
701  a1->ai_grantor == a2->ai_grantor;
702  PG_RETURN_BOOL(result);
703 }
Oid ai_grantee
Definition: acl.h:57
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:118
Oid ai_grantor
Definition: acl.h:58
AclMode ai_privs
Definition: acl.h:59
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
Definition: acl.h:55
static FormData_pg_attribute a1
Definition: heap.c:144
static FormData_pg_attribute a2
Definition: heap.c:150
static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 658 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

659 {
660  return a1->ai_grantee == a2->ai_grantee &&
661  a1->ai_grantor == a2->ai_grantor;
662 }
Oid ai_grantee
Definition: acl.h:57
Oid ai_grantor
Definition: acl.h:58
static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 669 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

670 {
671  const AclItem *a1 = (const AclItem *) arg1;
672  const AclItem *a2 = (const AclItem *) arg2;
673 
674  if (a1->ai_grantee > a2->ai_grantee)
675  return 1;
676  if (a1->ai_grantee < a2->ai_grantee)
677  return -1;
678  if (a1->ai_grantor > a2->ai_grantor)
679  return 1;
680  if (a1->ai_grantor < a2->ai_grantor)
681  return -1;
682  if (a1->ai_privs > a2->ai_privs)
683  return 1;
684  if (a1->ai_privs < a2->ai_privs)
685  return -1;
686  return 0;
687 }
Oid ai_grantee
Definition: acl.h:57
Oid ai_grantor
Definition: acl.h:58
AclMode ai_privs
Definition: acl.h:59
Definition: acl.h:55
static FormData_pg_attribute a1
Definition: heap.c:144
static FormData_pg_attribute a2
Definition: heap.c:150
Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 565 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

566 {
567  const char *s = PG_GETARG_CSTRING(0);
568  AclItem *aip;
569 
570  aip = (AclItem *) palloc(sizeof(AclItem));
571  s = aclparse(s, aip);
572  while (isspace((unsigned char) *s))
573  ++s;
574  if (*s)
575  ereport(ERROR,
576  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
577  errmsg("extra garbage at the end of the ACL specification")));
578 
579  PG_RETURN_ACLITEM_P(aip);
580 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:238
Definition: acl.h:55
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:119
void * palloc(Size size)
Definition: mcxt.c:848
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:242
Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 591 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), and SearchSysCache1.

592 {
593  AclItem *aip = PG_GETARG_ACLITEM_P(0);
594  char *p;
595  char *out;
596  HeapTuple htup;
597  unsigned i;
598 
599  out = palloc(strlen("=/") +
600  2 * N_ACL_RIGHTS +
601  2 * (2 * NAMEDATALEN + 2) +
602  1);
603 
604  p = out;
605  *p = '\0';
606 
607  if (aip->ai_grantee != ACL_ID_PUBLIC)
608  {
610  if (HeapTupleIsValid(htup))
611  {
612  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
613  ReleaseSysCache(htup);
614  }
615  else
616  {
617  /* Generate numeric OID if we don't find an entry */
618  sprintf(p, "%u", aip->ai_grantee);
619  }
620  }
621  while (*p)
622  ++p;
623 
624  *p++ = '=';
625 
626  for (i = 0; i < N_ACL_RIGHTS; ++i)
627  {
628  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
629  *p++ = ACL_ALL_RIGHTS_STR[i];
630  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
631  *p++ = '*';
632  }
633 
634  *p++ = '/';
635  *p = '\0';
636 
638  if (HeapTupleIsValid(htup))
639  {
640  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
641  ReleaseSysCache(htup);
642  }
643  else
644  {
645  /* Generate numeric OID if we don't find an entry */
646  sprintf(p, "%u", aip->ai_grantor);
647  }
648 
649  PG_RETURN_CSTRING(out);
650 }
Oid ai_grantee
Definition: acl.h:57
static void putid(char *p, const char *s)
Definition: acl.c:189
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:118
Oid ai_grantor
Definition: acl.h:58
#define SearchSysCache1(cacheId, key1)
Definition: syscache.h:159
#define NAMEDATALEN
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:72
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define N_ACL_RIGHTS
Definition: parsenodes.h:85
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1117
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:152
Definition: acl.h:55
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:322
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:67
void * palloc(Size size)
Definition: mcxt.c:848
int i
#define NameStr(name)
Definition: c.h:493
#define ACL_ID_PUBLIC
Definition: acl.h:47
void aclitemsort ( Acl acl)

Definition at line 495 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

496 {
497  if (acl != NULL && ACL_NUM(acl) > 1)
498  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
499 }
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
#define qsort(a, b, c, d)
Definition: port.h:443
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:669
AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1319 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

1321 {
1322  AclMode result;
1324  AclItem *aidat;
1325  int i,
1326  num;
1327 
1328  /*
1329  * Null ACL should not happen, since caller should have inserted
1330  * appropriate default
1331  */
1332  if (acl == NULL)
1333  elog(ERROR, "null ACL");
1334 
1335  check_acl(acl);
1336 
1337  /* Quick exit for mask == 0 */
1338  if (mask == 0)
1339  return 0;
1340 
1341  result = 0;
1342 
1343  /* Owner always implicitly has all grant options */
1344  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1345  has_privs_of_role(roleid, ownerId))
1346  {
1347  result = mask & ACLITEM_ALL_GOPTION_BITS;
1348  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1349  return result;
1350  }
1351 
1352  num = ACL_NUM(acl);
1353  aidat = ACL_DAT(acl);
1354 
1355  /*
1356  * Check privileges granted directly to roleid or to public
1357  */
1358  for (i = 0; i < num; i++)
1359  {
1360  AclItem *aidata = &aidat[i];
1361 
1362  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1363  aidata->ai_grantee == roleid)
1364  {
1365  result |= aidata->ai_privs & mask;
1366  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1367  return result;
1368  }
1369  }
1370 
1371  /*
1372  * Check privileges granted indirectly via role memberships. We do this in
1373  * a separate pass to minimize expensive indirect membership tests. In
1374  * particular, it's worth testing whether a given ACL entry grants any
1375  * privileges still of interest before we perform the has_privs_of_role
1376  * test.
1377  */
1378  remaining = mask & ~result;
1379  for (i = 0; i < num; i++)
1380  {
1381  AclItem *aidata = &aidat[i];
1382 
1383  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1384  aidata->ai_grantee == roleid)
1385  continue; /* already checked it */
1386 
1387  if ((aidata->ai_privs & remaining) &&
1388  has_privs_of_role(roleid, aidata->ai_grantee))
1389  {
1390  result |= aidata->ai_privs & mask;
1391  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1392  return result;
1393  remaining = mask & ~result;
1394  }
1395  }
1396 
1397  return result;
1398 }
int remaining
Definition: informix.c:692
Oid ai_grantee
Definition: acl.h:57
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:89
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4828
AclMode ai_privs
Definition: acl.h:59
uint32 AclMode
Definition: parsenodes.h:70
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
int i
#define ACL_ID_PUBLIC
Definition: acl.h:47
#define elog
Definition: elog.h:219
static void check_acl(const Acl *acl)
Definition: acl.c:540
static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1408 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

1410 {
1411  AclMode result;
1412  AclItem *aidat;
1413  int i,
1414  num;
1415 
1416  /*
1417  * Null ACL should not happen, since caller should have inserted
1418  * appropriate default
1419  */
1420  if (acl == NULL)
1421  elog(ERROR, "null ACL");
1422 
1423  check_acl(acl);
1424 
1425  /* Quick exit for mask == 0 */
1426  if (mask == 0)
1427  return 0;
1428 
1429  result = 0;
1430 
1431  /* Owner always implicitly has all grant options */
1432  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1433  roleid == ownerId)
1434  {
1435  result = mask & ACLITEM_ALL_GOPTION_BITS;
1436  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1437  return result;
1438  }
1439 
1440  num = ACL_NUM(acl);
1441  aidat = ACL_DAT(acl);
1442 
1443  /*
1444  * Check privileges granted directly to roleid (and not to public)
1445  */
1446  for (i = 0; i < num; i++)
1447  {
1448  AclItem *aidata = &aidat[i];
1449 
1450  if (aidata->ai_grantee == roleid)
1451  {
1452  result |= aidata->ai_privs & mask;
1453  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1454  return result;
1455  }
1456  }
1457 
1458  return result;
1459 }
Oid ai_grantee
Definition: acl.h:57
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:89
AclMode ai_privs
Definition: acl.h:59
uint32 AclMode
Definition: parsenodes.h:70
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
int i
#define elog
Definition: elog.h:219
static void check_acl(const Acl *acl)
Definition: acl.c:540
int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1471 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, oid_cmp(), palloc(), and qsort.

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), heap_create_with_catalog(), ProcedureCreate(), and SetDefaultACL().

1472 {
1473  Oid *list;
1474  const AclItem *acldat;
1475  int i,
1476  j,
1477  k;
1478 
1479  if (acl == NULL || ACL_NUM(acl) == 0)
1480  {
1481  *roleids = NULL;
1482  return 0;
1483  }
1484 
1485  check_acl(acl);
1486 
1487  /* Allocate the worst-case space requirement */
1488  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1489  acldat = ACL_DAT(acl);
1490 
1491  /*
1492  * Walk the ACL collecting mentioned RoleIds.
1493  */
1494  j = 0;
1495  for (i = 0; i < ACL_NUM(acl); i++)
1496  {
1497  const AclItem *ai = &acldat[i];
1498 
1499  if (ai->ai_grantee != ACL_ID_PUBLIC)
1500  list[j++] = ai->ai_grantee;
1501  /* grantor is currently never PUBLIC, but let's check anyway */
1502  if (ai->ai_grantor != ACL_ID_PUBLIC)
1503  list[j++] = ai->ai_grantor;
1504  }
1505 
1506  /* Sort the array */
1507  qsort(list, j, sizeof(Oid), oid_cmp);
1508 
1509  /* Remove duplicates from the array */
1510  k = 0;
1511  for (i = 1; i < j; i++)
1512  {
1513  if (list[k] != list[i])
1514  list[++k] = list[i];
1515  }
1516 
1517  /*
1518  * We could repalloc the array down to minimum size, but it's hardly worth
1519  * it since it's only transient memory.
1520  */
1521  *roleids = list;
1522 
1523  return k + 1;
1524 }
Oid ai_grantee
Definition: acl.h:57
unsigned int Oid
Definition: postgres_ext.h:31
Oid ai_grantor
Definition: acl.h:58
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
tuple list
Definition: sort-test.py:11
void * palloc(Size size)
Definition: mcxt.c:848
int i
#define ACL_ID_PUBLIC
Definition: acl.h:47
#define qsort(a, b, c, d)
Definition: port.h:443
static void check_acl(const Acl *acl)
Definition: acl.c:540
Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 451 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

452 {
453  Acl *result_acl;
454  AclItem *aip;
455  int i,
456  num;
457 
458  /* Check for cases where one or both are empty/null */
459  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
460  {
461  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
462  return NULL;
463  else
464  return aclcopy(right_acl);
465  }
466  else
467  {
468  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
469  return aclcopy(left_acl);
470  }
471 
472  /* Merge them the hard way, one item at a time */
473  result_acl = aclcopy(left_acl);
474 
475  aip = ACL_DAT(right_acl);
476  num = ACL_NUM(right_acl);
477 
478  for (i = 0; i < num; i++, aip++)
479  {
480  Acl *tmp_acl;
481 
482  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
483  ownerId, DROP_RESTRICT);
484  pfree(result_acl);
485  result_acl = tmp_acl;
486  }
487 
488  return result_acl;
489 }
void pfree(void *pointer)
Definition: mcxt.c:949
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_MODECHG_ADD
Definition: acl.h:130
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:407
int i
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:929
Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1050 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

1051 {
1052  Acl *new_acl;
1053  AclItem *new_aip;
1054  AclItem *old_aip;
1055  AclItem *dst_aip;
1056  AclItem *src_aip;
1057  AclItem *targ_aip;
1058  bool newpresent = false;
1059  int dst,
1060  src,
1061  targ,
1062  num;
1063 
1064  check_acl(old_acl);
1065 
1066  /*
1067  * Make a copy of the given ACL, substituting new owner ID for old
1068  * wherever it appears as either grantor or grantee. Also note if the new
1069  * owner ID is already present.
1070  */
1071  num = ACL_NUM(old_acl);
1072  old_aip = ACL_DAT(old_acl);
1073  new_acl = allocacl(num);
1074  new_aip = ACL_DAT(new_acl);
1075  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1076  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1077  {
1078  if (dst_aip->ai_grantor == oldOwnerId)
1079  dst_aip->ai_grantor = newOwnerId;
1080  else if (dst_aip->ai_grantor == newOwnerId)
1081  newpresent = true;
1082  if (dst_aip->ai_grantee == oldOwnerId)
1083  dst_aip->ai_grantee = newOwnerId;
1084  else if (dst_aip->ai_grantee == newOwnerId)
1085  newpresent = true;
1086  }
1087 
1088  /*
1089  * If the old ACL contained any references to the new owner, then we may
1090  * now have generated an ACL containing duplicate entries. Find them and
1091  * merge them so that there are not duplicates. (This is relatively
1092  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1093  * be the normal case.)
1094  *
1095  * To simplify deletion of duplicate entries, we temporarily leave them in
1096  * the array but set their privilege masks to zero; when we reach such an
1097  * entry it's just skipped. (Thus, a side effect of this code will be to
1098  * remove privilege-free entries, should there be any in the input.) dst
1099  * is the next output slot, targ is the currently considered input slot
1100  * (always >= dst), and src scans entries to the right of targ looking for
1101  * duplicates. Once an entry has been emitted to dst it is known
1102  * duplicate-free and need not be considered anymore.
1103  */
1104  if (newpresent)
1105  {
1106  dst = 0;
1107  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1108  {
1109  /* ignore if deleted in an earlier pass */
1110  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1111  continue;
1112  /* find and merge any duplicates */
1113  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1114  src++, src_aip++)
1115  {
1116  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1117  continue;
1118  if (aclitem_match(targ_aip, src_aip))
1119  {
1120  ACLITEM_SET_RIGHTS(*targ_aip,
1121  ACLITEM_GET_RIGHTS(*targ_aip) |
1122  ACLITEM_GET_RIGHTS(*src_aip));
1123  /* mark the duplicate deleted */
1124  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1125  }
1126  }
1127  /* and emit to output */
1128  new_aip[dst] = *targ_aip;
1129  dst++;
1130  }
1131  /* Adjust array size to be 'dst' items */
1132  ARR_DIMS(new_acl)[0] = dst;
1133  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1134  }
1135 
1136  return new_acl;
1137 }
Oid ai_grantee
Definition: acl.h:57
static Acl * allocacl(int n)
Definition: acl.c:376
Oid ai_grantor
Definition: acl.h:58
#define ARR_DIMS(a)
Definition: array.h:275
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_NO_RIGHTS
Definition: parsenodes.h:86
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:69
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:80
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:658
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:328
#define ACL_N_SIZE(N)
Definition: acl.h:111
static void check_acl(const Acl *acl)
Definition: acl.c:540
static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 238 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, BOOTSTRAP_SUPERUSERID, elog, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), LOG, name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

239 {
240  AclMode privs,
241  goption,
242  read;
243  char name[NAMEDATALEN];
244  char name2[NAMEDATALEN];
245 
246  Assert(s && aip);
247 
248 #ifdef ACLDEBUG
249  elog(LOG, "aclparse: input = \"%s\"", s);
250 #endif
251  s = getid(s, name);
252  if (*s != '=')
253  {
254  /* we just read a keyword, not a name */
255  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
256  ereport(ERROR,
257  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
258  errmsg("unrecognized key word: \"%s\"", name),
259  errhint("ACL key word must be \"group\" or \"user\".")));
260  s = getid(s, name); /* move s to the name beyond the keyword */
261  if (name[0] == '\0')
262  ereport(ERROR,
263  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
264  errmsg("missing name"),
265  errhint("A name must follow the \"group\" or \"user\" key word.")));
266  }
267 
268  if (*s != '=')
269  ereport(ERROR,
270  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
271  errmsg("missing \"=\" sign")));
272 
273  privs = goption = ACL_NO_RIGHTS;
274 
275  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
276  {
277  switch (*s)
278  {
279  case '*':
280  goption |= read;
281  break;
282  case ACL_INSERT_CHR:
283  read = ACL_INSERT;
284  break;
285  case ACL_SELECT_CHR:
286  read = ACL_SELECT;
287  break;
288  case ACL_UPDATE_CHR:
289  read = ACL_UPDATE;
290  break;
291  case ACL_DELETE_CHR:
292  read = ACL_DELETE;
293  break;
294  case ACL_TRUNCATE_CHR:
295  read = ACL_TRUNCATE;
296  break;
297  case ACL_REFERENCES_CHR:
298  read = ACL_REFERENCES;
299  break;
300  case ACL_TRIGGER_CHR:
301  read = ACL_TRIGGER;
302  break;
303  case ACL_EXECUTE_CHR:
304  read = ACL_EXECUTE;
305  break;
306  case ACL_USAGE_CHR:
307  read = ACL_USAGE;
308  break;
309  case ACL_CREATE_CHR:
310  read = ACL_CREATE;
311  break;
312  case ACL_CREATE_TEMP_CHR:
313  read = ACL_CREATE_TEMP;
314  break;
315  case ACL_CONNECT_CHR:
316  read = ACL_CONNECT;
317  break;
318  case 'R': /* ignore old RULE privileges */
319  read = 0;
320  break;
321  default:
322  ereport(ERROR,
323  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
324  errmsg("invalid mode character: must be one of \"%s\"",
326  }
327 
328  privs |= read;
329  }
330 
331  if (name[0] == '\0')
332  aip->ai_grantee = ACL_ID_PUBLIC;
333  else
334  aip->ai_grantee = get_role_oid(name, false);
335 
336  /*
337  * XXX Allow a degree of backward compatibility by defaulting the grantor
338  * to the superuser.
339  */
340  if (*s == '/')
341  {
342  s = getid(s + 1, name2);
343  if (name2[0] == '\0')
344  ereport(ERROR,
345  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
346  errmsg("a name must follow the \"/\" sign")));
347  aip->ai_grantor = get_role_oid(name2, false);
348  }
349  else
350  {
353  (errcode(ERRCODE_INVALID_GRANTOR),
354  errmsg("defaulting grantor to user ID %u",
356  }
357 
358  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
359 
360 #ifdef ACLDEBUG
361  elog(LOG, "aclparse: correctly read [%u %x %x]",
362  aip->ai_grantee, privs, goption);
363 #endif
364 
365  return s;
366 }
Oid ai_grantee
Definition: acl.h:57
#define ACL_INSERT_CHR
Definition: acl.h:138
int errhint(const char *fmt,...)
Definition: elog.c:987
#define ACL_CONNECT_CHR
Definition: acl.h:149
#define ACL_DELETE_CHR
Definition: acl.h:141
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ACL_DELETE
Definition: parsenodes.h:75
#define LOG
Definition: elog.h:26
Oid ai_grantor
Definition: acl.h:58
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5111
#define NAMEDATALEN
uint32 AclMode
Definition: parsenodes.h:70
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:148
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:82
static const char * getid(const char *s, char *n)
Definition: acl.c:137
#define ACL_NO_RIGHTS
Definition: parsenodes.h:86
#define ACL_TRIGGER
Definition: parsenodes.h:78
#define ACL_TRUNCATE_CHR
Definition: acl.h:142
#define ACL_REFERENCES_CHR
Definition: acl.h:143
#define ACL_USAGE
Definition: parsenodes.h:80
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACL_CONNECT
Definition: parsenodes.h:84
#define WARNING
Definition: elog.h:40
#define ACL_SELECT_CHR
Definition: acl.h:139
#define ACL_UPDATE
Definition: parsenodes.h:74
#define ACL_SELECT
Definition: parsenodes.h:73
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:152
#define ACL_USAGE_CHR
Definition: acl.h:146
#define ACL_REFERENCES
Definition: parsenodes.h:77
#define Assert(condition)
Definition: c.h:664
#define ACL_INSERT
Definition: parsenodes.h:72
#define ACL_UPDATE_CHR
Definition: acl.h:140
#define BOOTSTRAP_SUPERUSERID
Definition: pg_authid.h:102
const char * name
Definition: encode.c:521
#define ACL_TRIGGER_CHR
Definition: acl.h:144
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define ACL_EXECUTE
Definition: parsenodes.h:79
#define ACL_CREATE_TEMP
Definition: parsenodes.h:83
#define ACL_ID_PUBLIC
Definition: acl.h:47
#define elog
Definition: elog.h:219
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:83
#define read(a, b, c)
Definition: win32.h:13
#define ACL_EXECUTE_CHR
Definition: acl.h:145
#define ACL_CREATE_CHR
Definition: acl.h:147
#define ACL_TRUNCATE
Definition: parsenodes.h:76
Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1541 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1542 {
1543  ereport(ERROR,
1544  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1545  errmsg("aclremove is no longer supported")));
1546 
1547  PG_RETURN_NULL(); /* keep compiler quiet */
1548 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 929 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), memmove, recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

931 {
932  Acl *new_acl = NULL;
933  AclItem *old_aip,
934  *new_aip = NULL;
935  AclMode old_rights,
936  old_goptions,
937  new_rights,
938  new_goptions;
939  int dst,
940  num;
941 
942  /* Caller probably already checked old_acl, but be safe */
943  check_acl(old_acl);
944 
945  /* If granting grant options, check for circularity */
946  if (modechg != ACL_MODECHG_DEL &&
947  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
948  check_circularity(old_acl, mod_aip, ownerId);
949 
950  num = ACL_NUM(old_acl);
951  old_aip = ACL_DAT(old_acl);
952 
953  /*
954  * Search the ACL for an existing entry for this grantee and grantor. If
955  * one exists, just modify the entry in-place (well, in the same position,
956  * since we actually return a copy); otherwise, insert the new entry at
957  * the end.
958  */
959 
960  for (dst = 0; dst < num; ++dst)
961  {
962  if (aclitem_match(mod_aip, old_aip + dst))
963  {
964  /* found a match, so modify existing item */
965  new_acl = allocacl(num);
966  new_aip = ACL_DAT(new_acl);
967  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
968  break;
969  }
970  }
971 
972  if (dst == num)
973  {
974  /* need to append a new item */
975  new_acl = allocacl(num + 1);
976  new_aip = ACL_DAT(new_acl);
977  memcpy(new_aip, old_aip, num * sizeof(AclItem));
978 
979  /* initialize the new entry with no permissions */
980  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
981  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
982  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
984  num++; /* set num to the size of new_acl */
985  }
986 
987  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
988  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
989 
990  /* apply the specified permissions change */
991  switch (modechg)
992  {
993  case ACL_MODECHG_ADD:
994  ACLITEM_SET_RIGHTS(new_aip[dst],
995  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
996  break;
997  case ACL_MODECHG_DEL:
998  ACLITEM_SET_RIGHTS(new_aip[dst],
999  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1000  break;
1001  case ACL_MODECHG_EQL:
1002  ACLITEM_SET_RIGHTS(new_aip[dst],
1003  ACLITEM_GET_RIGHTS(*mod_aip));
1004  break;
1005  }
1006 
1007  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1008  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1009 
1010  /*
1011  * If the adjusted entry has no permissions, delete it from the list.
1012  */
1013  if (new_rights == ACL_NO_RIGHTS)
1014  {
1015  memmove(new_aip + dst,
1016  new_aip + dst + 1,
1017  (num - dst - 1) * sizeof(AclItem));
1018  /* Adjust array size to be 'num - 1' items */
1019  ARR_DIMS(new_acl)[0] = num - 1;
1020  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1021  }
1022 
1023  /*
1024  * Remove abandoned privileges (cascading revoke). Currently we can only
1025  * handle this when the grantee is not PUBLIC.
1026  */
1027  if ((old_goptions & ~new_goptions) != 0)
1028  {
1029  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1030  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1031  (old_goptions & ~new_goptions),
1032  ownerId, behavior);
1033  }
1034 
1035  return new_acl;
1036 }
Oid ai_grantee
Definition: acl.h:57
#define ACL_MODECHG_EQL
Definition: acl.h:132
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_MODECHG_DEL
Definition: acl.h:131
#define ACL_SIZE(ACL)
Definition: acl.h:112
Oid ai_grantor
Definition: acl.h:58
uint32 AclMode
Definition: parsenodes.h:70
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1153
#define ARR_DIMS(a)
Definition: array.h:275
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_NO_RIGHTS
Definition: parsenodes.h:86
#define memmove(d, s, c)
Definition: c.h:1047
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:69
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:80
#define ACL_MODECHG_ADD
Definition: acl.h:130
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
#define Assert(condition)
Definition: c.h:664
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:658
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1233
#define ACL_ID_PUBLIC
Definition: acl.h:47
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:328
#define ACL_N_SIZE(N)
Definition: acl.h:111
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:83
static void check_acl(const Acl *acl)
Definition: acl.c:540
static Acl * allocacl ( int  n)
static

Definition at line 376 of file acl.c.

References ACL_N_SIZE, ACLITEMOID, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

377 {
378  Acl *new_acl;
379  Size size;
380 
381  if (n < 0)
382  elog(ERROR, "invalid size: %d", n);
383  size = ACL_N_SIZE(n);
384  new_acl = (Acl *) palloc0(size);
385  SET_VARSIZE(new_acl, size);
386  new_acl->ndim = 1;
387  new_acl->dataoffset = 0; /* we never put in any nulls */
388  new_acl->elemtype = ACLITEMOID;
389  ARR_LBOUND(new_acl)[0] = 1;
390  ARR_DIMS(new_acl)[0] = n;
391  return new_acl;
392 }
int32 dataoffset
Definition: array.h:80
#define ARR_LBOUND(a)
Definition: array.h:277
#define ERROR
Definition: elog.h:43
Oid elemtype
Definition: array.h:81
#define ARR_DIMS(a)
Definition: array.h:275
void * palloc0(Size size)
Definition: mcxt.c:877
#define ACLITEMOID
Definition: pg_type.h:493
size_t Size
Definition: c.h:350
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:328
#define elog
Definition: elog.h:219
#define ACL_N_SIZE(N)
Definition: acl.h:111
int ndim
Definition: array.h:79
static void check_acl ( const Acl acl)
static

Definition at line 540 of file acl.c.

References ACLITEMOID, ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

541 {
542  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
543  ereport(ERROR,
544  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
545  errmsg("ACL array contains wrong data type")));
546  if (ARR_NDIM(acl) != 1)
547  ereport(ERROR,
548  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
549  errmsg("ACL arrays must be one-dimensional")));
550  if (ARR_HASNULL(acl))
551  ereport(ERROR,
552  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
553  errmsg("ACL arrays must not contain null values")));
554 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ARR_HASNULL(a)
Definition: array.h:272
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACLITEMOID
Definition: pg_type.h:493
#define ARR_NDIM(a)
Definition: array.h:271
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define ARR_ELEMTYPE(a)
Definition: array.h:273
static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1153 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

1155 {
1156  Acl *acl;
1157  AclItem *aip;
1158  int i,
1159  num;
1160  AclMode own_privs;
1161 
1162  check_acl(old_acl);
1163 
1164  /*
1165  * For now, grant options can only be granted to roles, not PUBLIC.
1166  * Otherwise we'd have to work a bit harder here.
1167  */
1168  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1169 
1170  /* The owner always has grant options, no need to check */
1171  if (mod_aip->ai_grantor == ownerId)
1172  return;
1173 
1174  /* Make a working copy */
1175  acl = allocacl(ACL_NUM(old_acl));
1176  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1177 
1178  /* Zap all grant options of target grantee, plus what depends on 'em */
1179 cc_restart:
1180  num = ACL_NUM(acl);
1181  aip = ACL_DAT(acl);
1182  for (i = 0; i < num; i++)
1183  {
1184  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1186  {
1187  Acl *new_acl;
1188 
1189  /* We'll actually zap ordinary privs too, but no matter */
1190  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1191  ownerId, DROP_CASCADE);
1192 
1193  pfree(acl);
1194  acl = new_acl;
1195 
1196  goto cc_restart;
1197  }
1198  }
1199 
1200  /* Now we can compute grantor's independently-derived privileges */
1201  own_privs = aclmask(acl,
1202  mod_aip->ai_grantor,
1203  ownerId,
1205  ACLMASK_ALL);
1206  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1207 
1208  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1209  ereport(ERROR,
1210  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1211  errmsg("grant options cannot be granted back to your own grantor")));
1212 
1213  pfree(acl);
1214 }
Oid ai_grantee
Definition: acl.h:57
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
static Acl * allocacl(int n)
Definition: acl.c:376
#define ACL_MODECHG_DEL
Definition: acl.h:131
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1319
#define ACL_SIZE(ACL)
Definition: acl.h:112
int errcode(int sqlerrcode)
Definition: elog.c:575
Oid ai_grantor
Definition: acl.h:58
uint32 AclMode
Definition: parsenodes.h:70
void pfree(void *pointer)
Definition: mcxt.c:949
#define ERROR
Definition: elog.h:43
#define ACL_NUM(ACL)
Definition: acl.h:109
#define ACL_NO_RIGHTS
Definition: parsenodes.h:86
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
#define ACL_DAT(ACL)
Definition: acl.h:110
Definition: acl.h:55
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:72
#define Assert(condition)
Definition: c.h:664
int errmsg(const char *fmt,...)
Definition: elog.c:797
int i
#define ACL_ID_PUBLIC
Definition: acl.h:47
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:929
static void check_acl(const Acl *acl)
Definition: acl.c:540
void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 4874 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

4875 {
4876  if (!is_member_of_role(member, role))
4877  ereport(ERROR,
4878  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4879  errmsg("must be member of role \"%s\"",
4880  GetUserNameFromId(role, false))));
4881 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4852
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:692
int errmsg(const char *fmt,...)
Definition: elog.c:797
void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5248 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

5249 {
5250  if (!role)
5251  return;
5252 
5253  if (role->roletype != ROLESPEC_CSTRING)
5254  return;
5255 
5256  if (IsReservedName(role->rolename))
5257  {
5258  if (detail_msg)
5259  ereport(ERROR,
5260  (errcode(ERRCODE_RESERVED_NAME),
5261  errmsg("role name \"%s\" is reserved",
5262  role->rolename),
5263  errdetail("%s", detail_msg)));
5264  else
5265  ereport(ERROR,
5266  (errcode(ERRCODE_RESERVED_NAME),
5267  errmsg("role name \"%s\" is reserved",
5268  role->rolename)));
5269  }
5270 }
int errcode(int sqlerrcode)
Definition: elog.c:575
bool IsReservedName(const char *name)
Definition: catalog.c:194
#define ERROR
Definition: elog.h:43
int errdetail(const char *fmt,...)
Definition: elog.c:873
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpecType roletype
Definition: parsenodes.h:327
char * rolename
Definition: parsenodes.h:328
int errmsg(const char *fmt,...)
Definition: elog.c:797
static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2457 of file acl.c.

References ACLCHECK_OK, ATTNUM, GETSTRUCT, HeapTupleIsValid, Int16GetDatum, ObjectIdGetDatum, pg_attribute_aclcheck(), pg_class_aclcheck(), ReleaseSysCache(), RELOID, SearchSysCache2, and SearchSysCacheExists1.

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2459 {
2460  AclResult aclresult;
2461  HeapTuple attTuple;
2462  Form_pg_attribute attributeForm;
2463 
2464  /*
2465  * First check if we have the privilege at the table level. We check
2466  * existence of the pg_class row before risking calling pg_class_aclcheck.
2467  * Note: it might seem there's a race condition against concurrent DROP,
2468  * but really it's safe because there will be no syscache flush between
2469  * here and there. So if we see the row in the syscache, so will
2470  * pg_class_aclcheck.
2471  */
2473  return -1;
2474 
2475  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2476 
2477  if (aclresult == ACLCHECK_OK)
2478  return true;
2479 
2480  /*
2481  * No table privilege, so try per-column privileges. Again, we have to
2482  * check for dropped attribute first, and we rely on the syscache not to
2483  * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
2484  */
2485  attTuple = SearchSysCache2(ATTNUM,
2486  ObjectIdGetDatum(tableoid),
2487  Int16GetDatum(attnum));
2488  if (!HeapTupleIsValid(attTuple))
2489  return -1;
2490  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2491  if (attributeForm->attisdropped)
2492  {
2493  ReleaseSysCache(attTuple);
2494  return -1;
2495  }
2496  ReleaseSysCache(attTuple);
2497 
2498  aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
2499 
2500  return (aclresult == ACLCHECK_OK);
2501 }
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
AclResult pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: aclchk.c:4308
#define Int16GetDatum(X)
Definition: postgres.h:457
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:187
AclResult
Definition: acl.h:178
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1117
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4422
#define SearchSysCache2(cacheId, key1, key2)
Definition: syscache.h:161
static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1694 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

1695 {
1696  switch (aclright)
1697  {
1698  case ACL_INSERT:
1699  return "INSERT";
1700  case ACL_SELECT:
1701  return "SELECT";
1702  case ACL_UPDATE:
1703  return "UPDATE";
1704  case ACL_DELETE:
1705  return "DELETE";
1706  case ACL_TRUNCATE:
1707  return "TRUNCATE";
1708  case ACL_REFERENCES:
1709  return "REFERENCES";
1710  case ACL_TRIGGER:
1711  return "TRIGGER";
1712  case ACL_EXECUTE:
1713  return "EXECUTE";
1714  case ACL_USAGE:
1715  return "USAGE";
1716  case ACL_CREATE:
1717  return "CREATE";
1718  case ACL_CREATE_TEMP:
1719  return "TEMPORARY";
1720  case ACL_CONNECT:
1721  return "CONNECT";
1722  default:
1723  elog(ERROR, "unrecognized aclright: %d", aclright);
1724  return NULL;
1725  }
1726 }
#define ACL_DELETE
Definition: parsenodes.h:75
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:82
#define ACL_TRIGGER
Definition: parsenodes.h:78
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_CONNECT
Definition: parsenodes.h:84
#define ACL_UPDATE
Definition: parsenodes.h:74
#define ACL_SELECT
Definition: parsenodes.h:73
#define ACL_REFERENCES
Definition: parsenodes.h:77
#define ACL_INSERT
Definition: parsenodes.h:72
#define ACL_EXECUTE
Definition: parsenodes.h:79
#define ACL_CREATE_TEMP
Definition: parsenodes.h:83
#define elog
Definition: elog.h:219
#define ACL_TRUNCATE
Definition: parsenodes.h:76
static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1646 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

1648 {
1649  AclMode result = 0;
1650  char *priv_type = text_to_cstring(priv_type_text);
1651  char *chunk;
1652  char *next_chunk;
1653 
1654  /* We rely on priv_type being a private, modifiable string */
1655  for (chunk = priv_type; chunk; chunk = next_chunk)
1656  {
1657  int chunk_len;
1658  const priv_map *this_priv;
1659 
1660  /* Split string at commas */
1661  next_chunk = strchr(chunk, ',');
1662  if (next_chunk)
1663  *next_chunk++ = '\0';
1664 
1665  /* Drop leading/trailing whitespace in this chunk */
1666  while (*chunk && isspace((unsigned char) *chunk))
1667  chunk++;
1668  chunk_len = strlen(chunk);
1669  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1670  chunk_len--;
1671  chunk[chunk_len] = '\0';
1672 
1673  /* Match to the privileges list */
1674  for (this_priv = privileges; this_priv->name; this_priv++)
1675  {
1676  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1677  {
1678  result |= this_priv->value;
1679  break;
1680  }
1681  }
1682  if (!this_priv->name)
1683  ereport(ERROR,
1684  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1685  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1686  }
1687 
1688  pfree(priv_type);
1689  return result;
1690 }
Definition: acl.c:43
int errcode(int sqlerrcode)
Definition: elog.c:575
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
const char * name
Definition: acl.c:45
uint32 AclMode
Definition: parsenodes.h:70
void pfree(void *pointer)
Definition: mcxt.c:949
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
AclMode value
Definition: acl.c:46
char * text_to_cstring(const text *t)
Definition: varlena.c:182
int errmsg(const char *fmt,...)
Definition: elog.c:797
static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2828 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, get_attnum(), get_rel_name(), InvalidAttrNumber, pfree(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

2829 {
2830  AttrNumber attnum;
2831  char *colname;
2832 
2833  colname = text_to_cstring(column);
2834  attnum = get_attnum(tableoid, colname);
2835  if (attnum == InvalidAttrNumber)
2836  ereport(ERROR,
2837  (errcode(ERRCODE_UNDEFINED_COLUMN),
2838  errmsg("column \"%s\" of relation \"%s\" does not exist",
2839  colname, get_rel_name(tableoid))));
2840  pfree(colname);
2841  return attnum;
2842 }
int errcode(int sqlerrcode)
Definition: elog.c:575
void pfree(void *pointer)
Definition: mcxt.c:949
#define ERROR
Definition: elog.h:43
AttrNumber get_attnum(Oid relid, const char *attname)
Definition: lsyscache.c:821
#define ereport(elevel, rest)
Definition: elog.h:122
#define InvalidAttrNumber
Definition: attnum.h:23
char * text_to_cstring(const text *t)
Definition: varlena.c:182
int errmsg(const char *fmt,...)
Definition: elog.c:797
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1726
int16 AttrNumber
Definition: attnum.h:21
static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2849 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2850 {
2851  static const priv_map column_priv_map[] = {
2852  {"SELECT", ACL_SELECT},
2853  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2854  {"INSERT", ACL_INSERT},
2855  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2856  {"UPDATE", ACL_UPDATE},
2857  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2858  {"REFERENCES", ACL_REFERENCES},
2859  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2860  {NULL, 0}
2861  };
2862 
2863  return convert_any_priv_string(priv_type_text, column_priv_map);
2864 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_UPDATE
Definition: parsenodes.h:74
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
#define ACL_SELECT
Definition: parsenodes.h:73
#define ACL_REFERENCES
Definition: parsenodes.h:77
#define ACL_INSERT
Definition: parsenodes.h:72
static Oid convert_database_name ( text databasename)
static

Definition at line 3034 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

3035 {
3036  char *dbname = text_to_cstring(databasename);
3037 
3038  return get_database_oid(dbname, false);
3039 }
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2009
char * dbname
Definition: streamutil.c:45
char * text_to_cstring(const text *t)
Definition: varlena.c:182
static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3046 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

3047 {
3048  static const priv_map database_priv_map[] = {
3049  {"CREATE", ACL_CREATE},
3050  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3051  {"TEMPORARY", ACL_CREATE_TEMP},
3052  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3053  {"TEMP", ACL_CREATE_TEMP},
3054  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3055  {"CONNECT", ACL_CONNECT},
3056  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3057  {NULL, 0}
3058  };
3059 
3060  return convert_any_priv_string(priv_type_text, database_priv_map);
3061 
3062 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_CREATE
Definition: parsenodes.h:82
#define ACL_CONNECT
Definition: parsenodes.h:84
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
#define ACL_CREATE_TEMP
Definition: parsenodes.h:83
static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3223 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

3224 {
3225  char *fdwstr = text_to_cstring(fdwname);
3226 
3227  return get_foreign_data_wrapper_oid(fdwstr, false);
3228 }
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:659
char * text_to_cstring(const text *t)
Definition: varlena.c:182
static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3235 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

3236 {
3237  static const priv_map foreign_data_wrapper_priv_map[] = {
3238  {"USAGE", ACL_USAGE},
3239  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3240  {NULL, 0}
3241  };
3242 
3243  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3244 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
static Oid convert_function_name ( text functionname)
static

Definition at line 3414 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

3415 {
3416  char *funcname = text_to_cstring(functionname);
3417  Oid oid;
3418 
3420  CStringGetDatum(funcname)));
3421 
3422  if (!OidIsValid(oid))
3423  ereport(ERROR,
3424  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3425  errmsg("function \"%s\" does not exist", funcname)));
3426 
3427  return oid;
3428 }
#define DatumGetObjectId(X)
Definition: postgres.h:506
int errcode(int sqlerrcode)
Definition: elog.c:575
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:585
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:532
#define ERROR
Definition: elog.h:43
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:231
#define CStringGetDatum(X)
Definition: postgres.h:584
#define ereport(elevel, rest)
Definition: elog.h:122
char * text_to_cstring(const text *t)
Definition: varlena.c:182
int errmsg(const char *fmt,...)
Definition: elog.c:797
static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3435 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

3436 {
3437  static const priv_map function_priv_map[] = {
3438  {"EXECUTE", ACL_EXECUTE},
3439  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3440  {NULL, 0}
3441  };
3442 
3443  return convert_any_priv_string(priv_type_text, function_priv_map);
3444 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
#define ACL_EXECUTE
Definition: parsenodes.h:79
static Oid convert_language_name ( text languagename)
static

Definition at line 3614 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

3615 {
3616  char *langname = text_to_cstring(languagename);
3617 
3618  return get_language_oid(langname, false);
3619 }
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:553
char * text_to_cstring(const text *t)
Definition: varlena.c:182
static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3626 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

3627 {
3628  static const priv_map language_priv_map[] = {
3629  {"USAGE", ACL_USAGE},
3630  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3631  {NULL, 0}
3632  };
3633 
3634  return convert_any_priv_string(priv_type_text, language_priv_map);
3635 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1596 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

1597 {
1598  char *priv_type = text_to_cstring(priv_type_text);
1599 
1600  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1601  return ACL_SELECT;
1602  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1603  return ACL_INSERT;
1604  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1605  return ACL_UPDATE;
1606  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1607  return ACL_DELETE;
1608  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1609  return ACL_TRUNCATE;
1610  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1611  return ACL_REFERENCES;
1612  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1613  return ACL_TRIGGER;
1614  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1615  return ACL_EXECUTE;
1616  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1617  return ACL_USAGE;
1618  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1619  return ACL_CREATE;
1620  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1621  return ACL_CREATE_TEMP;
1622  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1623  return ACL_CREATE_TEMP;
1624  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1625  return ACL_CONNECT;
1626  if (pg_strcasecmp(priv_type, "RULE") == 0)
1627  return 0; /* ignore old RULE privileges */
1628 
1629  ereport(ERROR,
1630  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1631  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1632  return ACL_NO_RIGHTS; /* keep compiler quiet */
1633 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define ACL_DELETE
Definition: parsenodes.h:75
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
#define ERROR
Definition: elog.h:43
#define ACL_CREATE
Definition: parsenodes.h:82
#define ACL_NO_RIGHTS
Definition: parsenodes.h:86
#define ACL_TRIGGER
Definition: parsenodes.h:78
#define ACL_USAGE
Definition: parsenodes.h:80
#define ereport(elevel, rest)
Definition: elog.h:122
#define ACL_CONNECT
Definition: parsenodes.h:84
#define ACL_UPDATE
Definition: parsenodes.h:74
#define ACL_SELECT
Definition: parsenodes.h:73
#define ACL_REFERENCES
Definition: parsenodes.h:77
#define ACL_INSERT
Definition: parsenodes.h:72
char * text_to_cstring(const text *t)
Definition: varlena.c:182
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define ACL_EXECUTE
Definition: parsenodes.h:79
#define ACL_CREATE_TEMP
Definition: parsenodes.h:83
#define ACL_TRUNCATE
Definition: parsenodes.h:76
static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4559 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

4560 {
4561  static const priv_map role_priv_map[] = {
4562  {"USAGE", ACL_USAGE},
4563  {"MEMBER", ACL_CREATE},
4564  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4565  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4566  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4567  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4568  {NULL, 0}
4569  };
4570 
4571  return convert_any_priv_string(priv_type_text, role_priv_map);
4572 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_CREATE
Definition: parsenodes.h:82
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
static Oid convert_schema_name ( text schemaname)
static

Definition at line 3805 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

3806 {
3807  char *nspname = text_to_cstring(schemaname);
3808 
3809  return get_namespace_oid(nspname, false);
3810 }
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3005
char * text_to_cstring(const text *t)
Definition: varlena.c:182
static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3817 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

3818 {
3819  static const priv_map schema_priv_map[] = {
3820  {"CREATE", ACL_CREATE},
3821  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3822  {"USAGE", ACL_USAGE},
3823  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3824  {NULL, 0}
3825  };
3826 
3827  return convert_any_priv_string(priv_type_text, schema_priv_map);
3828 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_CREATE
Definition: parsenodes.h:82
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2239 of file acl.c.

References ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

2240 {
2241  static const priv_map sequence_priv_map[] = {
2242  {"USAGE", ACL_USAGE},
2243  {"SELECT", ACL_SELECT},
2244  {"UPDATE", ACL_UPDATE},
2245  {NULL, 0}
2246  };
2247 
2248  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2249 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_UPDATE
Definition: parsenodes.h:74
#define ACL_SELECT
Definition: parsenodes.h:73
static Oid convert_server_name ( text servername)
static

Definition at line 3989 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

3990 {
3991  char *serverstr = text_to_cstring(servername);
3992 
3993  return get_foreign_server_oid(serverstr, false);
3994 }
char * text_to_cstring(const text *t)
Definition: varlena.c:182
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:680
static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4001 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

4002 {
4003  static const priv_map server_priv_map[] = {
4004  {"USAGE", ACL_USAGE},
4005  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4006  {NULL, 0}
4007  };
4008 
4009  return convert_any_priv_string(priv_type_text, server_priv_map);
4010 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
static Oid convert_table_name ( text tablename)
static
static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2016 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

2017 {
2018  static const priv_map table_priv_map[] = {
2019  {"SELECT", ACL_SELECT},
2020  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2021  {"INSERT", ACL_INSERT},
2022  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2023  {"UPDATE", ACL_UPDATE},
2024  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2025  {"DELETE", ACL_DELETE},
2026  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2027  {"TRUNCATE", ACL_TRUNCATE},
2028  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2029  {"REFERENCES", ACL_REFERENCES},
2030  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2031  {"TRIGGER", ACL_TRIGGER},
2032  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2033  {"RULE", 0}, /* ignore old RULE privileges */
2034  {"RULE WITH GRANT OPTION", 0},
2035  {NULL, 0}
2036  };
2037 
2038  return convert_any_priv_string(priv_type_text, table_priv_map);
2039 }
Definition: acl.c:43
#define ACL_DELETE
Definition: parsenodes.h:75
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_TRIGGER
Definition: parsenodes.h:78
#define ACL_UPDATE
Definition: parsenodes.h:74
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
#define ACL_SELECT
Definition: parsenodes.h:73
#define ACL_REFERENCES
Definition: parsenodes.h:77
#define ACL_INSERT
Definition: parsenodes.h:72
#define ACL_TRUNCATE
Definition: parsenodes.h:76
static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4171 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

4172 {
4173  char *spcname = text_to_cstring(tablespacename);
4174 
4175  return get_tablespace_oid(spcname, false);
4176 }
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1380
char * text_to_cstring(const text *t)
Definition: varlena.c:182
static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4183 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

4184 {
4185  static const priv_map tablespace_priv_map[] = {
4186  {"CREATE", ACL_CREATE},
4187  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4188  {NULL, 0}
4189  };
4190 
4191  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4192 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_CREATE
Definition: parsenodes.h:82
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
static Oid convert_type_name ( text typename)
static

Definition at line 4361 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), and text_to_cstring().

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

4362 {
4363  char *typname = text_to_cstring(typename);
4364  Oid oid;
4365 
4367  CStringGetDatum(typname)));
4368 
4369  if (!OidIsValid(oid))
4370  ereport(ERROR,
4371  (errcode(ERRCODE_UNDEFINED_OBJECT),
4372  errmsg("type \"%s\" does not exist", typname)));
4373 
4374  return oid;
4375 }
#define DatumGetObjectId(X)
Definition: postgres.h:506
int errcode(int sqlerrcode)
Definition: elog.c:575
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:585
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:532
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:584
#define ereport(elevel, rest)
Definition: elog.h:122
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1061
char * text_to_cstring(const text *t)
Definition: varlena.c:182
int errmsg(const char *fmt,...)
Definition: elog.c:797
static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4382 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

4383 {
4384  static const priv_map type_priv_map[] = {
4385  {"USAGE", ACL_USAGE},
4386  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4387  {NULL, 0}
4388  };
4389 
4390  return convert_any_priv_string(priv_type_text, type_priv_map);
4391 }
Definition: acl.c:43
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1646
#define ACL_USAGE
Definition: parsenodes.h:80
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
static int count_one_bits ( AclMode  mask)
static

Definition at line 4996 of file acl.c.

Referenced by select_best_grantor().

4997 {
4998  int nbits = 0;
4999 
5000  /* this code relies on AclMode being an unsigned type */
5001  while (mask)
5002  {
5003  if (mask & 1)
5004  nbits++;
5005  mask >>= 1;
5006  }
5007  return nbits;
5008 }
Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5111 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

5112 {
5113  Oid oid;
5114 
5115  oid = GetSysCacheOid1(AUTHNAME, CStringGetDatum(rolname));
5116  if (!OidIsValid(oid) && !missing_ok)
5117  ereport(ERROR,
5118  (errcode(ERRCODE_UNDEFINED_OBJECT),
5119  errmsg("role \"%s\" does not exist", rolname)));
5120  return oid;
5121 }
int errcode(int sqlerrcode)
Definition: elog.c:575
unsigned int Oid
Definition: postgres_ext.h:31
#define OidIsValid(objectId)
Definition: c.h:532
#define GetSysCacheOid1(cacheId, key1)
Definition: syscache.h:186
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:584
#define ereport(elevel, rest)
Definition: elog.h:122
int errmsg(const char *fmt,...)
Definition: elog.c:797
char* get_rolespec_name ( const RoleSpec role)

Definition at line 5226 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

5227 {
5228  HeapTuple tp;
5229  Form_pg_authid authForm;
5230  char *rolename;
5231 
5232  tp = get_rolespec_tuple(role);
5233  authForm = (Form_pg_authid) GETSTRUCT(tp);
5234  rolename = pstrdup(NameStr(authForm->rolname));
5235  ReleaseSysCache(tp);
5236 
5237  return rolename;
5238 }
#define GETSTRUCT(TUP)
Definition: htup_details.h:656
char * pstrdup(const char *in)
Definition: mcxt.c:1076
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:72
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1117
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5182
#define NameStr(name)
Definition: c.h:493
Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5144 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

5145 {
5146  Oid oid;
5147 
5148  switch (role->roletype)
5149  {
5150  case ROLESPEC_CSTRING:
5151  Assert(role->rolename);
5152  oid = get_role_oid(role->rolename, missing_ok);
5153  break;
5154 
5155  case ROLESPEC_CURRENT_USER:
5156  oid = GetUserId();
5157  break;
5158 
5159  case ROLESPEC_SESSION_USER:
5160  oid = GetSessionUserId();
5161  break;
5162 
5163  case ROLESPEC_PUBLIC:
5164  ereport(ERROR,
5165  (errcode(ERRCODE_UNDEFINED_OBJECT),
5166  errmsg("role \"%s\" does not exist", "public")));
5167  oid = InvalidOid; /* make compiler happy */
5168  break;
5169 
5170  default:
5171  elog(ERROR, "unexpected role type %d", role->roletype);
5172  }
5173 
5174  return oid;
5175 }
Oid GetUserId(void)
Definition: miscinit.c:284
int errcode(int sqlerrcode)
Definition: elog.c:575
unsigned int Oid
Definition: postgres_ext.h:31
Oid GetSessionUserId(void)
Definition: miscinit.c:318
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5111
#define ERROR
Definition: elog.h:43
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpecType roletype
Definition: parsenodes.h:327
#define InvalidOid
Definition: postgres_ext.h:36
#define Assert(condition)
Definition: c.h:664
char * rolename
Definition: parsenodes.h:328
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define elog
Definition: elog.h:219
HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5182 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1.

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

5183 {
5184  HeapTuple tuple;
5185 
5186  switch (role->roletype)
5187  {
5188  case ROLESPEC_CSTRING:
5189  Assert(role->rolename);
5191  if (!HeapTupleIsValid(tuple))
5192  ereport(ERROR,
5193  (errcode(ERRCODE_UNDEFINED_OBJECT),
5194  errmsg("role \"%s\" does not exist", role->rolename)));
5195  break;
5196 
5197  case ROLESPEC_CURRENT_USER:
5198  tuple = SearchSysCache1(AUTHOID, GetUserId());
5199  if (!HeapTupleIsValid(tuple))
5200  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5201  break;
5202 
5203  case ROLESPEC_SESSION_USER:
5205  if (!HeapTupleIsValid(tuple))
5206  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5207  break;
5208 
5209  case ROLESPEC_PUBLIC:
5210  ereport(ERROR,
5211  (errcode(ERRCODE_UNDEFINED_OBJECT),
5212  errmsg("role \"%s\" does not exist", "public")));
5213  tuple = NULL; /* make compiler happy */
5214 
5215  default:
5216  elog(ERROR, "unexpected role type %d", role->roletype);
5217  }
5218 
5219  return tuple;
5220 }
Oid GetUserId(void)
Definition: miscinit.c:284
int errcode(int sqlerrcode)
Definition: elog.c:575
Oid GetSessionUserId(void)
Definition: miscinit.c:318
#define SearchSysCache1(cacheId, key1)
Definition: syscache.h:159
#define ERROR
Definition: elog.h:43
#define CStringGetDatum(X)
Definition: postgres.h:584
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpecType roletype
Definition: parsenodes.h:327
#define HeapTupleIsValid(tuple)
Definition: htup.h:77
#define Assert(condition)
Definition: c.h:664
char * rolename
Definition: parsenodes.h:328
int errmsg(const char *fmt,...)
Definition: elog.c:797
#define elog
Definition: elog.h:219
static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 137 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

138 {
139  int len = 0;
140  bool in_quotes = false;
141 
142  Assert(s && n);
143 
144  while (isspace((unsigned char) *s))
145  s++;
146  /* This code had better match what putid() does, below */
147  for (;
148  *s != '\0' &&
149  (isalnum((unsigned char) *s) ||
150  *s == '_' ||
151  *s == '"' ||
152  in_quotes);
153  s++)
154  {
155  if (*s == '"')
156  {
157  /* safe to look at next char (could be '\0' though) */
158  if (*(s + 1) != '"')
159  {
160  in_quotes = !in_quotes;
161  continue;
162  }
163  /* it's an escaped double quote; skip the escaping char */
164  s++;
165  }
166 
167  /* Add the character to the string */
168  if (len >= NAMEDATALEN - 1)
169  ereport(ERROR,
170  (errcode(ERRCODE_NAME_TOO_LONG),
171  errmsg("identifier too long"),
172  errdetail("Identifier must be less than %d characters.",
173  NAMEDATALEN)));
174 
175  n[len++] = *s;
176  }
177  n[len] = '\0';
178  while (isspace((unsigned char) *s))
179  s++;
180  return s;
181 }
int errcode(int sqlerrcode)
Definition: elog.c:575
#define NAMEDATALEN
#define ERROR
Definition: elog.h:43
int errdetail(const char *fmt,...)
Definition: elog.c:873
#define ereport(elevel, rest)
Definition: elog.h:122
#define Assert(condition)
Definition: c.h:664
int errmsg(const char *fmt,...)
Definition: elog.c:797
Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2358 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2359 {
2360  Oid tableoid = PG_GETARG_OID(0);
2361  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2362  Oid roleid;
2363  AclMode mode;
2364  AclResult aclresult;
2365 
2366  roleid = GetUserId();
2367  mode = convert_column_priv_string(priv_type_text);
2368 
2370  PG_RETURN_NULL();
2371 
2372  /* First check at table level, then examine each column if needed */
2373  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2374  if (aclresult != ACLCHECK_OK)
2375  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2376  ACLMASK_ANY);
2377 
2378  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2379 }
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4337
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4422
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2414 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2415 {
2416  Oid roleid = PG_GETARG_OID(0);
2417  Oid tableoid = PG_GETARG_OID(1);
2418  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2419  AclMode mode;
2420  AclResult aclresult;
2421 
2422  mode = convert_column_priv_string(priv_type_text);
2423 
2425  PG_RETURN_NULL();
2426 
2427  /* First check at table level, then examine each column if needed */
2428  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2429  if (aclresult != ACLCHECK_OK)
2430  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2431  ACLMASK_ANY);
2432 
2433  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2434 }
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4337
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4422
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2387 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2388 {
2389  Oid roleid = PG_GETARG_OID(0);
2390  text *tablename = PG_GETARG_TEXT_PP(1);
2391  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2392  Oid tableoid;
2393  AclMode mode;
2394  AclResult aclresult;
2395 
2396  tableoid = convert_table_name(tablename);
2397  mode = convert_column_priv_string(priv_type_text);
2398 
2399  /* First check at table level, then examine each column if needed */
2400  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2401  if (aclresult != ACLCHECK_OK)
2402  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2403  ACLMASK_ANY);
2404 
2405  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2406 }
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4337
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4422
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2299 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2300 {
2301  text *tablename = PG_GETARG_TEXT_PP(0);
2302  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2303  Oid roleid;
2304  Oid tableoid;
2305  AclMode mode;
2306  AclResult aclresult;
2307 
2308  roleid = GetUserId();
2309  tableoid = convert_table_name(tablename);
2310  mode = convert_column_priv_string(priv_type_text);
2311 
2312  /* First check at table level, then examine each column if needed */
2313  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2314  if (aclresult != ACLCHECK_OK)
2315  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2316  ACLMASK_ANY);
2317 
2318  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2319 }
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4337
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4422
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2327 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

2328 {
2330  Oid tableoid = PG_GETARG_OID(1);
2331  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2332  Oid roleid;
2333  AclMode mode;
2334  AclResult aclresult;
2335 
2336  roleid = get_role_oid_or_public(NameStr(*username));
2337  mode = convert_column_priv_string(priv_type_text);
2338 
2340  PG_RETURN_NULL();
2341 
2342  /* First check at table level, then examine each column if needed */
2343  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2344  if (aclresult != ACLCHECK_OK)
2345  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2346  ACLMASK_ANY);
2347 
2348  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2349 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
Definition: c.h:487
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static char * username
Definition: initdb.c:132
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4337
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4422
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
#define PG_RETURN_NULL()
Definition: fmgr.h:305
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2269 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2270 {
2271  Name rolename = PG_GETARG_NAME(0);
2272  text *tablename = PG_GETARG_TEXT_PP(1);
2273  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2274  Oid roleid;
2275  Oid tableoid;
2276  AclMode mode;
2277  AclResult aclresult;
2278 
2279  roleid = get_role_oid_or_public(NameStr(*rolename));
2280  tableoid = convert_table_name(tablename);
2281  mode = convert_column_priv_string(priv_type_text);
2282 
2283  /* First check at table level, then examine each column if needed */
2284  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2285  if (aclresult != ACLCHECK_OK)
2286  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2287  ACLMASK_ANY);
2288 
2289  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2290 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4337
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4422
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2801 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2802 {
2803  Oid tableoid = PG_GETARG_OID(0);
2804  AttrNumber colattnum = PG_GETARG_INT16(1);
2805  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2806  Oid roleid;
2807  AclMode mode;
2808  int privresult;
2809 
2810  roleid = GetUserId();
2811  mode = convert_column_priv_string(priv_type_text);
2812 
2813  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2814  if (privresult < 0)
2815  PG_RETURN_NULL();
2816  PG_RETURN_BOOL(privresult);
2817 }
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
#define PG_GETARG_INT16(n)
Definition: fmgr.h:236
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2694 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2695 {
2696  Oid roleid = PG_GETARG_OID(0);
2697  Oid tableoid = PG_GETARG_OID(1);
2698  AttrNumber colattnum = PG_GETARG_INT16(2);
2699  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2700  AclMode mode;
2701  int privresult;
2702 
2703  mode = convert_column_priv_string(priv_type_text);
2704 
2705  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2706  if (privresult < 0)
2707  PG_RETURN_NULL();
2708  PG_RETURN_BOOL(privresult);
2709 }
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
#define PG_GETARG_INT16(n)
Definition: fmgr.h:236
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2669 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2670 {
2671  Oid roleid = PG_GETARG_OID(0);
2672  Oid tableoid = PG_GETARG_OID(1);
2673  text *column = PG_GETARG_TEXT_PP(2);
2674  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2675  AttrNumber colattnum;
2676  AclMode mode;
2677  int privresult;
2678 
2679  colattnum = convert_column_name(tableoid, column);
2680  mode = convert_column_priv_string(priv_type_text);
2681 
2682  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2683  if (privresult < 0)
2684  PG_RETURN_NULL();
2685  PG_RETURN_BOOL(privresult);
2686 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2774 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2775 {
2776  Oid tableoid = PG_GETARG_OID(0);
2777  text *column = PG_GETARG_TEXT_PP(1);
2778  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2779  Oid roleid;
2780  AttrNumber colattnum;
2781  AclMode mode;
2782  int privresult;
2783 
2784  roleid = GetUserId();
2785  colattnum = convert_column_name(tableoid, column);
2786  mode = convert_column_priv_string(priv_type_text);
2787 
2788  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2789  if (privresult < 0)
2790  PG_RETURN_NULL();
2791  PG_RETURN_BOOL(privresult);
2792 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2644 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2645 {
2646  Oid roleid = PG_GETARG_OID(0);
2647  text *tablename = PG_GETARG_TEXT_PP(1);
2648  AttrNumber colattnum = PG_GETARG_INT16(2);
2649  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2650  Oid tableoid;
2651  AclMode mode;
2652  int privresult;
2653 
2654  tableoid = convert_table_name(tablename);
2655  mode = convert_column_priv_string(priv_type_text);
2656 
2657  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2658  if (privresult < 0)
2659  PG_RETURN_NULL();
2660  PG_RETURN_BOOL(privresult);
2661 }
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
#define PG_GETARG_INT16(n)
Definition: fmgr.h:236
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2617 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2618 {
2619  Oid roleid = PG_GETARG_OID(0);
2620  text *tablename = PG_GETARG_TEXT_PP(1);
2621  text *column = PG_GETARG_TEXT_PP(2);
2622  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2623  Oid tableoid;
2624  AttrNumber colattnum;
2625  AclMode mode;
2626  int privresult;
2627 
2628  tableoid = convert_table_name(tablename);
2629  colattnum = convert_column_name(tableoid, column);
2630  mode = convert_column_priv_string(priv_type_text);
2631 
2632  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2633  if (privresult < 0)
2634  PG_RETURN_NULL();
2635  PG_RETURN_BOOL(privresult);
2636 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2747 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2748 {
2749  text *tablename = PG_GETARG_TEXT_PP(0);
2750  AttrNumber colattnum = PG_GETARG_INT16(1);
2751  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2752  Oid roleid;
2753  Oid tableoid;
2754  AclMode mode;
2755  int privresult;
2756 
2757  roleid = GetUserId();
2758  tableoid = convert_table_name(tablename);
2759  mode = convert_column_priv_string(priv_type_text);
2760 
2761  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2762  if (privresult < 0)
2763  PG_RETURN_NULL();
2764  PG_RETURN_BOOL(privresult);
2765 }
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
#define PG_GETARG_INT16(n)
Definition: fmgr.h:236
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2592 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2593 {
2595  Oid tableoid = PG_GETARG_OID(1);
2596  AttrNumber colattnum = PG_GETARG_INT16(2);
2597  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2598  Oid roleid;
2599  AclMode mode;
2600  int privresult;
2601 
2602  roleid = get_role_oid_or_public(NameStr(*username));
2603  mode = convert_column_priv_string(priv_type_text);
2604 
2605  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2606  if (privresult < 0)
2607  PG_RETURN_NULL();
2608  PG_RETURN_BOOL(privresult);
2609 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
#define PG_GETARG_INT16(n)
Definition: fmgr.h:236
static char * username
Definition: initdb.c:132
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2565 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2566 {
2568  Oid tableoid = PG_GETARG_OID(1);
2569  text *column = PG_GETARG_TEXT_PP(2);
2570  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2571  Oid roleid;
2572  AttrNumber colattnum;
2573  AclMode mode;
2574  int privresult;
2575 
2576  roleid = get_role_oid_or_public(NameStr(*username));
2577  colattnum = convert_column_name(tableoid, column);
2578  mode = convert_column_priv_string(priv_type_text);
2579 
2580  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2581  if (privresult < 0)
2582  PG_RETURN_NULL();
2583  PG_RETURN_BOOL(privresult);
2584 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static char * username
Definition: initdb.c:132
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2718 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2719 {
2720  text *tablename = PG_GETARG_TEXT_PP(0);
2721  text *column = PG_GETARG_TEXT_PP(1);
2722  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2723  Oid roleid;
2724  Oid tableoid;
2725  AttrNumber colattnum;
2726  AclMode mode;
2727  int privresult;
2728 
2729  roleid = GetUserId();
2730  tableoid = convert_table_name(tablename);
2731  colattnum = convert_column_name(tableoid, column);
2732  mode = convert_column_priv_string(priv_type_text);
2733 
2734  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2735  if (privresult < 0)
2736  PG_RETURN_NULL();
2737  PG_RETURN_BOOL(privresult);
2738 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2538 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2539 {
2540  Name rolename = PG_GETARG_NAME(0);
2541  text *tablename = PG_GETARG_TEXT_PP(1);
2542  AttrNumber colattnum = PG_GETARG_INT16(2);
2543  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2544  Oid roleid;
2545  Oid tableoid;
2546  AclMode mode;
2547  int privresult;
2548 
2549  roleid = get_role_oid_or_public(NameStr(*rolename));
2550  tableoid = convert_table_name(tablename);
2551  mode = convert_column_priv_string(priv_type_text);
2552 
2553  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2554  if (privresult < 0)
2555  PG_RETURN_NULL();
2556  PG_RETURN_BOOL(privresult);
2557 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
#define PG_GETARG_INT16(n)
Definition: fmgr.h:236
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2509 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2510 {
2511  Name rolename = PG_GETARG_NAME(0);
2512  text *tablename = PG_GETARG_TEXT_PP(1);
2513  text *column = PG_GETARG_TEXT_PP(2);
2514  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2515  Oid roleid;
2516  Oid tableoid;
2517  AttrNumber colattnum;
2518  AclMode mode;
2519  int privresult;
2520 
2521  roleid = get_role_oid_or_public(NameStr(*rolename));
2522  tableoid = convert_table_name(tablename);
2523  colattnum = convert_column_name(tableoid, column);
2524  mode = convert_column_priv_string(priv_type_text);
2525 
2526  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2527  if (privresult < 0)
2528  PG_RETURN_NULL();
2529  PG_RETURN_BOOL(privresult);
2530 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2828
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_table_name(text *tablename)
Definition: acl.c:2001
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2457
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2849
int16 AttrNumber
Definition: attnum.h:21
#define PG_RETURN_NULL()
Definition: fmgr.h:305
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2960 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

2961 {
2962  Oid databaseoid = PG_GETARG_OID(0);
2963  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2964  Oid roleid;
2965  AclMode mode;
2966  AclResult aclresult;
2967 
2968  roleid = GetUserId();
2969  mode = convert_database_priv_string(priv_type_text);
2970 
2972  PG_RETURN_NULL();
2973 
2974  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2975 
2976  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2977 }
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3046
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4434
Definition: c.h:433
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3008 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3009 {
3010  Oid roleid = PG_GETARG_OID(0);
3011  Oid databaseoid = PG_GETARG_OID(1);
3012  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3013  AclMode mode;
3014  AclResult aclresult;
3015 
3016  mode = convert_database_priv_string(priv_type_text);
3017 
3019  PG_RETURN_NULL();
3020 
3021  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3022 
3023  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3024 }
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3046
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4434
Definition: c.h:433
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2985 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2986 {
2987  Oid roleid = PG_GETARG_OID(0);
2988  text *databasename = PG_GETARG_TEXT_PP(1);
2989  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2990  Oid databaseoid;
2991  AclMode mode;
2992  AclResult aclresult;
2993 
2994  databaseoid = convert_database_name(databasename);
2995  mode = convert_database_priv_string(priv_type_text);
2996 
2997  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2998 
2999  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3000 }
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
static Oid convert_database_name(text *databasename)
Definition: acl.c:3034
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3046
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4434
Definition: c.h:433
Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2909 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2910 {
2911  text *databasename = PG_GETARG_TEXT_PP(0);
2912  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2913  Oid roleid;
2914  Oid databaseoid;
2915  AclMode mode;
2916  AclResult aclresult;
2917 
2918  roleid = GetUserId();
2919  databaseoid = convert_database_name(databasename);
2920  mode = convert_database_priv_string(priv_type_text);
2921 
2922  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2923 
2924  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2925 }
Oid GetUserId(void)
Definition: miscinit.c:284
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
static Oid convert_database_name(text *databasename)
Definition: acl.c:3034
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3046
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4434
Definition: c.h:433
Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2933 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

2934 {
2936  Oid databaseoid = PG_GETARG_OID(1);
2937  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2938  Oid roleid;
2939  AclMode mode;
2940  AclResult aclresult;
2941 
2942  roleid = get_role_oid_or_public(NameStr(*username));
2943  mode = convert_database_priv_string(priv_type_text);
2944 
2946  PG_RETURN_NULL();
2947 
2948  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2949 
2950  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2951 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
Definition: c.h:487
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3046
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static char * username
Definition: initdb.c:132
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4434
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
#define PG_RETURN_NULL()
Definition: fmgr.h:305
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2883 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

2884 {
2886  text *databasename = PG_GETARG_TEXT_PP(1);
2887  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2888  Oid roleid;
2889  Oid databaseoid;
2890  AclMode mode;
2891  AclResult aclresult;
2892 
2893  roleid = get_role_oid_or_public(NameStr(*username));
2894  databaseoid = convert_database_name(databasename);
2895  mode = convert_database_priv_string(priv_type_text);
2896 
2897  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2898 
2899  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2900 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
static Oid convert_database_name(text *databasename)
Definition: acl.c:3034
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3046
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static char * username
Definition: initdb.c:132
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4434
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3155 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3156 {
3157  Oid fdwid = PG_GETARG_OID(0);
3158  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3159  Oid roleid;
3160  AclMode mode;
3161  AclResult aclresult;
3162 
3163  roleid = GetUserId();
3164  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3165 
3166  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3167 
3168  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3169 }
Oid GetUserId(void)
Definition: miscinit.c:284
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4509
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3235
Definition: c.h:433
Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3200 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3201 {
3202  Oid roleid = PG_GETARG_OID(0);
3203  Oid fdwid = PG_GETARG_OID(1);
3204  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3205  AclMode mode;
3206  AclResult aclresult;
3207 
3208  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3209 
3210  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3211 
3212  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3213 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4509
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3235
Definition: c.h:433
Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3177 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3178 {
3179  Oid roleid = PG_GETARG_OID(0);
3180  text *fdwname = PG_GETARG_TEXT_PP(1);
3181  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3182  Oid fdwid;
3183  AclMode mode;
3184  AclResult aclresult;
3185 
3186  fdwid = convert_foreign_data_wrapper_name(fdwname);
3187  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3188 
3189  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3190 
3191  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3192 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4509
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3223
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3235
Definition: c.h:433
Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3107 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3108 {
3109  text *fdwname = PG_GETARG_TEXT_PP(0);
3110  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3111  Oid roleid;
3112  Oid fdwid;
3113  AclMode mode;
3114  AclResult aclresult;
3115 
3116  roleid = GetUserId();
3117  fdwid = convert_foreign_data_wrapper_name(fdwname);
3118  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3119 
3120  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3121 
3122  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3123 }
Oid GetUserId(void)
Definition: miscinit.c:284
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4509
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3223
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3235
Definition: c.h:433
Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3131 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3132 {
3134  Oid fdwid = PG_GETARG_OID(1);
3135  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3136  Oid roleid;
3137  AclMode mode;
3138  AclResult aclresult;
3139 
3140  roleid = get_role_oid_or_public(NameStr(*username));
3141  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3142 
3143  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3144 
3145  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3146 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4509
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static char * username
Definition: initdb.c:132
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3235
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3081 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3082 {
3084  text *fdwname = PG_GETARG_TEXT_PP(1);
3085  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3086  Oid roleid;
3087  Oid fdwid;
3088  AclMode mode;
3089  AclResult aclresult;
3090 
3091  roleid = get_role_oid_or_public(NameStr(*username));
3092  fdwid = convert_foreign_data_wrapper_name(fdwname);
3093  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3094 
3095  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3096 
3097  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3098 }
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4509
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3223
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
Definition: c.h:487
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static char * username
Definition: initdb.c:132
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3235
#define NameStr(name)
Definition: c.h:493
Definition: c.h:433
#define PG_GETARG_NAME(n)
Definition: fmgr.h:243
Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3340 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

3341 {
3342  Oid functionoid = PG_GETARG_OID(0);
3343  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3344  Oid roleid;
3345  AclMode mode;
3346  AclResult aclresult;
3347 
3348  roleid = GetUserId();
3349  mode = convert_function_priv_string(priv_type_text);
3350 
3351  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3352  PG_RETURN_NULL();
3353 
3354  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3355 
3356  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3357 }
Oid GetUserId(void)
Definition: miscinit.c:284
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3435
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4446
Definition: c.h:433
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3388 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

3389 {
3390  Oid roleid = PG_GETARG_OID(0);
3391  Oid functionoid = PG_GETARG_OID(1);
3392  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3393  AclMode mode;
3394  AclResult aclresult;
3395 
3396  mode = convert_function_priv_string(priv_type_text);
3397 
3398  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3399  PG_RETURN_NULL();
3400 
3401  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3402 
3403  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3404 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3435
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4446
Definition: c.h:433
#define PG_RETURN_NULL()
Definition: fmgr.h:305
Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3365 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

3366 {
3367  Oid roleid = PG_GETARG_OID(0);
3368  text *functionname = PG_GETARG_TEXT_PP(1);
3369  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3370  Oid functionoid;
3371  AclMode mode;
3372  AclResult aclresult;
3373 
3374  functionoid = convert_function_name(functionname);
3375  mode = convert_function_priv_string(priv_type_text);
3376 
3377  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3378 
3379  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3380 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3435
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_function_name(text *functionname)
Definition: acl.c:3414
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4446
Definition: c.h:433
Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3289 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

3290 {
3291  text *functionname = PG_GETARG_TEXT_PP(0);
3292  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3293  Oid roleid;
3294  Oid functionoid;
3295  AclMode mode;
3296  AclResult aclresult;
3297 
3298  roleid = GetUserId();
3299  functionoid = convert_function_name(functionname);
3300  mode = convert_function_priv_string(priv_type_text);
3301 
3302  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3303 
3304  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3305 }
Oid GetUserId(void)
Definition: miscinit.c:284
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3435
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static Oid convert_function_name(text *functionname)
Definition: acl.c:3414
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4446
Definition: c.h:433
Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3313 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), NameStr, ObjectIdGetDatum, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, SearchSysCacheExists1, and username.

3314 {
3316  Oid functionoid = PG_GETARG_OID(1);
3317  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3318  Oid roleid;
3319  AclMode mode;
3320  AclResult aclresult;
3321 
3322  roleid = get_role_oid_or_public(NameStr(*username));
3323  mode = convert_function_priv_string(priv_type_text);
3324 
3325  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3326  PG_RETURN_NULL();
3327 
3328  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3329 
3330  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3331 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3435
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5128
unsigned int Oid
Definition: postgres_ext.h:31
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:273
uint32 AclMode
Definition: parsenodes.h:70
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:177
#define ObjectIdGetDatum(X)
Definition: postgres.h:513
Definition: c.h:487
#define PG_GETARG_OID(n)
Definition: fmgr.h:240
AclResult
Definition: acl.h:178
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:319
static char * username
Definition: