PostgreSQL Source Code git master
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_database.h"
#include "catalog/pg_foreign_data_wrapper.h"
#include "catalog/pg_foreign_server.h"
#include "catalog/pg_language.h"
#include "catalog/pg_largeobject.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_tablespace.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/bloomfilter.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "storage/large_object.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/snapmgr.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Macros

#define ROLES_LIST_BLOOM_THRESHOLD   1024
 

Enumerations

enum  RoleRecurseType { ROLERECURSE_MEMBERS = 0 , ROLERECURSE_PRIVS = 1 , ROLERECURSE_SETROLE = 2 }
 

Functions

static const char * getid (const char *s, char *n, Node *escontext)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip, Node *escontext)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_parameter_priv_string (text *priv_text)
 
static AclMode convert_largeobject_priv_string (text *priv_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
static bool has_param_priv_byname (Oid roleid, const text *parameter, AclMode priv)
 
Datum has_parameter_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_id_name (PG_FUNCTION_ARGS)
 
static bool has_lo_priv_byid (Oid roleid, Oid lobjId, AclMode priv, bool *is_missing)
 
Datum has_largeobject_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_largeobject_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_largeobject_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static Listroles_list_append (List *roles_list, bloom_filter **bf, Oid role)
 
static Listroles_is_member_of (Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool member_can_set_role (Oid member, Oid role)
 
void check_can_set_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
Oid select_best_admin (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_role [] = {InvalidOid, InvalidOid, InvalidOid}
 
static Listcached_roles [] = {NIL, NIL, NIL}
 
static uint32 cached_db_hash
 

Macro Definition Documentation

◆ ROLES_LIST_BLOOM_THRESHOLD

#define ROLES_LIST_BLOOM_THRESHOLD   1024

Definition at line 91 of file acl.c.

Enumeration Type Documentation

◆ RoleRecurseType

Enumerator
ROLERECURSE_MEMBERS 
ROLERECURSE_PRIVS 
ROLERECURSE_SETROLE 

Definition at line 75 of file acl.c.

76{
77 ROLERECURSE_MEMBERS = 0, /* recurse unconditionally */
78 ROLERECURSE_PRIVS = 1, /* recurse through inheritable grants */
79 ROLERECURSE_SETROLE = 2 /* recurse through grants with set_option */
80};
@ ROLERECURSE_PRIVS
Definition: acl.c:78
@ ROLERECURSE_MEMBERS
Definition: acl.c:77
@ ROLERECURSE_SETROLE
Definition: acl.c:79

Function Documentation

◆ aclconcat()

Acl * aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 461 of file acl.c.

462{
463 Acl *result_acl;
464
465 result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
466
467 memcpy(ACL_DAT(result_acl),
468 ACL_DAT(left_acl),
469 ACL_NUM(left_acl) * sizeof(AclItem));
470
471 memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
472 ACL_DAT(right_acl),
473 ACL_NUM(right_acl) * sizeof(AclItem));
474
475 return result_acl;
476}
static Acl * allocacl(int n)
Definition: acl.c:410
#define ACL_DAT(ACL)
Definition: acl.h:109
#define ACL_NUM(ACL)
Definition: acl.h:108
Definition: acl.h:55

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1596 of file acl.c.

1597{
1598 Acl *acl = PG_GETARG_ACL_P(0);
1599 AclItem *aip = PG_GETARG_ACLITEM_P(1);
1600 AclItem *aidat;
1601 int i,
1602 num;
1603
1604 check_acl(acl);
1605 num = ACL_NUM(acl);
1606 aidat = ACL_DAT(acl);
1607 for (i = 0; i < num; ++i)
1608 {
1609 if (aip->ai_grantee == aidat[i].ai_grantee &&
1610 aip->ai_grantor == aidat[i].ai_grantor &&
1611 (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1612 PG_RETURN_BOOL(true);
1613 }
1614 PG_RETURN_BOOL(false);
1615}
static void check_acl(const Acl *acl)
Definition: acl.c:574
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
int i
Definition: isn.c:72
Oid ai_grantee
Definition: acl.h:56
Oid ai_grantor
Definition: acl.h:57

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclcopy()

Acl * aclcopy ( const Acl orig_acl)

Definition at line 441 of file acl.c.

442{
443 Acl *result_acl;
444
445 result_acl = allocacl(ACL_NUM(orig_acl));
446
447 memcpy(ACL_DAT(result_acl),
448 ACL_DAT(orig_acl),
449 ACL_NUM(orig_acl) * sizeof(AclItem));
450
451 return result_acl;
452}

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

◆ acldefault()

Acl * acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 787 of file acl.c.

788{
789 AclMode world_default;
790 AclMode owner_default;
791 int nacl;
792 Acl *acl;
793 AclItem *aip;
794
795 switch (objtype)
796 {
797 case OBJECT_COLUMN:
798 /* by default, columns have no extra privileges */
799 world_default = ACL_NO_RIGHTS;
800 owner_default = ACL_NO_RIGHTS;
801 break;
802 case OBJECT_TABLE:
803 world_default = ACL_NO_RIGHTS;
804 owner_default = ACL_ALL_RIGHTS_RELATION;
805 break;
806 case OBJECT_SEQUENCE:
807 world_default = ACL_NO_RIGHTS;
808 owner_default = ACL_ALL_RIGHTS_SEQUENCE;
809 break;
810 case OBJECT_DATABASE:
811 /* for backwards compatibility, grant some rights by default */
812 world_default = ACL_CREATE_TEMP | ACL_CONNECT;
813 owner_default = ACL_ALL_RIGHTS_DATABASE;
814 break;
815 case OBJECT_FUNCTION:
816 /* Grant EXECUTE by default, for now */
817 world_default = ACL_EXECUTE;
818 owner_default = ACL_ALL_RIGHTS_FUNCTION;
819 break;
820 case OBJECT_LANGUAGE:
821 /* Grant USAGE by default, for now */
822 world_default = ACL_USAGE;
823 owner_default = ACL_ALL_RIGHTS_LANGUAGE;
824 break;
826 world_default = ACL_NO_RIGHTS;
827 owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
828 break;
829 case OBJECT_SCHEMA:
830 world_default = ACL_NO_RIGHTS;
831 owner_default = ACL_ALL_RIGHTS_SCHEMA;
832 break;
834 world_default = ACL_NO_RIGHTS;
835 owner_default = ACL_ALL_RIGHTS_TABLESPACE;
836 break;
837 case OBJECT_FDW:
838 world_default = ACL_NO_RIGHTS;
839 owner_default = ACL_ALL_RIGHTS_FDW;
840 break;
842 world_default = ACL_NO_RIGHTS;
843 owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
844 break;
845 case OBJECT_DOMAIN:
846 case OBJECT_TYPE:
847 world_default = ACL_USAGE;
848 owner_default = ACL_ALL_RIGHTS_TYPE;
849 break;
851 world_default = ACL_NO_RIGHTS;
852 owner_default = ACL_ALL_RIGHTS_PARAMETER_ACL;
853 break;
854 default:
855 elog(ERROR, "unrecognized object type: %d", (int) objtype);
856 world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
857 owner_default = ACL_NO_RIGHTS;
858 break;
859 }
860
861 nacl = 0;
862 if (world_default != ACL_NO_RIGHTS)
863 nacl++;
864 if (owner_default != ACL_NO_RIGHTS)
865 nacl++;
866
867 acl = allocacl(nacl);
868 aip = ACL_DAT(acl);
869
870 if (world_default != ACL_NO_RIGHTS)
871 {
873 aip->ai_grantor = ownerId;
874 ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
875 aip++;
876 }
877
878 /*
879 * Note that the owner's entry shows all ordinary privileges but no grant
880 * options. This is because his grant options come "from the system" and
881 * not from his own efforts. (The SQL spec says that the owner's rights
882 * come from a "_SYSTEM" authid.) However, we do consider that the
883 * owner's ordinary privileges are self-granted; this lets him revoke
884 * them. We implement the owner's grant options without any explicit
885 * "_SYSTEM"-like ACL entry, by internally special-casing the owner
886 * wherever we are testing grant options.
887 */
888 if (owner_default != ACL_NO_RIGHTS)
889 {
890 aip->ai_grantee = ownerId;
891 aip->ai_grantor = ownerId;
892 ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
893 }
894
895 return acl;
896}
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:164
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:170
#define ACL_ALL_RIGHTS_PARAMETER_ACL
Definition: acl.h:168
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:169
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:161
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:162
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:165
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:166
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:171
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:163
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:160
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:167
#define ERROR
Definition: elog.h:39
#define elog(elevel,...)
Definition: elog.h:225
#define ACL_CREATE_TEMP
Definition: parsenodes.h:86
uint64 AclMode
Definition: parsenodes.h:74
#define ACL_USAGE
Definition: parsenodes.h:84
#define ACL_NO_RIGHTS
Definition: parsenodes.h:92
@ OBJECT_FDW
Definition: parsenodes.h:2328
@ OBJECT_SCHEMA
Definition: parsenodes.h:2348
@ OBJECT_DOMAIN
Definition: parsenodes.h:2324
@ OBJECT_COLUMN
Definition: parsenodes.h:2318
@ OBJECT_TABLESPACE
Definition: parsenodes.h:2354
@ OBJECT_LARGEOBJECT
Definition: parsenodes.h:2334
@ OBJECT_DATABASE
Definition: parsenodes.h:2321
@ OBJECT_SEQUENCE
Definition: parsenodes.h:2349
@ OBJECT_LANGUAGE
Definition: parsenodes.h:2333
@ OBJECT_FOREIGN_SERVER
Definition: parsenodes.h:2329
@ OBJECT_TABLE
Definition: parsenodes.h:2353
@ OBJECT_PARAMETER_ACL
Definition: parsenodes.h:2339
@ OBJECT_TYPE
Definition: parsenodes.h:2361
@ OBJECT_FUNCTION
Definition: parsenodes.h:2331
#define ACL_CONNECT
Definition: parsenodes.h:87
#define ACL_EXECUTE
Definition: parsenodes.h:83

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_PARAMETER_ACL, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), buildDefaultACLCommands(), dumpACL(), dumpRoleGUCPrivs(), dumpTable(), dumpTablespaces(), ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), get_user_default_acl(), object_aclmask_ext(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask_ext(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask_ext(), and SetDefaultACL().

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 904 of file acl.c.

905{
906 char objtypec = PG_GETARG_CHAR(0);
907 Oid owner = PG_GETARG_OID(1);
908 ObjectType objtype = 0;
909
910 switch (objtypec)
911 {
912 case 'c':
913 objtype = OBJECT_COLUMN;
914 break;
915 case 'r':
916 objtype = OBJECT_TABLE;
917 break;
918 case 's':
919 objtype = OBJECT_SEQUENCE;
920 break;
921 case 'd':
922 objtype = OBJECT_DATABASE;
923 break;
924 case 'f':
925 objtype = OBJECT_FUNCTION;
926 break;
927 case 'l':
928 objtype = OBJECT_LANGUAGE;
929 break;
930 case 'L':
931 objtype = OBJECT_LARGEOBJECT;
932 break;
933 case 'n':
934 objtype = OBJECT_SCHEMA;
935 break;
936 case 'p':
937 objtype = OBJECT_PARAMETER_ACL;
938 break;
939 case 't':
940 objtype = OBJECT_TABLESPACE;
941 break;
942 case 'F':
943 objtype = OBJECT_FDW;
944 break;
945 case 'S':
946 objtype = OBJECT_FOREIGN_SERVER;
947 break;
948 case 'T':
949 objtype = OBJECT_TYPE;
950 break;
951 default:
952 elog(ERROR, "unrecognized object type abbreviation: %c", objtypec);
953 }
954
955 PG_RETURN_ACL_P(acldefault(objtype, owner));
956}
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:787
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273
ObjectType
Definition: parsenodes.h:2311
unsigned int Oid
Definition: postgres_ext.h:32

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 543 of file acl.c.

544{
545 /* Check for cases where one or both are empty/null */
546 if (left_acl == NULL || ACL_NUM(left_acl) == 0)
547 {
548 if (right_acl == NULL || ACL_NUM(right_acl) == 0)
549 return true;
550 else
551 return false;
552 }
553 else
554 {
555 if (right_acl == NULL || ACL_NUM(right_acl) == 0)
556 return false;
557 }
558
559 if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
560 return false;
561
562 if (memcmp(ACL_DAT(left_acl),
563 ACL_DAT(right_acl),
564 ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
565 return true;
566
567 return false;
568}

References ACL_DAT, and ACL_NUM.

Referenced by ExecGrant_Parameter(), get_user_default_acl(), and SetDefaultACL().

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1774 of file acl.c.

1775{
1776 Acl *acl = PG_GETARG_ACL_P(0);
1777 FuncCallContext *funcctx;
1778 int *idx;
1779 AclItem *aidat;
1780
1781 if (SRF_IS_FIRSTCALL())
1782 {
1783 TupleDesc tupdesc;
1784 MemoryContext oldcontext;
1785
1786 check_acl(acl);
1787
1788 funcctx = SRF_FIRSTCALL_INIT();
1789 oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1790
1791 /*
1792 * build tupdesc for result tuples (matches out parameters in pg_proc
1793 * entry)
1794 */
1795 tupdesc = CreateTemplateTupleDesc(4);
1796 TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1797 OIDOID, -1, 0);
1798 TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1799 OIDOID, -1, 0);
1800 TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1801 TEXTOID, -1, 0);
1802 TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1803 BOOLOID, -1, 0);
1804
1805 funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1806
1807 /* allocate memory for user context */
1808 idx = (int *) palloc(sizeof(int[2]));
1809 idx[0] = 0; /* ACL array item index */
1810 idx[1] = -1; /* privilege type counter */
1811 funcctx->user_fctx = idx;
1812
1813 MemoryContextSwitchTo(oldcontext);
1814 }
1815
1816 funcctx = SRF_PERCALL_SETUP();
1817 idx = (int *) funcctx->user_fctx;
1818 aidat = ACL_DAT(acl);
1819
1820 /* need test here in case acl has no items */
1821 while (idx[0] < ACL_NUM(acl))
1822 {
1823 AclItem *aidata;
1824 AclMode priv_bit;
1825
1826 idx[1]++;
1827 if (idx[1] == N_ACL_RIGHTS)
1828 {
1829 idx[1] = 0;
1830 idx[0]++;
1831 if (idx[0] >= ACL_NUM(acl)) /* done */
1832 break;
1833 }
1834 aidata = &aidat[idx[0]];
1835 priv_bit = UINT64CONST(1) << idx[1];
1836
1837 if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1838 {
1839 Datum result;
1840 Datum values[4];
1841 bool nulls[4] = {0};
1842 HeapTuple tuple;
1843
1844 values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1845 values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1847 values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1848
1849 tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1850 result = HeapTupleGetDatum(tuple);
1851
1852 SRF_RETURN_NEXT(funcctx, result);
1853 }
1854 }
1855
1856 SRF_RETURN_DONE(funcctx);
1857}
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1718
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
int16 AttrNumber
Definition: attnum.h:21
static Datum values[MAXATTR]
Definition: bootstrap.c:151
#define CStringGetTextDatum(s)
Definition: builtins.h:97
#define UINT64CONST(x)
Definition: c.h:503
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2258
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:304
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:308
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:310
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:306
static Datum HeapTupleGetDatum(const HeapTupleData *tuple)
Definition: funcapi.h:230
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:328
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, const Datum *values, const bool *isnull)
Definition: heaptuple.c:1117
void * palloc(Size size)
Definition: mcxt.c:1317
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:124
#define N_ACL_RIGHTS
Definition: parsenodes.h:91
uintptr_t Datum
Definition: postgres.h:69
static Datum BoolGetDatum(bool X)
Definition: postgres.h:107
static Datum ObjectIdGetDatum(Oid X)
Definition: postgres.h:257
void * user_fctx
Definition: funcapi.h:82
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
TupleDesc tuple_desc
Definition: funcapi.h:112
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:164
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:801

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum(), check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum(), idx(), MemoryContextSwitchTo(), FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum(), palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), UINT64CONST, FuncCallContext::user_fctx, and values.

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1576 of file acl.c.

1577{
1578 ereport(ERROR,
1579 (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1580 errmsg("aclinsert is no longer supported")));
1581
1582 PG_RETURN_NULL(); /* keep compiler quiet */
1583}
int errcode(int sqlerrcode)
Definition: elog.c:853
int errmsg(const char *fmt,...)
Definition: elog.c:1070
#define ereport(elevel,...)
Definition: elog.h:149
#define PG_RETURN_NULL()
Definition: fmgr.h:345

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 732 of file acl.c.

733{
736 bool result;
737
738 result = a1->ai_privs == a2->ai_privs &&
739 a1->ai_grantee == a2->ai_grantee &&
740 a1->ai_grantor == a2->ai_grantor;
741 PG_RETURN_BOOL(result);
742}
static const FormData_pg_attribute a1
Definition: heap.c:143
static const FormData_pg_attribute a2
Definition: heap.c:156

References a1, a2, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 697 of file acl.c.

698{
699 return a1->ai_grantee == a2->ai_grantee &&
700 a1->ai_grantor == a2->ai_grantor;
701}

References a1, and a2.

Referenced by aclnewowner(), and aclupdate().

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 708 of file acl.c.

709{
710 const AclItem *a1 = (const AclItem *) arg1;
711 const AclItem *a2 = (const AclItem *) arg2;
712
713 if (a1->ai_grantee > a2->ai_grantee)
714 return 1;
715 if (a1->ai_grantee < a2->ai_grantee)
716 return -1;
717 if (a1->ai_grantor > a2->ai_grantor)
718 return 1;
719 if (a1->ai_grantor < a2->ai_grantor)
720 return -1;
721 if (a1->ai_privs > a2->ai_privs)
722 return 1;
723 if (a1->ai_privs < a2->ai_privs)
724 return -1;
725 return 0;
726}

References a1, and a2.

Referenced by aclitemsort().

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 599 of file acl.c.

600{
601 const char *s = PG_GETARG_CSTRING(0);
602 Node *escontext = fcinfo->context;
603 AclItem *aip;
604
605 aip = (AclItem *) palloc(sizeof(AclItem));
606
607 s = aclparse(s, aip, escontext);
608 if (s == NULL)
610
611 while (isspace((unsigned char) *s))
612 ++s;
613 if (*s)
614 ereturn(escontext, (Datum) 0,
615 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
616 errmsg("extra garbage at the end of the ACL specification")));
617
619}
static const char * aclparse(const char *s, AclItem *aip, Node *escontext)
Definition: acl.c:257
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
#define ereturn(context, dummy_value,...)
Definition: elog.h:277
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277
Definition: nodes.h:129

References aclparse(), ereturn, errcode(), errmsg(), palloc(), PG_GETARG_CSTRING, PG_RETURN_ACLITEM_P, and PG_RETURN_NULL.

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 630 of file acl.c.

631{
633 char *p;
634 char *out;
635 HeapTuple htup;
636 unsigned i;
637
638 out = palloc(strlen("=/") +
639 2 * N_ACL_RIGHTS +
640 2 * (2 * NAMEDATALEN + 2) +
641 1);
642
643 p = out;
644 *p = '\0';
645
646 if (aip->ai_grantee != ACL_ID_PUBLIC)
647 {
648 htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
649 if (HeapTupleIsValid(htup))
650 {
652 ReleaseSysCache(htup);
653 }
654 else
655 {
656 /* Generate numeric OID if we don't find an entry */
657 sprintf(p, "%u", aip->ai_grantee);
658 }
659 }
660 while (*p)
661 ++p;
662
663 *p++ = '=';
664
665 for (i = 0; i < N_ACL_RIGHTS; ++i)
666 {
667 if (ACLITEM_GET_PRIVS(*aip) & (UINT64CONST(1) << i))
668 *p++ = ACL_ALL_RIGHTS_STR[i];
669 if (ACLITEM_GET_GOPTIONS(*aip) & (UINT64CONST(1) << i))
670 *p++ = '*';
671 }
672
673 *p++ = '/';
674 *p = '\0';
675
676 htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
677 if (HeapTupleIsValid(htup))
678 {
680 ReleaseSysCache(htup);
681 }
682 else
683 {
684 /* Generate numeric OID if we don't find an entry */
685 sprintf(p, "%u", aip->ai_grantor);
686 }
687
689}
static void putid(char *p, const char *s)
Definition: acl.c:205
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:154
#define NameStr(name)
Definition: c.h:703
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
static void * GETSTRUCT(const HeapTupleData *tuple)
Definition: htup_details.h:728
NameData rolname
Definition: pg_authid.h:34
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
#define NAMEDATALEN
#define sprintf
Definition: port.h:241
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:269
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:221

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, GETSTRUCT(), HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum(), palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), sprintf, and UINT64CONST.

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 529 of file acl.c.

530{
531 if (acl != NULL && ACL_NUM(acl) > 1)
532 qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
533}
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:708
#define qsort(a, b, c, d)
Definition: port.h:475

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1372 of file acl.c.

1374{
1375 AclMode result;
1377 AclItem *aidat;
1378 int i,
1379 num;
1380
1381 /*
1382 * Null ACL should not happen, since caller should have inserted
1383 * appropriate default
1384 */
1385 if (acl == NULL)
1386 elog(ERROR, "null ACL");
1387
1388 check_acl(acl);
1389
1390 /* Quick exit for mask == 0 */
1391 if (mask == 0)
1392 return 0;
1393
1394 result = 0;
1395
1396 /* Owner always implicitly has all grant options */
1397 if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1398 has_privs_of_role(roleid, ownerId))
1399 {
1400 result = mask & ACLITEM_ALL_GOPTION_BITS;
1401 if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1402 return result;
1403 }
1404
1405 num = ACL_NUM(acl);
1406 aidat = ACL_DAT(acl);
1407
1408 /*
1409 * Check privileges granted directly to roleid or to public
1410 */
1411 for (i = 0; i < num; i++)
1412 {
1413 AclItem *aidata = &aidat[i];
1414
1415 if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1416 aidata->ai_grantee == roleid)
1417 {
1418 result |= aidata->ai_privs & mask;
1419 if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1420 return result;
1421 }
1422 }
1423
1424 /*
1425 * Check privileges granted indirectly via role memberships. We do this in
1426 * a separate pass to minimize expensive indirect membership tests. In
1427 * particular, it's worth testing whether a given ACL entry grants any
1428 * privileges still of interest before we perform the has_privs_of_role
1429 * test.
1430 */
1431 remaining = mask & ~result;
1432 for (i = 0; i < num; i++)
1433 {
1434 AclItem *aidata = &aidat[i];
1435
1436 if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1437 aidata->ai_grantee == roleid)
1438 continue; /* already checked it */
1439
1440 if ((aidata->ai_privs & remaining) &&
1441 has_privs_of_role(roleid, aidata->ai_grantee))
1442 {
1443 result |= aidata->ai_privs & mask;
1444 if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1445 return result;
1446 remaining = mask & ~result;
1447 }
1448 }
1449
1450 return result;
1451}
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:5268
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
@ ACLMASK_ALL
Definition: acl.h:176
int remaining
Definition: informix.c:692
AclMode ai_privs
Definition: acl.h:58

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), object_aclmask_ext(), pg_attribute_aclcheck_all_ext(), pg_attribute_aclmask_ext(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask_ext(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask_ext(), and recursive_revoke().

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1461 of file acl.c.

1463{
1464 AclMode result;
1465 AclItem *aidat;
1466 int i,
1467 num;
1468
1469 /*
1470 * Null ACL should not happen, since caller should have inserted
1471 * appropriate default
1472 */
1473 if (acl == NULL)
1474 elog(ERROR, "null ACL");
1475
1476 check_acl(acl);
1477
1478 /* Quick exit for mask == 0 */
1479 if (mask == 0)
1480 return 0;
1481
1482 result = 0;
1483
1484 /* Owner always implicitly has all grant options */
1485 if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1486 roleid == ownerId)
1487 {
1488 result = mask & ACLITEM_ALL_GOPTION_BITS;
1489 if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1490 return result;
1491 }
1492
1493 num = ACL_NUM(acl);
1494 aidat = ACL_DAT(acl);
1495
1496 /*
1497 * Check privileges granted directly to roleid (and not to public)
1498 */
1499 for (i = 0; i < num; i++)
1500 {
1501 AclItem *aidata = &aidat[i];
1502
1503 if (aidata->ai_grantee == roleid)
1504 {
1505 result |= aidata->ai_privs & mask;
1506 if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1507 return result;
1508 }
1509 }
1510
1511 return result;
1512}

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1524 of file acl.c.

1525{
1526 Oid *list;
1527 const AclItem *acldat;
1528 int i,
1529 j;
1530
1531 if (acl == NULL || ACL_NUM(acl) == 0)
1532 {
1533 *roleids = NULL;
1534 return 0;
1535 }
1536
1537 check_acl(acl);
1538
1539 /* Allocate the worst-case space requirement */
1540 list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1541 acldat = ACL_DAT(acl);
1542
1543 /*
1544 * Walk the ACL collecting mentioned RoleIds.
1545 */
1546 j = 0;
1547 for (i = 0; i < ACL_NUM(acl); i++)
1548 {
1549 const AclItem *ai = &acldat[i];
1550
1551 if (ai->ai_grantee != ACL_ID_PUBLIC)
1552 list[j++] = ai->ai_grantee;
1553 /* grantor is currently never PUBLIC, but let's check anyway */
1554 if (ai->ai_grantor != ACL_ID_PUBLIC)
1555 list[j++] = ai->ai_grantor;
1556 }
1557
1558 /* Sort the array */
1559 qsort(list, j, sizeof(Oid), oid_cmp);
1560
1561 /*
1562 * We could repalloc the array down to minimum size, but it's hardly worth
1563 * it since it's only transient memory.
1564 */
1565 *roleids = list;
1566
1567 /* Remove duplicates from the array */
1568 return qunique(list, j, sizeof(Oid), oid_cmp);
1569}
int j
Definition: isn.c:73
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:258
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, j, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), recordDependencyOnNewAcl(), recordExtensionInitPrivWorker(), RemoveRoleFromInitPriv(), ReplaceRoleInInitPriv(), and SetDefaultACL().

◆ aclmerge()

Acl * aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 485 of file acl.c.

486{
487 Acl *result_acl;
488 AclItem *aip;
489 int i,
490 num;
491
492 /* Check for cases where one or both are empty/null */
493 if (left_acl == NULL || ACL_NUM(left_acl) == 0)
494 {
495 if (right_acl == NULL || ACL_NUM(right_acl) == 0)
496 return NULL;
497 else
498 return aclcopy(right_acl);
499 }
500 else
501 {
502 if (right_acl == NULL || ACL_NUM(right_acl) == 0)
503 return aclcopy(left_acl);
504 }
505
506 /* Merge them the hard way, one item at a time */
507 result_acl = aclcopy(left_acl);
508
509 aip = ACL_DAT(right_acl);
510 num = ACL_NUM(right_acl);
511
512 for (i = 0; i < num; i++, aip++)
513 {
514 Acl *tmp_acl;
515
516 tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
517 ownerId, DROP_RESTRICT);
518 pfree(result_acl);
519 result_acl = tmp_acl;
520 }
521
522 return result_acl;
523}
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:976
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:441
#define ACL_MODECHG_ADD
Definition: acl.h:129
void pfree(void *pointer)
Definition: mcxt.c:1521
@ DROP_RESTRICT
Definition: parsenodes.h:2385

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

◆ aclnewowner()

Acl * aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1103 of file acl.c.

1104{
1105 Acl *new_acl;
1106 AclItem *new_aip;
1107 AclItem *old_aip;
1108 AclItem *dst_aip;
1109 AclItem *src_aip;
1110 AclItem *targ_aip;
1111 bool newpresent = false;
1112 int dst,
1113 src,
1114 targ,
1115 num;
1116
1117 check_acl(old_acl);
1118
1119 /*
1120 * Make a copy of the given ACL, substituting new owner ID for old
1121 * wherever it appears as either grantor or grantee. Also note if the new
1122 * owner ID is already present.
1123 */
1124 num = ACL_NUM(old_acl);
1125 old_aip = ACL_DAT(old_acl);
1126 new_acl = allocacl(num);
1127 new_aip = ACL_DAT(new_acl);
1128 memcpy(new_aip, old_aip, num * sizeof(AclItem));
1129 for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1130 {
1131 if (dst_aip->ai_grantor == oldOwnerId)
1132 dst_aip->ai_grantor = newOwnerId;
1133 else if (dst_aip->ai_grantor == newOwnerId)
1134 newpresent = true;
1135 if (dst_aip->ai_grantee == oldOwnerId)
1136 dst_aip->ai_grantee = newOwnerId;
1137 else if (dst_aip->ai_grantee == newOwnerId)
1138 newpresent = true;
1139 }
1140
1141 /*
1142 * If the old ACL contained any references to the new owner, then we may
1143 * now have generated an ACL containing duplicate entries. Find them and
1144 * merge them so that there are not duplicates. (This is relatively
1145 * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1146 * be the normal case.)
1147 *
1148 * To simplify deletion of duplicate entries, we temporarily leave them in
1149 * the array but set their privilege masks to zero; when we reach such an
1150 * entry it's just skipped. (Thus, a side effect of this code will be to
1151 * remove privilege-free entries, should there be any in the input.) dst
1152 * is the next output slot, targ is the currently considered input slot
1153 * (always >= dst), and src scans entries to the right of targ looking for
1154 * duplicates. Once an entry has been emitted to dst it is known
1155 * duplicate-free and need not be considered anymore.
1156 */
1157 if (newpresent)
1158 {
1159 dst = 0;
1160 for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1161 {
1162 /* ignore if deleted in an earlier pass */
1163 if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1164 continue;
1165 /* find and merge any duplicates */
1166 for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1167 src++, src_aip++)
1168 {
1169 if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1170 continue;
1171 if (aclitem_match(targ_aip, src_aip))
1172 {
1173 ACLITEM_SET_RIGHTS(*targ_aip,
1174 ACLITEM_GET_RIGHTS(*targ_aip) |
1175 ACLITEM_GET_RIGHTS(*src_aip));
1176 /* mark the duplicate deleted */
1178 }
1179 }
1180 /* and emit to output */
1181 new_aip[dst] = *targ_aip;
1182 dst++;
1183 }
1184 /* Adjust array size to be 'dst' items */
1185 ARR_DIMS(new_acl)[0] = dst;
1186 SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1187 }
1188
1189 return new_acl;
1190}
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:697
#define ACL_N_SIZE(N)
Definition: acl.h:110
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
#define ARR_DIMS(a)
Definition: array.h:294
#define SET_VARSIZE(PTR, len)
Definition: varatt.h:305

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), change_owner_fix_column_acls(), and ReplaceRoleInInitPriv().

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip,
Node escontext 
)
static

Definition at line 257 of file acl.c.

258{
259 AclMode privs,
260 goption,
261 read;
262 char name[NAMEDATALEN];
263 char name2[NAMEDATALEN];
264
265 Assert(s && aip);
266
267 s = getid(s, name, escontext);
268 if (s == NULL)
269 return NULL;
270 if (*s != '=')
271 {
272 /* we just read a keyword, not a name */
273 if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
274 ereturn(escontext, NULL,
275 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
276 errmsg("unrecognized key word: \"%s\"", name),
277 errhint("ACL key word must be \"group\" or \"user\".")));
278 /* move s to the name beyond the keyword */
279 s = getid(s, name, escontext);
280 if (s == NULL)
281 return NULL;
282 if (name[0] == '\0')
283 ereturn(escontext, NULL,
284 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
285 errmsg("missing name"),
286 errhint("A name must follow the \"group\" or \"user\" key word.")));
287 }
288
289 if (*s != '=')
290 ereturn(escontext, NULL,
291 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
292 errmsg("missing \"=\" sign")));
293
294 privs = goption = ACL_NO_RIGHTS;
295
296 for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
297 {
298 switch (*s)
299 {
300 case '*':
301 goption |= read;
302 break;
303 case ACL_INSERT_CHR:
305 break;
306 case ACL_SELECT_CHR:
308 break;
309 case ACL_UPDATE_CHR:
311 break;
312 case ACL_DELETE_CHR:
314 break;
315 case ACL_TRUNCATE_CHR:
317 break;
320 break;
321 case ACL_TRIGGER_CHR:
323 break;
324 case ACL_EXECUTE_CHR:
326 break;
327 case ACL_USAGE_CHR:
328 read = ACL_USAGE;
329 break;
330 case ACL_CREATE_CHR:
332 break;
335 break;
336 case ACL_CONNECT_CHR:
338 break;
339 case ACL_SET_CHR:
340 read = ACL_SET;
341 break;
344 break;
345 case ACL_MAINTAIN_CHR:
347 break;
348 default:
349 ereturn(escontext, NULL,
350 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
351 errmsg("invalid mode character: must be one of \"%s\"",
353 }
354
355 privs |= read;
356 }
357
358 if (name[0] == '\0')
360 else
361 {
362 aip->ai_grantee = get_role_oid(name, true);
363 if (!OidIsValid(aip->ai_grantee))
364 ereturn(escontext, NULL,
365 (errcode(ERRCODE_UNDEFINED_OBJECT),
366 errmsg("role \"%s\" does not exist", name)));
367 }
368
369 /*
370 * XXX Allow a degree of backward compatibility by defaulting the grantor
371 * to the superuser.
372 */
373 if (*s == '/')
374 {
375 s = getid(s + 1, name2, escontext);
376 if (s == NULL)
377 return NULL;
378 if (name2[0] == '\0')
379 ereturn(escontext, NULL,
380 (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
381 errmsg("a name must follow the \"/\" sign")));
382 aip->ai_grantor = get_role_oid(name2, true);
383 if (!OidIsValid(aip->ai_grantor))
384 ereturn(escontext, NULL,
385 (errcode(ERRCODE_UNDEFINED_OBJECT),
386 errmsg("role \"%s\" does not exist", name2)));
387 }
388 else
389 {
390 aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
392 (errcode(ERRCODE_INVALID_GRANTOR),
393 errmsg("defaulting grantor to user ID %u",
394 BOOTSTRAP_SUPERUSERID)));
395 }
396
397 ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
398
399 return s;
400}
static const char * getid(const char *s, char *n, Node *escontext)
Definition: acl.c:153
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5554
#define ACL_CREATE_CHR
Definition: acl.h:146
#define ACL_SET_CHR
Definition: acl.h:149
#define ACL_REFERENCES_CHR
Definition: acl.h:142
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
#define ACL_SELECT_CHR
Definition: acl.h:138
#define ACL_EXECUTE_CHR
Definition: acl.h:144
#define ACL_DELETE_CHR
Definition: acl.h:140
#define ACL_INSERT_CHR
Definition: acl.h:137
#define ACL_UPDATE_CHR
Definition: acl.h:139
#define ACL_ALTER_SYSTEM_CHR
Definition: acl.h:150
#define ACL_USAGE_CHR
Definition: acl.h:145
#define ACL_CONNECT_CHR
Definition: acl.h:148
#define ACL_TRIGGER_CHR
Definition: acl.h:143
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
#define ACL_MAINTAIN_CHR
Definition: acl.h:151
#define Assert(condition)
Definition: c.h:815
#define OidIsValid(objectId)
Definition: c.h:732
int errhint(const char *fmt,...)
Definition: elog.c:1317
#define WARNING
Definition: elog.h:36
#define read(a, b, c)
Definition: win32.h:13
#define ACL_SET
Definition: parsenodes.h:88
#define ACL_DELETE
Definition: parsenodes.h:79
#define ACL_MAINTAIN
Definition: parsenodes.h:90
#define ACL_INSERT
Definition: parsenodes.h:76
#define ACL_UPDATE
Definition: parsenodes.h:78
#define ACL_ALTER_SYSTEM
Definition: parsenodes.h:89
#define ACL_REFERENCES
Definition: parsenodes.h:81
#define ACL_SELECT
Definition: parsenodes.h:77
#define ACL_TRUNCATE
Definition: parsenodes.h:80
#define ACL_CREATE
Definition: parsenodes.h:85
#define ACL_TRIGGER
Definition: parsenodes.h:82
const char * name

References ACL_ALL_RIGHTS_STR, ACL_ALTER_SYSTEM, ACL_ALTER_SYSTEM_CHR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_MAINTAIN, ACL_MAINTAIN_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_SET, ACL_SET_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, ereport, ereturn, errcode(), errhint(), errmsg(), get_role_oid(), getid(), name, NAMEDATALEN, OidIsValid, read, and WARNING.

Referenced by aclitemin().

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1586 of file acl.c.

1587{
1588 ereport(ERROR,
1589 (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1590 errmsg("aclremove is no longer supported")));
1591
1592 PG_RETURN_NULL(); /* keep compiler quiet */
1593}

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclupdate()

Acl * aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 976 of file acl.c.

978{
979 Acl *new_acl = NULL;
980 AclItem *old_aip,
981 *new_aip = NULL;
982 AclMode old_rights,
983 old_goptions,
984 new_rights,
985 new_goptions;
986 int dst,
987 num;
988
989 /* Caller probably already checked old_acl, but be safe */
990 check_acl(old_acl);
991
992 /* If granting grant options, check for circularity */
993 if (modechg != ACL_MODECHG_DEL &&
995 check_circularity(old_acl, mod_aip, ownerId);
996
997 num = ACL_NUM(old_acl);
998 old_aip = ACL_DAT(old_acl);
999
1000 /*
1001 * Search the ACL for an existing entry for this grantee and grantor. If
1002 * one exists, just modify the entry in-place (well, in the same position,
1003 * since we actually return a copy); otherwise, insert the new entry at
1004 * the end.
1005 */
1006
1007 for (dst = 0; dst < num; ++dst)
1008 {
1009 if (aclitem_match(mod_aip, old_aip + dst))
1010 {
1011 /* found a match, so modify existing item */
1012 new_acl = allocacl(num);
1013 new_aip = ACL_DAT(new_acl);
1014 memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
1015 break;
1016 }
1017 }
1018
1019 if (dst == num)
1020 {
1021 /* need to append a new item */
1022 new_acl = allocacl(num + 1);
1023 new_aip = ACL_DAT(new_acl);
1024 memcpy(new_aip, old_aip, num * sizeof(AclItem));
1025
1026 /* initialize the new entry with no permissions */
1027 new_aip[dst].ai_grantee = mod_aip->ai_grantee;
1028 new_aip[dst].ai_grantor = mod_aip->ai_grantor;
1029 ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
1031 num++; /* set num to the size of new_acl */
1032 }
1033
1034 old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1035 old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1036
1037 /* apply the specified permissions change */
1038 switch (modechg)
1039 {
1040 case ACL_MODECHG_ADD:
1041 ACLITEM_SET_RIGHTS(new_aip[dst],
1042 old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
1043 break;
1044 case ACL_MODECHG_DEL:
1045 ACLITEM_SET_RIGHTS(new_aip[dst],
1046 old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1047 break;
1048 case ACL_MODECHG_EQL:
1049 ACLITEM_SET_RIGHTS(new_aip[dst],
1050 ACLITEM_GET_RIGHTS(*mod_aip));
1051 break;
1052 }
1053
1054 new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1055 new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1056
1057 /*
1058 * If the adjusted entry has no permissions, delete it from the list.
1059 */
1060 if (new_rights == ACL_NO_RIGHTS)
1061 {
1062 memmove(new_aip + dst,
1063 new_aip + dst + 1,
1064 (num - dst - 1) * sizeof(AclItem));
1065 /* Adjust array size to be 'num - 1' items */
1066 ARR_DIMS(new_acl)[0] = num - 1;
1067 SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1068 }
1069
1070 /*
1071 * Remove abandoned privileges (cascading revoke). Currently we can only
1072 * handle this when the grantee is not PUBLIC.
1073 */
1074 if ((old_goptions & ~new_goptions) != 0)
1075 {
1076 Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1077 new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1078 (old_goptions & ~new_goptions),
1079 ownerId, behavior);
1080 }
1081
1082 return new_acl;
1083}
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1286
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1206
#define ACL_SIZE(ACL)
Definition: acl.h:111
#define ACL_MODECHG_DEL
Definition: acl.h:130
#define ACL_MODECHG_EQL
Definition: acl.h:131

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 410 of file acl.c.

411{
412 Acl *new_acl;
413 Size size;
414
415 if (n < 0)
416 elog(ERROR, "invalid size: %d", n);
417 size = ACL_N_SIZE(n);
418 new_acl = (Acl *) palloc0(size);
419 SET_VARSIZE(new_acl, size);
420 new_acl->ndim = 1;
421 new_acl->dataoffset = 0; /* we never put in any nulls */
422 new_acl->elemtype = ACLITEMOID;
423 ARR_LBOUND(new_acl)[0] = 1;
424 ARR_DIMS(new_acl)[0] = n;
425 return new_acl;
426}
#define ARR_LBOUND(a)
Definition: array.h:296
size_t Size
Definition: c.h:562
void * palloc0(Size size)
Definition: mcxt.c:1347
static pg_noinline void Size size
Definition: slab.c:607
Oid elemtype
Definition: array.h:97
int ndim
Definition: array.h:95
int32 dataoffset
Definition: array.h:96

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), SET_VARSIZE, and size.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 574 of file acl.c.

575{
576 if (ARR_ELEMTYPE(acl) != ACLITEMOID)
578 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
579 errmsg("ACL array contains wrong data type")));
580 if (ARR_NDIM(acl) != 1)
582 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
583 errmsg("ACL arrays must be one-dimensional")));
584 if (ARR_HASNULL(acl))
586 (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
587 errmsg("ACL arrays must not contain null values")));
588}
#define ARR_NDIM(a)
Definition: array.h:290
#define ARR_ELEMTYPE(a)
Definition: array.h:292
#define ARR_HASNULL(a)
Definition: array.h:291

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

◆ check_can_set_role()

void check_can_set_role ( Oid  member,
Oid  role 
)

Definition at line 5325 of file acl.c.

5326{
5327 if (!member_can_set_role(member, role))
5328 ereport(ERROR,
5329 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
5330 errmsg("must be able to SET ROLE \"%s\"",
5331 GetUserNameFromId(role, false))));
5332}
bool member_can_set_role(Oid member, Oid role)
Definition: acl.c:5302
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:1036

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and member_can_set_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterSubscriptionOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), and CreateSchemaCommand().

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1206 of file acl.c.

1208{
1209 Acl *acl;
1210 AclItem *aip;
1211 int i,
1212 num;
1213 AclMode own_privs;
1214
1215 check_acl(old_acl);
1216
1217 /*
1218 * For now, grant options can only be granted to roles, not PUBLIC.
1219 * Otherwise we'd have to work a bit harder here.
1220 */
1221 Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1222
1223 /* The owner always has grant options, no need to check */
1224 if (mod_aip->ai_grantor == ownerId)
1225 return;
1226
1227 /* Make a working copy */
1228 acl = allocacl(ACL_NUM(old_acl));
1229 memcpy(acl, old_acl, ACL_SIZE(old_acl));
1230
1231 /* Zap all grant options of target grantee, plus what depends on 'em */
1232cc_restart:
1233 num = ACL_NUM(acl);
1234 aip = ACL_DAT(acl);
1235 for (i = 0; i < num; i++)
1236 {
1237 if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1239 {
1240 Acl *new_acl;
1241
1242 /* We'll actually zap ordinary privs too, but no matter */
1243 new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1244 ownerId, DROP_CASCADE);
1245
1246 pfree(acl);
1247 acl = new_acl;
1248
1249 goto cc_restart;
1250 }
1251 }
1252
1253 /* Now we can compute grantor's independently-derived privileges */
1254 own_privs = aclmask(acl,
1255 mod_aip->ai_grantor,
1256 ownerId,
1258 ACLMASK_ALL);
1259 own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1260
1261 if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1262 ereport(ERROR,
1263 (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1264 errmsg("grant options cannot be granted back to your own grantor")));
1265
1266 pfree(acl);
1267}
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1372
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
@ DROP_CASCADE
Definition: parsenodes.h:2386

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5695 of file acl.c.

5696{
5697 if (!role)
5698 return;
5699
5700 if (role->roletype != ROLESPEC_CSTRING)
5701 return;
5702
5703 if (IsReservedName(role->rolename))
5704 {
5705 if (detail_msg)
5706 ereport(ERROR,
5707 (errcode(ERRCODE_RESERVED_NAME),
5708 errmsg("role name \"%s\" is reserved",
5709 role->rolename),
5710 errdetail_internal("%s", detail_msg)));
5711 else
5712 ereport(ERROR,
5713 (errcode(ERRCODE_RESERVED_NAME),
5714 errmsg("role name \"%s\" is reserved",
5715 role->rolename)));
5716 }
5717}
bool IsReservedName(const char *name)
Definition: catalog.c:247
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1230
@ ROLESPEC_CSTRING
Definition: parsenodes.h:405
RoleSpecType roletype
Definition: parsenodes.h:415
char * rolename
Definition: parsenodes.h:416

References ereport, errcode(), errdetail_internal(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2519 of file acl.c.

2521{
2522 AclResult aclresult;
2523 bool is_missing = false;
2524
2525 /*
2526 * If convert_column_name failed, we can just return -1 immediately.
2527 */
2529 return -1;
2530
2531 /*
2532 * Check for column-level privileges first. This serves in part as a check
2533 * on whether the column even exists, so we need to do it before checking
2534 * table-level privilege.
2535 */
2536 aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
2537 mode, &is_missing);
2538 if (aclresult == ACLCHECK_OK)
2539 return 1;
2540 else if (is_missing)
2541 return -1;
2542
2543 /* Next check if we have the privilege at the table level */
2544 aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2545 if (aclresult == ACLCHECK_OK)
2546 return 1;
2547 else if (is_missing)
2548 return -1;
2549 else
2550 return 0;
2551}
AclResult
Definition: acl.h:182
@ ACLCHECK_OK
Definition: acl.h:183
AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:4017
AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3848
#define InvalidAttrNumber
Definition: attnum.h:23
int16 attnum
Definition: pg_attribute.h:74
static PgChecksumMode mode
Definition: pg_checksums.c:55

References ACLCHECK_OK, attnum, InvalidAttrNumber, mode, pg_attribute_aclcheck_ext(), and pg_class_aclcheck_ext().

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_aclright_to_string()

static const char * convert_aclright_to_string ( int  aclright)
static

Definition at line 1718 of file acl.c.

1719{
1720 switch (aclright)
1721 {
1722 case ACL_INSERT:
1723 return "INSERT";
1724 case ACL_SELECT:
1725 return "SELECT";
1726 case ACL_UPDATE:
1727 return "UPDATE";
1728 case ACL_DELETE:
1729 return "DELETE";
1730 case ACL_TRUNCATE:
1731 return "TRUNCATE";
1732 case ACL_REFERENCES:
1733 return "REFERENCES";
1734 case ACL_TRIGGER:
1735 return "TRIGGER";
1736 case ACL_EXECUTE:
1737 return "EXECUTE";
1738 case ACL_USAGE:
1739 return "USAGE";
1740 case ACL_CREATE:
1741 return "CREATE";
1742 case ACL_CREATE_TEMP:
1743 return "TEMPORARY";
1744 case ACL_CONNECT:
1745 return "CONNECT";
1746 case ACL_SET:
1747 return "SET";
1748 case ACL_ALTER_SYSTEM:
1749 return "ALTER SYSTEM";
1750 case ACL_MAINTAIN:
1751 return "MAINTAIN";
1752 default:
1753 elog(ERROR, "unrecognized aclright: %d", aclright);
1754 return NULL;
1755 }
1756}

References ACL_ALTER_SYSTEM, ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_MAINTAIN, ACL_REFERENCES, ACL_SELECT, ACL_SET, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1670 of file acl.c.

1672{
1673 AclMode result = 0;
1674 char *priv_type = text_to_cstring(priv_type_text);
1675 char *chunk;
1676 char *next_chunk;
1677
1678 /* We rely on priv_type being a private, modifiable string */
1679 for (chunk = priv_type; chunk; chunk = next_chunk)
1680 {
1681 int chunk_len;
1682 const priv_map *this_priv;
1683
1684 /* Split string at commas */
1685 next_chunk = strchr(chunk, ',');
1686 if (next_chunk)
1687 *next_chunk++ = '\0';
1688
1689 /* Drop leading/trailing whitespace in this chunk */
1690 while (*chunk && isspace((unsigned char) *chunk))
1691 chunk++;
1692 chunk_len = strlen(chunk);
1693 while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1694 chunk_len--;
1695 chunk[chunk_len] = '\0';
1696
1697 /* Match to the privileges list */
1698 for (this_priv = privileges; this_priv->name; this_priv++)
1699 {
1700 if (pg_strcasecmp(this_priv->name, chunk) == 0)
1701 {
1702 result |= this_priv->value;
1703 break;
1704 }
1705 }
1706 if (!this_priv->name)
1707 ereport(ERROR,
1708 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1709 errmsg("unrecognized privilege type: \"%s\"", chunk)));
1710 }
1711
1712 pfree(priv_type);
1713 return result;
1714}
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
Definition: acl.c:56
const char * name
Definition: acl.c:57
AclMode value
Definition: acl.c:58
char * text_to_cstring(const text *t)
Definition: varlena.c:217

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_largeobject_priv_string(), convert_parameter_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), convert_type_priv_string(), and makeaclitem().

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2879 of file acl.c.

2880{
2881 char *colname;
2882 HeapTuple attTuple;
2884
2885 colname = text_to_cstring(column);
2886
2887 /*
2888 * We don't use get_attnum() here because it will report that dropped
2889 * columns don't exist. We need to treat dropped columns differently from
2890 * nonexistent columns.
2891 */
2892 attTuple = SearchSysCache2(ATTNAME,
2893 ObjectIdGetDatum(tableoid),
2894 CStringGetDatum(colname));
2895 if (HeapTupleIsValid(attTuple))
2896 {
2897 Form_pg_attribute attributeForm;
2898
2899 attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2900 /* We want to return NULL for dropped columns */
2901 if (attributeForm->attisdropped)
2903 else
2904 attnum = attributeForm->attnum;
2905 ReleaseSysCache(attTuple);
2906 }
2907 else
2908 {
2909 char *tablename = get_rel_name(tableoid);
2910
2911 /*
2912 * If the table OID is bogus, or it's just been dropped, we'll get
2913 * NULL back. In such cases we want has_column_privilege to return
2914 * NULL too, so just return InvalidAttrNumber.
2915 */
2916 if (tablename != NULL)
2917 {
2918 /* tableoid exists, colname does not, so throw error */
2919 ereport(ERROR,
2920 (errcode(ERRCODE_UNDEFINED_COLUMN),
2921 errmsg("column \"%s\" of relation \"%s\" does not exist",
2922 colname, tablename)));
2923 }
2924 /* tableoid doesn't exist, so act like attisdropped case */
2926 }
2927
2928 pfree(colname);
2929 return attnum;
2930}
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1955
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:200
static Datum CStringGetDatum(const char *X)
Definition: postgres.h:355
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:232

References attnum, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT(), HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum(), pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2937 of file acl.c.

2938{
2939 static const priv_map column_priv_map[] = {
2940 {"SELECT", ACL_SELECT},
2941 {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2942 {"INSERT", ACL_INSERT},
2943 {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2944 {"UPDATE", ACL_UPDATE},
2945 {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2946 {"REFERENCES", ACL_REFERENCES},
2947 {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2948 {NULL, 0}
2949 };
2950
2951 return convert_any_priv_string(priv_type_text, column_priv_map);
2952}
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1670

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3131 of file acl.c.

3132{
3133 char *dbname = text_to_cstring(databasename);
3134
3135 return get_database_oid(dbname, false);
3136}
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:3140
char * dbname
Definition: streamutil.c:50

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3143 of file acl.c.

3144{
3145 static const priv_map database_priv_map[] = {
3146 {"CREATE", ACL_CREATE},
3147 {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3148 {"TEMPORARY", ACL_CREATE_TEMP},
3149 {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3150 {"TEMP", ACL_CREATE_TEMP},
3151 {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3152 {"CONNECT", ACL_CONNECT},
3153 {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3154 {NULL, 0}
3155 };
3156
3157 return convert_any_priv_string(priv_type_text, database_priv_map);
3158}

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3337 of file acl.c.

3338{
3339 char *fdwstr = text_to_cstring(fdwname);
3340
3341 return get_foreign_data_wrapper_oid(fdwstr, false);
3342}
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:681

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3349 of file acl.c.

3350{
3351 static const priv_map foreign_data_wrapper_priv_map[] = {
3352 {"USAGE", ACL_USAGE},
3353 {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3354 {NULL, 0}
3355 };
3356
3357 return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3358}

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3537 of file acl.c.

3538{
3539 char *funcname = text_to_cstring(functionname);
3540 Oid oid;
3541
3544
3545 if (!OidIsValid(oid))
3546 ereport(ERROR,
3547 (errcode(ERRCODE_UNDEFINED_FUNCTION),
3548 errmsg("function \"%s\" does not exist", funcname)));
3549
3550 return oid;
3551}
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:641
#define funcname
Definition: indent_codes.h:69
static Oid DatumGetObjectId(Datum X)
Definition: postgres.h:247
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:224

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, funcname, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3558 of file acl.c.

3559{
3560 static const priv_map function_priv_map[] = {
3561 {"EXECUTE", ACL_EXECUTE},
3562 {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3563 {NULL, 0}
3564 };
3565
3566 return convert_any_priv_string(priv_type_text, function_priv_map);
3567}

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3746 of file acl.c.

3747{
3748 char *langname = text_to_cstring(languagename);
3749
3750 return get_language_oid(langname, false);
3751}
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:226

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3758 of file acl.c.

3759{
3760 static const priv_map language_priv_map[] = {
3761 {"USAGE", ACL_USAGE},
3762 {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3763 {NULL, 0}
3764 };
3765
3766 return convert_any_priv_string(priv_type_text, language_priv_map);
3767}

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

◆ convert_largeobject_priv_string()

static AclMode convert_largeobject_priv_string ( text priv_text)
static

Definition at line 4793 of file acl.c.

4794{
4795 static const priv_map largeobject_priv_map[] = {
4796 {"SELECT", ACL_SELECT},
4797 {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
4798 {"UPDATE", ACL_UPDATE},
4799 {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
4800 {NULL, 0}
4801 };
4802
4803 return convert_any_priv_string(priv_type_text, largeobject_priv_map);
4804}

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_largeobject_privilege_id(), has_largeobject_privilege_id_id(), and has_largeobject_privilege_name_id().

◆ convert_parameter_priv_string()

static AclMode convert_parameter_priv_string ( text priv_text)
static

Definition at line 4657 of file acl.c.

4658{
4659 static const priv_map parameter_priv_map[] = {
4660 {"SET", ACL_SET},
4661 {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SET)},
4662 {"ALTER SYSTEM", ACL_ALTER_SYSTEM},
4663 {"ALTER SYSTEM WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_ALTER_SYSTEM)},
4664 {NULL, 0}
4665 };
4666
4667 return convert_any_priv_string(priv_text, parameter_priv_map);
4668}

References ACL_ALTER_SYSTEM, ACL_GRANT_OPTION_FOR, ACL_SET, and convert_any_priv_string().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4971 of file acl.c.

4972{
4973 static const priv_map role_priv_map[] = {
4974 {"USAGE", ACL_USAGE},
4975 {"MEMBER", ACL_CREATE},
4976 {"SET", ACL_SET},
4977 {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4978 {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4979 {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4980 {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4981 {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4982 {"SET WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4983 {NULL, 0}
4984 };
4985
4986 return convert_any_priv_string(priv_type_text, role_priv_map);
4987}

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_SET, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3946 of file acl.c.

3947{
3948 char *nspname = text_to_cstring(schemaname);
3949
3950 return get_namespace_oid(nspname, false);
3951}
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3535

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3958 of file acl.c.

3959{
3960 static const priv_map schema_priv_map[] = {
3961 {"CREATE", ACL_CREATE},
3962 {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3963 {"USAGE", ACL_USAGE},
3964 {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3965 {NULL, 0}
3966 };
3967
3968 return convert_any_priv_string(priv_type_text, schema_priv_map);
3969}

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2282 of file acl.c.

2283{
2284 static const priv_map sequence_priv_map[] = {
2285 {"USAGE", ACL_USAGE},
2286 {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2287 {"SELECT", ACL_SELECT},
2288 {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2289 {"UPDATE", ACL_UPDATE},
2290 {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2291 {NULL, 0}
2292 };
2293
2294 return convert_any_priv_string(priv_type_text, sequence_priv_map);
2295}

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4148 of file acl.c.

4149{
4150 char *serverstr = text_to_cstring(servername);
4151
4152 return get_foreign_server_oid(serverstr, false);
4153}
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:704

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4160 of file acl.c.

4161{
4162 static const priv_map server_priv_map[] = {
4163 {"USAGE", ACL_USAGE},
4164 {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4165 {NULL, 0}
4166 };
4167
4168 return convert_any_priv_string(priv_type_text, server_priv_map);
4169}

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2047 of file acl.c.

2048{
2049 static const priv_map table_priv_map[] = {
2050 {"SELECT", ACL_SELECT},
2051 {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2052 {"INSERT", ACL_INSERT},
2053 {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2054 {"UPDATE", ACL_UPDATE},
2055 {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2056 {"DELETE", ACL_DELETE},
2057 {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2058 {"TRUNCATE", ACL_TRUNCATE},
2059 {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2060 {"REFERENCES", ACL_REFERENCES},
2061 {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2062 {"TRIGGER", ACL_TRIGGER},
2063 {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2064 {"MAINTAIN", ACL_MAINTAIN},
2065 {"MAINTAIN WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_MAINTAIN)},
2066 {NULL, 0}
2067 };
2068
2069 return convert_any_priv_string(priv_type_text, table_priv_map);
2070}

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_MAINTAIN, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4348 of file acl.c.

4349{
4350 char *spcname = text_to_cstring(tablespacename);
4351
4352 return get_tablespace_oid(spcname, false);
4353}
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1426

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4360 of file acl.c.

4361{
4362 static const priv_map tablespace_priv_map[] = {
4363 {"CREATE", ACL_CREATE},
4364 {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4365 {NULL, 0}
4366 };
4367
4368 return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4369}

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4547 of file acl.c.

4548{
4549 char *typname = text_to_cstring(typename);
4550 Oid oid;
4551
4554
4555 if (!OidIsValid(oid))
4556 ereport(ERROR,
4557 (errcode(ERRCODE_UNDEFINED_OBJECT),
4558 errmsg("type \"%s\" does not exist", typname)));
4559
4560 return oid;
4561}
NameData typname
Definition: pg_type.h:41
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1176

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4568 of file acl.c.

4569{
4570 static const priv_map type_priv_map[] = {
4571 {"USAGE", ACL_USAGE},
4572 {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4573 {NULL, 0}
4574 };
4575
4576 return convert_any_priv_string(priv_type_text, type_priv_map);
4577}

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5438 of file acl.c.

5439{
5440 int nbits = 0;
5441
5442 /* this code relies on AclMode being an unsigned type */
5443 while (mask)
5444 {
5445 if (mask & 1)
5446 nbits++;
5447 mask >>= 1;
5448 }
5449 return nbits;
5450}

Referenced by select_best_grantor().

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5554 of file acl.c.

5555{
5556 Oid oid;
5557
5558 oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5560 if (!OidIsValid(oid) && !missing_ok)
5561 ereport(ERROR,
5562 (errcode(ERRCODE_UNDEFINED_OBJECT),
5563 errmsg("role \"%s\" does not exist", rolname)));
5564 return oid;
5565}
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:109

References CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, OidIsValid, and rolname.

Referenced by aclparse(), check_hba(), check_ident_usermap(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), shell_check_detail(), and worker_spi_launch().

◆ get_role_oid_or_public()

◆ get_rolespec_name()

char * get_rolespec_name ( const RoleSpec role)

Definition at line 5673 of file acl.c.

5674{
5675 HeapTuple tp;
5676 Form_pg_authid authForm;
5677 char *rolename;
5678
5679 tp = get_rolespec_tuple(role);
5680 authForm = (Form_pg_authid) GETSTRUCT(tp);
5681 rolename = pstrdup(NameStr(authForm->rolname));
5682 ReleaseSysCache(tp);
5683
5684 return rolename;
5685}
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5627
char * pstrdup(const char *in)
Definition: mcxt.c:1696

References get_rolespec_tuple(), GETSTRUCT(), NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5588 of file acl.c.

5589{
5590 Oid oid;
5591
5592 switch (role->roletype)
5593 {
5594 case ROLESPEC_CSTRING:
5595 Assert(role->rolename);
5596 oid = get_role_oid(role->rolename, missing_ok);
5597 break;
5598
5601 oid = GetUserId();
5602 break;
5603
5605 oid = GetSessionUserId();
5606 break;
5607
5608 case ROLESPEC_PUBLIC:
5609 ereport(ERROR,
5610 (errcode(ERRCODE_UNDEFINED_OBJECT),
5611 errmsg("role \"%s\" does not exist", "public")));
5612 oid = InvalidOid; /* make compiler happy */
5613 break;
5614
5615 default:
5616 elog(ERROR, "unexpected role type %d", role->roletype);
5617 }
5618
5619 return oid;
5620}
Oid GetUserId(void)
Definition: miscinit.c:517
Oid GetSessionUserId(void)
Definition: miscinit.c:556
@ ROLESPEC_CURRENT_USER
Definition: parsenodes.h:407
@ ROLESPEC_SESSION_USER
Definition: parsenodes.h:408
@ ROLESPEC_CURRENT_ROLE
Definition: parsenodes.h:406
@ ROLESPEC_PUBLIC
Definition: parsenodes.h:409
#define InvalidOid
Definition: postgres_ext.h:37

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5627 of file acl.c.

5628{
5629 HeapTuple tuple;
5630
5631 switch (role->roletype)
5632 {
5633 case ROLESPEC_CSTRING:
5634 Assert(role->rolename);
5635 tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
5636 if (!HeapTupleIsValid(tuple))
5637 ereport(ERROR,
5638 (errcode(ERRCODE_UNDEFINED_OBJECT),
5639 errmsg("role \"%s\" does not exist", role->rolename)));
5640 break;
5641
5644 tuple = SearchSysCache1(AUTHOID, ObjectIdGetDatum(GetUserId()));
5645 if (!HeapTupleIsValid(tuple))
5646 elog(ERROR, "cache lookup failed for role %u", GetUserId());
5647 break;
5648
5651 if (!HeapTupleIsValid(tuple))
5652 elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5653 break;
5654
5655 case ROLESPEC_PUBLIC:
5656 ereport(ERROR,
5657 (errcode(ERRCODE_UNDEFINED_OBJECT),
5658 errmsg("role \"%s\" does not exist", "public")));
5659 tuple = NULL; /* make compiler happy */
5660 break;
5661
5662 default:
5663 elog(ERROR, "unexpected role type %d", role->roletype);
5664 }
5665
5666 return tuple;
5667}

References Assert, CStringGetDatum(), elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, ObjectIdGetDatum(), RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

◆ getid()

static const char * getid ( const char *  s,
char *  n,
Node escontext 
)
static

Definition at line 153 of file acl.c.

154{
155 int len = 0;
156 bool in_quotes = false;
157
158 Assert(s && n);
159
160 while (isspace((unsigned char) *s))
161 s++;
162 /* This code had better match what putid() does, below */
163 for (;
164 *s != '\0' &&
165 (isalnum((unsigned char) *s) ||
166 *s == '_' ||
167 *s == '"' ||
168 in_quotes);
169 s++)
170 {
171 if (*s == '"')
172 {
173 /* safe to look at next char (could be '\0' though) */
174 if (*(s + 1) != '"')
175 {
176 in_quotes = !in_quotes;
177 continue;
178 }
179 /* it's an escaped double quote; skip the escaping char */
180 s++;
181 }
182
183 /* Add the character to the string */
184 if (len >= NAMEDATALEN - 1)
185 ereturn(escontext, NULL,
186 (errcode(ERRCODE_NAME_TOO_LONG),
187 errmsg("identifier too long"),
188 errdetail("Identifier must be less than %d characters.",
189 NAMEDATALEN)));
190
191 n[len++] = *s;
192 }
193 n[len] = '\0';
194 while (isspace((unsigned char) *s))
195 s++;
196 return s;
197}
int errdetail(const char *fmt,...)
Definition: elog.c:1203
const void size_t len

References Assert, ereturn, errcode(), errdetail(), errmsg(), len, and NAMEDATALEN.

Referenced by aclparse().

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2408 of file acl.c.

2409{
2410 Oid tableoid = PG_GETARG_OID(0);
2411 text *priv_type_text = PG_GETARG_TEXT_PP(1);
2412 Oid roleid;
2413 AclMode mode;
2414 AclResult aclresult;
2415 bool is_missing = false;
2416
2417 roleid = GetUserId();
2418 mode = convert_column_priv_string(priv_type_text);
2419
2420 /* First check at table level, then examine each column if needed */
2421 aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2422 if (aclresult != ACLCHECK_OK)
2423 {
2424 if (is_missing)
2426 aclresult = pg_attribute_aclcheck_all_ext(tableoid, roleid, mode,
2427 ACLMASK_ANY, &is_missing);
2428 if (is_missing)
2430 }
2431
2432 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2433}
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2937
@ ACLMASK_ANY
Definition: acl.h:177
AclResult pg_attribute_aclcheck_all_ext(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how, bool *is_missing)
Definition: aclchk.c:3889
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
Definition: c.h:644

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, pg_attribute_aclcheck_all_ext(), pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2468 of file acl.c.

2469{
2470 Oid roleid = PG_GETARG_OID(0);
2471 Oid tableoid = PG_GETARG_OID(1);
2472 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2473 AclMode mode;
2474 AclResult aclresult;
2475 bool is_missing = false;
2476
2477 mode = convert_column_priv_string(priv_type_text);
2478
2479 /* First check at table level, then examine each column if needed */
2480 aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2481 if (aclresult != ACLCHECK_OK)
2482 {
2483 if (is_missing)
2485 aclresult = pg_attribute_aclcheck_all_ext(tableoid, roleid, mode,
2486 ACLMASK_ANY, &is_missing);
2487 if (is_missing)
2489 }
2490
2491 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2492}

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, pg_attribute_aclcheck_all_ext(), pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2441 of file acl.c.

2442{
2443 Oid roleid = PG_GETARG_OID(0);
2444 text *tablename = PG_GETARG_TEXT_PP(1);
2445 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2446 Oid tableoid;
2447 AclMode mode;
2448 AclResult aclresult;
2449
2450 tableoid = convert_table_name(tablename);
2451 mode = convert_column_priv_string(priv_type_text);
2452
2453 /* First check at table level, then examine each column if needed */
2454 aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2455 if (aclresult != ACLCHECK_OK)
2456 aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2457 ACLMASK_ANY);
2458
2459 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2460}
static Oid convert_table_name(text *tablename)
Definition: acl.c:2032
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:3878
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4007

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2345 of file acl.c.

2346{
2347 text *tablename = PG_GETARG_TEXT_PP(0);
2348 text *priv_type_text = PG_GETARG_TEXT_PP(1);
2349 Oid roleid;
2350 Oid tableoid;
2351 AclMode mode;
2352 AclResult aclresult;
2353
2354 roleid = GetUserId();
2355 tableoid = convert_table_name(tablename);
2356 mode = convert_column_priv_string(priv_type_text);
2357
2358 /* First check at table level, then examine each column if needed */
2359 aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2360 if (aclresult != ACLCHECK_OK)
2361 aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2362 ACLMASK_ANY);
2363
2364 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2365}

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2373 of file acl.c.

2374{
2376 Oid tableoid = PG_GETARG_OID(1);
2377 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2378 Oid roleid;
2379 AclMode mode;
2380 AclResult aclresult;
2381 bool is_missing = false;
2382
2384 mode = convert_column_priv_string(priv_type_text);
2385
2386 /* First check at table level, then examine each column if needed */
2387 aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2388 if (aclresult != ACLCHECK_OK)
2389 {
2390 if (is_missing)
2392 aclresult = pg_attribute_aclcheck_all_ext(tableoid, roleid, mode,
2393 ACLMASK_ANY, &is_missing);
2394 if (is_missing)
2396 }
2397
2398 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2399}
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5572
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278
static char * username
Definition: initdb.c:153
Definition: c.h:698

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all_ext(), pg_class_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2315 of file acl.c.

2316{
2317 Name rolename = PG_GETARG_NAME(0);
2318 text *tablename = PG_GETARG_TEXT_PP(1);
2319 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2320 Oid roleid;
2321 Oid tableoid;
2322 AclMode mode;
2323 AclResult aclresult;
2324
2325 roleid = get_role_oid_or_public(NameStr(*rolename));
2326 tableoid = convert_table_name(tablename);
2327 mode = convert_column_priv_string(priv_type_text);
2328
2329 /* First check at table level, then examine each column if needed */
2330 aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2331 if (aclresult != ACLCHECK_OK)
2332 aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2333 ACLMASK_ANY);
2334
2335 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2336}

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2851 of file acl.c.

2852{
2853 Oid tableoid = PG_GETARG_OID(0);
2854 AttrNumber colattnum = PG_GETARG_INT16(1);
2855 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2856 Oid roleid;
2857 AclMode mode;
2858 int privresult;
2859
2860 roleid = GetUserId();
2861 mode = convert_column_priv_string(priv_type_text);
2862
2863 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2864 if (privresult < 0)
2866 PG_RETURN_BOOL(privresult);
2867}
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2519
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2744 of file acl.c.

2745{
2746 Oid roleid = PG_GETARG_OID(0);
2747 Oid tableoid = PG_GETARG_OID(1);
2748 AttrNumber colattnum = PG_GETARG_INT16(2);
2749 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2750 AclMode mode;
2751 int privresult;
2752
2753 mode = convert_column_priv_string(priv_type_text);
2754
2755 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2756 if (privresult < 0)
2758 PG_RETURN_BOOL(privresult);
2759}

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2719 of file acl.c.

2720{
2721 Oid roleid = PG_GETARG_OID(0);
2722 Oid tableoid = PG_GETARG_OID(1);
2723 text *column = PG_GETARG_TEXT_PP(2);
2724 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2725 AttrNumber colattnum;
2726 AclMode mode;
2727 int privresult;
2728
2729 colattnum = convert_column_name(tableoid, column);
2730 mode = convert_column_priv_string(priv_type_text);
2731
2732 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2733 if (privresult < 0)
2735 PG_RETURN_BOOL(privresult);
2736}
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2879

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2824 of file acl.c.

2825{
2826 Oid tableoid = PG_GETARG_OID(0);
2827 text *column = PG_GETARG_TEXT_PP(1);
2828 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2829 Oid roleid;
2830 AttrNumber colattnum;
2831 AclMode mode;
2832 int privresult;
2833
2834 roleid = GetUserId();
2835 colattnum = convert_column_name(tableoid, column);
2836 mode = convert_column_priv_string(priv_type_text);
2837
2838 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2839 if (privresult < 0)
2841 PG_RETURN_BOOL(privresult);
2842}

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2694 of file acl.c.

2695{
2696 Oid roleid = PG_GETARG_OID(0);
2697 text *tablename = PG_GETARG_TEXT_PP(1);
2698 AttrNumber colattnum = PG_GETARG_INT16(2);
2699 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2700 Oid tableoid;
2701 AclMode mode;
2702 int privresult;
2703
2704 tableoid = convert_table_name(tablename);
2705 mode = convert_column_priv_string(priv_type_text);
2706
2707 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2708 if (privresult < 0)
2710 PG_RETURN_BOOL(privresult);
2711}

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2667 of file acl.c.

2668{
2669 Oid roleid = PG_GETARG_OID(0);
2670 text *tablename = PG_GETARG_TEXT_PP(1);
2671 text *column = PG_GETARG_TEXT_PP(2);
2672 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2673 Oid tableoid;
2674 AttrNumber colattnum;
2675 AclMode mode;
2676 int privresult;
2677
2678 tableoid = convert_table_name(tablename);
2679 colattnum = convert_column_name(tableoid, column);
2680 mode = convert_column_priv_string(priv_type_text);
2681
2682 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2683 if (privresult < 0)
2685 PG_RETURN_BOOL(privresult);
2686}

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2797 of file acl.c.

2798{
2799 text *tablename = PG_GETARG_TEXT_PP(0);
2800 AttrNumber colattnum = PG_GETARG_INT16(1);
2801 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2802 Oid roleid;
2803 Oid tableoid;
2804 AclMode mode;
2805 int privresult;
2806
2807 roleid = GetUserId();
2808 tableoid = convert_table_name(tablename);
2809 mode = convert_column_priv_string(priv_type_text);
2810
2811 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2812 if (privresult < 0)
2814 PG_RETURN_BOOL(privresult);
2815}

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2642 of file acl.c.

2643{
2645 Oid tableoid = PG_GETARG_OID(1);
2646 AttrNumber colattnum = PG_GETARG_INT16(2);
2647 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2648 Oid roleid;
2649 AclMode mode;
2650 int privresult;
2651
2653 mode = convert_column_priv_string(priv_type_text);
2654
2655 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2656 if (privresult < 0)
2658 PG_RETURN_BOOL(privresult);
2659}

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2615 of file acl.c.

2616{
2618 Oid tableoid = PG_GETARG_OID(1);
2619 text *column = PG_GETARG_TEXT_PP(2);
2620 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2621 Oid roleid;
2622 AttrNumber colattnum;
2623 AclMode mode;
2624 int privresult;
2625
2627 colattnum = convert_column_name(tableoid, column);
2628 mode = convert_column_priv_string(priv_type_text);
2629
2630 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2631 if (privresult < 0)
2633 PG_RETURN_BOOL(privresult);
2634}

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2768 of file acl.c.

2769{
2770 text *tablename = PG_GETARG_TEXT_PP(0);
2771 text *column = PG_GETARG_TEXT_PP(1);
2772 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2773 Oid roleid;
2774 Oid tableoid;
2775 AttrNumber colattnum;
2776 AclMode mode;
2777 int privresult;
2778
2779 roleid = GetUserId();
2780 tableoid = convert_table_name(tablename);
2781 colattnum = convert_column_name(tableoid, column);
2782 mode = convert_column_priv_string(priv_type_text);
2783
2784 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2785 if (privresult < 0)
2787 PG_RETURN_BOOL(privresult);
2788}

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2588 of file acl.c.

2589{
2590 Name rolename = PG_GETARG_NAME(0);
2591 text *tablename = PG_GETARG_TEXT_PP(1);
2592 AttrNumber colattnum = PG_GETARG_INT16(2);
2593 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2594 Oid roleid;
2595 Oid tableoid;
2596 AclMode mode;
2597 int privresult;
2598
2599 roleid = get_role_oid_or_public(NameStr(*rolename));
2600 tableoid = convert_table_name(tablename);
2601 mode = convert_column_priv_string(priv_type_text);
2602
2603 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2604 if (privresult < 0)
2606 PG_RETURN_BOOL(privresult);
2607}

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2559 of file acl.c.

2560{
2561 Name rolename = PG_GETARG_NAME(0);
2562 text *tablename = PG_GETARG_TEXT_PP(1);
2563 text *column = PG_GETARG_TEXT_PP(2);
2564 text *priv_type_text = PG_GETARG_TEXT_PP(3);
2565 Oid roleid;
2566 Oid tableoid;
2567 AttrNumber colattnum;
2568 AclMode mode;
2569 int privresult;
2570
2571 roleid = get_role_oid_or_public(NameStr(*rolename));
2572 tableoid = convert_table_name(tablename);
2573 colattnum = convert_column_name(tableoid, column);
2574 mode = convert_column_priv_string(priv_type_text);
2575
2576 privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2577 if (privresult < 0)
2579 PG_RETURN_BOOL(privresult);
2580}

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3051 of file acl.c.

3052{
3053 Oid databaseoid = PG_GETARG_OID(0);
3054 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3055 Oid roleid;
3056 AclMode mode;
3057 AclResult aclresult;
3058 bool is_missing = false;
3059
3060 roleid = GetUserId();
3061 mode = convert_database_priv_string(priv_type_text);
3062
3063 aclresult = object_aclcheck_ext(DatabaseRelationId, databaseoid,
3064 roleid, mode,
3065 &is_missing);
3066
3067 if (is_missing)
3069
3070 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3071}
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3143
AclResult object_aclcheck_ext(Oid classid, Oid objectid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3814

References ACLCHECK_OK, convert_database_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3102 of file acl.c.

3103{
3104 Oid roleid = PG_GETARG_OID(0);
3105 Oid databaseoid = PG_GETARG_OID(1);
3106 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3107 AclMode mode;
3108 AclResult aclresult;
3109 bool is_missing = false;
3110
3111 mode = convert_database_priv_string(priv_type_text);
3112
3113 aclresult = object_aclcheck_ext(DatabaseRelationId, databaseoid,
3114 roleid, mode,
3115 &is_missing);
3116
3117 if (is_missing)
3119
3120 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3121}

References ACLCHECK_OK, convert_database_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3079 of file acl.c.

3080{
3081 Oid roleid = PG_GETARG_OID(0);
3082 text *databasename = PG_GETARG_TEXT_PP(1);
3083 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3084 Oid databaseoid;
3085 AclMode mode;
3086 AclResult aclresult;
3087
3088 databaseoid = convert_database_name(databasename);
3089 mode = convert_database_priv_string(priv_type_text);
3090
3091 aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3092
3093 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3094}
static Oid convert_database_name(text *databasename)
Definition: acl.c:3131
AclResult object_aclcheck(Oid classid, Oid objectid, Oid roleid, AclMode mode)
Definition: aclchk.c:3804

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2997 of file acl.c.

2998{
2999 text *databasename = PG_GETARG_TEXT_PP(0);
3000 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3001 Oid roleid;
3002 Oid databaseoid;
3003 AclMode mode;
3004 AclResult aclresult;
3005
3006 roleid = GetUserId();
3007 databaseoid = convert_database_name(databasename);
3008 mode = convert_database_priv_string(priv_type_text);
3009
3010 aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3011
3012 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3013}

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3021 of file acl.c.

3022{
3024 Oid databaseoid = PG_GETARG_OID(1);
3025 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3026 Oid roleid;
3027 AclMode mode;
3028 AclResult aclresult;
3029 bool is_missing = false;
3030
3032 mode = convert_database_priv_string(priv_type_text);
3033
3034 aclresult = object_aclcheck_ext(DatabaseRelationId, databaseoid,
3035 roleid, mode,
3036 &is_missing);
3037
3038 if (is_missing)
3040
3041 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3042}

References ACLCHECK_OK, convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2971 of file acl.c.

2972{
2974 text *databasename = PG_GETARG_TEXT_PP(1);
2975 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2976 Oid roleid;
2977 Oid databaseoid;
2978 AclMode mode;
2979 AclResult aclresult;
2980
2982 databaseoid = convert_database_name(databasename);
2983 mode = convert_database_priv_string(priv_type_text);
2984
2985 aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2986
2987 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2988}

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3257 of file acl.c.

3258{
3259 Oid fdwid = PG_GETARG_OID(0);
3260 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3261 Oid roleid;
3262 AclMode mode;
3263 AclResult aclresult;
3264 bool is_missing = false;
3265
3266 roleid = GetUserId();
3268
3269 aclresult = object_aclcheck_ext(ForeignDataWrapperRelationId, fdwid,
3270 roleid, mode,
3271 &is_missing);
3272
3273 if (is_missing)
3275
3276 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3277}
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3349

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3308 of file acl.c.

3309{
3310 Oid roleid = PG_GETARG_OID(0);
3311 Oid fdwid = PG_GETARG_OID(1);
3312 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3313 AclMode mode;
3314 AclResult aclresult;
3315 bool is_missing = false;
3316
3318
3319 aclresult = object_aclcheck_ext(ForeignDataWrapperRelationId, fdwid,
3320 roleid, mode,
3321 &is_missing);
3322
3323 if (is_missing)
3325
3326 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3327}

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3285 of file acl.c.

3286{
3287 Oid roleid = PG_GETARG_OID(0);
3288 text *fdwname = PG_GETARG_TEXT_PP(1);
3289 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3290 Oid fdwid;
3291 AclMode mode;
3292 AclResult aclresult;
3293
3294 fdwid = convert_foreign_data_wrapper_name(fdwname);
3296
3297 aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3298
3299 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3300}
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3337

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3203 of file acl.c.

3204{
3205 text *fdwname = PG_GETARG_TEXT_PP(0);
3206 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3207 Oid roleid;
3208 Oid fdwid;
3209 AclMode mode;
3210 AclResult aclresult;
3211
3212 roleid = GetUserId();
3213 fdwid = convert_foreign_data_wrapper_name(fdwname);
3215
3216 aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3217
3218 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3219}

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3227 of file acl.c.

3228{
3230 Oid fdwid = PG_GETARG_OID(1);
3231 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3232 Oid roleid;
3233 AclMode mode;
3234 AclResult aclresult;
3235 bool is_missing = false;
3236
3239
3240 aclresult = object_aclcheck_ext(ForeignDataWrapperRelationId, fdwid,
3241 roleid, mode,
3242 &is_missing);
3243
3244 if (is_missing)
3246
3247 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3248}

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3177 of file acl.c.

3178{
3180 text *fdwname = PG_GETARG_TEXT_PP(1);
3181 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3182 Oid roleid;
3183 Oid fdwid;
3184 AclMode mode;
3185 AclResult aclresult;
3186
3188 fdwid = convert_foreign_data_wrapper_name(fdwname);
3190
3191 aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3192
3193 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3194}

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3457 of file acl.c.

3458{
3459 Oid functionoid = PG_GETARG_OID(0);
3460 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3461 Oid roleid;
3462 AclMode mode;
3463 AclResult aclresult;
3464 bool is_missing = false;
3465
3466 roleid = GetUserId();
3467 mode = convert_function_priv_string(priv_type_text);
3468
3469 aclresult = object_aclcheck_ext(ProcedureRelationId, functionoid,
3470 roleid, mode,
3471 &is_missing);
3472
3473 if (is_missing)
3475
3476 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3477}
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3558

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_function_privilege_id_id()

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3508 of file acl.c.

3509{
3510 Oid roleid = PG_GETARG_OID(0);
3511 Oid functionoid = PG_GETARG_OID(1);
3512 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3513 AclMode mode;
3514 AclResult aclresult;
3515 bool is_missing = false;
3516
3517 mode = convert_function_priv_string(priv_type_text);
3518
3519 aclresult = object_aclcheck_ext(ProcedureRelationId, functionoid,
3520 roleid, mode,
3521 &is_missing);
3522
3523 if (is_missing)
3525
3526 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3527}

References ACLCHECK_OK, convert_function_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_function_privilege_id_name()

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3485 of file acl.c.

3486{
3487 Oid roleid = PG_GETARG_OID(0);
3488 text *functionname = PG_GETARG_TEXT_PP(1);
3489 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3490 Oid functionoid;
3491 AclMode mode;
3492 AclResult aclresult;
3493
3494 functionoid = convert_function_name(functionname);
3495 mode = convert_function_priv_string(priv_type_text);
3496
3497 aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3498
3499 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3500}
static Oid convert_function_name(text *functionname)
Definition: acl.c:3537

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name()

Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3403 of file acl.c.

3404{
3405 text *functionname = PG_GETARG_TEXT_PP(0);
3406 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3407 Oid roleid;
3408 Oid functionoid;
3409 AclMode mode;
3410 AclResult aclresult;
3411
3412 roleid = GetUserId();
3413 functionoid = convert_function_name(functionname);
3414 mode = convert_function_priv_string(priv_type_text);
3415
3416 aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3417
3418 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3419}

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name_id()

Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3427 of file acl.c.

3428{
3430 Oid functionoid = PG_GETARG_OID(1);
3431 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3432 Oid roleid;
3433 AclMode mode;
3434 AclResult aclresult;
3435 bool is_missing = false;
3436
3438 mode = convert_function_priv_string(priv_type_text);
3439
3440 aclresult = object_aclcheck_ext(ProcedureRelationId, functionoid,
3441 roleid, mode,
3442 &is_missing);
3443
3444 if (is_missing)
3446
3447 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3448}

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_function_privilege_name_name()

Datum has_function_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3377 of file acl.c.

3378{
3380 text *functionname = PG_GETARG_TEXT_PP(1);
3381 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3382 Oid roleid;
3383 Oid functionoid;
3384 AclMode mode;
3385 AclResult aclresult;
3386
3388 functionoid = convert_function_name(functionname);
3389 mode = convert_function_priv_string(priv_type_text);
3390
3391 aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3392
3393 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3394}

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_language_privilege_id()

Datum has_language_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3666 of file acl.c.

3667{
3668 Oid languageoid = PG_GETARG_OID(0);
3669 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3670 Oid roleid;
3671 AclMode mode;
3672 AclResult aclresult;
3673 bool is_missing = false;
3674
3675 roleid = GetUserId();
3676 mode = convert_language_priv_string(priv_type_text);
3677
3678 aclresult = object_aclcheck_ext(LanguageRelationId, languageoid,
3679 roleid, mode,
3680 &is_missing);
3681
3682 if (is_missing)
3684
3685 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3686}
static AclMode convert_language_priv_string(text *priv_type_text)
Definition: acl.c:3758

References ACLCHECK_OK, convert_language_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_language_privilege_id_id()

Datum has_language_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3717 of file acl.c.

3718{
3719 Oid roleid = PG_GETARG_OID(0);
3720 Oid languageoid = PG_GETARG_OID(1);
3721 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3722 AclMode mode;
3723 AclResult aclresult;
3724 bool is_missing = false;
3725
3726 mode = convert_language_priv_string(priv_type_text);
3727
3728 aclresult = object_aclcheck_ext(LanguageRelationId, languageoid,
3729 roleid, mode,
3730 &is_missing);
3731
3732 if (is_missing)
3734
3735 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3736}

References ACLCHECK_OK, convert_language_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_language_privilege_id_name()

Datum has_language_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3694 of file acl.c.

3695{
3696 Oid roleid = PG_GETARG_OID(0);
3697 text *languagename = PG_GETARG_TEXT_PP(1);
3698 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3699 Oid languageoid;
3700 AclMode mode;
3701 AclResult aclresult;
3702
3703 languageoid = convert_language_name(languagename);
3704 mode = convert_language_priv_string(priv_type_text);
3705
3706 aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3707
3708 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3709}
static Oid convert_language_name(text *languagename)
Definition: acl.c:3746

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name()

Datum has_language_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3612 of file acl.c.

3613{
3614 text *languagename = PG_GETARG_TEXT_PP(0);
3615 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3616 Oid roleid;
3617 Oid languageoid;
3618 AclMode mode;
3619 AclResult aclresult;
3620
3621 roleid = GetUserId();
3622 languageoid = convert_language_name(languagename);
3623 mode = convert_language_priv_string(priv_type_text);
3624
3625 aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3626
3627 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3628}

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name_id()

Datum has_language_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3636 of file acl.c.

3637{
3639 Oid languageoid = PG_GETARG_OID(1);
3640 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3641 Oid roleid;
3642 AclMode mode;
3643 AclResult aclresult;
3644 bool is_missing = false;
3645
3647 mode = convert_language_priv_string(priv_type_text);
3648
3649 aclresult = object_aclcheck_ext(LanguageRelationId, languageoid,
3650 roleid, mode,
3651 &is_missing);
3652
3653 if (is_missing)
3655
3656 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3657}

References ACLCHECK_OK, convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_language_privilege_name_name()

Datum has_language_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3586 of file acl.c.

3587{
3589 text *languagename = PG_GETARG_TEXT_PP(1);
3590 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3591 Oid roleid;
3592 Oid languageoid;
3593 AclMode mode;
3594 AclResult aclresult;
3595
3597 languageoid = convert_language_name(languagename);
3598 mode = convert_language_priv_string(priv_type_text);
3599
3600 aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3601
3602 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3603}

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_largeobject_privilege_id()

Datum has_largeobject_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4746 of file acl.c.

4747{
4748 Oid lobjId = PG_GETARG_OID(0);
4749 Oid roleid = GetUserId();
4750 text *priv_type_text = PG_GETARG_TEXT_PP(1);
4751 AclMode mode;
4752 bool is_missing = false;
4753 bool result;
4754
4755 mode = convert_largeobject_priv_string(priv_type_text);
4756 result = has_lo_priv_byid(roleid, lobjId, mode, &is_missing);
4757
4758 if (is_missing)
4760
4761 PG_RETURN_BOOL(result);
4762}
static AclMode convert_largeobject_priv_string(text *priv_text)
Definition: acl.c:4793
static bool has_lo_priv_byid(Oid roleid, Oid lobjId, AclMode priv, bool *is_missing)
Definition: acl.c:4687

References convert_largeobject_priv_string(), GetUserId(), has_lo_priv_byid(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_largeobject_privilege_id_id()

Datum has_largeobject_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4770 of file acl.c.

4771{
4772 Oid roleid = PG_GETARG_OID(0);
4773 Oid lobjId = PG_GETARG_OID(1);
4774 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4775 AclMode mode;
4776 bool is_missing = false;
4777 bool result;
4778
4779 mode = convert_largeobject_priv_string(priv_type_text);
4780 result = has_lo_priv_byid(roleid, lobjId, mode, &is_missing);
4781
4782 if (is_missing)
4784
4785 PG_RETURN_BOOL(result);
4786}

References convert_largeobject_priv_string(), has_lo_priv_byid(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_largeobject_privilege_name_id()

Datum has_largeobject_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 4720 of file acl.c.

4721{
4724 Oid lobjId = PG_GETARG_OID(1);
4725 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4726 AclMode mode;
4727 bool is_missing = false;
4728 bool result;
4729
4730 mode = convert_largeobject_priv_string(priv_type_text);
4731 result = has_lo_priv_byid(roleid, lobjId, mode, &is_missing);
4732
4733 if (is_missing)
4735
4736 PG_RETURN_BOOL(result);
4737}

References convert_largeobject_priv_string(), get_role_oid_or_public(), has_lo_priv_byid(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_lo_priv_byid()

static bool has_lo_priv_byid ( Oid  roleid,
Oid  lobjId,
AclMode  priv,
bool *  is_missing 
)
static

Definition at line 4687 of file acl.c.

4688{
4689 Snapshot snapshot = NULL;
4690 AclResult aclresult;
4691
4692 if (priv & ACL_UPDATE)
4693 snapshot = NULL;
4694 else
4695 snapshot = GetActiveSnapshot();
4696
4697 if (!LargeObjectExistsWithSnapshot(lobjId, snapshot))
4698 {
4699 Assert(is_missing != NULL);
4700 *is_missing = true;
4701 return false;
4702 }
4703
4705 return true;
4706
4707 aclresult = pg_largeobject_aclcheck_snapshot(lobjId,
4708 roleid,
4709 priv,
4710 snapshot);
4711 return aclresult == ACLCHECK_OK;
4712}
AclResult pg_largeobject_aclcheck_snapshot(Oid lobj_oid, Oid roleid, AclMode mode, Snapshot snapshot)
Definition: aclchk.c:4044
bool lo_compat_privileges
Definition: inv_api.c:56
bool LargeObjectExistsWithSnapshot(Oid loid, Snapshot snapshot)
Snapshot GetActiveSnapshot(void)
Definition: snapmgr.c:728

References ACL_UPDATE, ACLCHECK_OK, Assert, GetActiveSnapshot(), LargeObjectExistsWithSnapshot(), lo_compat_privileges, and pg_largeobject_aclcheck_snapshot().

Referenced by has_largeobject_privilege_id(), has_largeobject_privilege_id_id(), and has_largeobject_privilege_name_id().

◆ has_param_priv_byname()

static bool has_param_priv_byname ( Oid  roleid,
const text parameter,
AclMode  priv 
)
static

Definition at line 4596 of file acl.c.

4597{
4598 char *paramstr = text_to_cstring(parameter);
4599
4600 return pg_parameter_aclcheck(paramstr, roleid, priv) == ACLCHECK_OK;
4601}
AclResult pg_parameter_aclcheck(const char *name, Oid roleid, AclMode mode)
Definition: aclchk.c:4032

References ACLCHECK_OK, pg_parameter_aclcheck(), and text_to_cstring().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ has_parameter_privilege_id_name()

Datum has_parameter_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4639 of file acl.c.

4640{
4641 Oid roleid = PG_GETARG_OID(0);
4642 text *parameter = PG_GETARG_TEXT_PP(1);
4644
4645 PG_RETURN_BOOL(has_param_priv_byname(roleid, parameter, priv));
4646}
static bool has_param_priv_byname(Oid roleid, const text *parameter, AclMode priv)
Definition: acl.c:4596
static AclMode convert_parameter_priv_string(text *priv_text)
Definition: acl.c:4657

References convert_parameter_priv_string(), has_param_priv_byname(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name()

Datum has_parameter_privilege_name ( PG_FUNCTION_ARGS  )

◆ has_parameter_privilege_name_name()

Datum has_parameter_privilege_name_name ( PG_FUNCTION_ARGS  )

◆ has_privs_of_role()

bool has_privs_of_role ( Oid  member,
Oid  role 
)

Definition at line 5268 of file acl.c.

5269{
5270 /* Fast path for simple case */
5271 if (member == role)
5272 return true;
5273
5274 /* Superusers have every privilege, so are part of every role */
5275 if (superuser_arg(member))
5276 return true;
5277
5278 /*
5279 * Find all the roles that member has the privileges of, including
5280 * multi-level recursion, then see if target role is any one of them.
5281 */
5283 InvalidOid, NULL),
5284 role);
5285}
static List * roles_is_member_of(Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
Definition: acl.c:5136
bool list_member_oid(const List *list, Oid datum)
Definition: list.c:722
bool superuser_arg(Oid roleid)
Definition: superuser.c:56

References InvalidOid, list_member_oid(), ROLERECURSE_PRIVS, roles_is_member_of(), and superuser_arg().

Referenced by aclmask(), AlterObjectNamespace_internal(), AlterObjectOwner_internal(), AlterObjectRename_internal(), bbsink_server_new(), calculate_database_size(), calculate_tablespace_size(), check_role_for_policy(), check_role_grantor(), ConfigOptionIsVisible(), convert_and_check_filename(), CreateSubscription(), DoCopy(), DropOwnedObjects(), ExecAlterDefaultPrivilegesStmt(), file_fdw_validator(), GetConfigOptionValues(), InitPostgres(), object_ownercheck(), pg_class_aclmask_ext(), pg_namespace_aclmask_ext(), pg_role_aclcheck(), pg_signal_backend(), pg_stat_get_wal_receiver(), pg_stat_get_wal_senders(), pg_stat_statements_internal(), pgrowlocks(), ReassignOwnedObjects(), ReindexMultipleTables(), shell_check_detail(), standard_ProcessUtility(), and TerminateOtherDBBackends().

◆ has_schema_privilege_id()

Datum has_schema_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3866 of file acl.c.

3867{
3868 Oid schemaoid = PG_GETARG_OID(0);
3869 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3870 Oid roleid;
3871 AclMode mode;
3872 AclResult aclresult;
3873 bool is_missing = false;
3874
3875 roleid = GetUserId();
3876 mode = convert_schema_priv_string(priv_type_text);
3877
3878 aclresult = object_aclcheck_ext(NamespaceRelationId, schemaoid,
3879 roleid, mode,
3880 &is_missing);
3881
3882 if (is_missing)
3884
3885 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3886}
static AclMode convert_schema_priv_string(text *priv_type_text)
Definition: acl.c:3958

References ACLCHECK_OK, convert_schema_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_schema_privilege_id_id()

Datum has_schema_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3917 of file acl.c.

3918{
3919 Oid roleid = PG_GETARG_OID(0);
3920 Oid schemaoid = PG_GETARG_OID(1);
3921 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3922 AclMode mode;
3923 AclResult aclresult;
3924 bool is_missing = false;
3925
3926 mode = convert_schema_priv_string(priv_type_text);
3927
3928 aclresult = object_aclcheck_ext(NamespaceRelationId, schemaoid,
3929 roleid, mode,
3930 &is_missing);
3931
3932 if (is_missing)
3934
3935 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3936}

References ACLCHECK_OK, convert_schema_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_schema_privilege_id_name()

Datum has_schema_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3894 of file acl.c.

3895{
3896 Oid roleid = PG_GETARG_OID(0);
3897 text *schemaname = PG_GETARG_TEXT_PP(1);
3898 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3899 Oid schemaoid;
3900 AclMode mode;
3901 AclResult aclresult;
3902
3903 schemaoid = convert_schema_name(schemaname);
3904 mode = convert_schema_priv_string(priv_type_text);
3905
3906 aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3907
3908 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3909}
static Oid convert_schema_name(text *schemaname)
Definition: acl.c:3946

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name()

Datum has_schema_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3812 of file acl.c.

3813{
3814 text *schemaname = PG_GETARG_TEXT_PP(0);
3815 text *priv_type_text = PG_GETARG_TEXT_PP(1);
3816 Oid roleid;
3817 Oid schemaoid;
3818 AclMode mode;
3819 AclResult aclresult;
3820
3821 roleid = GetUserId();
3822 schemaoid = convert_schema_name(schemaname);
3823 mode = convert_schema_priv_string(priv_type_text);
3824
3825 aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3826
3827 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3828}

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name_id()

Datum has_schema_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3836 of file acl.c.

3837{
3839 Oid schemaoid = PG_GETARG_OID(1);
3840 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3841 Oid roleid;
3842 AclMode mode;
3843 AclResult aclresult;
3844 bool is_missing = false;
3845
3847 mode = convert_schema_priv_string(priv_type_text);
3848
3849 aclresult = object_aclcheck_ext(NamespaceRelationId, schemaoid,
3850 roleid, mode,
3851 &is_missing);
3852
3853 if (is_missing)
3855
3856 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3857}

References ACLCHECK_OK, convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_schema_privilege_name_name()

Datum has_schema_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3786 of file acl.c.

3787{
3789 text *schemaname = PG_GETARG_TEXT_PP(1);
3790 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3791 Oid roleid;
3792 Oid schemaoid;
3793 AclMode mode;
3794 AclResult aclresult;
3795
3797 schemaoid = convert_schema_name(schemaname);
3798 mode = convert_schema_priv_string(priv_type_text);
3799
3800 aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3801
3802 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3803}

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_sequence_privilege_id()

Datum has_sequence_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2186 of file acl.c.

2187{
2188 Oid sequenceoid = PG_GETARG_OID(0);
2189 text *priv_type_text = PG_GETARG_TEXT_PP(1);
2190 Oid roleid;
2191 AclMode mode;
2192 AclResult aclresult;
2193 char relkind;
2194 bool is_missing = false;
2195
2196 roleid = GetUserId();
2197 mode = convert_sequence_priv_string(priv_type_text);
2198 relkind = get_rel_relkind(sequenceoid);
2199 if (relkind == '\0')
2201 else if (relkind != RELKIND_SEQUENCE)
2202 ereport(ERROR,
2203 (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2204 errmsg("\"%s\" is not a sequence",
2205 get_rel_name(sequenceoid))));
2206
2207 aclresult = pg_class_aclcheck_ext(sequenceoid, roleid, mode, &is_missing);
2208
2209 if (is_missing)
2211
2212 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2213}
static AclMode convert_sequence_priv_string(text *priv_type_text)
Definition: acl.c:2282
char get_rel_relkind(Oid relid)
Definition: lsyscache.c:2030

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_id()

Datum has_sequence_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2249 of file acl.c.

2250{
2251 Oid roleid = PG_GETARG_OID(0);
2252 Oid sequenceoid = PG_GETARG_OID(1);
2253 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2254 AclMode mode;
2255 AclResult aclresult;
2256 char relkind;
2257 bool is_missing = false;
2258
2259 mode = convert_sequence_priv_string(priv_type_text);
2260 relkind = get_rel_relkind(sequenceoid);
2261 if (relkind == '\0')
2263 else if (relkind != RELKIND_SEQUENCE)
2264 ereport(ERROR,
2265 (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2266 errmsg("\"%s\" is not a sequence",
2267 get_rel_name(sequenceoid))));
2268
2269 aclresult = pg_class_aclcheck_ext(sequenceoid, roleid, mode, &is_missing);
2270
2271 if (is_missing)
2273
2274 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2275}

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_name()

Datum has_sequence_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2221 of file acl.c.

2222{
2223 Oid roleid = PG_GETARG_OID(0);
2224 text *sequencename = PG_GETARG_TEXT_PP(1);
2225 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2226 Oid sequenceoid;
2227 AclMode mode;
2228 AclResult aclresult;
2229
2230 mode = convert_sequence_priv_string(priv_type_text);
2231 sequenceoid = convert_table_name(sequencename);
2232 if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2233 ereport(ERROR,
2234 (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2235 errmsg("\"%s\" is not a sequence",
2236 text_to_cstring(sequencename))));
2237
2238 aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2239
2240 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2241}

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name()

Datum has_sequence_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2120 of file acl.c.

2121{
2122 text *sequencename = PG_GETARG_TEXT_PP(0);
2123 text *priv_type_text = PG_GETARG_TEXT_PP(1);
2124 Oid roleid;
2125 Oid sequenceoid;
2126 AclMode mode;
2127 AclResult aclresult;
2128
2129 roleid = GetUserId();
2130 mode = convert_sequence_priv_string(priv_type_text);
2131 sequenceoid = convert_table_name(sequencename);
2132 if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2133 ereport(ERROR,
2134 (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2135 errmsg("\"%s\" is not a sequence",
2136 text_to_cstring(sequencename))));
2137
2138 aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2139
2140 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2141}

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name_id()

Datum has_sequence_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2149 of file acl.c.

2150{
2152 Oid sequenceoid = PG_GETARG_OID(1);
2153 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2154 Oid roleid;
2155 AclMode mode;
2156 AclResult aclresult;
2157 char relkind;
2158 bool is_missing = false;
2159
2161 mode = convert_sequence_priv_string(priv_type_text);
2162 relkind = get_rel_relkind(sequenceoid);
2163 if (relkind == '\0')
2165 else if (relkind != RELKIND_SEQUENCE)
2166 ereport(ERROR,
2167 (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2168 errmsg("\"%s\" is not a sequence",
2169 get_rel_name(sequenceoid))));
2170
2171 aclresult = pg_class_aclcheck_ext(sequenceoid, roleid, mode, &is_missing);
2172
2173 if (is_missing)
2175
2176 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2177}

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_sequence_privilege_name_name()

Datum has_sequence_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2089 of file acl.c.

2090{
2091 Name rolename = PG_GETARG_NAME(0);
2092 text *sequencename = PG_GETARG_TEXT_PP(1);
2093 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2094 Oid roleid;
2095 Oid sequenceoid;
2096 AclMode mode;
2097 AclResult aclresult;
2098
2099 roleid = get_role_oid_or_public(NameStr(*rolename));
2100 mode = convert_sequence_priv_string(priv_type_text);
2101 sequenceoid = convert_table_name(sequencename);
2102 if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2103 ereport(ERROR,
2104 (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2105 errmsg("\"%s\" is not a sequence",
2106 text_to_cstring(sequencename))));
2107
2108 aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2109
2110 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2111}

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_server_privilege_id()

Datum has_server_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4068 of file acl.c.

4069{
4070 Oid serverid = PG_GETARG_OID(0);
4071 text *priv_type_text = PG_GETARG_TEXT_PP(1);
4072 Oid roleid;
4073 AclMode mode;
4074 AclResult aclresult;
4075 bool is_missing = false;
4076
4077 roleid = GetUserId();
4078 mode = convert_server_priv_string(priv_type_text);
4079
4080 aclresult = object_aclcheck_ext(ForeignServerRelationId, serverid,
4081 roleid, mode,
4082 &is_missing);
4083
4084 if (is_missing)
4086
4087 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4088}
static AclMode convert_server_priv_string(text *priv_type_text)
Definition: acl.c:4160

References ACLCHECK_OK, convert_server_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_server_privilege_id_id()

Datum has_server_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4119 of file acl.c.

4120{
4121 Oid roleid = PG_GETARG_OID(0);
4122 Oid serverid = PG_GETARG_OID(1);
4123 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4124 AclMode mode;
4125 AclResult aclresult;
4126 bool is_missing = false;
4127
4128 mode = convert_server_priv_string(priv_type_text);
4129
4130 aclresult = object_aclcheck_ext(ForeignServerRelationId, serverid,
4131 roleid, mode,
4132 &is_missing);
4133
4134 if (is_missing)
4136
4137 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4138}

References ACLCHECK_OK, convert_server_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_server_privilege_id_name()

Datum has_server_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4096 of file acl.c.

4097{
4098 Oid roleid = PG_GETARG_OID(0);
4099 text *servername = PG_GETARG_TEXT_PP(1);
4100 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4101 Oid serverid;
4102 AclMode mode;
4103 AclResult aclresult;
4104
4105 serverid = convert_server_name(servername);
4106 mode = convert_server_priv_string(priv_type_text);
4107
4108 aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4109
4110 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4111}
static Oid convert_server_name(text *servername)
Definition: acl.c:4148

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name()

Datum has_server_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4014 of file acl.c.

4015{
4016 text *servername = PG_GETARG_TEXT_PP(0);
4017 text *priv_type_text = PG_GETARG_TEXT_PP(1);
4018 Oid roleid;
4019 Oid serverid;
4020 AclMode mode;
4021 AclResult aclresult;
4022
4023 roleid = GetUserId();
4024 serverid = convert_server_name(servername);
4025 mode = convert_server_priv_string(priv_type_text);
4026
4027 aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4028
4029 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4030}

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name_id()

Datum has_server_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 4038 of file acl.c.

4039{
4041 Oid serverid = PG_GETARG_OID(1);
4042 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4043 Oid roleid;
4044 AclMode mode;
4045 AclResult aclresult;
4046 bool is_missing = false;
4047
4049 mode = convert_server_priv_string(priv_type_text);
4050
4051 aclresult = object_aclcheck_ext(ForeignServerRelationId, serverid,
4052 roleid, mode,
4053 &is_missing);
4054
4055 if (is_missing)
4057
4058 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4059}

References ACLCHECK_OK, convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_server_privilege_name_name()

Datum has_server_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3988 of file acl.c.

3989{
3991 text *servername = PG_GETARG_TEXT_PP(1);
3992 text *priv_type_text = PG_GETARG_TEXT_PP(2);
3993 Oid roleid;
3994 Oid serverid;
3995 AclMode mode;
3996 AclResult aclresult;
3997
3999 serverid = convert_server_name(servername);
4000 mode = convert_server_priv_string(priv_type_text);
4001
4002 aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4003
4004 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4005}

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_table_privilege_id()

Datum has_table_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 1956 of file acl.c.

1957{
1958 Oid tableoid = PG_GETARG_OID(0);
1959 text *priv_type_text = PG_GETARG_TEXT_PP(1);
1960 Oid roleid;
1961 AclMode mode;
1962 AclResult aclresult;
1963 bool is_missing = false;
1964
1965 roleid = GetUserId();
1966 mode = convert_table_priv_string(priv_type_text);
1967
1968 aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
1969
1970 if (is_missing)
1972
1973 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1974}
static AclMode convert_table_priv_string(text *priv_type_text)
Definition: acl.c:2047

References ACLCHECK_OK, convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_table_privilege_id_id()

Datum has_table_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2005 of file acl.c.

2006{
2007 Oid roleid = PG_GETARG_OID(0);
2008 Oid tableoid = PG_GETARG_OID(1);
2009 text *priv_type_text = PG_GETARG_TEXT_PP(2);
2010 AclMode mode;
2011 AclResult aclresult;
2012 bool is_missing = false;
2013
2014 mode = convert_table_priv_string(priv_type_text);
2015
2016 aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2017
2018 if (is_missing)
2020
2021 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2022}

References ACLCHECK_OK, convert_table_priv_string(), mode, pg_class_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_table_privilege_id_name()

Datum has_table_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 1982 of file acl.c.

1983{
1984 Oid roleid = PG_GETARG_OID(0);
1985 text *tablename = PG_GETARG_TEXT_PP(1);
1986 text *priv_type_text = PG_GETARG_TEXT_PP(2);
1987 Oid tableoid;
1988 AclMode mode;
1989 AclResult aclresult;
1990
1991 tableoid = convert_table_name(tablename);
1992 mode = convert_table_priv_string(priv_type_text);
1993
1994 aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1995
1996 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1997}

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name()

Datum has_table_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 1904 of file acl.c.

1905{
1906 text *tablename = PG_GETARG_TEXT_PP(0);
1907 text *priv_type_text = PG_GETARG_TEXT_PP(1);
1908 Oid roleid;
1909 Oid tableoid;
1910 AclMode mode;
1911 AclResult aclresult;
1912
1913 roleid = GetUserId();
1914 tableoid = convert_table_name(tablename);
1915 mode = convert_table_priv_string(priv_type_text);
1916
1917 aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1918
1919 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1920}

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name_id()

Datum has_table_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 1928 of file acl.c.

1929{
1931 Oid tableoid = PG_GETARG_OID(1);
1932 text *priv_type_text = PG_GETARG_TEXT_PP(2);
1933 Oid roleid;
1934 AclMode mode;
1935 AclResult aclresult;
1936 bool is_missing = false;
1937
1939 mode = convert_table_priv_string(priv_type_text);
1940
1941 aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
1942
1943 if (is_missing)
1945
1946 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1947}

References ACLCHECK_OK, convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_table_privilege_name_name()

Datum has_table_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 1878 of file acl.c.

1879{
1880 Name rolename = PG_GETARG_NAME(0);
1881 text *tablename = PG_GETARG_TEXT_PP(1);
1882 text *priv_type_text = PG_GETARG_TEXT_PP(2);
1883 Oid roleid;
1884 Oid tableoid;
1885 AclMode mode;
1886 AclResult aclresult;
1887
1888 roleid = get_role_oid_or_public(NameStr(*rolename));
1889 tableoid = convert_table_name(tablename);
1890 mode = convert_table_priv_string(priv_type_text);
1891
1892 aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1893
1894 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1895}

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_id()

Datum has_tablespace_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4268 of file acl.c.

4269{
4270 Oid tablespaceoid = PG_GETARG_OID(0);
4271 text *priv_type_text = PG_GETARG_TEXT_PP(1);
4272 Oid roleid;
4273 AclMode mode;
4274 AclResult aclresult;
4275 bool is_missing = false;
4276
4277 roleid = GetUserId();
4278 mode = convert_tablespace_priv_string(priv_type_text);
4279
4280 aclresult = object_aclcheck_ext(TableSpaceRelationId, tablespaceoid,
4281 roleid, mode,
4282 &is_missing);
4283
4284 if (is_missing)
4286
4287 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4288}
static AclMode convert_tablespace_priv_string(text *priv_type_text)
Definition: acl.c:4360

References ACLCHECK_OK, convert_tablespace_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_tablespace_privilege_id_id()

Datum has_tablespace_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4319 of file acl.c.

4320{
4321 Oid roleid = PG_GETARG_OID(0);
4322 Oid tablespaceoid = PG_GETARG_OID(1);
4323 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4324 AclMode mode;
4325 AclResult aclresult;
4326 bool is_missing = false;
4327
4328 mode = convert_tablespace_priv_string(priv_type_text);
4329
4330 aclresult = object_aclcheck_ext(TableSpaceRelationId, tablespaceoid,
4331 roleid, mode,
4332 &is_missing);
4333
4334 if (is_missing)
4336
4337 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4338}

References ACLCHECK_OK, convert_tablespace_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_tablespace_privilege_id_name()

Datum has_tablespace_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4296 of file acl.c.

4297{
4298 Oid roleid = PG_GETARG_OID(0);
4299 text *tablespacename = PG_GETARG_TEXT_PP(1);
4300 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4301 Oid tablespaceoid;
4302 AclMode mode;
4303 AclResult aclresult;
4304
4305 tablespaceoid = convert_tablespace_name(tablespacename);
4306 mode = convert_tablespace_priv_string(priv_type_text);
4307
4308 aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4309
4310 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4311}
static Oid convert_tablespace_name(text *tablespacename)
Definition: acl.c:4348

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_name()

Datum has_tablespace_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4214 of file acl.c.

4215{
4216 text *tablespacename = PG_GETARG_TEXT_PP(0);
4217 text *priv_type_text = PG_GETARG_TEXT_PP(1);
4218 Oid roleid;
4219 Oid tablespaceoid;
4220 AclMode mode;
4221 AclResult aclresult;
4222
4223 roleid = GetUserId();
4224 tablespaceoid = convert_tablespace_name(tablespacename);
4225 mode = convert_tablespace_priv_string(priv_type_text);
4226
4227 aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4228
4229 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4230}

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_name_id()

Datum has_tablespace_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 4238 of file acl.c.

4239{
4241 Oid tablespaceoid = PG_GETARG_OID(1);
4242 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4243 Oid roleid;
4244 AclMode mode;
4245 AclResult aclresult;
4246 bool is_missing = false;
4247
4249 mode = convert_tablespace_priv_string(priv_type_text);
4250
4251 aclresult = object_aclcheck_ext(TableSpaceRelationId, tablespaceoid,
4252 roleid, mode,
4253 &is_missing);
4254
4255 if (is_missing)
4257
4258 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4259}

References ACLCHECK_OK, convert_tablespace_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck_ext(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_tablespace_privilege_name_name()

Datum has_tablespace_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 4188 of file acl.c.

4189{
4191 text *tablespacename = PG_GETARG_TEXT_PP(1);
4192 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4193 Oid roleid;
4194 Oid tablespaceoid;
4195 AclMode mode;
4196 AclResult aclresult;
4197
4199 tablespaceoid = convert_tablespace_name(tablespacename);
4200 mode = convert_tablespace_priv_string(priv_type_text);
4201
4202 aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4203
4204 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4205}

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_type_privilege_id()

Datum has_type_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4467 of file acl.c.

4468{
4469 Oid typeoid = PG_GETARG_OID(0);
4470 text *priv_type_text = PG_GETARG_TEXT_PP(1);
4471 Oid roleid;
4472 AclMode mode;
4473 AclResult aclresult;
4474 bool is_missing = false;
4475
4476 roleid = GetUserId();
4477 mode = convert_type_priv_string(priv_type_text);
4478
4479 aclresult = object_aclcheck_ext(TypeRelationId, typeoid,
4480 roleid, mode,
4481 &is_missing);
4482
4483 if (is_missing)
4485
4486 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4487}
static AclMode convert_type_priv_string(text *priv_type_text)
Definition: acl.c:4568

References ACLCHECK_OK, convert_type_priv_string(), GetUserId(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_type_privilege_id_id()

Datum has_type_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4518 of file acl.c.

4519{
4520 Oid roleid = PG_GETARG_OID(0);
4521 Oid typeoid = PG_GETARG_OID(1);
4522 text *priv_type_text = PG_GETARG_TEXT_PP(2);
4523 AclMode mode;
4524 AclResult aclresult;
4525 bool is_missing = false;
4526
4527 mode = convert_type_priv_string(priv_type_text);
4528
4529 aclresult = object_aclcheck_ext(TypeRelationId, typeoid,
4530 roleid, mode,
4531 &is_missing);
4532
4533 if (is_missing)
4535
4536 PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4537}

References ACLCHECK_OK, convert_type_priv_string(), mode, object_aclcheck_ext(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_type_privilege_id_name()