PostgreSQL Source Code  git master
Data Structures | Functions | Variables
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/hash.h"
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_type.h"
#include "catalog/pg_class.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Functions

static const char * getid (const char *s, char *n)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_priv_string (text *priv_type_text)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static bool has_rolinherit (Oid roleid)
 
static Listroles_has_privs_of (Oid roleid)
 
static Listroles_is_member_of (Oid roleid)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
void check_is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_privs_role = InvalidOid
 
static Listcached_privs_roles = NIL
 
static Oid cached_member_role = InvalidOid
 
static Listcached_membership_roles = NIL
 

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 427 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

428 {
429  Acl *result_acl;
430 
431  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
432 
433  memcpy(ACL_DAT(result_acl),
434  ACL_DAT(left_acl),
435  ACL_NUM(left_acl) * sizeof(AclItem));
436 
437  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
438  ACL_DAT(right_acl),
439  ACL_NUM(right_acl) * sizeof(AclItem));
440 
441  return result_acl;
442 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:376
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1553 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

1554 {
1555  Acl *acl = PG_GETARG_ACL_P(0);
1556  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1557  AclItem *aidat;
1558  int i,
1559  num;
1560 
1561  check_acl(acl);
1562  num = ACL_NUM(acl);
1563  aidat = ACL_DAT(acl);
1564  for (i = 0; i < num; ++i)
1565  {
1566  if (aip->ai_grantee == aidat[i].ai_grantee &&
1567  aip->ai_grantor == aidat[i].ai_grantor &&
1568  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1569  PG_RETURN_BOOL(true);
1570  }
1571  PG_RETURN_BOOL(false);
1572 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:118
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:69
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:123
i
int i
Definition: preproc-comment.c:23
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 407 of file acl.c.

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

408 {
409  Acl *result_acl;
410 
411  result_acl = allocacl(ACL_NUM(orig_acl));
412 
413  memcpy(ACL_DAT(result_acl),
414  ACL_DAT(orig_acl),
415  ACL_NUM(orig_acl) * sizeof(AclItem));
416 
417  return result_acl;
418 }
allocacl
static Acl * allocacl(int n)
Definition: acl.c:376
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 748 of file acl.c.

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), get_user_default_acl(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and SetDefaultACL().

749 {
750  AclMode world_default;
751  AclMode owner_default;
752  int nacl;
753  Acl *acl;
754  AclItem *aip;
755 
756  switch (objtype)
757  {
758  case OBJECT_COLUMN:
759  /* by default, columns have no extra privileges */
760  world_default = ACL_NO_RIGHTS;
761  owner_default = ACL_NO_RIGHTS;
762  break;
763  case OBJECT_TABLE:
764  world_default = ACL_NO_RIGHTS;
765  owner_default = ACL_ALL_RIGHTS_RELATION;
766  break;
767  case OBJECT_SEQUENCE:
768  world_default = ACL_NO_RIGHTS;
769  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
770  break;
771  case OBJECT_DATABASE:
772  /* for backwards compatibility, grant some rights by default */
773  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
774  owner_default = ACL_ALL_RIGHTS_DATABASE;
775  break;
776  case OBJECT_FUNCTION:
777  /* Grant EXECUTE by default, for now */
778  world_default = ACL_EXECUTE;
779  owner_default = ACL_ALL_RIGHTS_FUNCTION;
780  break;
781  case OBJECT_LANGUAGE:
782  /* Grant USAGE by default, for now */
783  world_default = ACL_USAGE;
784  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
785  break;
786  case OBJECT_LARGEOBJECT:
787  world_default = ACL_NO_RIGHTS;
788  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
789  break;
790  case OBJECT_SCHEMA:
791  world_default = ACL_NO_RIGHTS;
792  owner_default = ACL_ALL_RIGHTS_SCHEMA;
793  break;
794  case OBJECT_TABLESPACE:
795  world_default = ACL_NO_RIGHTS;
796  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
797  break;
798  case OBJECT_FDW:
799  world_default = ACL_NO_RIGHTS;
800  owner_default = ACL_ALL_RIGHTS_FDW;
801  break;
802  case OBJECT_FOREIGN_SERVER:
803  world_default = ACL_NO_RIGHTS;
804  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
805  break;
806  case OBJECT_DOMAIN:
807  case OBJECT_TYPE:
808  world_default = ACL_USAGE;
809  owner_default = ACL_ALL_RIGHTS_TYPE;
810  break;
811  default:
812  elog(ERROR, "unrecognized objtype: %d", (int) objtype);
813  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
814  owner_default = ACL_NO_RIGHTS;
815  break;
816  }
817 
818  nacl = 0;
819  if (world_default != ACL_NO_RIGHTS)
820  nacl++;
821  if (owner_default != ACL_NO_RIGHTS)
822  nacl++;
823 
824  acl = allocacl(nacl);
825  aip = ACL_DAT(acl);
826 
827  if (world_default != ACL_NO_RIGHTS)
828  {
829  aip->ai_grantee = ACL_ID_PUBLIC;
830  aip->ai_grantor = ownerId;
831  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
832  aip++;
833  }
834 
835  /*
836  * Note that the owner's entry shows all ordinary privileges but no grant
837  * options. This is because his grant options come "from the system" and
838  * not from his own efforts. (The SQL spec says that the owner's rights
839  * come from a "_SYSTEM" authid.) However, we do consider that the
840  * owner's ordinary privileges are self-granted; this lets him revoke
841  * them. We implement the owner's grant options without any explicit
842  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
843  * wherever we are testing grant options.
844  */
845  if (owner_default != ACL_NO_RIGHTS)
846  {
847  aip->ai_grantee = ownerId;
848  aip->ai_grantor = ownerId;
849  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
850  }
851 
852  return acl;
853 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
ACL_ALL_RIGHTS_FUNCTION
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:163
allocacl
static Acl * allocacl(int n)
Definition: acl.c:376
ACL_ALL_RIGHTS_TABLESPACE
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:167
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
ACL_ALL_RIGHTS_LANGUAGE
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:164
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:43
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_ALL_RIGHTS_SCHEMA
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:166
ACL_ALL_RIGHTS_TYPE
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:168
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
ACL_ALL_RIGHTS_SEQUENCE
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:159
AclItem
Definition: acl.h:55
ACL_ALL_RIGHTS_LARGEOBJECT
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:165
ACL_ALL_RIGHTS_DATABASE
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:160
ACL_ALL_RIGHTS_FOREIGN_SERVER
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:162
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_ALL_RIGHTS_RELATION
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:158
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47
ACL_ALL_RIGHTS_FDW
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:161
elog
#define elog
Definition: elog.h:219
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:83

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 862 of file acl.c.

References acldefault(), elog, ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

863 {
864  char objtypec = PG_GETARG_CHAR(0);
865  Oid owner = PG_GETARG_OID(1);
866  ObjectType objtype = 0;
867 
868  switch (objtypec)
869  {
870  case 'c':
871  objtype = OBJECT_COLUMN;
872  break;
873  case 'r':
874  objtype = OBJECT_TABLE;
875  break;
876  case 's':
877  objtype = OBJECT_SEQUENCE;
878  break;
879  case 'd':
880  objtype = OBJECT_DATABASE;
881  break;
882  case 'f':
883  objtype = OBJECT_FUNCTION;
884  break;
885  case 'l':
886  objtype = OBJECT_LANGUAGE;
887  break;
888  case 'L':
889  objtype = OBJECT_LARGEOBJECT;
890  break;
891  case 'n':
892  objtype = OBJECT_SCHEMA;
893  break;
894  case 't':
895  objtype = OBJECT_TABLESPACE;
896  break;
897  case 'F':
898  objtype = OBJECT_FDW;
899  break;
900  case 'S':
901  objtype = OBJECT_FOREIGN_SERVER;
902  break;
903  case 'T':
904  objtype = OBJECT_TYPE;
905  break;
906  default:
907  elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec);
908  }
909 
910  PG_RETURN_ACL_P(acldefault(objtype, owner));
911 }
PG_RETURN_ACL_P
#define PG_RETURN_ACL_P(x)
Definition: acl.h:125
acldefault
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:748
Oid
unsigned int Oid
Definition: postgres_ext.h:31
ERROR
#define ERROR
Definition: elog.h:43
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
ObjectType
ObjectType
Definition: parsenodes.h:1634
elog
#define elog
Definition: elog.h:219
PG_GETARG_CHAR
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:243

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 509 of file acl.c.

References ACL_DAT, and ACL_NUM.

Referenced by get_user_default_acl(), and SetDefaultACL().

510 {
511  /* Check for cases where one or both are empty/null */
512  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
513  {
514  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
515  return true;
516  else
517  return false;
518  }
519  else
520  {
521  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
522  return false;
523  }
524 
525  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
526  return false;
527 
528  if (memcmp(ACL_DAT(left_acl),
529  ACL_DAT(right_acl),
530  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
531  return true;
532 
533  return false;
534 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1746 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum, check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum, idx(), MemoryContextSwitchTo(), MemSet, FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum, palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

1747 {
1748  Acl *acl = PG_GETARG_ACL_P(0);
1749  FuncCallContext *funcctx;
1750  int *idx;
1751  AclItem *aidat;
1752 
1753  if (SRF_IS_FIRSTCALL())
1754  {
1755  TupleDesc tupdesc;
1756  MemoryContext oldcontext;
1757 
1758  check_acl(acl);
1759 
1760  funcctx = SRF_FIRSTCALL_INIT();
1761  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1762 
1763  /*
1764  * build tupdesc for result tuples (matches out parameters in pg_proc
1765  * entry)
1766  */
1767  tupdesc = CreateTemplateTupleDesc(4, false);
1768  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1769  OIDOID, -1, 0);
1770  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1771  OIDOID, -1, 0);
1772  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1773  TEXTOID, -1, 0);
1774  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1775  BOOLOID, -1, 0);
1776 
1777  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1778 
1779  /* allocate memory for user context */
1780  idx = (int *) palloc(sizeof(int[2]));
1781  idx[0] = 0; /* ACL array item index */
1782  idx[1] = -1; /* privilege type counter */
1783  funcctx->user_fctx = (void *) idx;
1784 
1785  MemoryContextSwitchTo(oldcontext);
1786  }
1787 
1788  funcctx = SRF_PERCALL_SETUP();
1789  idx = (int *) funcctx->user_fctx;
1790  aidat = ACL_DAT(acl);
1791 
1792  /* need test here in case acl has no items */
1793  while (idx[0] < ACL_NUM(acl))
1794  {
1795  AclItem *aidata;
1796  AclMode priv_bit;
1797 
1798  idx[1]++;
1799  if (idx[1] == N_ACL_RIGHTS)
1800  {
1801  idx[1] = 0;
1802  idx[0]++;
1803  if (idx[0] >= ACL_NUM(acl)) /* done */
1804  break;
1805  }
1806  aidata = &aidat[idx[0]];
1807  priv_bit = 1 << idx[1];
1808 
1809  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1810  {
1811  Datum result;
1812  Datum values[4];
1813  bool nulls[4];
1814  HeapTuple tuple;
1815 
1816  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1817  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1818  values[2] = CStringGetTextDatum(convert_aclright_to_string(priv_bit));
1819  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1820 
1821  MemSet(nulls, 0, sizeof(nulls));
1822 
1823  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1824  result = HeapTupleGetDatum(tuple);
1825 
1826  SRF_RETURN_NEXT(funcctx, result);
1827  }
1828  }
1829 
1830  SRF_RETURN_DONE(funcctx);
1831 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
convert_aclright_to_string
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1696
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
SRF_IS_FIRSTCALL
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:294
MemoryContextSwitchTo
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:109
MemSet
#define MemSet(start, val, len)
Definition: c.h:908
idx
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:264
heap_form_tuple
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1074
SRF_PERCALL_SETUP
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:298
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
FuncCallContext::tuple_desc
TupleDesc tuple_desc
Definition: funcapi.h:121
SRF_RETURN_NEXT
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:300
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
BlessTupleDesc
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:1109
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
TupleDescInitEntry
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:600
Datum
uintptr_t Datum
Definition: postgres.h:365
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
BoolGetDatum
#define BoolGetDatum(X)
Definition: postgres.h:385
AclItem
Definition: acl.h:55
FuncCallContext::multi_call_memory_ctx
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:110
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:67
HeapTupleGetDatum
#define HeapTupleGetDatum(tuple)
Definition: funcapi.h:231
CreateTemplateTupleDesc
TupleDesc CreateTemplateTupleDesc(int natts, bool hasoid)
Definition: tupdesc.c:45
PG_GETARG_ACL_P
#define PG_GETARG_ACL_P(n)
Definition: acl.h:123
values
static Datum values[MAXATTR]
Definition: bootstrap.c:164
FuncCallContext::user_fctx
void * user_fctx
Definition: funcapi.h:91
palloc
void * palloc(Size size)
Definition: mcxt.c:924
CStringGetTextDatum
#define CStringGetTextDatum(s)
Definition: builtins.h:95
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540
SRF_RETURN_DONE
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:318
SRF_FIRSTCALL_INIT
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:296

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1533 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1534 {
1535  ereport(ERROR,
1536  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1537  errmsg("aclinsert is no longer supported")));
1538 
1539  PG_RETURN_NULL(); /* keep compiler quiet */
1540 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 693 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, AclItem::ai_privs, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

694 {
695  AclItem *a1 = PG_GETARG_ACLITEM_P(0);
696  AclItem *a2 = PG_GETARG_ACLITEM_P(1);
697  bool result;
698 
699  result = a1->ai_privs == a2->ai_privs &&
700  a1->ai_grantee == a2->ai_grantee &&
701  a1->ai_grantor == a2->ai_grantor;
702  PG_RETURN_BOOL(result);
703 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:118
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:59
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
AclItem
Definition: acl.h:55
a1
static FormData_pg_attribute a1
Definition: heap.c:147
a2
static FormData_pg_attribute a2
Definition: heap.c:153

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 658 of file acl.c.

References AclItem::ai_grantee, and AclItem::ai_grantor.

Referenced by aclnewowner(), and aclupdate().

659 {
660  return a1->ai_grantee == a2->ai_grantee &&
661  a1->ai_grantor == a2->ai_grantor;
662 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 669 of file acl.c.

References a1, a2, AclItem::ai_grantee, AclItem::ai_grantor, and AclItem::ai_privs.

Referenced by aclitemsort().

670 {
671  const AclItem *a1 = (const AclItem *) arg1;
672  const AclItem *a2 = (const AclItem *) arg2;
673 
674  if (a1->ai_grantee > a2->ai_grantee)
675  return 1;
676  if (a1->ai_grantee < a2->ai_grantee)
677  return -1;
678  if (a1->ai_grantor > a2->ai_grantor)
679  return 1;
680  if (a1->ai_grantor < a2->ai_grantor)
681  return -1;
682  if (a1->ai_privs > a2->ai_privs)
683  return 1;
684  if (a1->ai_privs < a2->ai_privs)
685  return -1;
686  return 0;
687 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:59
AclItem
Definition: acl.h:55
a1
static FormData_pg_attribute a1
Definition: heap.c:147
a2
static FormData_pg_attribute a2
Definition: heap.c:153

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 565 of file acl.c.

References aclparse(), ereport, errcode(), errmsg(), ERROR, palloc(), PG_GETARG_CSTRING, and PG_RETURN_ACLITEM_P.

566 {
567  const char *s = PG_GETARG_CSTRING(0);
568  AclItem *aip;
569 
570  aip = (AclItem *) palloc(sizeof(AclItem));
571  s = aclparse(s, aip);
572  while (isspace((unsigned char) *s))
573  ++s;
574  if (*s)
575  ereport(ERROR,
576  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
577  errmsg("extra garbage at the end of the ACL specification")));
578 
579  PG_RETURN_ACLITEM_P(aip);
580 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
aclparse
static const char * aclparse(const char *s, AclItem *aip)
Definition: acl.c:238
AclItem
Definition: acl.h:55
PG_RETURN_ACLITEM_P
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:119
palloc
void * palloc(Size size)
Definition: mcxt.c:924
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
PG_GETARG_CSTRING
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:247

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 591 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum, palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), and SearchSysCache1().

592 {
593  AclItem *aip = PG_GETARG_ACLITEM_P(0);
594  char *p;
595  char *out;
596  HeapTuple htup;
597  unsigned i;
598 
599  out = palloc(strlen("=/") +
600  2 * N_ACL_RIGHTS +
601  2 * (2 * NAMEDATALEN + 2) +
602  1);
603 
604  p = out;
605  *p = '\0';
606 
607  if (aip->ai_grantee != ACL_ID_PUBLIC)
608  {
609  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantee));
610  if (HeapTupleIsValid(htup))
611  {
612  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
613  ReleaseSysCache(htup);
614  }
615  else
616  {
617  /* Generate numeric OID if we don't find an entry */
618  sprintf(p, "%u", aip->ai_grantee);
619  }
620  }
621  while (*p)
622  ++p;
623 
624  *p++ = '=';
625 
626  for (i = 0; i < N_ACL_RIGHTS; ++i)
627  {
628  if (ACLITEM_GET_PRIVS(*aip) & (1 << i))
629  *p++ = ACL_ALL_RIGHTS_STR[i];
630  if (ACLITEM_GET_GOPTIONS(*aip) & (1 << i))
631  *p++ = '*';
632  }
633 
634  *p++ = '/';
635  *p = '\0';
636 
637  htup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(aip->ai_grantor));
638  if (HeapTupleIsValid(htup))
639  {
640  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
641  ReleaseSysCache(htup);
642  }
643  else
644  {
645  /* Generate numeric OID if we don't find an entry */
646  sprintf(p, "%u", aip->ai_grantor);
647  }
648 
649  PG_RETURN_CSTRING(out);
650 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
putid
static void putid(char *p, const char *s)
Definition: acl.c:189
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:673
PG_GETARG_ACLITEM_P
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:118
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:55
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
N_ACL_RIGHTS
#define N_ACL_RIGHTS
Definition: parsenodes.h:87
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1112
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1160
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:152
AclItem
Definition: acl.h:55
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
PG_RETURN_CSTRING
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:327
ACLITEM_GET_PRIVS
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:67
palloc
void * palloc(Size size)
Definition: mcxt.c:924
i
int i
Definition: preproc-comment.c:23
NameStr
#define NameStr(name)
Definition: c.h:576
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 495 of file acl.c.

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

496 {
497  if (acl != NULL && ACL_NUM(acl) > 1)
498  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
499 }
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
qsort
#define qsort(a, b, c, d)
Definition: port.h:421
aclitemComparator
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:669

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1321 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), pg_attribute_aclmask(), pg_class_aclmask(), pg_database_aclmask(), pg_foreign_data_wrapper_aclmask(), pg_foreign_server_aclmask(), pg_language_aclmask(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_proc_aclmask(), pg_tablespace_aclmask(), pg_type_aclmask(), and recursive_revoke().

1323 {
1324  AclMode result;
1325  AclMode remaining;
1326  AclItem *aidat;
1327  int i,
1328  num;
1329 
1330  /*
1331  * Null ACL should not happen, since caller should have inserted
1332  * appropriate default
1333  */
1334  if (acl == NULL)
1335  elog(ERROR, "null ACL");
1336 
1337  check_acl(acl);
1338 
1339  /* Quick exit for mask == 0 */
1340  if (mask == 0)
1341  return 0;
1342 
1343  result = 0;
1344 
1345  /* Owner always implicitly has all grant options */
1346  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1347  has_privs_of_role(roleid, ownerId))
1348  {
1349  result = mask & ACLITEM_ALL_GOPTION_BITS;
1350  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1351  return result;
1352  }
1353 
1354  num = ACL_NUM(acl);
1355  aidat = ACL_DAT(acl);
1356 
1357  /*
1358  * Check privileges granted directly to roleid or to public
1359  */
1360  for (i = 0; i < num; i++)
1361  {
1362  AclItem *aidata = &aidat[i];
1363 
1364  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1365  aidata->ai_grantee == roleid)
1366  {
1367  result |= aidata->ai_privs & mask;
1368  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1369  return result;
1370  }
1371  }
1372 
1373  /*
1374  * Check privileges granted indirectly via role memberships. We do this in
1375  * a separate pass to minimize expensive indirect membership tests. In
1376  * particular, it's worth testing whether a given ACL entry grants any
1377  * privileges still of interest before we perform the has_privs_of_role
1378  * test.
1379  */
1380  remaining = mask & ~result;
1381  for (i = 0; i < num; i++)
1382  {
1383  AclItem *aidata = &aidat[i];
1384 
1385  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1386  aidata->ai_grantee == roleid)
1387  continue; /* already checked it */
1388 
1389  if ((aidata->ai_privs & remaining) &&
1390  has_privs_of_role(roleid, aidata->ai_grantee))
1391  {
1392  result |= aidata->ai_privs & mask;
1393  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1394  return result;
1395  remaining = mask & ~result;
1396  }
1397  }
1398 
1399  return result;
1400 }
remaining
int remaining
Definition: informix.c:692
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:89
has_privs_of_role
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4833
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:59
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:43
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47
elog
#define elog
Definition: elog.h:219
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1410 of file acl.c.

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog, ERROR, and i.

Referenced by select_best_grantor().

1412 {
1413  AclMode result;
1414  AclItem *aidat;
1415  int i,
1416  num;
1417 
1418  /*
1419  * Null ACL should not happen, since caller should have inserted
1420  * appropriate default
1421  */
1422  if (acl == NULL)
1423  elog(ERROR, "null ACL");
1424 
1425  check_acl(acl);
1426 
1427  /* Quick exit for mask == 0 */
1428  if (mask == 0)
1429  return 0;
1430 
1431  result = 0;
1432 
1433  /* Owner always implicitly has all grant options */
1434  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1435  roleid == ownerId)
1436  {
1437  result = mask & ACLITEM_ALL_GOPTION_BITS;
1438  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1439  return result;
1440  }
1441 
1442  num = ACL_NUM(acl);
1443  aidat = ACL_DAT(acl);
1444 
1445  /*
1446  * Check privileges granted directly to roleid (and not to public)
1447  */
1448  for (i = 0; i < num; i++)
1449  {
1450  AclItem *aidata = &aidat[i];
1451 
1452  if (aidata->ai_grantee == roleid)
1453  {
1454  result |= aidata->ai_privs & mask;
1455  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1456  return result;
1457  }
1458  }
1459 
1460  return result;
1461 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
ACLITEM_ALL_GOPTION_BITS
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:89
AclItem::ai_privs
AclMode ai_privs
Definition: acl.h:59
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ERROR
#define ERROR
Definition: elog.h:43
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
i
int i
Definition: preproc-comment.c:23
elog
#define elog
Definition: elog.h:219
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1473 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, sort-test::list, oid_cmp(), palloc(), and qsort.

Referenced by ExecGrant_Attribute(), ExecGrant_Database(), ExecGrant_Fdw(), ExecGrant_ForeignServer(), ExecGrant_Function(), ExecGrant_Language(), ExecGrant_Largeobject(), ExecGrant_Namespace(), ExecGrant_Relation(), ExecGrant_Tablespace(), ExecGrant_Type(), heap_create_with_catalog(), ProcedureCreate(), and SetDefaultACL().

1474 {
1475  Oid *list;
1476  const AclItem *acldat;
1477  int i,
1478  j,
1479  k;
1480 
1481  if (acl == NULL || ACL_NUM(acl) == 0)
1482  {
1483  *roleids = NULL;
1484  return 0;
1485  }
1486 
1487  check_acl(acl);
1488 
1489  /* Allocate the worst-case space requirement */
1490  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1491  acldat = ACL_DAT(acl);
1492 
1493  /*
1494  * Walk the ACL collecting mentioned RoleIds.
1495  */
1496  j = 0;
1497  for (i = 0; i < ACL_NUM(acl); i++)
1498  {
1499  const AclItem *ai = &acldat[i];
1500 
1501  if (ai->ai_grantee != ACL_ID_PUBLIC)
1502  list[j++] = ai->ai_grantee;
1503  /* grantor is currently never PUBLIC, but let's check anyway */
1504  if (ai->ai_grantor != ACL_ID_PUBLIC)
1505  list[j++] = ai->ai_grantor;
1506  }
1507 
1508  /* Sort the array */
1509  qsort(list, j, sizeof(Oid), oid_cmp);
1510 
1511  /* Remove duplicates from the array */
1512  k = 0;
1513  for (i = 1; i < j; i++)
1514  {
1515  if (list[k] != list[i])
1516  list[++k] = list[i];
1517  }
1518 
1519  /*
1520  * We could repalloc the array down to minimum size, but it's hardly worth
1521  * it since it's only transient memory.
1522  */
1523  *roleids = list;
1524 
1525  return k + 1;
1526 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
Oid
unsigned int Oid
Definition: postgres_ext.h:31
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
oid_cmp
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:336
palloc
void * palloc(Size size)
Definition: mcxt.c:924
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47
qsort
#define qsort(a, b, c, d)
Definition: port.h:421
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 451 of file acl.c.

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

452 {
453  Acl *result_acl;
454  AclItem *aip;
455  int i,
456  num;
457 
458  /* Check for cases where one or both are empty/null */
459  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
460  {
461  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
462  return NULL;
463  else
464  return aclcopy(right_acl);
465  }
466  else
467  {
468  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
469  return aclcopy(left_acl);
470  }
471 
472  /* Merge them the hard way, one item at a time */
473  result_acl = aclcopy(left_acl);
474 
475  aip = ACL_DAT(right_acl);
476  num = ACL_NUM(right_acl);
477 
478  for (i = 0; i < num; i++, aip++)
479  {
480  Acl *tmp_acl;
481 
482  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
483  ownerId, DROP_RESTRICT);
484  pfree(result_acl);
485  result_acl = tmp_acl;
486  }
487 
488  return result_acl;
489 }
pfree
void pfree(void *pointer)
Definition: mcxt.c:1031
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:130
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
aclcopy
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:407
i
int i
Definition: preproc-comment.c:23
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:931

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1052 of file acl.c.

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

1053 {
1054  Acl *new_acl;
1055  AclItem *new_aip;
1056  AclItem *old_aip;
1057  AclItem *dst_aip;
1058  AclItem *src_aip;
1059  AclItem *targ_aip;
1060  bool newpresent = false;
1061  int dst,
1062  src,
1063  targ,
1064  num;
1065 
1066  check_acl(old_acl);
1067 
1068  /*
1069  * Make a copy of the given ACL, substituting new owner ID for old
1070  * wherever it appears as either grantor or grantee. Also note if the new
1071  * owner ID is already present.
1072  */
1073  num = ACL_NUM(old_acl);
1074  old_aip = ACL_DAT(old_acl);
1075  new_acl = allocacl(num);
1076  new_aip = ACL_DAT(new_acl);
1077  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1078  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1079  {
1080  if (dst_aip->ai_grantor == oldOwnerId)
1081  dst_aip->ai_grantor = newOwnerId;
1082  else if (dst_aip->ai_grantor == newOwnerId)
1083  newpresent = true;
1084  if (dst_aip->ai_grantee == oldOwnerId)
1085  dst_aip->ai_grantee = newOwnerId;
1086  else if (dst_aip->ai_grantee == newOwnerId)
1087  newpresent = true;
1088  }
1089 
1090  /*
1091  * If the old ACL contained any references to the new owner, then we may
1092  * now have generated an ACL containing duplicate entries. Find them and
1093  * merge them so that there are not duplicates. (This is relatively
1094  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1095  * be the normal case.)
1096  *
1097  * To simplify deletion of duplicate entries, we temporarily leave them in
1098  * the array but set their privilege masks to zero; when we reach such an
1099  * entry it's just skipped. (Thus, a side effect of this code will be to
1100  * remove privilege-free entries, should there be any in the input.) dst
1101  * is the next output slot, targ is the currently considered input slot
1102  * (always >= dst), and src scans entries to the right of targ looking for
1103  * duplicates. Once an entry has been emitted to dst it is known
1104  * duplicate-free and need not be considered anymore.
1105  */
1106  if (newpresent)
1107  {
1108  dst = 0;
1109  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1110  {
1111  /* ignore if deleted in an earlier pass */
1112  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1113  continue;
1114  /* find and merge any duplicates */
1115  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1116  src++, src_aip++)
1117  {
1118  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1119  continue;
1120  if (aclitem_match(targ_aip, src_aip))
1121  {
1122  ACLITEM_SET_RIGHTS(*targ_aip,
1123  ACLITEM_GET_RIGHTS(*targ_aip) |
1124  ACLITEM_GET_RIGHTS(*src_aip));
1125  /* mark the duplicate deleted */
1126  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1127  }
1128  }
1129  /* and emit to output */
1130  new_aip[dst] = *targ_aip;
1131  dst++;
1132  }
1133  /* Adjust array size to be 'dst' items */
1134  ARR_DIMS(new_acl)[0] = dst;
1135  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1136  }
1137 
1138  return new_acl;
1139 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
allocacl
static Acl * allocacl(int n)
Definition: acl.c:376
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:279
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:69
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:80
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:658
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:327
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:111
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip 
)
static

Definition at line 238 of file acl.c.

References ACL_ALL_RIGHTS_STR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert, elog, ereport, errcode(), errhint(), errmsg(), ERROR, get_role_oid(), getid(), LOG, name, NAMEDATALEN, read, and WARNING.

Referenced by aclitemin().

239 {
240  AclMode privs,
241  goption,
242  read;
243  char name[NAMEDATALEN];
244  char name2[NAMEDATALEN];
245 
246  Assert(s && aip);
247 
248 #ifdef ACLDEBUG
249  elog(LOG, "aclparse: input = \"%s\"", s);
250 #endif
251  s = getid(s, name);
252  if (*s != '=')
253  {
254  /* we just read a keyword, not a name */
255  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
256  ereport(ERROR,
257  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
258  errmsg("unrecognized key word: \"%s\"", name),
259  errhint("ACL key word must be \"group\" or \"user\".")));
260  s = getid(s, name); /* move s to the name beyond the keyword */
261  if (name[0] == '\0')
262  ereport(ERROR,
263  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
264  errmsg("missing name"),
265  errhint("A name must follow the \"group\" or \"user\" key word.")));
266  }
267 
268  if (*s != '=')
269  ereport(ERROR,
270  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
271  errmsg("missing \"=\" sign")));
272 
273  privs = goption = ACL_NO_RIGHTS;
274 
275  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
276  {
277  switch (*s)
278  {
279  case '*':
280  goption |= read;
281  break;
282  case ACL_INSERT_CHR:
283  read = ACL_INSERT;
284  break;
285  case ACL_SELECT_CHR:
286  read = ACL_SELECT;
287  break;
288  case ACL_UPDATE_CHR:
289  read = ACL_UPDATE;
290  break;
291  case ACL_DELETE_CHR:
292  read = ACL_DELETE;
293  break;
294  case ACL_TRUNCATE_CHR:
295  read = ACL_TRUNCATE;
296  break;
297  case ACL_REFERENCES_CHR:
298  read = ACL_REFERENCES;
299  break;
300  case ACL_TRIGGER_CHR:
301  read = ACL_TRIGGER;
302  break;
303  case ACL_EXECUTE_CHR:
304  read = ACL_EXECUTE;
305  break;
306  case ACL_USAGE_CHR:
307  read = ACL_USAGE;
308  break;
309  case ACL_CREATE_CHR:
310  read = ACL_CREATE;
311  break;
312  case ACL_CREATE_TEMP_CHR:
313  read = ACL_CREATE_TEMP;
314  break;
315  case ACL_CONNECT_CHR:
316  read = ACL_CONNECT;
317  break;
318  case 'R': /* ignore old RULE privileges */
319  read = 0;
320  break;
321  default:
322  ereport(ERROR,
323  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
324  errmsg("invalid mode character: must be one of \"%s\"",
325  ACL_ALL_RIGHTS_STR)));
326  }
327 
328  privs |= read;
329  }
330 
331  if (name[0] == '\0')
332  aip->ai_grantee = ACL_ID_PUBLIC;
333  else
334  aip->ai_grantee = get_role_oid(name, false);
335 
336  /*
337  * XXX Allow a degree of backward compatibility by defaulting the grantor
338  * to the superuser.
339  */
340  if (*s == '/')
341  {
342  s = getid(s + 1, name2);
343  if (name2[0] == '\0')
344  ereport(ERROR,
345  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
346  errmsg("a name must follow the \"/\" sign")));
347  aip->ai_grantor = get_role_oid(name2, false);
348  }
349  else
350  {
351  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
352  ereport(WARNING,
353  (errcode(ERRCODE_INVALID_GRANTOR),
354  errmsg("defaulting grantor to user ID %u",
355  BOOTSTRAP_SUPERUSERID)));
356  }
357 
358  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
359 
360 #ifdef ACLDEBUG
361  elog(LOG, "aclparse: correctly read [%u %x %x]",
362  aip->ai_grantee, privs, goption);
363 #endif
364 
365  return s;
366 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
ACL_INSERT_CHR
#define ACL_INSERT_CHR
Definition: acl.h:138
errhint
int errhint(const char *fmt,...)
Definition: elog.c:987
ACL_CONNECT_CHR
#define ACL_CONNECT_CHR
Definition: acl.h:149
ACL_DELETE_CHR
#define ACL_DELETE_CHR
Definition: acl.h:141
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
LOG
#define LOG
Definition: elog.h:26
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5116
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
AclMode
uint32 AclMode
Definition: parsenodes.h:72
ACL_CREATE_TEMP_CHR
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:148
ERROR
#define ERROR
Definition: elog.h:43
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
getid
static const char * getid(const char *s, char *n)
Definition: acl.c:137
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_TRUNCATE_CHR
#define ACL_TRUNCATE_CHR
Definition: acl.h:142
ACL_REFERENCES_CHR
#define ACL_REFERENCES_CHR
Definition: acl.h:143
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
WARNING
#define WARNING
Definition: elog.h:40
ACL_SELECT_CHR
#define ACL_SELECT_CHR
Definition: acl.h:139
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_ALL_RIGHTS_STR
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:152
ACL_USAGE_CHR
#define ACL_USAGE_CHR
Definition: acl.h:146
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
Assert
#define Assert(condition)
Definition: c.h:699
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_UPDATE_CHR
#define ACL_UPDATE_CHR
Definition: acl.h:140
name
const char * name
Definition: encode.c:521
ACL_TRIGGER_CHR
#define ACL_TRIGGER_CHR
Definition: acl.h:144
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47
elog
#define elog
Definition: elog.h:219
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:83
read
#define read(a, b, c)
Definition: win32.h:13
ACL_EXECUTE_CHR
#define ACL_EXECUTE_CHR
Definition: acl.h:145
ACL_CREATE_CHR
#define ACL_CREATE_CHR
Definition: acl.h:147
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1543 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

1544 {
1545  ereport(ERROR,
1546  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1547  errmsg("aclremove is no longer supported")));
1548 
1549  PG_RETURN_NULL(); /* keep compiler quiet */
1550 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 931 of file acl.c.

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert, check_acl(), check_circularity(), memmove, recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

933 {
934  Acl *new_acl = NULL;
935  AclItem *old_aip,
936  *new_aip = NULL;
937  AclMode old_rights,
938  old_goptions,
939  new_rights,
940  new_goptions;
941  int dst,
942  num;
943 
944  /* Caller probably already checked old_acl, but be safe */
945  check_acl(old_acl);
946 
947  /* If granting grant options, check for circularity */
948  if (modechg != ACL_MODECHG_DEL &&
949  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
950  check_circularity(old_acl, mod_aip, ownerId);
951 
952  num = ACL_NUM(old_acl);
953  old_aip = ACL_DAT(old_acl);
954 
955  /*
956  * Search the ACL for an existing entry for this grantee and grantor. If
957  * one exists, just modify the entry in-place (well, in the same position,
958  * since we actually return a copy); otherwise, insert the new entry at
959  * the end.
960  */
961 
962  for (dst = 0; dst < num; ++dst)
963  {
964  if (aclitem_match(mod_aip, old_aip + dst))
965  {
966  /* found a match, so modify existing item */
967  new_acl = allocacl(num);
968  new_aip = ACL_DAT(new_acl);
969  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
970  break;
971  }
972  }
973 
974  if (dst == num)
975  {
976  /* need to append a new item */
977  new_acl = allocacl(num + 1);
978  new_aip = ACL_DAT(new_acl);
979  memcpy(new_aip, old_aip, num * sizeof(AclItem));
980 
981  /* initialize the new entry with no permissions */
982  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
983  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
984  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
985  ACL_NO_RIGHTS, ACL_NO_RIGHTS);
986  num++; /* set num to the size of new_acl */
987  }
988 
989  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
990  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
991 
992  /* apply the specified permissions change */
993  switch (modechg)
994  {
995  case ACL_MODECHG_ADD:
996  ACLITEM_SET_RIGHTS(new_aip[dst],
997  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
998  break;
999  case ACL_MODECHG_DEL:
1000  ACLITEM_SET_RIGHTS(new_aip[dst],
1001  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1002  break;
1003  case ACL_MODECHG_EQL:
1004  ACLITEM_SET_RIGHTS(new_aip[dst],
1005  ACLITEM_GET_RIGHTS(*mod_aip));
1006  break;
1007  }
1008 
1009  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1010  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1011 
1012  /*
1013  * If the adjusted entry has no permissions, delete it from the list.
1014  */
1015  if (new_rights == ACL_NO_RIGHTS)
1016  {
1017  memmove(new_aip + dst,
1018  new_aip + dst + 1,
1019  (num - dst - 1) * sizeof(AclItem));
1020  /* Adjust array size to be 'num - 1' items */
1021  ARR_DIMS(new_acl)[0] = num - 1;
1022  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1023  }
1024 
1025  /*
1026  * Remove abandoned privileges (cascading revoke). Currently we can only
1027  * handle this when the grantee is not PUBLIC.
1028  */
1029  if ((old_goptions & ~new_goptions) != 0)
1030  {
1031  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1032  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1033  (old_goptions & ~new_goptions),
1034  ownerId, behavior);
1035  }
1036 
1037  return new_acl;
1038 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
ACL_MODECHG_EQL
#define ACL_MODECHG_EQL
Definition: acl.h:132
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
allocacl
static Acl * allocacl(int n)
Definition: acl.c:376
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:131
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:112
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:72
check_circularity
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1155
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:279
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
memmove
#define memmove(d, s, c)
Definition: c.h:1100
ACLITEM_GET_RIGHTS
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:69
ACLITEM_SET_RIGHTS
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:80
ACL_MODECHG_ADD
#define ACL_MODECHG_ADD
Definition: acl.h:130
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
Assert
#define Assert(condition)
Definition: c.h:699
aclitem_match
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:658
recursive_revoke
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1235
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:327
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:111
ACLITEM_SET_PRIVS_GOPTIONS
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:83
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 376 of file acl.c.

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog, ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

377 {
378  Acl *new_acl;
379  Size size;
380 
381  if (n < 0)
382  elog(ERROR, "invalid size: %d", n);
383  size = ACL_N_SIZE(n);
384  new_acl = (Acl *) palloc0(size);
385  SET_VARSIZE(new_acl, size);
386  new_acl->ndim = 1;
387  new_acl->dataoffset = 0; /* we never put in any nulls */
388  new_acl->elemtype = ACLITEMOID;
389  ARR_LBOUND(new_acl)[0] = 1;
390  ARR_DIMS(new_acl)[0] = n;
391  return new_acl;
392 }
ArrayType::dataoffset
int32 dataoffset
Definition: array.h:84
ARR_LBOUND
#define ARR_LBOUND(a)
Definition: array.h:281
ERROR
#define ERROR
Definition: elog.h:43
ArrayType::elemtype
Oid elemtype
Definition: array.h:85
ARR_DIMS
#define ARR_DIMS(a)
Definition: array.h:279
palloc0
void * palloc0(Size size)
Definition: mcxt.c:955
Size
size_t Size
Definition: c.h:433
SET_VARSIZE
#define SET_VARSIZE(PTR, len)
Definition: postgres.h:327
elog
#define elog
Definition: elog.h:219
ACL_N_SIZE
#define ACL_N_SIZE(N)
Definition: acl.h:111
ArrayType::ndim
int ndim
Definition: array.h:83

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 540 of file acl.c.

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

541 {
542  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
543  ereport(ERROR,
544  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
545  errmsg("ACL array contains wrong data type")));
546  if (ARR_NDIM(acl) != 1)
547  ereport(ERROR,
548  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
549  errmsg("ACL arrays must be one-dimensional")));
550  if (ARR_HASNULL(acl))
551  ereport(ERROR,
552  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
553  errmsg("ACL arrays must not contain null values")));
554 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
ERROR
#define ERROR
Definition: elog.h:43
ARR_HASNULL
#define ARR_HASNULL(a)
Definition: array.h:276
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
ARR_NDIM
#define ARR_NDIM(a)
Definition: array.h:275
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
ARR_ELEMTYPE
#define ARR_ELEMTYPE(a)
Definition: array.h:277

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1155 of file acl.c.

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert, check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

1157 {
1158  Acl *acl;
1159  AclItem *aip;
1160  int i,
1161  num;
1162  AclMode own_privs;
1163 
1164  check_acl(old_acl);
1165 
1166  /*
1167  * For now, grant options can only be granted to roles, not PUBLIC.
1168  * Otherwise we'd have to work a bit harder here.
1169  */
1170  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1171 
1172  /* The owner always has grant options, no need to check */
1173  if (mod_aip->ai_grantor == ownerId)
1174  return;
1175 
1176  /* Make a working copy */
1177  acl = allocacl(ACL_NUM(old_acl));
1178  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1179 
1180  /* Zap all grant options of target grantee, plus what depends on 'em */
1181 cc_restart:
1182  num = ACL_NUM(acl);
1183  aip = ACL_DAT(acl);
1184  for (i = 0; i < num; i++)
1185  {
1186  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1187  ACLITEM_GET_GOPTIONS(aip[i]) != ACL_NO_RIGHTS)
1188  {
1189  Acl *new_acl;
1190 
1191  /* We'll actually zap ordinary privs too, but no matter */
1192  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1193  ownerId, DROP_CASCADE);
1194 
1195  pfree(acl);
1196  acl = new_acl;
1197 
1198  goto cc_restart;
1199  }
1200  }
1201 
1202  /* Now we can compute grantor's independently-derived privileges */
1203  own_privs = aclmask(acl,
1204  mod_aip->ai_grantor,
1205  ownerId,
1206  ACL_GRANT_OPTION_FOR(ACLITEM_GET_GOPTIONS(*mod_aip)),
1207  ACLMASK_ALL);
1208  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1209 
1210  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1211  ereport(ERROR,
1212  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1213  errmsg("grant options cannot be granted back to your own grantor")));
1214 
1215  pfree(acl);
1216 }
AclItem::ai_grantee
Oid ai_grantee
Definition: acl.h:57
ACLITEM_GET_GOPTIONS
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:68
allocacl
static Acl * allocacl(int n)
Definition: acl.c:376
ACL_MODECHG_DEL
#define ACL_MODECHG_DEL
Definition: acl.h:131
aclmask
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1321
ACL_SIZE
#define ACL_SIZE(ACL)
Definition: acl.h:112
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
AclItem::ai_grantor
Oid ai_grantor
Definition: acl.h:58
AclMode
uint32 AclMode
Definition: parsenodes.h:72
pfree
void pfree(void *pointer)
Definition: mcxt.c:1031
ERROR
#define ERROR
Definition: elog.h:43
ACL_NUM
#define ACL_NUM(ACL)
Definition: acl.h:109
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
ACL_DAT
#define ACL_DAT(ACL)
Definition: acl.h:110
AclItem
Definition: acl.h:55
ACL_OPTION_TO_PRIVS
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:72
Assert
#define Assert(condition)
Definition: c.h:699
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
i
int i
Definition: preproc-comment.c:23
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47
aclupdate
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:931
check_acl
static void check_acl(const Acl *acl)
Definition: acl.c:540

◆ check_is_member_of_role()

void check_is_member_of_role ( Oid  member,
Oid  role 
)

Definition at line 4879 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and is_member_of_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), CreateSchemaCommand(), and ExecAlterDefaultPrivilegesStmt().

4880 {
4881  if (!is_member_of_role(member, role))
4882  ereport(ERROR,
4883  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4884  errmsg("must be member of role \"%s\"",
4885  GetUserNameFromId(role, false))));
4886 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
member
Oid member
Definition: pg_auth_members.h:33
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
is_member_of_role
bool is_member_of_role(Oid member, Oid role)
Definition: acl.c:4857
GetUserNameFromId
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:787
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5253 of file acl.c.

References ereport, errcode(), errdetail(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

5254 {
5255  if (!role)
5256  return;
5257 
5258  if (role->roletype != ROLESPEC_CSTRING)
5259  return;
5260 
5261  if (IsReservedName(role->rolename))
5262  {
5263  if (detail_msg)
5264  ereport(ERROR,
5265  (errcode(ERRCODE_RESERVED_NAME),
5266  errmsg("role name \"%s\" is reserved",
5267  role->rolename),
5268  errdetail("%s", detail_msg)));
5269  else
5270  ereport(ERROR,
5271  (errcode(ERRCODE_RESERVED_NAME),
5272  errmsg("role name \"%s\" is reserved",
5273  role->rolename)));
5274  }
5275 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
IsReservedName
bool IsReservedName(const char *name)
Definition: catalog.c:194
ERROR
#define ERROR
Definition: elog.h:43
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:873
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:329
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:330
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2462 of file acl.c.

References ACLCHECK_OK, ATTNUM, GETSTRUCT, HeapTupleIsValid, Int16GetDatum, ObjectIdGetDatum, pg_attribute_aclcheck(), pg_class_aclcheck(), ReleaseSysCache(), RELOID, SearchSysCache2(), and SearchSysCacheExists1.

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2464 {
2465  AclResult aclresult;
2466  HeapTuple attTuple;
2467  Form_pg_attribute attributeForm;
2468 
2469  /*
2470  * First check if we have the privilege at the table level. We check
2471  * existence of the pg_class row before risking calling pg_class_aclcheck.
2472  * Note: it might seem there's a race condition against concurrent DROP,
2473  * but really it's safe because there will be no syscache flush between
2474  * here and there. So if we see the row in the syscache, so will
2475  * pg_class_aclcheck.
2476  */
2477  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2478  return -1;
2479 
2480  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2481 
2482  if (aclresult == ACLCHECK_OK)
2483  return true;
2484 
2485  /*
2486  * No table privilege, so try per-column privileges. Again, we have to
2487  * check for dropped attribute first, and we rely on the syscache not to
2488  * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
2489  */
2490  attTuple = SearchSysCache2(ATTNUM,
2491  ObjectIdGetDatum(tableoid),
2492  Int16GetDatum(attnum));
2493  if (!HeapTupleIsValid(attTuple))
2494  return -1;
2495  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2496  if (attributeForm->attisdropped)
2497  {
2498  ReleaseSysCache(attTuple);
2499  return -1;
2500  }
2501  ReleaseSysCache(attTuple);
2502 
2503  aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
2504 
2505  return (aclresult == ACLCHECK_OK);
2506 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:673
pg_attribute_aclcheck
AclResult pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: aclchk.c:4510
Int16GetDatum
#define Int16GetDatum(X)
Definition: postgres.h:434
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
Form_pg_attribute
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:197
AclResult
AclResult
Definition: acl.h:178
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1160
attnum
int16 attnum
Definition: pg_attribute.h:79
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
SearchSysCache2
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:1123
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4624

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1696 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog, and ERROR.

Referenced by aclexplode().

1697 {
1698  switch (aclright)
1699  {
1700  case ACL_INSERT:
1701  return "INSERT";
1702  case ACL_SELECT:
1703  return "SELECT";
1704  case ACL_UPDATE:
1705  return "UPDATE";
1706  case ACL_DELETE:
1707  return "DELETE";
1708  case ACL_TRUNCATE:
1709  return "TRUNCATE";
1710  case ACL_REFERENCES:
1711  return "REFERENCES";
1712  case ACL_TRIGGER:
1713  return "TRIGGER";
1714  case ACL_EXECUTE:
1715  return "EXECUTE";
1716  case ACL_USAGE:
1717  return "USAGE";
1718  case ACL_CREATE:
1719  return "CREATE";
1720  case ACL_CREATE_TEMP:
1721  return "TEMPORARY";
1722  case ACL_CONNECT:
1723  return "CONNECT";
1724  default:
1725  elog(ERROR, "unrecognized aclright: %d", aclright);
1726  return NULL;
1727  }
1728 }
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
ERROR
#define ERROR
Definition: elog.h:43
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
elog
#define elog
Definition: elog.h:219
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1648 of file acl.c.

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), and convert_type_priv_string().

1650 {
1651  AclMode result = 0;
1652  char *priv_type = text_to_cstring(priv_type_text);
1653  char *chunk;
1654  char *next_chunk;
1655 
1656  /* We rely on priv_type being a private, modifiable string */
1657  for (chunk = priv_type; chunk; chunk = next_chunk)
1658  {
1659  int chunk_len;
1660  const priv_map *this_priv;
1661 
1662  /* Split string at commas */
1663  next_chunk = strchr(chunk, ',');
1664  if (next_chunk)
1665  *next_chunk++ = '\0';
1666 
1667  /* Drop leading/trailing whitespace in this chunk */
1668  while (*chunk && isspace((unsigned char) *chunk))
1669  chunk++;
1670  chunk_len = strlen(chunk);
1671  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1672  chunk_len--;
1673  chunk[chunk_len] = '\0';
1674 
1675  /* Match to the privileges list */
1676  for (this_priv = privileges; this_priv->name; this_priv++)
1677  {
1678  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1679  {
1680  result |= this_priv->value;
1681  break;
1682  }
1683  }
1684  if (!this_priv->name)
1685  ereport(ERROR,
1686  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1687  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1688  }
1689 
1690  pfree(priv_type);
1691  return result;
1692 }
priv_map
Definition: acl.c:43
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
priv_map::name
const char * name
Definition: acl.c:45
AclMode
uint32 AclMode
Definition: parsenodes.h:72
pfree
void pfree(void *pointer)
Definition: mcxt.c:1031
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
priv_map::value
AclMode value
Definition: acl.c:46
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2833 of file acl.c.

References attnum, ereport, errcode(), errmsg(), ERROR, get_attnum(), get_rel_name(), InvalidAttrNumber, pfree(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

2834 {
2835  AttrNumber attnum;
2836  char *colname;
2837 
2838  colname = text_to_cstring(column);
2839  attnum = get_attnum(tableoid, colname);
2840  if (attnum == InvalidAttrNumber)
2841  ereport(ERROR,
2842  (errcode(ERRCODE_UNDEFINED_COLUMN),
2843  errmsg("column \"%s\" of relation \"%s\" does not exist",
2844  colname, get_rel_name(tableoid))));
2845  pfree(colname);
2846  return attnum;
2847 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
pfree
void pfree(void *pointer)
Definition: mcxt.c:1031
ERROR
#define ERROR
Definition: elog.h:43
get_attnum
AttrNumber get_attnum(Oid relid, const char *attname)
Definition: lsyscache.c:806
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
attnum
int16 attnum
Definition: pg_attribute.h:79
InvalidAttrNumber
#define InvalidAttrNumber
Definition: attnum.h:23
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
get_rel_name
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1730
AttrNumber
int16 AttrNumber
Definition: attnum.h:21

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2854 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

2855 {
2856  static const priv_map column_priv_map[] = {
2857  {"SELECT", ACL_SELECT},
2858  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2859  {"INSERT", ACL_INSERT},
2860  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2861  {"UPDATE", ACL_UPDATE},
2862  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2863  {"REFERENCES", ACL_REFERENCES},
2864  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2865  {NULL, 0}
2866  };
2867 
2868  return convert_any_priv_string(priv_type_text, column_priv_map);
2869 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3039 of file acl.c.

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

3040 {
3041  char *dbname = text_to_cstring(databasename);
3042 
3043  return get_database_oid(dbname, false);
3044 }
get_database_oid
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2009
dbname
char * dbname
Definition: streamutil.c:51
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3051 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

3052 {
3053  static const priv_map database_priv_map[] = {
3054  {"CREATE", ACL_CREATE},
3055  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3056  {"TEMPORARY", ACL_CREATE_TEMP},
3057  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3058  {"TEMP", ACL_CREATE_TEMP},
3059  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3060  {"CONNECT", ACL_CONNECT},
3061  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3062  {NULL, 0}
3063  };
3064 
3065  return convert_any_priv_string(priv_type_text, database_priv_map);
3066 
3067 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3228 of file acl.c.

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

3229 {
3230  char *fdwstr = text_to_cstring(fdwname);
3231 
3232  return get_foreign_data_wrapper_oid(fdwstr, false);
3233 }
get_foreign_data_wrapper_oid
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:659
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3240 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

3241 {
3242  static const priv_map foreign_data_wrapper_priv_map[] = {
3243  {"USAGE", ACL_USAGE},
3244  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3245  {NULL, 0}
3246  };
3247 
3248  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3249 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3419 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

3420 {
3421  char *funcname = text_to_cstring(functionname);
3422  Oid oid;
3423 
3424  oid = DatumGetObjectId(DirectFunctionCall1(regprocedurein,
3425  CStringGetDatum(funcname)));
3426 
3427  if (!OidIsValid(oid))
3428  ereport(ERROR,
3429  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3430  errmsg("function \"%s\" does not exist", funcname)));
3431 
3432  return oid;
3433 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:483
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:590
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:605
ERROR
#define ERROR
Definition: elog.h:43
regprocedurein
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:231
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:561
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3440 of file acl.c.

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

3441 {
3442  static const priv_map function_priv_map[] = {
3443  {"EXECUTE", ACL_EXECUTE},
3444  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3445  {NULL, 0}
3446  };
3447 
3448  return convert_any_priv_string(priv_type_text, function_priv_map);
3449 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3619 of file acl.c.

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

3620 {
3621  char *langname = text_to_cstring(languagename);
3622 
3623  return get_language_oid(langname, false);
3624 }
get_language_oid
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:549
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3631 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

3632 {
3633  static const priv_map language_priv_map[] = {
3634  {"USAGE", ACL_USAGE},
3635  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3636  {NULL, 0}
3637  };
3638 
3639  return convert_any_priv_string(priv_type_text, language_priv_map);
3640 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71

◆ convert_priv_string()

static AclMode convert_priv_string ( text priv_type_text)
static

Definition at line 1598 of file acl.c.

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, ereport, errcode(), errmsg(), ERROR, pg_strcasecmp(), and text_to_cstring().

Referenced by makeaclitem().

1599 {
1600  char *priv_type = text_to_cstring(priv_type_text);
1601 
1602  if (pg_strcasecmp(priv_type, "SELECT") == 0)
1603  return ACL_SELECT;
1604  if (pg_strcasecmp(priv_type, "INSERT") == 0)
1605  return ACL_INSERT;
1606  if (pg_strcasecmp(priv_type, "UPDATE") == 0)
1607  return ACL_UPDATE;
1608  if (pg_strcasecmp(priv_type, "DELETE") == 0)
1609  return ACL_DELETE;
1610  if (pg_strcasecmp(priv_type, "TRUNCATE") == 0)
1611  return ACL_TRUNCATE;
1612  if (pg_strcasecmp(priv_type, "REFERENCES") == 0)
1613  return ACL_REFERENCES;
1614  if (pg_strcasecmp(priv_type, "TRIGGER") == 0)
1615  return ACL_TRIGGER;
1616  if (pg_strcasecmp(priv_type, "EXECUTE") == 0)
1617  return ACL_EXECUTE;
1618  if (pg_strcasecmp(priv_type, "USAGE") == 0)
1619  return ACL_USAGE;
1620  if (pg_strcasecmp(priv_type, "CREATE") == 0)
1621  return ACL_CREATE;
1622  if (pg_strcasecmp(priv_type, "TEMP") == 0)
1623  return ACL_CREATE_TEMP;
1624  if (pg_strcasecmp(priv_type, "TEMPORARY") == 0)
1625  return ACL_CREATE_TEMP;
1626  if (pg_strcasecmp(priv_type, "CONNECT") == 0)
1627  return ACL_CONNECT;
1628  if (pg_strcasecmp(priv_type, "RULE") == 0)
1629  return 0; /* ignore old RULE privileges */
1630 
1631  ereport(ERROR,
1632  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1633  errmsg("unrecognized privilege type: \"%s\"", priv_type)));
1634  return ACL_NO_RIGHTS; /* keep compiler quiet */
1635 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
ERROR
#define ERROR
Definition: elog.h:43
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_NO_RIGHTS
#define ACL_NO_RIGHTS
Definition: parsenodes.h:88
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
ACL_CONNECT
#define ACL_CONNECT
Definition: parsenodes.h:86
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
ACL_EXECUTE
#define ACL_EXECUTE
Definition: parsenodes.h:81
ACL_CREATE_TEMP
#define ACL_CREATE_TEMP
Definition: parsenodes.h:85
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4564 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

4565 {
4566  static const priv_map role_priv_map[] = {
4567  {"USAGE", ACL_USAGE},
4568  {"MEMBER", ACL_CREATE},
4569  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4570  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4571  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4572  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4573  {NULL, 0}
4574  };
4575 
4576  return convert_any_priv_string(priv_type_text, role_priv_map);
4577 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3810 of file acl.c.

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

3811 {
3812  char *nspname = text_to_cstring(schemaname);
3813 
3814  return get_namespace_oid(nspname, false);
3815 }
get_namespace_oid
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3024
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3822 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

3823 {
3824  static const priv_map schema_priv_map[] = {
3825  {"CREATE", ACL_CREATE},
3826  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3827  {"USAGE", ACL_USAGE},
3828  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3829  {NULL, 0}
3830  };
3831 
3832  return convert_any_priv_string(priv_type_text, schema_priv_map);
3833 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2241 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

2242 {
2243  static const priv_map sequence_priv_map[] = {
2244  {"USAGE", ACL_USAGE},
2245  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2246  {"SELECT", ACL_SELECT},
2247  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2248  {"UPDATE", ACL_UPDATE},
2249  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2250  {NULL, 0}
2251  };
2252 
2253  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2254 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 3994 of file acl.c.

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

3995 {
3996  char *serverstr = text_to_cstring(servername);
3997 
3998  return get_foreign_server_oid(serverstr, false);
3999 }
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182
get_foreign_server_oid
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:680

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4006 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

4007 {
4008  static const priv_map server_priv_map[] = {
4009  {"USAGE", ACL_USAGE},
4010  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4011  {NULL, 0}
4012  };
4013 
4014  return convert_any_priv_string(priv_type_text, server_priv_map);
4015 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

Definition at line 2003 of file acl.c.

References makeRangeVarFromNameList(), NoLock, RangeVarGetRelid, and textToQualifiedNameList().

Referenced by has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_name(), has_table_privilege_id_name(), has_table_privilege_name(), and has_table_privilege_name_name().

2004 {
2005  RangeVar *relrv;
2006 
2007  relrv = makeRangeVarFromNameList(textToQualifiedNameList(tablename));
2008 
2009  /* We might not even have permissions on this relation; don't lock it. */
2010  return RangeVarGetRelid(relrv, NoLock, false);
2011 }
RangeVarGetRelid
#define RangeVarGetRelid(relation, lockmode, missing_ok)
Definition: namespace.h:63
makeRangeVarFromNameList
RangeVar * makeRangeVarFromNameList(List *names)
Definition: namespace.c:3042
NoLock
#define NoLock
Definition: lockdefs.h:34
textToQualifiedNameList
List * textToQualifiedNameList(text *textval)
Definition: varlena.c:3232

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2018 of file acl.c.

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

2019 {
2020  static const priv_map table_priv_map[] = {
2021  {"SELECT", ACL_SELECT},
2022  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2023  {"INSERT", ACL_INSERT},
2024  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2025  {"UPDATE", ACL_UPDATE},
2026  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2027  {"DELETE", ACL_DELETE},
2028  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2029  {"TRUNCATE", ACL_TRUNCATE},
2030  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2031  {"REFERENCES", ACL_REFERENCES},
2032  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2033  {"TRIGGER", ACL_TRIGGER},
2034  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2035  {"RULE", 0}, /* ignore old RULE privileges */
2036  {"RULE WITH GRANT OPTION", 0},
2037  {NULL, 0}
2038  };
2039 
2040  return convert_any_priv_string(priv_type_text, table_priv_map);
2041 }
priv_map
Definition: acl.c:43
ACL_DELETE
#define ACL_DELETE
Definition: parsenodes.h:77
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_TRIGGER
#define ACL_TRIGGER
Definition: parsenodes.h:80
ACL_UPDATE
#define ACL_UPDATE
Definition: parsenodes.h:76
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71
ACL_SELECT
#define ACL_SELECT
Definition: parsenodes.h:75
ACL_REFERENCES
#define ACL_REFERENCES
Definition: parsenodes.h:79
ACL_INSERT
#define ACL_INSERT
Definition: parsenodes.h:74
ACL_TRUNCATE
#define ACL_TRUNCATE
Definition: parsenodes.h:78

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4176 of file acl.c.

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

4177 {
4178  char *spcname = text_to_cstring(tablespacename);
4179 
4180  return get_tablespace_oid(spcname, false);
4181 }
get_tablespace_oid
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1382
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4188 of file acl.c.

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

4189 {
4190  static const priv_map tablespace_priv_map[] = {
4191  {"CREATE", ACL_CREATE},
4192  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4193  {NULL, 0}
4194  };
4195 
4196  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4197 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_CREATE
#define ACL_CREATE
Definition: parsenodes.h:84
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4366 of file acl.c.

References CStringGetDatum, DatumGetObjectId, DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), and text_to_cstring().

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

4367 {
4368  char *typname = text_to_cstring(typename);
4369  Oid oid;
4370 
4371  oid = DatumGetObjectId(DirectFunctionCall1(regtypein,
4372  CStringGetDatum(typname)));
4373 
4374  if (!OidIsValid(oid))
4375  ereport(ERROR,
4376  (errcode(ERRCODE_UNDEFINED_OBJECT),
4377  errmsg("type \"%s\" does not exist", typname)));
4378 
4379  return oid;
4380 }
DatumGetObjectId
#define DatumGetObjectId(X)
Definition: postgres.h:483
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
DirectFunctionCall1
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:590
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:605
ERROR
#define ERROR
Definition: elog.h:43
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:561
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
regtypein
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1061
text_to_cstring
char * text_to_cstring(const text *t)
Definition: varlena.c:182
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4387 of file acl.c.

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

4388 {
4389  static const priv_map type_priv_map[] = {
4390  {"USAGE", ACL_USAGE},
4391  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4392  {NULL, 0}
4393  };
4394 
4395  return convert_any_priv_string(priv_type_text, type_priv_map);
4396 }
priv_map
Definition: acl.c:43
convert_any_priv_string
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1648
ACL_USAGE
#define ACL_USAGE
Definition: parsenodes.h:82
ACL_GRANT_OPTION_FOR
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:71

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5001 of file acl.c.

Referenced by select_best_grantor().

5002 {
5003  int nbits = 0;
5004 
5005  /* this code relies on AclMode being an unsigned type */
5006  while (mask)
5007  {
5008  if (mask & 1)
5009  nbits++;
5010  mask >>= 1;
5011  }
5012  return nbits;
5013 }

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5116 of file acl.c.

References AUTHNAME, CStringGetDatum, ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, and OidIsValid.

Referenced by aclparse(), check_hba(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and to_regrole().

5117 {
5118  Oid oid;
5119 
5120  oid = GetSysCacheOid1(AUTHNAME, CStringGetDatum(rolname));
5121  if (!OidIsValid(oid) && !missing_ok)
5122  ereport(ERROR,
5123  (errcode(ERRCODE_UNDEFINED_OBJECT),
5124  errmsg("role \"%s\" does not exist", rolname)));
5125  return oid;
5126 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
Oid
unsigned int Oid
Definition: postgres_ext.h:31
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:605
GetSysCacheOid1
#define GetSysCacheOid1(cacheId, key1)
Definition: syscache.h:191
ERROR
#define ERROR
Definition: elog.h:43
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:561
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797

◆ get_role_oid_or_public()

Oid get_role_oid_or_public ( const char *  rolname)

Definition at line 5133 of file acl.c.

References ACL_ID_PUBLIC, and get_role_oid().

Referenced by has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name_attnum(), has_column_privilege_name_name_name(), has_database_privilege_name_id(), has_database_privilege_name_name(), has_foreign_data_wrapper_privilege_name_id(), has_foreign_data_wrapper_privilege_name_name(), has_function_privilege_name_id(), has_function_privilege_name_name(), has_language_privilege_name_id(), has_language_privilege_name_name(), has_schema_privilege_name_id(), has_schema_privilege_name_name(), has_sequence_privilege_name_id(), has_sequence_privilege_name_name(), has_server_privilege_name_id(), has_server_privilege_name_name(), has_table_privilege_name_id(), has_table_privilege_name_name(), has_tablespace_privilege_name_id(), has_tablespace_privilege_name_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

5134 {
5135  if (strcmp(rolname, "public") == 0)
5136  return ACL_ID_PUBLIC;
5137 
5138  return get_role_oid(rolname, false);
5139 }
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5116
ACL_ID_PUBLIC
#define ACL_ID_PUBLIC
Definition: acl.h:47

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5231 of file acl.c.

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

5232 {
5233  HeapTuple tp;
5234  Form_pg_authid authForm;
5235  char *rolename;
5236 
5237  tp = get_rolespec_tuple(role);
5238  authForm = (Form_pg_authid) GETSTRUCT(tp);
5239  rolename = pstrdup(NameStr(authForm->rolname));
5240  ReleaseSysCache(tp);
5241 
5242  return rolename;
5243 }
GETSTRUCT
#define GETSTRUCT(TUP)
Definition: htup_details.h:673
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1161
Form_pg_authid
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:55
ReleaseSysCache
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:1160
get_rolespec_tuple
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5187
NameStr
#define NameStr(name)
Definition: c.h:576

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5149 of file acl.c.

References Assert, elog, ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

5150 {
5151  Oid oid;
5152 
5153  switch (role->roletype)
5154  {
5155  case ROLESPEC_CSTRING:
5156  Assert(role->rolename);
5157  oid = get_role_oid(role->rolename, missing_ok);
5158  break;
5159 
5160  case ROLESPEC_CURRENT_USER:
5161  oid = GetUserId();
5162  break;
5163 
5164  case ROLESPEC_SESSION_USER:
5165  oid = GetSessionUserId();
5166  break;
5167 
5168  case ROLESPEC_PUBLIC:
5169  ereport(ERROR,
5170  (errcode(ERRCODE_UNDEFINED_OBJECT),
5171  errmsg("role \"%s\" does not exist", "public")));
5172  oid = InvalidOid; /* make compiler happy */
5173  break;
5174 
5175  default:
5176  elog(ERROR, "unexpected role type %d", role->roletype);
5177  }
5178 
5179  return oid;
5180 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
Oid
unsigned int Oid
Definition: postgres_ext.h:31
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:413
get_role_oid
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5116
ERROR
#define ERROR
Definition: elog.h:43
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:329
InvalidOid
#define InvalidOid
Definition: postgres_ext.h:36
Assert
#define Assert(condition)
Definition: c.h:699
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:330
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
elog
#define elog
Definition: elog.h:219

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5187 of file acl.c.

References Assert, AUTHNAME, AUTHOID, CStringGetDatum, elog, ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

5188 {
5189  HeapTuple tuple;
5190 
5191  switch (role->roletype)
5192  {
5193  case ROLESPEC_CSTRING:
5194  Assert(role->rolename);
5195  tuple = SearchSysCache1(AUTHNAME, CStringGetDatum(role->rolename));
5196  if (!HeapTupleIsValid(tuple))
5197  ereport(ERROR,
5198  (errcode(ERRCODE_UNDEFINED_OBJECT),
5199  errmsg("role \"%s\" does not exist", role->rolename)));
5200  break;
5201 
5202  case ROLESPEC_CURRENT_USER:
5203  tuple = SearchSysCache1(AUTHOID, GetUserId());
5204  if (!HeapTupleIsValid(tuple))
5205  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5206  break;
5207 
5208  case ROLESPEC_SESSION_USER:
5209  tuple = SearchSysCache1(AUTHOID, GetSessionUserId());
5210  if (!HeapTupleIsValid(tuple))
5211  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5212  break;
5213 
5214  case ROLESPEC_PUBLIC:
5215  ereport(ERROR,
5216  (errcode(ERRCODE_UNDEFINED_OBJECT),
5217  errmsg("role \"%s\" does not exist", "public")));
5218  tuple = NULL; /* make compiler happy */
5219 
5220  default:
5221  elog(ERROR, "unexpected role type %d", role->roletype);
5222  }
5223 
5224  return tuple;
5225 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
GetSessionUserId
Oid GetSessionUserId(void)
Definition: miscinit.c:413
ERROR
#define ERROR
Definition: elog.h:43
CStringGetDatum
#define CStringGetDatum(X)
Definition: postgres.h:561
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
SearchSysCache1
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:1112
RoleSpec::roletype
RoleSpecType roletype
Definition: parsenodes.h:329
HeapTupleIsValid
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
Assert
#define Assert(condition)
Definition: c.h:699
RoleSpec::rolename
char * rolename
Definition: parsenodes.h:330
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797
elog
#define elog
Definition: elog.h:219

◆ getid()

static const char * getid ( const char *  s,
char *  n 
)
static

Definition at line 137 of file acl.c.

References Assert, ereport, errcode(), errdetail(), errmsg(), ERROR, and NAMEDATALEN.

Referenced by aclparse().

138 {
139  int len = 0;
140  bool in_quotes = false;
141 
142  Assert(s && n);
143 
144  while (isspace((unsigned char) *s))
145  s++;
146  /* This code had better match what putid() does, below */
147  for (;
148  *s != '\0' &&
149  (isalnum((unsigned char) *s) ||
150  *s == '_' ||
151  *s == '"' ||
152  in_quotes);
153  s++)
154  {
155  if (*s == '"')
156  {
157  /* safe to look at next char (could be '\0' though) */
158  if (*(s + 1) != '"')
159  {
160  in_quotes = !in_quotes;
161  continue;
162  }
163  /* it's an escaped double quote; skip the escaping char */
164  s++;
165  }
166 
167  /* Add the character to the string */
168  if (len >= NAMEDATALEN - 1)
169  ereport(ERROR,
170  (errcode(ERRCODE_NAME_TOO_LONG),
171  errmsg("identifier too long"),
172  errdetail("Identifier must be less than %d characters.",
173  NAMEDATALEN)));
174 
175  n[len++] = *s;
176  }
177  n[len] = '\0';
178  while (isspace((unsigned char) *s))
179  s++;
180  return s;
181 }
errcode
int errcode(int sqlerrcode)
Definition: elog.c:575
NAMEDATALEN
#define NAMEDATALEN
Definition: pg_config_manual.h:29
ERROR
#define ERROR
Definition: elog.h:43
errdetail
int errdetail(const char *fmt,...)
Definition: elog.c:873
ereport
#define ereport(elevel, rest)
Definition: elog.h:122
Assert
#define Assert(condition)
Definition: c.h:699
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:797

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2363 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2364 {
2365  Oid tableoid = PG_GETARG_OID(0);
2366  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2367  Oid roleid;
2368  AclMode mode;
2369  AclResult aclresult;
2370 
2371  roleid = GetUserId();
2372  mode = convert_column_priv_string(priv_type_text);
2373 
2374  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2375  PG_RETURN_NULL();
2376 
2377  /* First check at table level, then examine each column if needed */
2378  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2379  if (aclresult != ACLCHECK_OK)
2380  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2381  ACLMASK_ANY);
2382 
2383  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2384 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4539
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4624
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2419 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

2420 {
2421  Oid roleid = PG_GETARG_OID(0);
2422  Oid tableoid = PG_GETARG_OID(1);
2423  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2424  AclMode mode;
2425  AclResult aclresult;
2426 
2427  mode = convert_column_priv_string(priv_type_text);
2428 
2429  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2430  PG_RETURN_NULL();
2431 
2432  /* First check at table level, then examine each column if needed */
2433  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2434  if (aclresult != ACLCHECK_OK)
2435  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2436  ACLMASK_ANY);
2437 
2438  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2439 }
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4539
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4624
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2392 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2393 {
2394  Oid roleid = PG_GETARG_OID(0);
2395  text *tablename = PG_GETARG_TEXT_PP(1);
2396  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2397  Oid tableoid;
2398  AclMode mode;
2399  AclResult aclresult;
2400 
2401  tableoid = convert_table_name(tablename);
2402  mode = convert_column_priv_string(priv_type_text);
2403 
2404  /* First check at table level, then examine each column if needed */
2405  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2406  if (aclresult != ACLCHECK_OK)
2407  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2408  ACLMASK_ANY);
2409 
2410  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2411 }
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4539
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4624
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2304 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2305 {
2306  text *tablename = PG_GETARG_TEXT_PP(0);
2307  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2308  Oid roleid;
2309  Oid tableoid;
2310  AclMode mode;
2311  AclResult aclresult;
2312 
2313  roleid = GetUserId();
2314  tableoid = convert_table_name(tablename);
2315  mode = convert_column_priv_string(priv_type_text);
2316 
2317  /* First check at table level, then examine each column if needed */
2318  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2319  if (aclresult != ACLCHECK_OK)
2320  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2321  ACLMASK_ANY);
2322 
2323  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2324 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4539
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4624
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2332 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

2333 {
2334  Name username = PG_GETARG_NAME(0);
2335  Oid tableoid = PG_GETARG_OID(1);
2336  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2337  Oid roleid;
2338  AclMode mode;
2339  AclResult aclresult;
2340 
2341  roleid = get_role_oid_or_public(NameStr(*username));
2342  mode = convert_column_priv_string(priv_type_text);
2343 
2344  if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
2345  PG_RETURN_NULL();
2346 
2347  /* First check at table level, then examine each column if needed */
2348  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2349  if (aclresult != ACLCHECK_OK)
2350  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2351  ACLMASK_ANY);
2352 
2353  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2354 }
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
nameData
Definition: c.h:570
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
username
static char * username
Definition: initdb.c:132
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4539
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4624
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2274 of file acl.c.

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2275 {
2276  Name rolename = PG_GETARG_NAME(0);
2277  text *tablename = PG_GETARG_TEXT_PP(1);
2278  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2279  Oid roleid;
2280  Oid tableoid;
2281  AclMode mode;
2282  AclResult aclresult;
2283 
2284  roleid = get_role_oid_or_public(NameStr(*rolename));
2285  tableoid = convert_table_name(tablename);
2286  mode = convert_column_priv_string(priv_type_text);
2287 
2288  /* First check at table level, then examine each column if needed */
2289  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2290  if (aclresult != ACLCHECK_OK)
2291  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2292  ACLMASK_ANY);
2293 
2294  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2295 }
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
pg_attribute_aclcheck_all
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:4539
pg_class_aclcheck
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4624
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2806 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), GetUserId(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2807 {
2808  Oid tableoid = PG_GETARG_OID(0);
2809  AttrNumber colattnum = PG_GETARG_INT16(1);
2810  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2811  Oid roleid;
2812  AclMode mode;
2813  int privresult;
2814 
2815  roleid = GetUserId();
2816  mode = convert_column_priv_string(priv_type_text);
2817 
2818  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2819  if (privresult < 0)
2820  PG_RETURN_NULL();
2821  PG_RETURN_BOOL(privresult);
2822 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:241
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2699 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2700 {
2701  Oid roleid = PG_GETARG_OID(0);
2702  Oid tableoid = PG_GETARG_OID(1);
2703  AttrNumber colattnum = PG_GETARG_INT16(2);
2704  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2705  AclMode mode;
2706  int privresult;
2707 
2708  mode = convert_column_priv_string(priv_type_text);
2709 
2710  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2711  if (privresult < 0)
2712  PG_RETURN_NULL();
2713  PG_RETURN_BOOL(privresult);
2714 }
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:241
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2674 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2675 {
2676  Oid roleid = PG_GETARG_OID(0);
2677  Oid tableoid = PG_GETARG_OID(1);
2678  text *column = PG_GETARG_TEXT_PP(2);
2679  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2680  AttrNumber colattnum;
2681  AclMode mode;
2682  int privresult;
2683 
2684  colattnum = convert_column_name(tableoid, column);
2685  mode = convert_column_priv_string(priv_type_text);
2686 
2687  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2688  if (privresult < 0)
2689  PG_RETURN_NULL();
2690  PG_RETURN_BOOL(privresult);
2691 }
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2833
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2779 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2780 {
2781  Oid tableoid = PG_GETARG_OID(0);
2782  text *column = PG_GETARG_TEXT_PP(1);
2783  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2784  Oid roleid;
2785  AttrNumber colattnum;
2786  AclMode mode;
2787  int privresult;
2788 
2789  roleid = GetUserId();
2790  colattnum = convert_column_name(tableoid, column);
2791  mode = convert_column_priv_string(priv_type_text);
2792 
2793  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2794  if (privresult < 0)
2795  PG_RETURN_NULL();
2796  PG_RETURN_BOOL(privresult);
2797 }
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2833
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2649 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2650 {
2651  Oid roleid = PG_GETARG_OID(0);
2652  text *tablename = PG_GETARG_TEXT_PP(1);
2653  AttrNumber colattnum = PG_GETARG_INT16(2);
2654  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2655  Oid tableoid;
2656  AclMode mode;
2657  int privresult;
2658 
2659  tableoid = convert_table_name(tablename);
2660  mode = convert_column_priv_string(priv_type_text);
2661 
2662  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2663  if (privresult < 0)
2664  PG_RETURN_NULL();
2665  PG_RETURN_BOOL(privresult);
2666 }
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:241
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2622 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2623 {
2624  Oid roleid = PG_GETARG_OID(0);
2625  text *tablename = PG_GETARG_TEXT_PP(1);
2626  text *column = PG_GETARG_TEXT_PP(2);
2627  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2628  Oid tableoid;
2629  AttrNumber colattnum;
2630  AclMode mode;
2631  int privresult;
2632 
2633  tableoid = convert_table_name(tablename);
2634  colattnum = convert_column_name(tableoid, column);
2635  mode = convert_column_priv_string(priv_type_text);
2636 
2637  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2638  if (privresult < 0)
2639  PG_RETURN_NULL();
2640  PG_RETURN_BOOL(privresult);
2641 }
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2833
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2752 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2753 {
2754  text *tablename = PG_GETARG_TEXT_PP(0);
2755  AttrNumber colattnum = PG_GETARG_INT16(1);
2756  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2757  Oid roleid;
2758  Oid tableoid;
2759  AclMode mode;
2760  int privresult;
2761 
2762  roleid = GetUserId();
2763  tableoid = convert_table_name(tablename);
2764  mode = convert_column_priv_string(priv_type_text);
2765 
2766  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2767  if (privresult < 0)
2768  PG_RETURN_NULL();
2769  PG_RETURN_BOOL(privresult);
2770 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:241
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2597 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2598 {
2599  Name username = PG_GETARG_NAME(0);
2600  Oid tableoid = PG_GETARG_OID(1);
2601  AttrNumber colattnum = PG_GETARG_INT16(2);
2602  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2603  Oid roleid;
2604  AclMode mode;
2605  int privresult;
2606 
2607  roleid = get_role_oid_or_public(NameStr(*username));
2608  mode = convert_column_priv_string(priv_type_text);
2609 
2610  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2611  if (privresult < 0)
2612  PG_RETURN_NULL();
2613  PG_RETURN_BOOL(privresult);
2614 }
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:241
username
static char * username
Definition: initdb.c:132
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2570 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

2571 {
2572  Name username = PG_GETARG_NAME(0);
2573  Oid tableoid = PG_GETARG_OID(1);
2574  text *column = PG_GETARG_TEXT_PP(2);
2575  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2576  Oid roleid;
2577  AttrNumber colattnum;
2578  AclMode mode;
2579  int privresult;
2580 
2581  roleid = get_role_oid_or_public(NameStr(*username));
2582  colattnum = convert_column_name(tableoid, column);
2583  mode = convert_column_priv_string(priv_type_text);
2584 
2585  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2586  if (privresult < 0)
2587  PG_RETURN_NULL();
2588  PG_RETURN_BOOL(privresult);
2589 }
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2833
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
username
static char * username
Definition: initdb.c:132
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2723 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2724 {
2725  text *tablename = PG_GETARG_TEXT_PP(0);
2726  text *column = PG_GETARG_TEXT_PP(1);
2727  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2728  Oid roleid;
2729  Oid tableoid;
2730  AttrNumber colattnum;
2731  AclMode mode;
2732  int privresult;
2733 
2734  roleid = GetUserId();
2735  tableoid = convert_table_name(tablename);
2736  colattnum = convert_column_name(tableoid, column);
2737  mode = convert_column_priv_string(priv_type_text);
2738 
2739  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2740  if (privresult < 0)
2741  PG_RETURN_NULL();
2742  PG_RETURN_BOOL(privresult);
2743 }
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2833
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2543 of file acl.c.

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2544 {
2545  Name rolename = PG_GETARG_NAME(0);
2546  text *tablename = PG_GETARG_TEXT_PP(1);
2547  AttrNumber colattnum = PG_GETARG_INT16(2);
2548  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2549  Oid roleid;
2550  Oid tableoid;
2551  AclMode mode;
2552  int privresult;
2553 
2554  roleid = get_role_oid_or_public(NameStr(*rolename));
2555  tableoid = convert_table_name(tablename);
2556  mode = convert_column_priv_string(priv_type_text);
2557 
2558  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2559  if (privresult < 0)
2560  PG_RETURN_NULL();
2561  PG_RETURN_BOOL(privresult);
2562 }
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
PG_GETARG_INT16
#define PG_GETARG_INT16(n)
Definition: fmgr.h:241
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2514 of file acl.c.

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

2515 {
2516  Name rolename = PG_GETARG_NAME(0);
2517  text *tablename = PG_GETARG_TEXT_PP(1);
2518  text *column = PG_GETARG_TEXT_PP(2);
2519  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2520  Oid roleid;
2521  Oid tableoid;
2522  AttrNumber colattnum;
2523  AclMode mode;
2524  int privresult;
2525 
2526  roleid = get_role_oid_or_public(NameStr(*rolename));
2527  tableoid = convert_table_name(tablename);
2528  colattnum = convert_column_name(tableoid, column);
2529  mode = convert_column_priv_string(priv_type_text);
2530 
2531  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2532  if (privresult < 0)
2533  PG_RETURN_NULL();
2534  PG_RETURN_BOOL(privresult);
2535 }
convert_column_name
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2833
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_table_name
static Oid convert_table_name(text *tablename)
Definition: acl.c:2003
column_privilege_check
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2462
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
convert_column_priv_string
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2854
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2965 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

2966 {
2967  Oid databaseoid = PG_GETARG_OID(0);
2968  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2969  Oid roleid;
2970  AclMode mode;
2971  AclResult aclresult;
2972 
2973  roleid = GetUserId();
2974  mode = convert_database_priv_string(priv_type_text);
2975 
2976  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
2977  PG_RETURN_NULL();
2978 
2979  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2980 
2981  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2982 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3051
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4636
varlena
Definition: c.h:516
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3013 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

3014 {
3015  Oid roleid = PG_GETARG_OID(0);
3016  Oid databaseoid = PG_GETARG_OID(1);
3017  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3018  AclMode mode;
3019  AclResult aclresult;
3020 
3021  mode = convert_database_priv_string(priv_type_text);
3022 
3023  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
3024  PG_RETURN_NULL();
3025 
3026  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3027 
3028  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3029 }
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3051
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4636
varlena
Definition: c.h:516
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2990 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), pg_database_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2991 {
2992  Oid roleid = PG_GETARG_OID(0);
2993  text *databasename = PG_GETARG_TEXT_PP(1);
2994  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2995  Oid databaseoid;
2996  AclMode mode;
2997  AclResult aclresult;
2998 
2999  databaseoid = convert_database_name(databasename);
3000  mode = convert_database_priv_string(priv_type_text);
3001 
3002  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
3003 
3004  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3005 }
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3039
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3051
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4636
varlena
Definition: c.h:516

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2914 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), pg_database_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

2915 {
2916  text *databasename = PG_GETARG_TEXT_PP(0);
2917  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2918  Oid roleid;
2919  Oid databaseoid;
2920  AclMode mode;
2921  AclResult aclresult;
2922 
2923  roleid = GetUserId();
2924  databaseoid = convert_database_name(databasename);
2925  mode = convert_database_priv_string(priv_type_text);
2926 
2927  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2928 
2929  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2930 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3039
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3051
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4636
varlena
Definition: c.h:516

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2938 of file acl.c.

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), NameStr, ObjectIdGetDatum, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

2939 {
2940  Name username = PG_GETARG_NAME(0);
2941  Oid databaseoid = PG_GETARG_OID(1);
2942  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2943  Oid roleid;
2944  AclMode mode;
2945  AclResult aclresult;
2946 
2947  roleid = get_role_oid_or_public(NameStr(*username));
2948  mode = convert_database_priv_string(priv_type_text);
2949 
2950  if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid)))
2951  PG_RETURN_NULL();
2952 
2953  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2954 
2955  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2956 }
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
nameData
Definition: c.h:570
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3051
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
username
static char * username
Definition: initdb.c:132
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4636
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2888 of file acl.c.

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), NameStr, pg_database_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

2889 {
2890  Name username = PG_GETARG_NAME(0);
2891  text *databasename = PG_GETARG_TEXT_PP(1);
2892  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2893  Oid roleid;
2894  Oid databaseoid;
2895  AclMode mode;
2896  AclResult aclresult;
2897 
2898  roleid = get_role_oid_or_public(NameStr(*username));
2899  databaseoid = convert_database_name(databasename);
2900  mode = convert_database_priv_string(priv_type_text);
2901 
2902  aclresult = pg_database_aclcheck(databaseoid, roleid, mode);
2903 
2904  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2905 }
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
convert_database_name
static Oid convert_database_name(text *databasename)
Definition: acl.c:3039
convert_database_priv_string
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3051
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
username
static char * username
Definition: initdb.c:132
pg_database_aclcheck
AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4636
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3160 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3161 {
3162  Oid fdwid = PG_GETARG_OID(0);
3163  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3164  Oid roleid;
3165  AclMode mode;
3166  AclResult aclresult;
3167 
3168  roleid = GetUserId();
3169  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3170 
3171  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3172 
3173  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3174 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4711
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3240
varlena
Definition: c.h:516

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3205 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3206 {
3207  Oid roleid = PG_GETARG_OID(0);
3208  Oid fdwid = PG_GETARG_OID(1);
3209  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3210  AclMode mode;
3211  AclResult aclresult;
3212 
3213  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3214 
3215  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3216 
3217  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3218 }
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4711
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3240
varlena
Definition: c.h:516

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3182 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3183 {
3184  Oid roleid = PG_GETARG_OID(0);
3185  text *fdwname = PG_GETARG_TEXT_PP(1);
3186  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3187  Oid fdwid;
3188  AclMode mode;
3189  AclResult aclresult;
3190 
3191  fdwid = convert_foreign_data_wrapper_name(fdwname);
3192  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3193 
3194  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3195 
3196  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3197 }
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4711
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3228
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3240
varlena
Definition: c.h:516

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3112 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), pg_foreign_data_wrapper_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

3113 {
3114  text *fdwname = PG_GETARG_TEXT_PP(0);
3115  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3116  Oid roleid;
3117  Oid fdwid;
3118  AclMode mode;
3119  AclResult aclresult;
3120 
3121  roleid = GetUserId();
3122  fdwid = convert_foreign_data_wrapper_name(fdwname);
3123  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3124 
3125  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3126 
3127  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3128 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4711
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3228
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3240
varlena
Definition: c.h:516

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3136 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3137 {
3138  Name username = PG_GETARG_NAME(0);
3139  Oid fdwid = PG_GETARG_OID(1);
3140  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3141  Oid roleid;
3142  AclMode mode;
3143  AclResult aclresult;
3144 
3145  roleid = get_role_oid_or_public(NameStr(*username));
3146  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3147 
3148  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3149 
3150  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3151 }
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4711
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
username
static char * username
Definition: initdb.c:132
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3240
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3086 of file acl.c.

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), NameStr, pg_foreign_data_wrapper_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

3087 {
3088  Name username = PG_GETARG_NAME(0);
3089  text *fdwname = PG_GETARG_TEXT_PP(1);
3090  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3091  Oid roleid;
3092  Oid fdwid;
3093  AclMode mode;
3094  AclResult aclresult;
3095 
3096  roleid = get_role_oid_or_public(NameStr(*username));
3097  fdwid = convert_foreign_data_wrapper_name(fdwname);
3098  mode = convert_foreign_data_wrapper_priv_string(priv_type_text);
3099 
3100  aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode);
3101 
3102  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3103 }
pg_foreign_data_wrapper_aclcheck
AclResult pg_foreign_data_wrapper_aclcheck(Oid fdw_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4711
convert_foreign_data_wrapper_name
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3228
get_role_oid_or_public
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5133
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
nameData
Definition: c.h:570
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
username
static char * username
Definition: initdb.c:132
convert_foreign_data_wrapper_priv_string
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3240
NameStr
#define NameStr(name)
Definition: c.h:576
varlena
Definition: c.h:516
PG_GETARG_NAME
#define PG_GETARG_NAME(n)
Definition: fmgr.h:248

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3345 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

3346 {
3347  Oid functionoid = PG_GETARG_OID(0);
3348  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3349  Oid roleid;
3350  AclMode mode;
3351  AclResult aclresult;
3352 
3353  roleid = GetUserId();
3354  mode = convert_function_priv_string(priv_type_text);
3355 
3356  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3357  PG_RETURN_NULL();
3358 
3359  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3360 
3361  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3362 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
convert_function_priv_string
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3440
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_proc_aclcheck
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4648
varlena
Definition: c.h:516
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_function_privilege_id_id()

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3393 of file acl.c.

References ACLCHECK_OK, convert_function_priv_string(), ObjectIdGetDatum, PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

3394 {
3395  Oid roleid = PG_GETARG_OID(0);
3396  Oid functionoid = PG_GETARG_OID(1);
3397  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3398  AclMode mode;
3399  AclResult aclresult;
3400 
3401  mode = convert_function_priv_string(priv_type_text);
3402 
3403  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3404  PG_RETURN_NULL();
3405 
3406  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3407 
3408  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3409 }
convert_function_priv_string
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3440
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
SearchSysCacheExists1
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:182
ObjectIdGetDatum
#define ObjectIdGetDatum(X)
Definition: postgres.h:490
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
pg_proc_aclcheck
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4648
varlena
Definition: c.h:516
PG_RETURN_NULL
#define PG_RETURN_NULL()
Definition: fmgr.h:310

◆ has_function_privilege_id_name()

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3370 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), PG_GETARG_OID, PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

3371 {
3372  Oid roleid = PG_GETARG_OID(0);
3373  text *functionname = PG_GETARG_TEXT_PP(1);
3374  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3375  Oid functionoid;
3376  AclMode mode;
3377  AclResult aclresult;
3378 
3379  functionoid = convert_function_name(functionname);
3380  mode = convert_function_priv_string(priv_type_text);
3381 
3382  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3383 
3384  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3385 }
convert_function_priv_string
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3440
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: parsenodes.h:72
PG_GETARG_OID
#define PG_GETARG_OID(n)
Definition: fmgr.h:245
AclResult
AclResult
Definition: acl.h:178
PG_RETURN_BOOL
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:324
convert_function_name
static Oid convert_function_name(text *functionname)
Definition: acl.c:3419
pg_proc_aclcheck
AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:4648
varlena
Definition: c.h:516

◆ has_function_privilege_name()

Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3294 of file acl.c.

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), PG_GETARG_TEXT_PP, pg_proc_aclcheck(), and PG_RETURN_BOOL.

3295 {
3296  text *functionname = PG_GETARG_TEXT_PP(0);
3297  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3298  Oid roleid;
3299  Oid functionoid;
3300  AclMode mode;
3301  AclResult aclresult;
3302 
3303  roleid = GetUserId();
3304  functionoid = convert_function_name(functionname);
3305  mode = convert_function_priv_string(priv_type_text);
3306 
3307  aclresult = pg_proc_aclcheck(functionoid, roleid, mode);
3308 
3309  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3310 }
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:379
convert_function_priv_string
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3440
Oid
unsigned int Oid
Definition: postgres_ext.h:31
PG_GETARG_TEXT_PP
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:278
AclMode
uint32 AclMode
Definition: <