PostgreSQL Source Code  git master
Data Structures | Functions | Variables
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_has_privs_of (Oid roleid)
 
static Listroles_is_member_of (Oid roleid)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_privs_role = InvalidOid
 
static Listcached_privs_roles = NIL
 
static Oid cached_member_role = InvalidOid
 
static Listcached_membership_roles = NIL
 

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 419 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

420 {
421  Acl *result_acl;
422 
423  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
424 
425  memcpy(ACL_DAT(result_acl),
426  ACL_DAT(left_acl),
427  ACL_NUM(left_acl) * sizeof(AclItem));
428 
429  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
430  ACL_DAT(right_acl),
431  ACL_NUM(right_acl) * sizeof(AclItem));
432 
433  return result_acl;
434 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:368
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1536 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

1537 {
1538  Acl *acl = PG_GETARG_ACL_P(0);
1539  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1540  AclItem *aidat;
1541  int i,
1542  num;
1543 
1544  check_acl(acl);
1545  num = ACL_NUM(acl);
1546  aidat = ACL_DAT(acl);
1547  for (i = 0; i < num; ++i)
1548  {
1549  if (aip->ai_grantee == aidat[i].ai_grantee &&
1550  aip->ai_grantor == aidat[i].ai_grantor &&
1551  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1552  PG_RETURN_BOOL(true);
1553  }
1554  PG_RETURN_BOOL(false);
1555 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
i
int i
Definition: preproc-comment.c:23
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 399 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

400 {
401  Acl *result_acl;
402 
403  result_acl = allocacl(ACL_NUM(orig_acl));
404 
405  memcpy(ACL_DAT(result_acl),
406  ACL_DAT(orig_acl),
407  ACL_NUM(orig_acl) * sizeof(AclItem));
408 
409  return result_acl;
410 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:368
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 740 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

741 {
742  AclMode world_default;
743  AclMode owner_default;
744  int nacl;
745  Acl *acl;
746  AclItem *aip;
747 
748  switch (objtype)
749  {
750  case OBJECT_COLUMN:
751  /* by default, columns have no extra privileges */
752  world_default = ACL_NO_RIGHTS;
753  owner_default = ACL_NO_RIGHTS;
754  break;
755  case OBJECT_TABLE:
756  world_default = ACL_NO_RIGHTS;
757  owner_default = ACL_ALL_RIGHTS_RELATION;
758  break;
759  case OBJECT_SEQUENCE:
760  world_default = ACL_NO_RIGHTS;
761  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
762  break;
763  case OBJECT_DATABASE:
764  /* for backwards compatibility, grant some rights by default */
765  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
766  owner_default = ACL_ALL_RIGHTS_DATABASE;
767  break;
768  case OBJECT_FUNCTION:
769  /* Grant EXECUTE by default, for now */
770  world_default = ACL_EXECUTE;
771  owner_default = ACL_ALL_RIGHTS_FUNCTION;
772  break;
773  case OBJECT_LANGUAGE:
774  /* Grant USAGE by default, for now */
775  world_default = ACL_USAGE;
776  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
777  break;
778  case OBJECT_LARGEOBJECT:
779  world_default = ACL_NO_RIGHTS;
780  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
781  break;
782  case OBJECT_SCHEMA:
783  world_default = ACL_NO_RIGHTS;
784  owner_default = ACL_ALL_RIGHTS_SCHEMA;
785  break;
786  case OBJECT_TABLESPACE:
787  world_default = ACL_NO_RIGHTS;
788  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
789  break;
790  case OBJECT_FDW:
791  world_default = ACL_NO_RIGHTS;
792  owner_default = ACL_ALL_RIGHTS_FDW;
793  break;
794  case OBJECT_FOREIGN_SERVER:
795  world_default = ACL_NO_RIGHTS;
796  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
797  break;
798  case OBJECT_DOMAIN:
799  case OBJECT_TYPE:
800  world_default = ACL_USAGE;
801  owner_default = ACL_ALL_RIGHTS_TYPE;
802  break;
803  default:
804  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
805  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
806  owner_default = ACL_NO_RIGHTS;
807  break;
808  }
809 
810  nacl = 0;
811  if (world_default != ACL_NO_RIGHTS)
812  nacl++;
813  if (owner_default != ACL_NO_RIGHTS)
814  nacl++;
815 
816  acl = allocacl(nacl);
817  aip = ACL_DAT(acl);
818 
819  if (world_default != ACL_NO_RIGHTS)
820  {
821  aip->ai_grantee = ACL_ID_PUBLIC;
822  aip->ai_grantor = ownerId;
823  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
824  aip++;
825  }
826 
827  /*
828  * Note that the owner's entry shows all ordinary privileges but no grant
829  * options. This is because his grant options come "from the system" and
830  * not from his own efforts. (The SQL spec says that the owner's rights
831  * come from a "_SYSTEM" authid.) However, we do consider that the
832  * owner's ordinary privileges are self-granted; this lets him revoke
833  * them. We implement the owner's grant options without any explicit
834  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
835  * wherever we are testing grant options.
836  */
837  if (owner_default != ACL_NO_RIGHTS)
838  {
839  aip->ai_grantee = ownerId;
840  aip->ai_grantor = ownerId;
841  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
842  }
843 
844  return acl;
845 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_ALL_RIGHTS_FUNCTION
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:162
allocacl
static Acl * allocacl(int n)
Definition: acl.c:368
ACL_ALL_RIGHTS_TABLESPACE
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:166
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_ALL_RIGHTS_LANGUAGE
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:163
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:45
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_ALL_RIGHTS_SCHEMA
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:165
ACL_ALL_RIGHTS_TYPE
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:167
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
ACL_ALL_RIGHTS_SEQUENCE
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:158
AclItem
Definition: acl.h:54
ACL_ALL_RIGHTS_LARGEOBJECT
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:164
ACL_ALL_RIGHTS_DATABASE
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:159
ACL_ALL_RIGHTS_FOREIGN_SERVER
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:161
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
elog
#define elog(elevel,...)
Definition: elog.h:228
ACL_ALL_RIGHTS_RELATION
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:157
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
ACL_ALL_RIGHTS_FDW
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:160
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 853 of file acl.c.

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

854 {
855  char objtypec = PG_GETARG_CHAR(0);
856  Oid owner = PG_GETARG_OID(1);
857  ObjectType objtype = 0;
858 
859  switch (objtypec)
860  {
861  case 'c':
862  objtype = OBJECT_COLUMN;
863  break;
864  case 'r':
865  objtype = OBJECT_TABLE;
866  break;
867  case 's':
868  objtype = OBJECT_SEQUENCE;
869  break;
870  case 'd':
871  objtype = OBJECT_DATABASE;
872  break;
873  case 'f':
874  objtype = OBJECT_FUNCTION;
875  break;
876  case 'l':
877  objtype = OBJECT_LANGUAGE;
878  break;
879  case 'L':
880  objtype = OBJECT_LARGEOBJECT;
881  break;
882  case 'n':
883  objtype = OBJECT_SCHEMA;
884  break;
885  case 't':
886  objtype = OBJECT_TABLESPACE;
887  break;
888  case 'F':
889  objtype = OBJECT_FDW;
890  break;
891  case 'S':
892  objtype = OBJECT_FOREIGN_SERVER;
893  break;
894  case 'T':
895  objtype = OBJECT_TYPE;
896  break;
897  default:
898  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
899  }
900 
901  PG_RETURN_ACL_P(acldefault(objtype, owner));
902 }
PG_RETURN_ACL_P
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
acldefault
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:740
Oid
unsigned int Oid
Definition: postgres_ext.h:31
ERROR
#define ERROR
Definition: elog.h:45
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
ObjectType
ObjectType
Definition: parsenodes.h:1717
elog
#define elog(elevel,...)
Definition: elog.h:228
PG_GETARG_CHAR
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 501 of file acl.c.

References ACL_DAT, and ACL_NUM.

Referenced by get_user_default_acl(), and SetDefaultACL().

502 {
503  /* Check for cases where one or both are empty/null */
504  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
505  {
506  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
507  return true;
508  else
509  return false;
510  }
511  else
512  {
513  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
514  return false;
515  }
516 
517  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
518  return false;
519 
520  if (memcmp(ACL_DAT(left_acl),
521  ACL_DAT(right_acl),
522  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
523  return true;
524 
525  return false;
526 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1729 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

1730 {
1731  Acl *acl = PG_GETARG_ACL_P(0);
1732  FuncCallContext *funcctx;
1733  int *idx;
1734  AclItem *aidat;
1735 
1736  if (SRF_IS_FIRSTCALL())
1737  {
1738  TupleDesc tupdesc;
1739  MemoryContext oldcontext;
1740 
1741  check_acl(acl);
1742 
1743  funcctx = SRF_FIRSTCALL_INIT();
1744  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1745 
1746  /*
1747  * build tupdesc for result tuples (matches out parameters in pg_proc
1748  * entry)
1749  */
1750  tupdesc = CreateTemplateTupleDesc(4);
1751  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1752  OIDOID, -1, 0);
1753  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1754  OIDOID, -1, 0);
1755  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1756  TEXTOID, -1, 0);
1757  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1758  BOOLOID, -1, 0);
1759 
1760  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1761 
1762  /* allocate memory for user context */
1763  idx = (int *) palloc(sizeof(int[2]));
1764  idx[0] = 0; /* ACL array item index */
1765  idx[1] = -1; /* privilege type counter */
1766  funcctx->user_fctx = (void *) idx;
1767 
1768  MemoryContextSwitchTo(oldcontext);
1769  }
1770 
1771  funcctx = SRF_PERCALL_SETUP();
1772  idx = (int *) funcctx->user_fctx;
1773  aidat = ACL_DAT(acl);
1774 
1775  /* need test here in case acl has no items */
1776  while (idx[0] < ACL_NUM(acl))
1777  {
1778  AclItem *aidata;
1779  AclMode priv_bit;
1780 
1781  idx[1]++;
1782  if (idx[1] == N_ACL_RIGHTS)
1783  {
1784  idx[1] = 0;
1785  idx[0]++;
1786  if (idx[0] >= ACL_NUM(acl)) /* done */
1787  break;
1788  }
1789  aidata = &aidat[idx[0]];
1790  priv_bit = 1 << idx[1];
1791 
1792  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1793  {
1794  Datum result;
1795  Datum values[4];
1796  bool nulls[4];
1797  HeapTuple tuple;
1798 
1799  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1800  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1801  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1802  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1803 
1804  MemSet(nulls, 0, sizeof(nulls));
1805 
1806  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1807  result = HeapTupleGetDatum(tuple);
1808 
1809  SRF_RETURN_NEXT(funcctx, result);
1810  }
1811  }
1812 
1813  SRF_RETURN_DONE(funcctx);
1814 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
convert_aclright_to_string
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1679
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
CreateTemplateTupleDesc
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:44
SRF_IS_FIRSTCALL
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:294
MemoryContextSwitchTo
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
MemSet
#define MemSet(start, val, len)
Definition: c.h:996
idx
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
heap_form_tuple
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
SRF_PERCALL_SETUP
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:298
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
FuncCallContext::tuple_desc
TupleDesc tuple_desc
Definition: funcapi.h:112
SRF_RETURN_NEXT
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:300
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
BlessTupleDesc
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2052
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
TupleDescInitEntry
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:603
Datum
uintptr_t Datum
Definition: postgres.h:367
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
BoolGetDatum
#define BoolGetDatum(X)
Definition: postgres.h:402
AclItem
Definition: acl.h:54
FuncCallContext::multi_call_memory_ctx
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
HeapTupleGetDatum
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:221
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
values
static Datum values[MAXATTR]
Definition: bootstrap.c:165
FuncCallContext::user_fctx
void * user_fctx
Definition: funcapi.h:82
palloc
void * palloc(Size size)
Definition: mcxt.c:950
CStringGetTextDatum
#define CStringGetTextDatum(s)
Definition: builtins.h:82
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532
SRF_RETURN_DONE
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:318
SRF_FIRSTCALL_INIT
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:296

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1516 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1517 {
1518  ereport(ERROR,
1519  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1520  errmsg("aclinsert is no longer supported")));
1521 
1522  PG_RETURN_NULL(); /* keep compiler quiet */
1523 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
ERROR
#define ERROR
Definition: elog.h:45
ereport
#define ereport(elevel,...)
Definition: elog.h:155
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 685 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

686 {
687  AclItem *a1 = PG_GETARG_ACLITEM_P(0);
688  AclItem *a2 = PG_GETARG_ACLITEM_P(1);
689  bool result;
690 
691  result = a1->ai_privs == a2->ai_privs &&
692  a1->ai_grantee == a2->ai_grantee &&
693  a1->ai_grantor == a2->ai_grantor;
694  PG_RETURN_BOOL(result);
695 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
a2
static const FormData_pg_attribute a2
Definition: heap.c:165
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
AclItem
Definition: acl.h:54
a1
static const FormData_pg_attribute a1
Definition: heap.c:151

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 650 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

651 {
652  return a1->ai_grantee == a2->ai_grantee &&
653  a1->ai_grantor == a2->ai_grantor;
654 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 661 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

662 {
663  const AclItem *a1 = (const AclItem *) arg1;
664  const AclItem *a2 = (const AclItem *) arg2;
665 
666  if (a1->ai_grantee > a2->ai_grantee)
667  return 1;
668  if (a1->ai_grantee < a2->ai_grantee)
669  return -1;
670  if (a1->ai_grantor > a2->ai_grantor)
671  return 1;
672  if (a1->ai_grantor < a2->ai_grantor)
673  return -1;
674  if (a1->ai_privs > a2->ai_privs)
675  return 1;
676  if (a1->ai_privs < a2->ai_privs)
677  return -1;
678  return 0;
679 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
a2
static const FormData_pg_attribute a2
Definition: heap.c:165
AclItem
Definition: acl.h:54
a1
static const FormData_pg_attribute a1
Definition: heap.c:151

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 557 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

558 {
559  const char *s = PG_GETARG_CSTRING(0);
560  AclItem *aip;
561 
562  aip = (AclItem *) palloc(sizeof(AclItem));
563  s = aclparse(s, aip);
564  while (isspace((unsigned char) *s))
565  ++s;
566  if (*s)
567  ereport(ERROR,
568  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
569  errmsg("extra garbage at the end of the ACL specification")));
570 
571  PG_RETURN_ACLITEM_P(aip);
572 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
ERROR
#define ERROR
Definition: elog.h:45
aclparse
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:238
ereport
#define ereport(elevel,...)
Definition: elog.h:155
AclItem
Definition: acl.h:54
PG_RETURN_ACLITEM_P
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
palloc
void * palloc(Size size)
Definition: mcxt.c:950
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
PG_GETARG_CSTRING
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 583 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

584 {
585  AclItem *aip = PG_GETARG_ACLITEM_P(0);
586  char *p;
587  char *out;
588  HeapTuple htup;
589  unsigned i;
590 
591  out = palloc(strlen("=/") +
592  2 * N_ACL_RIGHTS +
593  2 * (2 * NAMEDATALEN + 2) +
594  1);
595 
596  p = out;
597  *p = '\0';
598 
599  if (aip->ai_grantee != ACL_ID_PUBLIC)
600  {
601  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
602  if (HeapTupleIsValid(htup))
603  {
604  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
605  ReleaseSysCache(htup);
606  }
607  else
608  {
609  /* Generate numeric OID if we don't find an entry */
610  sprintf(p, "%u", aip->ai_grantee);
611  }
612  }
613  while (*p)
614  ++p;
615 
616  *p++ = '=';
617 
618  for (i = 0; i < N_ACL_RIGHTS; ++i)
619  {
620  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
621  *p++ = ACL_ALL_RIGHTS_STR[i];
622  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
623  *p++ = '*';
624  }
625 
626  *p++ = '/';
627  *p = '\0';
628 
629  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
630  if (HeapTupleIsValid(htup))
631  {
632  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
633  ReleaseSysCache(htup);
634  }
635  else
636  {
637  /* Generate numeric OID if we don't find an entry */
638  sprintf(p, "%u", aip->ai_grantor);
639  }
640 
641  PG_RETURN_CSTRING(out);
642 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
putid
static void putid(char *p, const char *s)
Definition: acl.c:189
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
rolname
NameData rolname
Definition: pg_authid.h:34
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
sprintf
#define sprintf
Definition: port.h:217
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1127
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1175
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
AclItem
Definition: acl.h:54
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
PG_RETURN_CSTRING
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
palloc
void * palloc(Size size)
Definition: mcxt.c:950
i
int i
Definition: preproc-comment.c:23
NameStr
#define NameStr(name)
Definition: c.h:669
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 487 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

488 {
489  if (acl != NULL && ACL_NUM(acl) > 1)
490  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
491 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
qsort
#define qsort(a, b, c, d)
Definition: port.h:503
aclitemComparator
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:661

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1312 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

1314 {
1315  AclMode result;
1316  AclMode remaining;
1317  AclItem *aidat;
1318  int i,
1319  num;
1320 
1321  /*
1322  * Null ACL should not happen, since caller should have inserted
1323  * appropriate default
1324  */
1325  if (acl == NULL)
1326  elog(ERROR, "null ACL");
1327 
1328  check_acl(acl);
1329 
1330  /* Quick exit for mask == 0 */
1331  if (mask == 0)
1332  return 0;
1333 
1334  result = 0;
1335 
1336  /* Owner always implicitly has all grant options */
1337  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1338  has_privs_of_role(roleid, ownerId))
1339  {
1340  result = mask & ACLITEM_ALL_GOPTION_BITS;
1341  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1342  return result;
1343  }
1344 
1345  num = ACL_NUM(acl);
1346  aidat = ACL_DAT(acl);
1347 
1348  /*
1349  * Check privileges granted directly to roleid or to public
1350  */
1351  for (i = 0; i < num; i++)
1352  {
1353  AclItem *aidata = &aidat[i];
1354 
1355  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1356  aidata->ai_grantee == roleid)
1357  {
1358  result |= aidata->ai_privs & mask;
1359  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1360  return result;
1361  }
1362  }
1363 
1364  /*
1365  * Check privileges granted indirectly via role memberships. We do this in
1366  * a separate pass to minimize expensive indirect membership tests. In
1367  * particular, it's worth testing whether a given ACL entry grants any
1368  * privileges still of interest before we perform the has_privs_of_role
1369  * test.
1370  */
1371  remaining = mask & ~result;
1372  for (i = 0; i < num; i++)
1373  {
1374  AclItem *aidata = &aidat[i];
1375 
1376  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1377  aidata->ai_grantee == roleid)
1378  continue; /* already checked it */
1379 
1380  if ((aidata->ai_privs & remaining) &&
1381  has_privs_of_role(roleid, aidata->ai_grantee))
1382  {
1383  result |= aidata->ai_privs & mask;
1384  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1385  return result;
1386  remaining = mask & ~result;
1387  }
1388  }
1389 
1390  return result;
1391 }
remaining
int remaining
Definition: informix.c:667
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
has_privs_of_role
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4895
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:45
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
elog
#define elog(elevel,...)
Definition: elog.h:228
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1401 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

1403 {
1404  AclMode result;
1405  AclItem *aidat;
1406  int i,
1407  num;
1408 
1409  /*
1410  * Null ACL should not happen, since caller should have inserted
1411  * appropriate default
1412  */
1413  if (acl == NULL)
1414  elog(ERROR, "null ACL");
1415 
1416  check_acl(acl);
1417 
1418  /* Quick exit for mask == 0 */
1419  if (mask == 0)
1420  return 0;
1421 
1422  result = 0;
1423 
1424  /* Owner always implicitly has all grant options */
1425  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1426  roleid == ownerId)
1427  {
1428  result = mask & ACLITEM_ALL_GOPTION_BITS;
1429  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1430  return result;
1431  }
1432 
1433  num = ACL_NUM(acl);
1434  aidat = ACL_DAT(acl);
1435 
1436  /*
1437  * Check privileges granted directly to roleid (and not to public)
1438  */
1439  for (i = 0; i < num; i++)
1440  {
1441  AclItem *aidata = &aidat[i];
1442 
1443  if (aidata->ai_grantee == roleid)
1444  {
1445  result |= aidata->ai_privs & mask;
1446  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1447  return result;
1448  }
1449  }
1450 
1451  return result;
1452 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:45
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
elog
#define elog(elevel,...)
Definition: elog.h:228
i
int i
Definition: preproc-comment.c:23
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1464 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), recordDependencyOnNewAcl(), and SetDefaultACL().

1465 {
1466  Oid *list;
1467  const AclItem *acldat;
1468  int i,
1469  j;
1470 
1471  if (acl == NULL || ACL_NUM(acl) == 0)
1472  {
1473  *roleids = NULL;
1474  return 0;
1475  }
1476 
1477  check_acl(acl);
1478 
1479  /* Allocate the worst-case space requirement */
1480  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1481  acldat = ACL_DAT(acl);
1482 
1483  /*
1484  * Walk the ACL collecting mentioned RoleIds.
1485  */
1486  j = 0;
1487  for (i = 0; i < ACL_NUM(acl); i++)
1488  {
1489  const AclItem *ai = &acldat[i];
1490 
1491  if (ai->ai_grantee != ACL_ID_PUBLIC)
1492  list[j++] = ai->ai_grantee;
1493  /* grantor is currently never PUBLIC, but let's check anyway */
1494  if (ai->ai_grantor != ACL_ID_PUBLIC)
1495  list[j++] = ai->ai_grantor;
1496  }
1497 
1498  /* Sort the array */
1499  qsort(list, j, sizeof(Oid), oid_cmp);
1500 
1501  /*
1502  * We could repalloc the array down to minimum size, but it's hardly worth
1503  * it since it's only transient memory.
1504  */
1505  *roleids = list;
1506 
1507  /* Remove duplicates from the array */
1508  return qunique(list, j, sizeof(Oid), oid_cmp);
1509 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
Oid
unsigned int Oid
Definition: postgres_ext.h:31
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
oid_cmp
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
qunique
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21
palloc
void * palloc(Size size)
Definition: mcxt.c:950
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
qsort
#define qsort(a, b, c, d)
Definition: port.h:503
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 443 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

444 {
445  Acl *result_acl;
446  AclItem *aip;
447  int i,
448  num;
449 
450  /* Check for cases where one or both are empty/null */
451  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
452  {
453  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
454  return NULL;
455  else
456  return aclcopy(right_acl);
457  }
458  else
459  {
460  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
461  return aclcopy(left_acl);
462  }
463 
464  /* Merge them the hard way, one item at a time */
465  result_acl = aclcopy(left_acl);
466 
467  aip = ACL_DAT(right_acl);
468  num = ACL_NUM(right_acl);
469 
470  for (i = 0; i < num; i++, aip++)
471  {
472  Acl *tmp_acl;
473 
474  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
475  ownerId, DROP_RESTRICT);
476  pfree(result_acl);
477  result_acl = tmp_acl;
478  }
479 
480  return result_acl;
481 }
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:129
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
aclcopy
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:399
i
int i
Definition: preproc-comment.c:23
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:922

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1043 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

1044 {
1045  Acl *new_acl;
1046  AclItem *new_aip;
1047  AclItem *old_aip;
1048  AclItem *dst_aip;
1049  AclItem *src_aip;
1050  AclItem *targ_aip;
1051  bool newpresent = false;
1052  int dst,
1053  src,
1054  targ,
1055  num;
1056 
1057  check_acl(old_acl);
1058 
1059  /*
1060  * Make a copy of the given ACL, substituting new owner ID for old
1061  * wherever it appears as either grantor or grantee. Also note if the new
1062  * owner ID is already present.
1063  */
1064  num = ACL_NUM(old_acl);
1065  old_aip = ACL_DAT(old_acl);
1066  new_acl = allocacl(num);
1067  new_aip = ACL_DAT(new_acl);
1068  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1069  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1070  {
1071  if (dst_aip->ai_grantor == oldOwnerId)
1072  dst_aip->ai_grantor = newOwnerId;
1073  else if (dst_aip->ai_grantor == newOwnerId)
1074  newpresent = true;
1075  if (dst_aip->ai_grantee == oldOwnerId)
1076  dst_aip->ai_grantee = newOwnerId;
1077  else if (dst_aip->ai_grantee == newOwnerId)
1078  newpresent = true;
1079  }
1080 
1081  /*
1082  * If the old ACL contained any references to the new owner, then we may
1083  * now have generated an ACL containing duplicate entries. Find them and
1084  * merge them so that there are not duplicates. (This is relatively
1085  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1086  * be the normal case.)
1087  *
1088  * To simplify deletion of duplicate entries, we temporarily leave them in
1089  * the array but set their privilege masks to zero; when we reach such an
1090  * entry it's just skipped. (Thus, a side effect of this code will be to
1091  * remove privilege-free entries, should there be any in the input.) dst
1092  * is the next output slot, targ is the currently considered input slot
1093  * (always >= dst), and src scans entries to the right of targ looking for
1094  * duplicates. Once an entry has been emitted to dst it is known
1095  * duplicate-free and need not be considered anymore.
1096  */
1097  if (newpresent)
1098  {
1099  dst = 0;
1100  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1101  {
1102  /* ignore if deleted in an earlier pass */
1103  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1104  continue;
1105  /* find and merge any duplicates */
1106  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1107  src++, src_aip++)
1108  {
1109  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1110  continue;
1111  if (aclitem_match(targ_aip, src_aip))
1112  {
1113  ACLITEM_SET_RIGHTS(*targ_aip,
1114  ACLITEM_GET_RIGHTS(*targ_aip) |
1115  ACLITEM_GET_RIGHTS(*src_aip));
1116  /* mark the duplicate deleted */
1117  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1118  }
1119  }
1120  /* and emit to output */
1121  new_aip[dst] = *targ_aip;
1122  dst++;
1123  }
1124  /* Adjust array size to be 'dst' items */
1125  ARR_DIMS(new_acl)[0] = dst;
1126  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1127  }
1128 
1129  return new_acl;
1130 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
allocacl
static Acl * allocacl(int n)
Definition: acl.c:368
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:287
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:650
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 238 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

239 {
240  AclMode privs,
241  goption,
242  read;
243  char name[NAMEDATALEN];
244  char name2[NAMEDATALEN];
245 
246  Assert(s && aip);
247 
248  s = getid(s, name);
249  if (*s != '=')
250  {
251  /* we just read a keyword, not a name */
252  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
253  ereport(ERROR,
254  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
255  errmsg("unrecognized key word: \"%s\"", name),
256  errhint("ACL key word must be \"group\" or \"user\".")));
257  s = getid(s, name); /* move s to the name beyond the keyword */
258  if (name[0] == '\0')
259  ereport(ERROR,
260  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
261  errmsg("missing name"),
262  errhint("A name must follow the \"group\" or \"user\" key word.")));
263  }
264 
265  if (*s != '=')
266  ereport(ERROR,
267  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
268  errmsg("missing \"=\" sign")));
269 
270  privs = goption = ACL_NO_RIGHTS;
271 
272  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
273  {
274  switch (*s)
275  {
276  case '*':
277  goption |= read;
278  break;
279  case ACL_INSERT_CHR:
280  read = ACL_INSERT;
281  break;
282  case ACL_SELECT_CHR:
283  read = ACL_SELECT;
284  break;
285  case ACL_UPDATE_CHR:
286  read = ACL_UPDATE;
287  break;
288  case ACL_DELETE_CHR:
289  read = ACL_DELETE;
290  break;
291  case ACL_TRUNCATE_CHR:
292  read = ACL_TRUNCATE;
293  break;
294  case ACL_REFERENCES_CHR:
295  read = ACL_REFERENCES;
296  break;
297  case ACL_TRIGGER_CHR:
298  read = ACL_TRIGGER;
299  break;
300  case ACL_EXECUTE_CHR:
301  read = ACL_EXECUTE;
302  break;
303  case ACL_USAGE_CHR:
304  read = ACL_USAGE;
305  break;
306  case ACL_CREATE_CHR:
307  read = ACL_CREATE;
308  break;
309  case ACL_CREATE_TEMP_CHR:
310  read = ACL_CREATE_TEMP;
311  break;
312  case ACL_CONNECT_CHR:
313  read = ACL_CONNECT;
314  break;
315  case 'R': /* ignore old RULE privileges */
316  read = 0;
317  break;
318  default:
319  ereport(ERROR,
320  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
321  errmsg("invalid mode character: must be one of \"%s\"",
322  ACL_ALL_RIGHTS_STR)));
323  }
324 
325  privs |= read;
326  }
327 
328  if (name[0] == '\0')
329  aip->ai_grantee = ACL_ID_PUBLIC;
330  else
331  aip->ai_grantee = get_role_oid(name, false);
332 
333  /*
334  * XXX Allow a degree of backward compatibility by defaulting the grantor
335  * to the superuser.
336  */
337  if (*s == '/')
338  {
339  s = getid(s + 1, name2);
340  if (name2[0] == '\0')
341  ereport(ERROR,
342  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
343  errmsg("a name must follow the \"/\" sign")));
344  aip->ai_grantor = get_role_oid(name2, false);
345  }
346  else
347  {
348  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
349  ereport(WARNING,
350  (errcode(ERRCODE_INVALID_GRANTOR),
351  errmsg("defaulting grantor to user ID %u",
352  BOOTSTRAP_SUPERUSERID)));
353  }
354 
355  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
356 
357  return s;
358 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_INSERT_CHR
#define ACL_INSERT_CHR
Definition: acl.h:137
errhint
int errhint(const char *fmt,...)
Definition: elog.c:1162
ACL_CONNECT_CHR
#define ACL_CONNECT_CHR
Definition: acl.h:148
ACL_DELETE_CHR
#define ACL_DELETE_CHR
Definition: acl.h:140
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5178
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ACL_CREATE_TEMP_CHR
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
ERROR
#define ERROR
Definition: elog.h:45
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
getid
static const char * getid(const char *s, char *n)
Definition: acl.c:137
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_TRUNCATE_CHR
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
ACL_REFERENCES_CHR
#define ACL_REFERENCES_CHR
Definition: acl.h:142
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
WARNING
#define WARNING
Definition: elog.h:40
ACL_SELECT_CHR
#define ACL_SELECT_CHR
Definition: acl.h:138
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:151
ACL_USAGE_CHR
#define ACL_USAGE_CHR
Definition: acl.h:145
ereport
#define ereport(elevel,...)
Definition: elog.h:155
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
Assert
#define Assert(condition)
Definition: c.h:792
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_UPDATE_CHR
#define ACL_UPDATE_CHR
Definition: acl.h:139
name
const char * name
Definition: encode.c:515
ACL_TRIGGER_CHR
#define ACL_TRIGGER_CHR
Definition: acl.h:143
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
read
#define read(a, b, c)
Definition: win32.h:13
ACL_EXECUTE_CHR
#define ACL_EXECUTE_CHR
Definition: acl.h:144
ACL_CREATE_CHR
#define ACL_CREATE_CHR
Definition: acl.h:146
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1526 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1527 {
1528  ereport(ERROR,
1529  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1530  errmsg("aclremove is no longer supported")));
1531 
1532  PG_RETURN_NULL(); /* keep compiler quiet */
1533 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
ERROR
#define ERROR
Definition: elog.h:45
ereport
#define ereport(elevel,...)
Definition: elog.h:155
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 922 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

924 {
925  Acl *new_acl = NULL;
926  AclItem *old_aip,
927  *new_aip = NULL;
928  AclMode old_rights,
929  old_goptions,
930  new_rights,
931  new_goptions;
932  int dst,
933  num;
934 
935  /* Caller probably already checked old_acl, but be safe */
936  check_acl(old_acl);
937 
938  /* If granting grant options, check for circularity */
939  if (modechg != ACL_MODECHG_DEL &&
940  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
941  check_circularity(old_acl, mod_aip, ownerId);
942 
943  num = ACL_NUM(old_acl);
944  old_aip = ACL_DAT(old_acl);
945 
946  /*
947  * Search the ACL for an existing entry for this grantee and grantor. If
948  * one exists, just modify the entry in-place (well, in the same position,
949  * since we actually return a copy); otherwise, insert the new entry at
950  * the end.
951  */
952 
953  for (dst = 0; dst < num; ++dst)
954  {
955  if (aclitem_match(mod_aip, old_aip + dst))
956  {
957  /* found a match, so modify existing item */
958  new_acl = allocacl(num);
959  new_aip = ACL_DAT(new_acl);
960  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
961  break;
962  }
963  }
964 
965  if (dst == num)
966  {
967  /* need to append a new item */
968  new_acl = allocacl(num + 1);
969  new_aip = ACL_DAT(new_acl);
970  memcpy(new_aip, old_aip, num * sizeof(AclItem));
971 
972  /* initialize the new entry with no permissions */
973  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
974  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
975  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
976  ACL_NO_RIGHTS, ACL_NO_RIGHTS);
977  num++; /* set num to the size of new_acl */
978  }
979 
980  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
981  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
982 
983  /* apply the specified permissions change */
984  switch (modechg)
985  {
986  case ACL_MODECHG_ADD:
987  ACLITEM_SET_RIGHTS(new_aip[dst],
988  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
989  break;
990  case ACL_MODECHG_DEL:
991  ACLITEM_SET_RIGHTS(new_aip[dst],
992  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
993  break;
994  case ACL_MODECHG_EQL:
995  ACLITEM_SET_RIGHTS(new_aip[dst],
996  ACLITEM_GET_RIGHTS(*mod_aip));
997  break;
998  }
999 
1000  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1001  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1002 
1003  /*
1004  * If the adjusted entry has no permissions, delete it from the list.
1005  */
1006  if (new_rights == ACL_NO_RIGHTS)
1007  {
1008  memmove(new_aip + dst,
1009  new_aip + dst + 1,
1010  (num - dst - 1) * sizeof(AclItem));
1011  /* Adjust array size to be 'num - 1' items */
1012  ARR_DIMS(new_acl)[0] = num - 1;
1013  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1014  }
1015 
1016  /*
1017  * Remove abandoned privileges (cascading revoke). Currently we can only
1018  * handle this when the grantee is not PUBLIC.
1019  */
1020  if ((old_goptions & ~new_goptions) != 0)
1021  {
1022  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1023  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1024  (old_goptions & ~new_goptions),
1025  ownerId, behavior);
1026  }
1027 
1028  return new_acl;
1029 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACL_MODECHG_EQL
#define ACL_MODECHG_EQL
Definition: acl.h:131
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
allocacl
static Acl * allocacl(int n)
Definition: acl.c:368
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:130
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:111
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclMode
uint32 AclMode
Definition: parsenodes.h:72
check_circularity
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1146
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:287
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:129
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
AclItem
Definition: acl.h:54
Assert
#define Assert(condition)
Definition: c.h:792
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:650
recursive_revoke
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1226
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 368 of file acl.c.

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

369 {
370  Acl *new_acl;
371  Size size;
372 
373  if (n < 0)
374  elog(ERROR, "invalid size: %d", n);
375  size = ACL_N_SIZE(n);
376  new_acl = (Acl *) palloc0(size);
377  SET_VARSIZE(new_acl, size);
378  new_acl->ndim = 1;
379  new_acl->dataoffset = 0; /* we never put in any nulls */
380  new_acl->elemtype = ACLITEMOID;
381  ARR_LBOUND(new_acl)[0] = 1;
382  ARR_DIMS(new_acl)[0] = n;
383  return new_acl;
384 }
ArrayType::dataoffset
int32 dataoffset
Definition: array.h:89
ARR_LBOUND
#define ARR_LBOUND(a)
Definition: array.h:289
ERROR
#define ERROR
Definition: elog.h:45
ArrayType::elemtype
Oid elemtype
Definition: array.h:90
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:287
palloc0
void * palloc0(Size size)
Definition: mcxt.c:981
Size
size_t Size
Definition: c.h:528
elog
#define elog(elevel,...)
Definition: elog.h:228
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:329
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:110
ArrayType::ndim
int ndim
Definition: array.h:88

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 532 of file acl.c.

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

533 {
534  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
535  ereport(ERROR,
536  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
537  errmsg("ACL array contains wrong data type")));
538  if (ARR_NDIM(acl) != 1)
539  ereport(ERROR,
540  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
541  errmsg("ACL arrays must be one-dimensional")));
542  if (ARR_HASNULL(acl))
543  ereport(ERROR,
544  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
545  errmsg("ACL arrays must not contain null values")));
546 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
ERROR
#define ERROR
Definition: elog.h:45
ARR_HASNULL
#define ARR_HASNULL(a)
Definition: array.h:284
ereport
#define ereport(elevel,...)
Definition: elog.h:155
ARR_NDIM
#define ARR_NDIM(a)
Definition: array.h:283
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
ARR_ELEMTYPE
#define ARR_ELEMTYPE(a)
Definition: array.h:285

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1146 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

1148 {
1149  Acl *acl;
1150  AclItem *aip;
1151  int i,
1152  num;
1153  AclMode own_privs;
1154 
1155  check_acl(old_acl);
1156 
1157  /*
1158  * For now, grant options can only be granted to roles, not PUBLIC.
1159  * Otherwise we'd have to work a bit harder here.
1160  */
1161  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1162 
1163  /* The owner always has grant options, no need to check */
1164  if (mod_aip->ai_grantor == ownerId)
1165  return;
1166 
1167  /* Make a working copy */
1168  acl = allocacl(ACL_NUM(old_acl));
1169  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1170 
1171  /* Zap all grant options of target grantee, plus what depends on 'em */
1172 cc_restart:
1173  num = ACL_NUM(acl);
1174  aip = ACL_DAT(acl);
1175  for (i = 0; i < num; i++)
1176  {
1177  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1178  ACLITEM_GET_GOPTIONS(aip[i]) != ACL_NO_RIGHTS)
1179  {
1180  Acl *new_acl;
1181 
1182  /* We'll actually zap ordinary privs too, but no matter */
1183  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1184  ownerId, DROP_CASCADE);
1185 
1186  pfree(acl);
1187  acl = new_acl;
1188 
1189  goto cc_restart;
1190  }
1191  }
1192 
1193  /* Now we can compute grantor's independently-derived privileges */
1194  own_privs = aclmask(acl,
1195  mod_aip->ai_grantor,
1196  ownerId,
1197  ACL_GRANT_OPTION_FOR(ACLITEM_GET_GOPTIONS(*mod_aip)),
1198  ACLMASK_ALL);
1199  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1200 
1201  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1202  ereport(ERROR,
1203  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1204  errmsg("grant options cannot be granted back to your own grantor")));
1205 
1206  pfree(acl);
1207 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:56
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
allocacl
static Acl * allocacl(int n)
Definition: acl.c:368
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:130
aclmask
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1312
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:111
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:57
AclMode
uint32 AclMode
Definition: parsenodes.h:72
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ERROR
#define ERROR
Definition: elog.h:45
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:108
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:109
ereport
#define ereport(elevel,...)
Definition: elog.h:155
AclItem
Definition: acl.h:54
ACL_OPTION_TO_PRIVS
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
Assert
#define Assert(condition)
Definition: c.h:792
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:922
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:532

◆ check_is_member_of_role()

void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 4941 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

4942 {
4943  if (!is_member_of_role(member, role))
4944  ereport(ERROR,
4945  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4946  errmsg("must be member of role \"%s\"",
4947  GetUserNameFromId(role, false))));
4948 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
member
Oid member
Definition: pg_auth_members.h:33
ERROR
#define ERROR
Definition: elog.h:45
ereport
#define ereport(elevel,...)
Definition: elog.h:155
is_member_of_role
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4919
GetUserNameFromId
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:891
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5319 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

5320 {
5321  if (!role)
5322  return;
5323 
5324  if (role->roletype != ROLESPEC_CSTRING)
5325  return;
5326 
5327  if (IsReservedName(role->rolename))
5328  {
5329  if (detail_msg)
5330  ereport(ERROR,
5331  (errcode(ERRCODE_RESERVED_NAME),
5332  errmsg("role name \"%s\" is reserved",
5333  role->rolename),
5334  errdetail("%s", detail_msg)));
5335  else
5336  ereport(ERROR,
5337  (errcode(ERRCODE_RESERVED_NAME),
5338  errmsg("role name \"%s\" is reserved",
5339  role->rolename)));
5340  }
5341 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
IsReservedName
bool IsReservedName(const char *name)
Definition: catalog.c:210
ERROR
#define ERROR
Definition: elog.h:45
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:1048
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:328
ereport
#define ereport(elevel,...)
Definition: elog.h:155
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:329
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2449 of file acl.c.

References ACLCHECK_OK, ATTNUM, GETSTRUCT, HeapTupleIsValid, Int16GetDatum, InvalidAttrNumber, ObjectIdGetDatum, pg_attribute_aclcheck(), pg_class_aclcheck(), ReleaseSysCache(), RELOID, SearchSysCache2(), and SearchSysCacheExists1.

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2451 {
2452  AclResult aclresult;
2453  HeapTuple attTuple;
2454  Form_pg_attribute attributeForm;
2455 
2456  /*
2457  * If convert_column_name failed, we can just return -1 immediately.
2458  */
2459  if (attnum == InvalidAttrNumber)
2460  return -1;
2461 
2462  /*
2463  * First check if we have the privilege at the table level. We check
2464  * existence of the pg_class row before risking calling pg_class_aclcheck.
2465  * Note: it might seem there's a race condition against concurrent DROP,
2466  * but really it's safe because there will be no syscache flush between
2467  * here and there. So if we see the row in the syscache, so will
2468  * pg_class_aclcheck.
2469  */
2470  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2471  return -1;
2472 
2473  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2474 
2475  if (aclresult == ACLCHECK_OK)
2476  return true;
2477 
2478  /*
2479  * No table privilege, so try per-column privileges. Again, we have to
2480  * check for dropped attribute first, and we rely on the syscache not to
2481  * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
2482  */
2483  attTuple = SearchSysCache2(ATTNUM,
2484  ObjectIdGetDatum(tableoid),
2485  Int16GetDatum(attnum));
2486  if (!HeapTupleIsValid(attTuple))
2487  return -1;
2488  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2489  if (attributeForm->attisdropped)
2490  {
2491  ReleaseSysCache(attTuple);
2492  return -1;
2493  }
2494  ReleaseSysCache(attTuple);
2495 
2496  aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
2497 
2498  return (aclresult == ACLCHECK_OK);
2499 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
pg_attribute_aclcheck
AclResult pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: aclchk.c:4449
Int16GetDatum
#define Int16GetDatum(X)
Definition: postgres.h:451
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:193
AclResult
AclResult
Definition: acl.h:177
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1175
attnum
int16 attnum
Definition: pg_attribute.h:79
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
SearchSysCache2
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1138
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1679 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

1680 {
1681  switch (aclright)
1682  {
1683  case ACL_INSERT:
1684  return "INSERT";
1685  case ACL_SELECT:
1686  return "SELECT";
1687  case ACL_UPDATE:
1688  return "UPDATE";
1689  case ACL_DELETE:
1690  return "DELETE";
1691  case ACL_TRUNCATE:
1692  return "TRUNCATE";
1693  case ACL_REFERENCES:
1694  return "REFERENCES";
1695  case ACL_TRIGGER:
1696  return "TRIGGER";
1697  case ACL_EXECUTE:
1698  return "EXECUTE";
1699  case ACL_USAGE:
1700  return "USAGE";
1701  case ACL_CREATE:
1702  return "CREATE";
1703  case ACL_CREATE_TEMP:
1704  return "TEMPORARY";
1705  case ACL_CONNECT:
1706  return "CONNECT";
1707  default:
1708  elog(ERROR, "unrecognized aclright: %d", aclright);
1709  return NULL;
1710  }
1711 }
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
ERROR
#define ERROR
Definition: elog.h:45
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
elog
#define elog(elevel,...)
Definition: elog.h:228
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1631 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

1633 {
1634  AclMode result = 0;
1635  char *priv_type = text_to_cstring(priv_type_text);
1636  char *chunk;
1637  char *next_chunk;
1638 
1639  /* We rely on priv_type being a private, modifiable string */
1640  for (chunk = priv_type; chunk; chunk = next_chunk)
1641  {
1642  int chunk_len;
1643  const priv_map *this_priv;
1644 
1645  /* Split string at commas */
1646  next_chunk = strchr(chunk, ',');
1647  if (next_chunk)
1648  *next_chunk++ = '\0';
1649 
1650  /* Drop leading/trailing whitespace in this chunk */
1651  while (*chunk && isspace((unsigned char) *chunk))
1652  chunk++;
1653  chunk_len = strlen(chunk);
1654  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1655  chunk_len--;
1656  chunk[chunk_len] = '\0';
1657 
1658  /* Match to the privileges list */
1659  for (this_priv = privileges; this_priv->name; this_priv++)
1660  {
1661  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1662  {
1663  result |= this_priv->value;
1664  break;
1665  }
1666  }
1667  if (!this_priv->name)
1668  ereport(ERROR,
1669  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1670  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1671  }
1672 
1673  pfree(priv_type);
1674  return result;
1675 }
priv_map
Definition: acl.c:44
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
priv_map::name
const char * name
Definition: acl.c:46
AclMode
uint32 AclMode
Definition: parsenodes.h:72
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ERROR
#define ERROR
Definition: elog.h:45
priv_map::value
AclMode value
Definition: acl.c:47
ereport
#define ereport(elevel,...)
Definition: elog.h:155
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2827 of file acl.c.

References ATTNAME, attnum, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum, pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

2828 {
2829  char *colname;
2830  HeapTuple attTuple;
2831  AttrNumber attnum;
2832 
2833  colname = text_to_cstring(column);
2834 
2835  /*
2836  * We don't use get_attnum() here because it will report that dropped
2837  * columns don't exist. We need to treat dropped columns differently from
2838  * nonexistent columns.
2839  */
2840  attTuple = SearchSysCache2(ATTNAME,
2841  ObjectIdGetDatum(tableoid),
2842  CStringGetDatum(colname));
2843  if (HeapTupleIsValid(attTuple))
2844  {
2845  Form_pg_attribute attributeForm;
2846 
2847  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2848  /* We want to return NULL for dropped columns */
2849  if (attributeForm->attisdropped)
2850  attnum = InvalidAttrNumber;
2851  else
2852  attnum = attributeForm->attnum;
2853  ReleaseSysCache(attTuple);
2854  }
2855  else
2856  {
2857  char *tablename = get_rel_name(tableoid);
2858 
2859  /*
2860  * If the table OID is bogus, or it's just been dropped, we'll get
2861  * NULL back. In such cases we want has_column_privilege to return
2862  * NULL too, so just return InvalidAttrNumber.
2863  */
2864  if (tablename != NULL)
2865  {
2866  /* tableoid exists, colname does not, so throw error */
2867  ereport(ERROR,
2868  (errcode(ERRCODE_UNDEFINED_COLUMN),
2869  errmsg("column \"%s\" of relation \"%s\" does not exist",
2870  colname, tablename)));
2871  }
2872  /* tableoid doesn't exist, so act like attisdropped case */
2873  attnum = InvalidAttrNumber;
2874  }
2875 
2876  pfree(colname);
2877  return attnum;
2878 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
pfree
void pfree(void *pointer)
Definition: mcxt.c:1057
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
ERROR
#define ERROR
Definition: elog.h:45
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:193
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1175
attnum
int16 attnum
Definition: pg_attribute.h:79
ereport
#define ereport(elevel,...)
Definition: elog.h:155
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
SearchSysCache2
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1138
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
get_rel_name
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1872
AttrNumber
int16 AttrNumber
Definition: attnum.h:21

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2885 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2886 {
2887  static const priv_map column_priv_map[] = {
2888  {"SELECT", ACL_SELECT},
2889  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2890  {"INSERT", ACL_INSERT},
2891  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2892  {"UPDATE", ACL_UPDATE},
2893  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2894  {"REFERENCES", ACL_REFERENCES},
2895  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2896  {NULL, 0}
2897  };
2898 
2899  return convert_any_priv_string(priv_type_text, column_priv_map);
2900 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3070 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

3071 {
3072  char *dbname = text_to_cstring(databasename);
3073 
3074  return get_database_oid(dbname, false);
3075 }
get_database_oid
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2108
dbname
char * dbname
Definition: streamutil.c:51
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3082 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

3083 {
3084  static const priv_map database_priv_map[] = {
3085  {"CREATE", ACL_CREATE},
3086  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3087  {"TEMPORARY", ACL_CREATE_TEMP},
3088  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3089  {"TEMP", ACL_CREATE_TEMP},
3090  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3091  {"CONNECT", ACL_CONNECT},
3092  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3093  {NULL, 0}
3094  };
3095 
3096  return convert_any_priv_string(priv_type_text, database_priv_map);
3097 
3098 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3268 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

3269 {
3270  char *fdwstr = text_to_cstring(fdwname);
3271 
3272  return get_foreign_data_wrapper_oid(fdwstr, false);
3273 }
get_foreign_data_wrapper_oid
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:691
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3280 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

3281 {
3282  static const priv_map foreign_data_wrapper_priv_map[] = {
3283  {"USAGE", ACL_USAGE},
3284  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3285  {NULL, 0}
3286  };
3287 
3288  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3289 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3459 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

3460 {
3461  char *funcname = text_to_cstring(functionname);
3462  Oid oid;
3463 
3464  oid = DatumGetObjectId(DirectFunctionCall1(regprocedurein,
3465  CStringGetDatum(funcname)));
3466 
3467  if (!OidIsValid(oid))
3468  ereport(ERROR,
3469  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3470  errmsg("function \"%s\" does not exist", funcname)));
3471 
3472  return oid;
3473 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:500
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:626
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:698
ERROR
#define ERROR
Definition: elog.h:45
regprocedurein
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:230
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
ereport
#define ereport(elevel,...)
Definition: elog.h:155
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3480 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

3481 {
3482  static const priv_map function_priv_map[] = {
3483  {"EXECUTE", ACL_EXECUTE},
3484  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3485  {NULL, 0}
3486  };
3487 
3488  return convert_any_priv_string(priv_type_text, function_priv_map);
3489 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3659 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

3660 {
3661  char *langname = text_to_cstring(languagename);
3662 
3663  return get_language_oid(langname, false);
3664 }
get_language_oid
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:228
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3671 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

3672 {
3673  static const priv_map language_priv_map[] = {
3674  {"USAGE", ACL_USAGE},
3675  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3676  {NULL, 0}
3677  };
3678 
3679  return convert_any_priv_string(priv_type_text, language_priv_map);
3680 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_priv_string()

static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1581 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

1582 {
1583  char *priv_type = text_to_cstring(priv_type_text);
1584 
1585  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1586  return ACL_SELECT;
1587  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1588  return ACL_INSERT;
1589  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1590  return ACL_UPDATE;
1591  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1592  return ACL_DELETE;
1593  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1594  return ACL_TRUNCATE;
1595  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1596  return ACL_REFERENCES;
1597  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1598  return ACL_TRIGGER;
1599  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1600  return ACL_EXECUTE;
1601  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1602  return ACL_USAGE;
1603  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1604  return ACL_CREATE;
1605  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1606  return ACL_CREATE_TEMP;
1607  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1608  return ACL_CREATE_TEMP;
1609  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1610  return ACL_CONNECT;
1611  if (pg_strcasecmp(priv_type, "RULE") == 0)
1612  return 0; /* ignore old RULE privileges */
1613 
1614  ereport(ERROR,
1615  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1616  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1617  return ACL_NO_RIGHTS; /* keep compiler quiet */
1618 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
ERROR
#define ERROR
Definition: elog.h:45
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ereport
#define ereport(elevel,...)
Definition: elog.h:155
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4622 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

4623 {
4624  static const priv_map role_priv_map[] = {
4625  {"USAGE", ACL_USAGE},
4626  {"MEMBER", ACL_CREATE},
4627  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4628  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4629  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4630  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4631  {NULL, 0}
4632  };
4633 
4634  return convert_any_priv_string(priv_type_text, role_priv_map);
4635 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3850 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

3851 {
3852  char *nspname = text_to_cstring(schemaname);
3853 
3854  return get_namespace_oid(nspname, false);
3855 }
get_namespace_oid
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3042
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3862 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

3863 {
3864  static const priv_map schema_priv_map[] = {
3865  {"CREATE", ACL_CREATE},
3866  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3867  {"USAGE", ACL_USAGE},
3868  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3869  {NULL, 0}
3870  };
3871 
3872  return convert_any_priv_string(priv_type_text, schema_priv_map);
3873 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2224 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

2225 {
2226  static const priv_map sequence_priv_map[] = {
2227  {"USAGE", ACL_USAGE},
2228  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2229  {"SELECT", ACL_SELECT},
2230  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2231  {"UPDATE", ACL_UPDATE},
2232  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2233  {NULL, 0}
2234  };
2235 
2236  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2237 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4043 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

4044 {
4045  char *serverstr = text_to_cstring(servername);
4046 
4047  return get_foreign_server_oid(serverstr, false);
4048 }
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
get_foreign_server_oid
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:714

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4055 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

4056 {
4057  static const priv_map server_priv_map[] = {
4058  {"USAGE", ACL_USAGE},
4059  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4060  {NULL, 0}
4061  };
4062 
4063  return convert_any_priv_string(priv_type_text, server_priv_map);
4064 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

Definition at line 1986 of file acl.c.

References makeRangeVarFromNameList(), NoLock, RangeVarGetRelid, and textToQualifiedNameList().

Referenced by has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_name(), has_table_privilege_id_name(), has_table_privilege_name(), and has_table_privilege_name_name().

1987 {
1988  RangeVar *relrv;
1989 
1990  relrv = makeRangeVarFromNameList(textToQualifiedNameList(tablename));
1991 
1992  /* We might not even have permissions on this relation; don't lock it. */
1993  return RangeVarGetRelid(relrv, NoLock, false);
1994 }
RangeVarGetRelid
#define RangeVarGetRelid(relation, lockmode, missing_ok)
Definition: namespace.h:78
makeRangeVarFromNameList
RangeVar * makeRangeVarFromNameList(List *names)
Definition: namespace.c:3061
NoLock
#define NoLock
Definition: lockdefs.h:34
textToQualifiedNameList
List * textToQualifiedNameList(text *textval)
Definition: varlena.c:3683

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2001 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

2002 {
2003  static const priv_map table_priv_map[] = {
2004  {"SELECT", ACL_SELECT},
2005  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2006  {"INSERT", ACL_INSERT},
2007  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2008  {"UPDATE", ACL_UPDATE},
2009  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2010  {"DELETE", ACL_DELETE},
2011  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2012  {"TRUNCATE", ACL_TRUNCATE},
2013  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2014  {"REFERENCES", ACL_REFERENCES},
2015  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2016  {"TRIGGER", ACL_TRIGGER},
2017  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2018  {"RULE", 0}, /* ignore old RULE privileges */
2019  {"RULE WITH GRANT OPTION", 0},
2020  {NULL, 0}
2021  };
2022 
2023  return convert_any_priv_string(priv_type_text, table_priv_map);
2024 }
priv_map
Definition: acl.c:44
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4234 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

4235 {
4236  char *spcname = text_to_cstring(tablespacename);
4237 
4238  return get_tablespace_oid(spcname, false);
4239 }
get_tablespace_oid
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1433
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4246 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

4247 {
4248  static const priv_map tablespace_priv_map[] = {
4249  {"CREATE", ACL_CREATE},
4250  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4251  {NULL, 0}
4252  };
4253 
4254  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4255 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4424 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

4425 {
4426  char *typname = text_to_cstring(typename);
4427  Oid oid;
4428 
4429  oid = DatumGetObjectId(DirectFunctionCall1(regtypein,
4430  CStringGetDatum(typname)));
4431 
4432  if (!OidIsValid(oid))
4433  ereport(ERROR,
4434  (errcode(ERRCODE_UNDEFINED_OBJECT),
4435  errmsg("type \"%s\" does not exist", typname)));
4436 
4437  return oid;
4438 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:500
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:626
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:698
ERROR
#define ERROR
Definition: elog.h:45
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
typname
NameData typname
Definition: pg_type.h:41
regtypein
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1250
ereport
#define ereport(elevel,...)
Definition: elog.h:155
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:222
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4445 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

4446 {
4447  static const priv_map type_priv_map[] = {
4448  {"USAGE", ACL_USAGE},
4449  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4450  {NULL, 0}
4451  };
4452 
4453  return convert_any_priv_string(priv_type_text, type_priv_map);
4454 }
priv_map
Definition: acl.c:44
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1631
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5063 of file acl.c.

Referenced by select_best_grantor().

5064 {
5065  int nbits = 0;
5066 
5067  /* this code relies on AclMode being an unsigned type */
5068  while (mask)
5069  {
5070  if (mask & 1)
5071  nbits++;
5072  mask >>= 1;
5073  }
5074  return nbits;
5075 }

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5178 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

5179 {
5180  Oid oid;
5181 
5182  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5183  CStringGetDatum(rolname));
5184  if (!OidIsValid(oid) && !missing_ok)
5185  ereport(ERROR,
5186  (errcode(ERRCODE_UNDEFINED_OBJECT),
5187  errmsg("role \"%s\" does not exist", rolname)));
5188  return oid;
5189 }
rolname
NameData rolname
Definition: pg_authid.h:34
GetSysCacheOid1
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:193
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:698
ERROR
#define ERROR
Definition: elog.h:45
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
ereport
#define ereport(elevel,...)
Definition: elog.h:155
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915

◆ get_role_oid_or_public()

Oid get_role_oid_or_public ( const char *  rolname)

Definition at line 5196 of file acl.c.

References ACL_ID_PUBLIC, and get_role_oid().

Referenced by has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_database_privilege_name_id(), has_database_privilege_name_name(), has_foreign_data_wrapper_privilege_name_id(), has_foreign_data_wrapper_privilege_name_name(), has_function_privilege_name_id(), has_function_privilege_name_name(), has_language_privilege_name_id(), has_language_privilege_name_name(), has_schema_privilege_name_id(), has_schema_privilege_name_name(), has_sequence_privilege_name_id(), has_sequence_privilege_name_name(), has_server_privilege_name_id(), has_server_privilege_name_name(), has_table_privilege_name_id(), has_table_privilege_name_name(), has_tablespace_privilege_name_id(), has_tablespace_privilege_name_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

5197 {
5198  if (strcmp(rolname, "public") == 0)
5199  return ACL_ID_PUBLIC;
5200 
5201  return get_role_oid(rolname, false);
5202 }
rolname
NameData rolname
Definition: pg_authid.h:34
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5178
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:46

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5297 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

5298 {
5299  HeapTuple tp;
5300  Form_pg_authid authForm;
5301  char *rolename;
5302 
5303  tp = get_rolespec_tuple(role);
5304  authForm = (Form_pg_authid) GETSTRUCT(tp);
5305  rolename = pstrdup(NameStr(authForm->rolname));
5306  ReleaseSysCache(tp);
5307 
5308  return rolename;
5309 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:655
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1187
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1175
get_rolespec_tuple
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5251
NameStr
#define NameStr(name)
Definition: c.h:669

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5212 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

5213 {
5214  Oid oid;
5215 
5216  switch (role->roletype)
5217  {
5218  case ROLESPEC_CSTRING:
5219  Assert(role->rolename);
5220  oid = get_role_oid(role->rolename, missing_ok);
5221  break;
5222 
5223  case ROLESPEC_CURRENT_ROLE:
5224  case ROLESPEC_CURRENT_USER:
5225  oid = GetUserId();
5226  break;
5227 
5228  case ROLESPEC_SESSION_USER:
5229  oid = GetSessionUserId();
5230  break;
5231 
5232  case ROLESPEC_PUBLIC:
5233  ereport(ERROR,
5234  (errcode(ERRCODE_UNDEFINED_OBJECT),
5235  errmsg("role \"%s\" does not exist", "public")));
5236  oid = InvalidOid; /* make compiler happy */
5237  break;
5238 
5239  default:
5240  elog(ERROR, "unexpected role type %d", role->roletype);
5241  }
5242 
5243  return oid;
5244 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
Oid
unsigned int Oid
Definition: postgres_ext.h:31
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:510
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5178
ERROR
#define ERROR
Definition: elog.h:45
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:328
InvalidOid
#define InvalidOid
Definition: postgres_ext.h:36
ereport
#define ereport(elevel,...)
Definition: elog.h:155
Assert
#define Assert(condition)
Definition: c.h:792
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:329
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
elog
#define elog(elevel,...)
Definition: elog.h:228

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5251 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

5252 {
5253  HeapTuple tuple;
5254 
5255  switch (role->roletype)
5256  {
5257  case ROLESPEC_CSTRING:
5258  Assert(role->rolename);
5259  tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
5260  if (!HeapTupleIsValid(tuple))
5261  ereport(ERROR,
5262  (errcode(ERRCODE_UNDEFINED_OBJECT),
5263  errmsg("role \"%s\" does not exist", role->rolename)));
5264  break;
5265 
5266  case ROLESPEC_CURRENT_ROLE:
5267  case ROLESPEC_CURRENT_USER:
5268  tuple = SearchSysCache1(AUTHOID, GetUserId());
5269  if (!HeapTupleIsValid(tuple))
5270  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5271  break;
5272 
5273  case ROLESPEC_SESSION_USER:
5274  tuple = SearchSysCache1(AUTHOID, GetSessionUserId());
5275  if (!HeapTupleIsValid(tuple))
5276  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5277  break;
5278 
5279  case ROLESPEC_PUBLIC:
5280  ereport(ERROR,
5281  (errcode(ERRCODE_UNDEFINED_OBJECT),
5282  errmsg("role \"%s\" does not exist", "public")));
5283  tuple = NULL; /* make compiler happy */
5284  break;
5285 
5286  default:
5287  elog(ERROR, "unexpected role type %d", role->roletype);
5288  }
5289 
5290  return tuple;
5291 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:510
ERROR
#define ERROR
Definition: elog.h:45
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:578
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1127
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:328
ereport
#define ereport(elevel,...)
Definition: elog.h:155
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
Assert
#define Assert(condition)
Definition: c.h:792
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:329
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915
elog
#define elog(elevel,...)
Definition: elog.h:228

◆ getid()

static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 137 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

138 {
139  int len = 0;
140  bool in_quotes = false;
141 
142  Assert(s && n);
143 
144  while (isspace((unsigned char) *s))
145  s++;
146  /* This code had better match what putid() does, below */
147  for (;
148  *s != '\0' &&
149  (isalnum((unsigned char) *s) ||
150  *s == '_' ||
151  *s == '"' ||
152  in_quotes);
153  s++)
154  {
155  if (*s == '"')
156  {
157  /* safe to look at next char (could be '\0' though) */
158  if (*(s + 1) != '"')
159  {
160  in_quotes = !in_quotes;
161  continue;
162  }
163  /* it's an escaped double quote; skip the escaping char */
164  s++;
165  }
166 
167  /* Add the character to the string */
168  if (len >= NAMEDATALEN - 1)
169  ereport(ERROR,
170  (errcode(ERRCODE_NAME_TOO_LONG),
171  errmsg("identifier too long"),
172  errdetail("Identifier must be less than %d characters.",
173  NAMEDATALEN)));
174 
175  n[len++] = *s;
176  }
177  n[len] = '\0';
178  while (isspace((unsigned char) *s))
179  s++;
180  return s;
181 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:704
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
ERROR
#define ERROR
Definition: elog.h:45
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:1048
ereport
#define ereport(elevel,...)
Definition: elog.h:155
Assert
#define Assert(condition)
Definition: c.h:792
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:915

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2346 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2347 {
2348  Oid tableoid = PG_GETARG_OID(0);
2349  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2350  Oid roleid;
2351  AclMode mode;
2352  AclResult aclresult;
2353 
2354  roleid = GetUserId();
2355  mode = convert_column_priv_string(priv_type_text);
2356 
2357  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2358  PG_RETURN_NULL();
2359 
2360  /* First check at table level, then examine each column if needed */
2361  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2362  if (aclresult != ACLCHECK_OK)
2363  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2364  ACLMASK_ANY);
2365 
2366  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2367 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2402 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2403 {
2404  Oid roleid = PG_GETARG_OID(0);
2405  Oid tableoid = PG_GETARG_OID(1);
2406  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2407  AclMode mode;
2408  AclResult aclresult;
2409 
2410  mode = convert_column_priv_string(priv_type_text);
2411 
2412  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2413  PG_RETURN_NULL();
2414 
2415  /* First check at table level, then examine each column if needed */
2416  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2417  if (aclresult != ACLCHECK_OK)
2418  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2419  ACLMASK_ANY);
2420 
2421  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2422 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2375 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2376 {
2377  Oid roleid = PG_GETARG_OID(0);
2378  text *tablename = PG_GETARG_TEXT_PP(1);
2379  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2380  Oid tableoid;
2381  AclMode mode;
2382  AclResult aclresult;
2383 
2384  tableoid = convert_table_name(tablename);
2385  mode = convert_column_priv_string(priv_type_text);
2386 
2387  /* First check at table level, then examine each column if needed */
2388  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2389  if (aclresult != ACLCHECK_OK)
2390  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2391  ACLMASK_ANY);
2392 
2393  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2394 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2287 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2288 {
2289  text *tablename = PG_GETARG_TEXT_PP(0);
2290  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2291  Oid roleid;
2292  Oid tableoid;
2293  AclMode mode;
2294  AclResult aclresult;
2295 
2296  roleid = GetUserId();
2297  tableoid = convert_table_name(tablename);
2298  mode = convert_column_priv_string(priv_type_text);
2299 
2300  /* First check at table level, then examine each column if needed */
2301  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2302  if (aclresult != ACLCHECK_OK)
2303  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2304  ACLMASK_ANY);
2305 
2306  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2307 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2315 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

2316 {
2317  Name username = PG_GETARG_NAME(0);
2318  Oid tableoid = PG_GETARG_OID(1);
2319  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2320  Oid roleid;
2321  AclMode mode;
2322  AclResult aclresult;
2323 
2324  roleid = get_role_oid_or_public(NameStr(*username));
2325  mode = convert_column_priv_string(priv_type_text);
2326 
2327  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2328  PG_RETURN_NULL();
2329 
2330  /* First check at table level, then examine each column if needed */
2331  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2332  if (aclresult != ACLCHECK_OK)
2333  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2334  ACLMASK_ANY);
2335 
2336  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2337 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
nameData
Definition: c.h:663
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
username
static char * username
Definition: initdb.c:134
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2257 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2258 {
2259  Name rolename = PG_GETARG_NAME(0);
2260  text *tablename = PG_GETARG_TEXT_PP(1);
2261  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2262  Oid roleid;
2263  Oid tableoid;
2264  AclMode mode;
2265  AclResult aclresult;
2266 
2267  roleid = get_role_oid_or_public(NameStr(*rolename));
2268  tableoid = convert_table_name(tablename);
2269  mode = convert_column_priv_string(priv_type_text);
2270 
2271  /* First check at table level, then examine each column if needed */
2272  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2273  if (aclresult != ACLCHECK_OK)
2274  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2275  ACLMASK_ANY);
2276 
2277  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2278 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:663
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4478
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4563
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2799 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2800 {
2801  Oid tableoid = PG_GETARG_OID(0);
2802  AttrNumber colattnum = PG_GETARG_INT16(1);
2803  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2804  Oid roleid;
2805  AclMode mode;
2806  int privresult;
2807 
2808  roleid = GetUserId();
2809  mode = convert_column_priv_string(priv_type_text);
2810 
2811  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2812  if (privresult < 0)
2813  PG_RETURN_NULL();
2814  PG_RETURN_BOOL(privresult);
2815 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2692 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2693 {
2694  Oid roleid = PG_GETARG_OID(0);
2695  Oid tableoid = PG_GETARG_OID(1);
2696  AttrNumber colattnum = PG_GETARG_INT16(2);
2697  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2698  AclMode mode;
2699  int privresult;
2700 
2701  mode = convert_column_priv_string(priv_type_text);
2702 
2703  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2704  if (privresult < 0)
2705  PG_RETURN_NULL();
2706  PG_RETURN_BOOL(privresult);
2707 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2667 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2668 {
2669  Oid roleid = PG_GETARG_OID(0);
2670  Oid tableoid = PG_GETARG_OID(1);
2671  text *column = PG_GETARG_TEXT_PP(2);
2672  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2673  AttrNumber colattnum;
2674  AclMode mode;
2675  int privresult;
2676 
2677  colattnum = convert_column_name(tableoid, column);
2678  mode = convert_column_priv_string(priv_type_text);
2679 
2680  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2681  if (privresult < 0)
2682  PG_RETURN_NULL();
2683  PG_RETURN_BOOL(privresult);
2684 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2827
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2772 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2773 {
2774  Oid tableoid = PG_GETARG_OID(0);
2775  text *column = PG_GETARG_TEXT_PP(1);
2776  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2777  Oid roleid;
2778  AttrNumber colattnum;
2779  AclMode mode;
2780  int privresult;
2781 
2782  roleid = GetUserId();
2783  colattnum = convert_column_name(tableoid, column);
2784  mode = convert_column_priv_string(priv_type_text);
2785 
2786  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2787  if (privresult < 0)
2788  PG_RETURN_NULL();
2789  PG_RETURN_BOOL(privresult);
2790 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2827
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2642 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2643 {
2644  Oid roleid = PG_GETARG_OID(0);
2645  text *tablename = PG_GETARG_TEXT_PP(1);
2646  AttrNumber colattnum = PG_GETARG_INT16(2);
2647  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2648  Oid tableoid;
2649  AclMode mode;
2650  int privresult;
2651 
2652  tableoid = convert_table_name(tablename);
2653  mode = convert_column_priv_string(priv_type_text);
2654 
2655  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2656  if (privresult < 0)
2657  PG_RETURN_NULL();
2658  PG_RETURN_BOOL(privresult);
2659 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2615 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2616 {
2617  Oid roleid = PG_GETARG_OID(0);
2618  text *tablename = PG_GETARG_TEXT_PP(1);
2619  text *column = PG_GETARG_TEXT_PP(2);
2620  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2621  Oid tableoid;
2622  AttrNumber colattnum;
2623  AclMode mode;
2624  int privresult;
2625 
2626  tableoid = convert_table_name(tablename);
2627  colattnum = convert_column_name(tableoid, column);
2628  mode = convert_column_priv_string(priv_type_text);
2629 
2630  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2631  if (privresult < 0)
2632  PG_RETURN_NULL();
2633  PG_RETURN_BOOL(privresult);
2634 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2827
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2745 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2746 {
2747  text *tablename = PG_GETARG_TEXT_PP(0);
2748  AttrNumber colattnum = PG_GETARG_INT16(1);
2749  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2750  Oid roleid;
2751  Oid tableoid;
2752  AclMode mode;
2753  int privresult;
2754 
2755  roleid = GetUserId();
2756  tableoid = convert_table_name(tablename);
2757  mode = convert_column_priv_string(priv_type_text);
2758 
2759  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2760  if (privresult < 0)
2761  PG_RETURN_NULL();
2762  PG_RETURN_BOOL(privresult);
2763 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2590 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2591 {
2592  Name username = PG_GETARG_NAME(0);
2593  Oid tableoid = PG_GETARG_OID(1);
2594  AttrNumber colattnum = PG_GETARG_INT16(2);
2595  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2596  Oid roleid;
2597  AclMode mode;
2598  int privresult;
2599 
2600  roleid = get_role_oid_or_public(NameStr(*username));
2601  mode = convert_column_priv_string(priv_type_text);
2602 
2603  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2604  if (privresult < 0)
2605  PG_RETURN_NULL();
2606  PG_RETURN_BOOL(privresult);
2607 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:663
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
username
static char * username
Definition: initdb.c:134
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2563 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2564 {
2565  Name username = PG_GETARG_NAME(0);
2566  Oid tableoid = PG_GETARG_OID(1);
2567  text *column = PG_GETARG_TEXT_PP(2);
2568  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2569  Oid roleid;
2570  AttrNumber colattnum;
2571  AclMode mode;
2572  int privresult;
2573 
2574  roleid = get_role_oid_or_public(NameStr(*username));
2575  colattnum = convert_column_name(tableoid, column);
2576  mode = convert_column_priv_string(priv_type_text);
2577 
2578  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2579  if (privresult < 0)
2580  PG_RETURN_NULL();
2581  PG_RETURN_BOOL(privresult);
2582 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2827
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:663
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
username
static char * username
Definition: initdb.c:134
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2716 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2717 {
2718  text *tablename = PG_GETARG_TEXT_PP(0);
2719  text *column = PG_GETARG_TEXT_PP(1);
2720  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2721  Oid roleid;
2722  Oid tableoid;
2723  AttrNumber colattnum;
2724  AclMode mode;
2725  int privresult;
2726 
2727  roleid = GetUserId();
2728  tableoid = convert_table_name(tablename);
2729  colattnum = convert_column_name(tableoid, column);
2730  mode = convert_column_priv_string(priv_type_text);
2731 
2732  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2733  if (privresult < 0)
2734  PG_RETURN_NULL();
2735  PG_RETURN_BOOL(privresult);
2736 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2827
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2536 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2537 {
2538  Name rolename = PG_GETARG_NAME(0);
2539  text *tablename = PG_GETARG_TEXT_PP(1);
2540  AttrNumber colattnum = PG_GETARG_INT16(2);
2541  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2542  Oid roleid;
2543  Oid tableoid;
2544  AclMode mode;
2545  int privresult;
2546 
2547  roleid = get_role_oid_or_public(NameStr(*rolename));
2548  tableoid = convert_table_name(tablename);
2549  mode = convert_column_priv_string(priv_type_text);
2550 
2551  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2552  if (privresult < 0)
2553  PG_RETURN_NULL();
2554  PG_RETURN_BOOL(privresult);
2555 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:663
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2507 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2508 {
2509  Name rolename = PG_GETARG_NAME(0);
2510  text *tablename = PG_GETARG_TEXT_PP(1);
2511  text *column = PG_GETARG_TEXT_PP(2);
2512  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2513  Oid roleid;
2514  Oid tableoid;
2515  AttrNumber colattnum;
2516  AclMode mode;
2517  int privresult;
2518 
2519  roleid = get_role_oid_or_public(NameStr(*rolename));
2520  tableoid = convert_table_name(tablename);
2521  colattnum = convert_column_name(tableoid, column);
2522  mode = convert_column_priv_string(priv_type_text);
2523 
2524  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2525  if (privresult < 0)
2526  PG_RETURN_NULL();
2527  PG_RETURN_BOOL(privresult);
2528 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2827
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:663
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:1986
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2449
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2885
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2996 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

2997 {
2998  Oid databaseoid = PG_GETARG_OID(0);
2999  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3000  Oid roleid;
3001  AclMode mode;
3002  AclResult aclresult;
3003 
3004  roleid = GetUserId();
3005  mode = convert_database_priv_string(priv_type_text);
3006 
3007  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3008  PG_RETURN_NULL();
3009 
3010  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3011 
3012  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3013 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3082
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:609
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3044 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3045 {
3046  Oid roleid = PG_GETARG_OID(0);
3047  Oid databaseoid = PG_GETARG_OID(1);
3048  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3049  AclMode mode;
3050  AclResult aclresult;
3051 
3052  mode = convert_database_priv_string(priv_type_text);
3053 
3054  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3055  PG_RETURN_NULL();
3056 
3057  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3058 
3059  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3060 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3082
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:609
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3021 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3022 {
3023  Oid roleid = PG_GETARG_OID(0);
3024  text *databasename = PG_GETARG_TEXT_PP(1);
3025  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3026  Oid databaseoid;
3027  AclMode mode;
3028  AclResult aclresult;
3029 
3030  databaseoid = convert_database_name(databasename);
3031  mode = convert_database_priv_string(priv_type_text);
3032 
3033  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3034 
3035  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3036 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3070
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3082
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:609

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2945 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2946 {
2947  text *databasename = PG_GETARG_TEXT_PP(0);
2948  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2949  Oid roleid;
2950  Oid databaseoid;
2951  AclMode mode;
2952  AclResult aclresult;
2953 
2954  roleid = GetUserId();
2955  databaseoid = convert_database_name(databasename);
2956  mode = convert_database_priv_string(priv_type_text);
2957 
2958  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2959 
2960  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2961 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3070
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3082
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
varlena
Definition: c.h:609

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2969 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

2970 {
2971  Name username = PG_GETARG_NAME(0);
2972  Oid databaseoid = PG_GETARG_OID(1);
2973  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2974  Oid roleid;
2975  AclMode mode;
2976  AclResult aclresult;
2977 
2978  roleid = get_role_oid_or_public(NameStr(*username));
2979  mode = convert_database_priv_string(priv_type_text);
2980 
2981  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
2982  PG_RETURN_NULL();
2983 
2984  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2985 
2986  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2987 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
nameData
Definition: c.h:663
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3082
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
username
static char * username
Definition: initdb.c:134
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2919 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

2920 {
2921  Name username = PG_GETARG_NAME(0);
2922  text *databasename = PG_GETARG_TEXT_PP(1);
2923  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2924  Oid roleid;
2925  Oid databaseoid;
2926  AclMode mode;
2927  AclResult aclresult;
2928 
2929  roleid = get_role_oid_or_public(NameStr(*username));
2930  databaseoid = convert_database_name(databasename);
2931  mode = convert_database_priv_string(priv_type_text);
2932 
2933  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2934 
2935  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2936 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:663
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3070
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3082
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
username
static char * username
Definition: initdb.c:134
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4575
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3194 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3195 {
3196  Oid fdwid = PG_GETARG_OID(0);
3197  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3198  Oid roleid;
3199  AclMode mode;
3200  AclResult aclresult;
3201 
3202  roleid = GetUserId();
3203  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3204 
3205  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3206  PG_RETURN_NULL();
3207 
3208  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3209 
3210  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3211 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3280
varlena
Definition: c.h:609
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3242 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3243 {
3244  Oid roleid = PG_GETARG_OID(0);
3245  Oid fdwid = PG_GETARG_OID(1);
3246  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3247  AclMode mode;
3248  AclResult aclresult;
3249 
3250  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3251 
3252  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3253  PG_RETURN_NULL();
3254 
3255  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3256 
3257  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3258 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3280
varlena
Definition: c.h:609
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3219 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3220 {
3221  Oid roleid = PG_GETARG_OID(0);
3222  text *fdwname = PG_GETARG_TEXT_PP(1);
3223  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3224  Oid fdwid;
3225  AclMode mode;
3226  AclResult aclresult;
3227 
3228  fdwid = convert_foreign_data_wrapper_name(fdwname);
3229  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3230 
3231  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3232 
3233  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3234 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3268
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3280
varlena
Definition: c.h:609

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3143 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3144 {
3145  text *fdwname = PG_GETARG_TEXT_PP(0);
3146  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3147  Oid roleid;
3148  Oid fdwid;
3149  AclMode mode;
3150  AclResult aclresult;
3151 
3152  roleid = GetUserId();
3153  fdwid = convert_foreign_data_wrapper_name(fdwname);
3154  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3155 
3156  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3157 
3158  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3159 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:476
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3268
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3280
varlena
Definition: c.h:609

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3167 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

3168 {
3169  Name username = PG_GETARG_NAME(0);
3170  Oid fdwid = PG_GETARG_OID(1);
3171  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3172  Oid roleid;
3173  AclMode mode;
3174  AclResult aclresult;
3175 
3176  roleid = get_role_oid_or_public(NameStr(*username));
3177  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3178 
3179  if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid)))
3180  PG_RETURN_NULL();
3181 
3182  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3183 
3184  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3185 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:184
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
nameData
Definition: c.h:663
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
AclResult
AclResult
Definition: acl.h:177
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
username
static char * username
Definition: initdb.c:134
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3280
NameStr
#define NameStr(name)
Definition: c.h:669
varlena
Definition: c.h:609
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:345
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3117 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3118 {
3119  Name username = PG_GETARG_NAME(0);
3120  text *fdwname = PG_GETARG_TEXT_PP(1);
3121  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3122  Oid roleid;
3123  Oid fdwid;
3124  AclMode mode;
3125  AclResult aclresult;
3126 
3127  roleid = get_role_oid_or_public(NameStr(*username));
3128  fdwid = convert_foreign_data_wrapper_name(fdwname);
3129  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3130 
3131  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3132 
3133  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3134 }
mode
static PgChecksumMode mode
Definition: pg_checksums.c:61
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4650
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3268
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5196
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:663
AclResult
AclResult
Definition: acl.h:177