PostgreSQL Source Code  git master
acl.c File Reference
#include "postgres.h"
#include <ctype.h>
#include "access/htup_details.h"
#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_class.h"
#include "catalog/pg_database.h"
#include "catalog/pg_foreign_data_wrapper.h"
#include "catalog/pg_foreign_server.h"
#include "catalog/pg_language.h"
#include "catalog/pg_namespace.h"
#include "catalog/pg_parameter_acl.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_tablespace.h"
#include "catalog/pg_type.h"
#include "commands/dbcommands.h"
#include "commands/proclang.h"
#include "commands/tablespace.h"
#include "common/hashfn.h"
#include "foreign/foreign.h"
#include "funcapi.h"
#include "lib/qunique.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/array.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/guc.h"
#include "utils/inval.h"
#include "utils/lsyscache.h"
#include "utils/memutils.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Include dependency graph for acl.c:

Go to the source code of this file.

Data Structures

struct  priv_map
 

Enumerations

enum  RoleRecurseType { ROLERECURSE_MEMBERS = 0 , ROLERECURSE_PRIVS = 1 , ROLERECURSE_SETROLE = 2 }
 

Functions

static const char * getid (const char *s, char *n, Node *escontext)
 
static void putid (char *p, const char *s)
 
static Aclallocacl (int n)
 
static void check_acl (const Acl *acl)
 
static const char * aclparse (const char *s, AclItem *aip, Node *escontext)
 
static bool aclitem_match (const AclItem *a1, const AclItem *a2)
 
static int aclitemComparator (const void *arg1, const void *arg2)
 
static void check_circularity (const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
 
static Aclrecursive_revoke (Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
 
static AclMode convert_any_priv_string (text *priv_type_text, const priv_map *privileges)
 
static Oid convert_table_name (text *tablename)
 
static AclMode convert_table_priv_string (text *priv_type_text)
 
static AclMode convert_sequence_priv_string (text *priv_type_text)
 
static AttrNumber convert_column_name (Oid tableoid, text *column)
 
static AclMode convert_column_priv_string (text *priv_type_text)
 
static Oid convert_database_name (text *databasename)
 
static AclMode convert_database_priv_string (text *priv_type_text)
 
static Oid convert_foreign_data_wrapper_name (text *fdwname)
 
static AclMode convert_foreign_data_wrapper_priv_string (text *priv_type_text)
 
static Oid convert_function_name (text *functionname)
 
static AclMode convert_function_priv_string (text *priv_type_text)
 
static Oid convert_language_name (text *languagename)
 
static AclMode convert_language_priv_string (text *priv_type_text)
 
static Oid convert_schema_name (text *schemaname)
 
static AclMode convert_schema_priv_string (text *priv_type_text)
 
static Oid convert_server_name (text *servername)
 
static AclMode convert_server_priv_string (text *priv_type_text)
 
static Oid convert_tablespace_name (text *tablespacename)
 
static AclMode convert_tablespace_priv_string (text *priv_type_text)
 
static Oid convert_type_name (text *typename)
 
static AclMode convert_type_priv_string (text *priv_type_text)
 
static AclMode convert_parameter_priv_string (text *priv_text)
 
static AclMode convert_role_priv_string (text *priv_type_text)
 
static AclResult pg_role_aclcheck (Oid role_oid, Oid roleid, AclMode mode)
 
static void RoleMembershipCacheCallback (Datum arg, int cacheid, uint32 hashvalue)
 
Aclmake_empty_acl (void)
 
Aclaclcopy (const Acl *orig_acl)
 
Aclaclconcat (const Acl *left_acl, const Acl *right_acl)
 
Aclaclmerge (const Acl *left_acl, const Acl *right_acl, Oid ownerId)
 
void aclitemsort (Acl *acl)
 
bool aclequal (const Acl *left_acl, const Acl *right_acl)
 
Datum aclitemin (PG_FUNCTION_ARGS)
 
Datum aclitemout (PG_FUNCTION_ARGS)
 
Datum aclitem_eq (PG_FUNCTION_ARGS)
 
Datum hash_aclitem (PG_FUNCTION_ARGS)
 
Datum hash_aclitem_extended (PG_FUNCTION_ARGS)
 
Aclacldefault (ObjectType objtype, Oid ownerId)
 
Datum acldefault_sql (PG_FUNCTION_ARGS)
 
Aclaclupdate (const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
 
Aclaclnewowner (const Acl *old_acl, Oid oldOwnerId, Oid newOwnerId)
 
AclMode aclmask (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
static AclMode aclmask_direct (const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
 
int aclmembers (const Acl *acl, Oid **roleids)
 
Datum aclinsert (PG_FUNCTION_ARGS)
 
Datum aclremove (PG_FUNCTION_ARGS)
 
Datum aclcontains (PG_FUNCTION_ARGS)
 
Datum makeaclitem (PG_FUNCTION_ARGS)
 
static const char * convert_aclright_to_string (int aclright)
 
Datum aclexplode (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_table_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_sequence_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_any_column_privilege_id_id (PG_FUNCTION_ARGS)
 
static int column_privilege_check (Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
 
Datum has_column_privilege_name_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_name_attnum (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_column_privilege_id_attnum (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_database_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_foreign_data_wrapper_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_function_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_language_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_schema_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_server_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_tablespace_privilege_id_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_name_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum has_type_privilege_id_id (PG_FUNCTION_ARGS)
 
static bool has_param_priv_byname (Oid roleid, const text *parameter, AclMode priv)
 
Datum has_parameter_privilege_name_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_name (PG_FUNCTION_ARGS)
 
Datum has_parameter_privilege_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_name_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_name (PG_FUNCTION_ARGS)
 
Datum pg_has_role_id_id (PG_FUNCTION_ARGS)
 
void initialize_acl (void)
 
static Listroles_is_member_of (Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
 
bool has_privs_of_role (Oid member, Oid role)
 
bool member_can_set_role (Oid member, Oid role)
 
void check_can_set_role (Oid member, Oid role)
 
bool is_member_of_role (Oid member, Oid role)
 
bool is_member_of_role_nosuper (Oid member, Oid role)
 
bool is_admin_of_role (Oid member, Oid role)
 
Oid select_best_admin (Oid member, Oid role)
 
static int count_one_bits (AclMode mask)
 
void select_best_grantor (Oid roleId, AclMode privileges, const Acl *acl, Oid ownerId, Oid *grantorId, AclMode *grantOptions)
 
Oid get_role_oid (const char *rolname, bool missing_ok)
 
Oid get_role_oid_or_public (const char *rolname)
 
Oid get_rolespec_oid (const RoleSpec *role, bool missing_ok)
 
HeapTuple get_rolespec_tuple (const RoleSpec *role)
 
char * get_rolespec_name (const RoleSpec *role)
 
void check_rolespec_name (const RoleSpec *role, const char *detail_msg)
 

Variables

static Oid cached_role [] = {InvalidOid, InvalidOid, InvalidOid}
 
static Listcached_roles [] = {NIL, NIL, NIL}
 
static uint32 cached_db_hash
 

Enumeration Type Documentation

◆ RoleRecurseType

Enumerator
ROLERECURSE_MEMBERS 
ROLERECURSE_PRIVS 
ROLERECURSE_SETROLE 

Definition at line 73 of file acl.c.

74 {
75  ROLERECURSE_MEMBERS = 0, /* recurse unconditionally */
76  ROLERECURSE_PRIVS = 1, /* recurse through inheritable grants */
77  ROLERECURSE_SETROLE = 2 /* recurse through grants with set_option */
78 };
@ ROLERECURSE_PRIVS
Definition: acl.c:76
@ ROLERECURSE_MEMBERS
Definition: acl.c:75
@ ROLERECURSE_SETROLE
Definition: acl.c:77

Function Documentation

◆ aclconcat()

Acl* aclconcat ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 454 of file acl.c.

455 {
456  Acl *result_acl;
457 
458  result_acl = allocacl(ACL_NUM(left_acl) + ACL_NUM(right_acl));
459 
460  memcpy(ACL_DAT(result_acl),
461  ACL_DAT(left_acl),
462  ACL_NUM(left_acl) * sizeof(AclItem));
463 
464  memcpy(ACL_DAT(result_acl) + ACL_NUM(left_acl),
465  ACL_DAT(right_acl),
466  ACL_NUM(right_acl) * sizeof(AclItem));
467 
468  return result_acl;
469 }
static Acl * allocacl(int n)
Definition: acl.c:403
#define ACL_DAT(ACL)
Definition: acl.h:109
#define ACL_NUM(ACL)
Definition: acl.h:108
Definition: acl.h:55

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by ExecGrant_Attribute().

◆ aclcontains()

Datum aclcontains ( PG_FUNCTION_ARGS  )

Definition at line 1583 of file acl.c.

1584 {
1585  Acl *acl = PG_GETARG_ACL_P(0);
1586  AclItem *aip = PG_GETARG_ACLITEM_P(1);
1587  AclItem *aidat;
1588  int i,
1589  num;
1590 
1591  check_acl(acl);
1592  num = ACL_NUM(acl);
1593  aidat = ACL_DAT(acl);
1594  for (i = 0; i < num; ++i)
1595  {
1596  if (aip->ai_grantee == aidat[i].ai_grantee &&
1597  aip->ai_grantor == aidat[i].ai_grantor &&
1598  (ACLITEM_GET_RIGHTS(*aip) & ACLITEM_GET_RIGHTS(aidat[i])) == ACLITEM_GET_RIGHTS(*aip))
1599  PG_RETURN_BOOL(true);
1600  }
1601  PG_RETURN_BOOL(false);
1602 }
static void check_acl(const Acl *acl)
Definition: acl.c:567
#define PG_GETARG_ACLITEM_P(n)
Definition: acl.h:117
#define PG_GETARG_ACL_P(n)
Definition: acl.h:122
#define ACLITEM_GET_RIGHTS(item)
Definition: acl.h:68
#define PG_RETURN_BOOL(x)
Definition: fmgr.h:359
int i
Definition: isn.c:73
Oid ai_grantee
Definition: acl.h:56
Oid ai_grantor
Definition: acl.h:57

References ACL_DAT, ACL_NUM, ACLITEM_GET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, PG_GETARG_ACL_P, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclcopy()

Acl* aclcopy ( const Acl orig_acl)

Definition at line 434 of file acl.c.

435 {
436  Acl *result_acl;
437 
438  result_acl = allocacl(ACL_NUM(orig_acl));
439 
440  memcpy(ACL_DAT(result_acl),
441  ACL_DAT(orig_acl),
442  ACL_NUM(orig_acl) * sizeof(AclItem));
443 
444  return result_acl;
445 }

References ACL_DAT, ACL_NUM, and allocacl().

Referenced by aclmerge(), ExecGrant_Relation(), and SetDefaultACL().

◆ acldefault()

Acl* acldefault ( ObjectType  objtype,
Oid  ownerId 
)

Definition at line 780 of file acl.c.

781 {
782  AclMode world_default;
783  AclMode owner_default;
784  int nacl;
785  Acl *acl;
786  AclItem *aip;
787 
788  switch (objtype)
789  {
790  case OBJECT_COLUMN:
791  /* by default, columns have no extra privileges */
792  world_default = ACL_NO_RIGHTS;
793  owner_default = ACL_NO_RIGHTS;
794  break;
795  case OBJECT_TABLE:
796  world_default = ACL_NO_RIGHTS;
797  owner_default = ACL_ALL_RIGHTS_RELATION;
798  break;
799  case OBJECT_SEQUENCE:
800  world_default = ACL_NO_RIGHTS;
801  owner_default = ACL_ALL_RIGHTS_SEQUENCE;
802  break;
803  case OBJECT_DATABASE:
804  /* for backwards compatibility, grant some rights by default */
805  world_default = ACL_CREATE_TEMP | ACL_CONNECT;
806  owner_default = ACL_ALL_RIGHTS_DATABASE;
807  break;
808  case OBJECT_FUNCTION:
809  /* Grant EXECUTE by default, for now */
810  world_default = ACL_EXECUTE;
811  owner_default = ACL_ALL_RIGHTS_FUNCTION;
812  break;
813  case OBJECT_LANGUAGE:
814  /* Grant USAGE by default, for now */
815  world_default = ACL_USAGE;
816  owner_default = ACL_ALL_RIGHTS_LANGUAGE;
817  break;
818  case OBJECT_LARGEOBJECT:
819  world_default = ACL_NO_RIGHTS;
820  owner_default = ACL_ALL_RIGHTS_LARGEOBJECT;
821  break;
822  case OBJECT_SCHEMA:
823  world_default = ACL_NO_RIGHTS;
824  owner_default = ACL_ALL_RIGHTS_SCHEMA;
825  break;
826  case OBJECT_TABLESPACE:
827  world_default = ACL_NO_RIGHTS;
828  owner_default = ACL_ALL_RIGHTS_TABLESPACE;
829  break;
830  case OBJECT_FDW:
831  world_default = ACL_NO_RIGHTS;
832  owner_default = ACL_ALL_RIGHTS_FDW;
833  break;
835  world_default = ACL_NO_RIGHTS;
836  owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER;
837  break;
838  case OBJECT_DOMAIN:
839  case OBJECT_TYPE:
840  world_default = ACL_USAGE;
841  owner_default = ACL_ALL_RIGHTS_TYPE;
842  break;
844  world_default = ACL_NO_RIGHTS;
845  owner_default = ACL_ALL_RIGHTS_PARAMETER_ACL;
846  break;
847  default:
848  elog(ERROR, "unrecognized object type: %d", (int) objtype);
849  world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
850  owner_default = ACL_NO_RIGHTS;
851  break;
852  }
853 
854  nacl = 0;
855  if (world_default != ACL_NO_RIGHTS)
856  nacl++;
857  if (owner_default != ACL_NO_RIGHTS)
858  nacl++;
859 
860  acl = allocacl(nacl);
861  aip = ACL_DAT(acl);
862 
863  if (world_default != ACL_NO_RIGHTS)
864  {
865  aip->ai_grantee = ACL_ID_PUBLIC;
866  aip->ai_grantor = ownerId;
867  ACLITEM_SET_PRIVS_GOPTIONS(*aip, world_default, ACL_NO_RIGHTS);
868  aip++;
869  }
870 
871  /*
872  * Note that the owner's entry shows all ordinary privileges but no grant
873  * options. This is because his grant options come "from the system" and
874  * not from his own efforts. (The SQL spec says that the owner's rights
875  * come from a "_SYSTEM" authid.) However, we do consider that the
876  * owner's ordinary privileges are self-granted; this lets him revoke
877  * them. We implement the owner's grant options without any explicit
878  * "_SYSTEM"-like ACL entry, by internally special-casing the owner
879  * wherever we are testing grant options.
880  */
881  if (owner_default != ACL_NO_RIGHTS)
882  {
883  aip->ai_grantee = ownerId;
884  aip->ai_grantor = ownerId;
885  ACLITEM_SET_PRIVS_GOPTIONS(*aip, owner_default, ACL_NO_RIGHTS);
886  }
887 
888  return acl;
889 }
#define ACL_ALL_RIGHTS_FOREIGN_SERVER
Definition: acl.h:164
#define ACL_ALL_RIGHTS_TABLESPACE
Definition: acl.h:170
#define ACL_ALL_RIGHTS_PARAMETER_ACL
Definition: acl.h:168
#define ACL_ALL_RIGHTS_SCHEMA
Definition: acl.h:169
#define ACL_ALL_RIGHTS_SEQUENCE
Definition: acl.h:161
#define ACL_ALL_RIGHTS_DATABASE
Definition: acl.h:162
#define ACL_ALL_RIGHTS_FUNCTION
Definition: acl.h:165
#define ACL_ALL_RIGHTS_LANGUAGE
Definition: acl.h:166
#define ACL_ALL_RIGHTS_TYPE
Definition: acl.h:171
#define ACL_ALL_RIGHTS_FDW
Definition: acl.h:163
#define ACLITEM_SET_PRIVS_GOPTIONS(item, privs, goptions)
Definition: acl.h:82
#define ACL_ALL_RIGHTS_RELATION
Definition: acl.h:160
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define ACL_ALL_RIGHTS_LARGEOBJECT
Definition: acl.h:167
#define ERROR
Definition: elog.h:39
#define ACL_CREATE_TEMP
Definition: parsenodes.h:93
uint64 AclMode
Definition: parsenodes.h:81
#define ACL_USAGE
Definition: parsenodes.h:91
#define ACL_NO_RIGHTS
Definition: parsenodes.h:99
@ OBJECT_FDW
Definition: parsenodes.h:1991
@ OBJECT_SCHEMA
Definition: parsenodes.h:2011
@ OBJECT_DOMAIN
Definition: parsenodes.h:1987
@ OBJECT_COLUMN
Definition: parsenodes.h:1981
@ OBJECT_TABLESPACE
Definition: parsenodes.h:2017
@ OBJECT_LARGEOBJECT
Definition: parsenodes.h:1997
@ OBJECT_DATABASE
Definition: parsenodes.h:1984
@ OBJECT_SEQUENCE
Definition: parsenodes.h:2012
@ OBJECT_LANGUAGE
Definition: parsenodes.h:1996
@ OBJECT_FOREIGN_SERVER
Definition: parsenodes.h:1992
@ OBJECT_TABLE
Definition: parsenodes.h:2016
@ OBJECT_PARAMETER_ACL
Definition: parsenodes.h:2002
@ OBJECT_TYPE
Definition: parsenodes.h:2024
@ OBJECT_FUNCTION
Definition: parsenodes.h:1994
#define ACL_CONNECT
Definition: parsenodes.h:94
#define ACL_EXECUTE
Definition: parsenodes.h:90

References ACL_ALL_RIGHTS_DATABASE, ACL_ALL_RIGHTS_FDW, ACL_ALL_RIGHTS_FOREIGN_SERVER, ACL_ALL_RIGHTS_FUNCTION, ACL_ALL_RIGHTS_LANGUAGE, ACL_ALL_RIGHTS_LARGEOBJECT, ACL_ALL_RIGHTS_PARAMETER_ACL, ACL_ALL_RIGHTS_RELATION, ACL_ALL_RIGHTS_SCHEMA, ACL_ALL_RIGHTS_SEQUENCE, ACL_ALL_RIGHTS_TABLESPACE, ACL_ALL_RIGHTS_TYPE, ACL_CONNECT, ACL_CREATE_TEMP, ACL_DAT, ACL_EXECUTE, ACL_ID_PUBLIC, ACL_NO_RIGHTS, ACL_USAGE, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), elog(), ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_DOMAIN, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, and OBJECT_TYPE.

Referenced by acldefault_sql(), buildDefaultACLCommands(), dumpACL(), dumpRoleGUCPrivs(), dumpTable(), dumpTablespaces(), ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), get_user_default_acl(), object_aclmask(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask(), and SetDefaultACL().

◆ acldefault_sql()

Datum acldefault_sql ( PG_FUNCTION_ARGS  )

Definition at line 897 of file acl.c.

898 {
899  char objtypec = PG_GETARG_CHAR(0);
900  Oid owner = PG_GETARG_OID(1);
901  ObjectType objtype = 0;
902 
903  switch (objtypec)
904  {
905  case 'c':
906  objtype = OBJECT_COLUMN;
907  break;
908  case 'r':
909  objtype = OBJECT_TABLE;
910  break;
911  case 's':
912  objtype = OBJECT_SEQUENCE;
913  break;
914  case 'd':
915  objtype = OBJECT_DATABASE;
916  break;
917  case 'f':
918  objtype = OBJECT_FUNCTION;
919  break;
920  case 'l':
921  objtype = OBJECT_LANGUAGE;
922  break;
923  case 'L':
924  objtype = OBJECT_LARGEOBJECT;
925  break;
926  case 'n':
927  objtype = OBJECT_SCHEMA;
928  break;
929  case 'p':
930  objtype = OBJECT_PARAMETER_ACL;
931  break;
932  case 't':
933  objtype = OBJECT_TABLESPACE;
934  break;
935  case 'F':
936  objtype = OBJECT_FDW;
937  break;
938  case 'S':
939  objtype = OBJECT_FOREIGN_SERVER;
940  break;
941  case 'T':
942  objtype = OBJECT_TYPE;
943  break;
944  default:
945  elog(ERROR, "unrecognized object type abbreviation: %c", objtypec);
946  }
947 
948  PG_RETURN_ACL_P(acldefault(objtype, owner));
949 }
Acl * acldefault(ObjectType objtype, Oid ownerId)
Definition: acl.c:780
#define PG_RETURN_ACL_P(x)
Definition: acl.h:124
#define PG_GETARG_OID(n)
Definition: fmgr.h:275
#define PG_GETARG_CHAR(n)
Definition: fmgr.h:273
ObjectType
Definition: parsenodes.h:1974
unsigned int Oid
Definition: postgres_ext.h:31

References acldefault(), elog(), ERROR, OBJECT_COLUMN, OBJECT_DATABASE, OBJECT_FDW, OBJECT_FOREIGN_SERVER, OBJECT_FUNCTION, OBJECT_LANGUAGE, OBJECT_LARGEOBJECT, OBJECT_PARAMETER_ACL, OBJECT_SCHEMA, OBJECT_SEQUENCE, OBJECT_TABLE, OBJECT_TABLESPACE, OBJECT_TYPE, PG_GETARG_CHAR, PG_GETARG_OID, and PG_RETURN_ACL_P.

◆ aclequal()

bool aclequal ( const Acl left_acl,
const Acl right_acl 
)

Definition at line 536 of file acl.c.

537 {
538  /* Check for cases where one or both are empty/null */
539  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
540  {
541  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
542  return true;
543  else
544  return false;
545  }
546  else
547  {
548  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
549  return false;
550  }
551 
552  if (ACL_NUM(left_acl) != ACL_NUM(right_acl))
553  return false;
554 
555  if (memcmp(ACL_DAT(left_acl),
556  ACL_DAT(right_acl),
557  ACL_NUM(left_acl) * sizeof(AclItem)) == 0)
558  return true;
559 
560  return false;
561 }

References ACL_DAT, and ACL_NUM.

Referenced by ExecGrant_Parameter(), get_user_default_acl(), and SetDefaultACL().

◆ aclexplode()

Datum aclexplode ( PG_FUNCTION_ARGS  )

Definition at line 1762 of file acl.c.

1763 {
1764  Acl *acl = PG_GETARG_ACL_P(0);
1765  FuncCallContext *funcctx;
1766  int *idx;
1767  AclItem *aidat;
1768 
1769  if (SRF_IS_FIRSTCALL())
1770  {
1771  TupleDesc tupdesc;
1772  MemoryContext oldcontext;
1773 
1774  check_acl(acl);
1775 
1776  funcctx = SRF_FIRSTCALL_INIT();
1777  oldcontext = MemoryContextSwitchTo(funcctx->multi_call_memory_ctx);
1778 
1779  /*
1780  * build tupdesc for result tuples (matches out parameters in pg_proc
1781  * entry)
1782  */
1783  tupdesc = CreateTemplateTupleDesc(4);
1784  TupleDescInitEntry(tupdesc, (AttrNumber) 1, "grantor",
1785  OIDOID, -1, 0);
1786  TupleDescInitEntry(tupdesc, (AttrNumber) 2, "grantee",
1787  OIDOID, -1, 0);
1788  TupleDescInitEntry(tupdesc, (AttrNumber) 3, "privilege_type",
1789  TEXTOID, -1, 0);
1790  TupleDescInitEntry(tupdesc, (AttrNumber) 4, "is_grantable",
1791  BOOLOID, -1, 0);
1792 
1793  funcctx->tuple_desc = BlessTupleDesc(tupdesc);
1794 
1795  /* allocate memory for user context */
1796  idx = (int *) palloc(sizeof(int[2]));
1797  idx[0] = 0; /* ACL array item index */
1798  idx[1] = -1; /* privilege type counter */
1799  funcctx->user_fctx = (void *) idx;
1800 
1801  MemoryContextSwitchTo(oldcontext);
1802  }
1803 
1804  funcctx = SRF_PERCALL_SETUP();
1805  idx = (int *) funcctx->user_fctx;
1806  aidat = ACL_DAT(acl);
1807 
1808  /* need test here in case acl has no items */
1809  while (idx[0] < ACL_NUM(acl))
1810  {
1811  AclItem *aidata;
1812  AclMode priv_bit;
1813 
1814  idx[1]++;
1815  if (idx[1] == N_ACL_RIGHTS)
1816  {
1817  idx[1] = 0;
1818  idx[0]++;
1819  if (idx[0] >= ACL_NUM(acl)) /* done */
1820  break;
1821  }
1822  aidata = &aidat[idx[0]];
1823  priv_bit = UINT64CONST(1) << idx[1];
1824 
1825  if (ACLITEM_GET_PRIVS(*aidata) & priv_bit)
1826  {
1827  Datum result;
1828  Datum values[4];
1829  bool nulls[4] = {0};
1830  HeapTuple tuple;
1831 
1832  values[0] = ObjectIdGetDatum(aidata->ai_grantor);
1833  values[1] = ObjectIdGetDatum(aidata->ai_grantee);
1835  values[3] = BoolGetDatum((ACLITEM_GET_GOPTIONS(*aidata) & priv_bit) != 0);
1836 
1837  tuple = heap_form_tuple(funcctx->tuple_desc, values, nulls);
1838  result = HeapTupleGetDatum(tuple);
1839 
1840  SRF_RETURN_NEXT(funcctx, result);
1841  }
1842  }
1843 
1844  SRF_RETURN_DONE(funcctx);
1845 }
Datum idx(PG_FUNCTION_ARGS)
Definition: _int_op.c:259
static const char * convert_aclright_to_string(int aclright)
Definition: acl.c:1706
#define ACLITEM_GET_PRIVS(item)
Definition: acl.h:66
#define ACLITEM_GET_GOPTIONS(item)
Definition: acl.h:67
int16 AttrNumber
Definition: attnum.h:21
static Datum values[MAXATTR]
Definition: bootstrap.c:156
#define CStringGetTextDatum(s)
Definition: builtins.h:94
TupleDesc BlessTupleDesc(TupleDesc tupdesc)
Definition: execTuples.c:2071
#define SRF_IS_FIRSTCALL()
Definition: funcapi.h:303
#define SRF_PERCALL_SETUP()
Definition: funcapi.h:307
#define SRF_RETURN_NEXT(_funcctx, _result)
Definition: funcapi.h:309
#define SRF_FIRSTCALL_INIT()
Definition: funcapi.h:305
static Datum HeapTupleGetDatum(const HeapTupleData *tuple)
Definition: funcapi.h:230
#define SRF_RETURN_DONE(_funcctx)
Definition: funcapi.h:327
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, Datum *values, bool *isnull)
Definition: heaptuple.c:1020
void * palloc(Size size)
Definition: mcxt.c:1210
static MemoryContext MemoryContextSwitchTo(MemoryContext context)
Definition: palloc.h:138
#define N_ACL_RIGHTS
Definition: parsenodes.h:98
uintptr_t Datum
Definition: postgres.h:64
static Datum BoolGetDatum(bool X)
Definition: postgres.h:102
static Datum ObjectIdGetDatum(Oid X)
Definition: postgres.h:252
void * user_fctx
Definition: funcapi.h:82
MemoryContext multi_call_memory_ctx
Definition: funcapi.h:101
TupleDesc tuple_desc
Definition: funcapi.h:112
TupleDesc CreateTemplateTupleDesc(int natts)
Definition: tupdesc.c:45
void TupleDescInitEntry(TupleDesc desc, AttrNumber attributeNumber, const char *attributeName, Oid oidtypeid, int32 typmod, int attdim)
Definition: tupdesc.c:583

References ACL_DAT, ACL_NUM, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, BlessTupleDesc(), BoolGetDatum(), check_acl(), convert_aclright_to_string(), CreateTemplateTupleDesc(), CStringGetTextDatum, heap_form_tuple(), HeapTupleGetDatum(), idx(), MemoryContextSwitchTo(), FuncCallContext::multi_call_memory_ctx, N_ACL_RIGHTS, ObjectIdGetDatum(), palloc(), PG_GETARG_ACL_P, SRF_FIRSTCALL_INIT, SRF_IS_FIRSTCALL, SRF_PERCALL_SETUP, SRF_RETURN_DONE, SRF_RETURN_NEXT, FuncCallContext::tuple_desc, TupleDescInitEntry(), FuncCallContext::user_fctx, and values.

◆ aclinsert()

Datum aclinsert ( PG_FUNCTION_ARGS  )

Definition at line 1563 of file acl.c.

1564 {
1565  ereport(ERROR,
1566  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1567  errmsg("aclinsert is no longer supported")));
1568 
1569  PG_RETURN_NULL(); /* keep compiler quiet */
1570 }
int errcode(int sqlerrcode)
Definition: elog.c:858
int errmsg(const char *fmt,...)
Definition: elog.c:1069
#define ereport(elevel,...)
Definition: elog.h:149
#define PG_RETURN_NULL()
Definition: fmgr.h:345

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclitem_eq()

Datum aclitem_eq ( PG_FUNCTION_ARGS  )

Definition at line 725 of file acl.c.

726 {
729  bool result;
730 
731  result = a1->ai_privs == a2->ai_privs &&
732  a1->ai_grantee == a2->ai_grantee &&
733  a1->ai_grantor == a2->ai_grantor;
734  PG_RETURN_BOOL(result);
735 }
static const FormData_pg_attribute a1
Definition: heap.c:141
static const FormData_pg_attribute a2
Definition: heap.c:155

References a1, a2, PG_GETARG_ACLITEM_P, and PG_RETURN_BOOL.

◆ aclitem_match()

static bool aclitem_match ( const AclItem a1,
const AclItem a2 
)
static

Definition at line 690 of file acl.c.

691 {
692  return a1->ai_grantee == a2->ai_grantee &&
693  a1->ai_grantor == a2->ai_grantor;
694 }

References a1, and a2.

Referenced by aclnewowner(), and aclupdate().

◆ aclitemComparator()

static int aclitemComparator ( const void *  arg1,
const void *  arg2 
)
static

Definition at line 701 of file acl.c.

702 {
703  const AclItem *a1 = (const AclItem *) arg1;
704  const AclItem *a2 = (const AclItem *) arg2;
705 
706  if (a1->ai_grantee > a2->ai_grantee)
707  return 1;
708  if (a1->ai_grantee < a2->ai_grantee)
709  return -1;
710  if (a1->ai_grantor > a2->ai_grantor)
711  return 1;
712  if (a1->ai_grantor < a2->ai_grantor)
713  return -1;
714  if (a1->ai_privs > a2->ai_privs)
715  return 1;
716  if (a1->ai_privs < a2->ai_privs)
717  return -1;
718  return 0;
719 }

References a1, and a2.

Referenced by aclitemsort().

◆ aclitemin()

Datum aclitemin ( PG_FUNCTION_ARGS  )

Definition at line 592 of file acl.c.

593 {
594  const char *s = PG_GETARG_CSTRING(0);
595  Node *escontext = fcinfo->context;
596  AclItem *aip;
597 
598  aip = (AclItem *) palloc(sizeof(AclItem));
599 
600  s = aclparse(s, aip, escontext);
601  if (s == NULL)
602  PG_RETURN_NULL();
603 
604  while (isspace((unsigned char) *s))
605  ++s;
606  if (*s)
607  ereturn(escontext, (Datum) 0,
608  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
609  errmsg("extra garbage at the end of the ACL specification")));
610 
611  PG_RETURN_ACLITEM_P(aip);
612 }
static const char * aclparse(const char *s, AclItem *aip, Node *escontext)
Definition: acl.c:247
#define PG_RETURN_ACLITEM_P(x)
Definition: acl.h:118
#define ereturn(context, dummy_value,...)
Definition: elog.h:276
#define PG_GETARG_CSTRING(n)
Definition: fmgr.h:277
Definition: nodes.h:129

References aclparse(), ereturn, errcode(), errmsg(), palloc(), PG_GETARG_CSTRING, PG_RETURN_ACLITEM_P, and PG_RETURN_NULL.

◆ aclitemout()

Datum aclitemout ( PG_FUNCTION_ARGS  )

Definition at line 623 of file acl.c.

624 {
625  AclItem *aip = PG_GETARG_ACLITEM_P(0);
626  char *p;
627  char *out;
628  HeapTuple htup;
629  unsigned i;
630 
631  out = palloc(strlen("=/") +
632  2 * N_ACL_RIGHTS +
633  2 * (2 * NAMEDATALEN + 2) +
634  1);
635 
636  p = out;
637  *p = '\0';
638 
639  if (aip->ai_grantee != ACL_ID_PUBLIC)
640  {
642  if (HeapTupleIsValid(htup))
643  {
644  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
645  ReleaseSysCache(htup);
646  }
647  else
648  {
649  /* Generate numeric OID if we don't find an entry */
650  sprintf(p, "%u", aip->ai_grantee);
651  }
652  }
653  while (*p)
654  ++p;
655 
656  *p++ = '=';
657 
658  for (i = 0; i < N_ACL_RIGHTS; ++i)
659  {
660  if (ACLITEM_GET_PRIVS(*aip) & (UINT64CONST(1) << i))
661  *p++ = ACL_ALL_RIGHTS_STR[i];
662  if (ACLITEM_GET_GOPTIONS(*aip) & (UINT64CONST(1) << i))
663  *p++ = '*';
664  }
665 
666  *p++ = '/';
667  *p = '\0';
668 
670  if (HeapTupleIsValid(htup))
671  {
672  putid(p, NameStr(((Form_pg_authid) GETSTRUCT(htup))->rolname));
673  ReleaseSysCache(htup);
674  }
675  else
676  {
677  /* Generate numeric OID if we don't find an entry */
678  sprintf(p, "%u", aip->ai_grantor);
679  }
680 
681  PG_RETURN_CSTRING(out);
682 }
static void putid(char *p, const char *s)
Definition: acl.c:195
#define ACL_ALL_RIGHTS_STR
Definition: acl.h:154
#define NameStr(name)
Definition: c.h:730
#define PG_RETURN_CSTRING(x)
Definition: fmgr.h:362
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
#define GETSTRUCT(TUP)
Definition: htup_details.h:653
NameData rolname
Definition: pg_authid.h:34
FormData_pg_authid * Form_pg_authid
Definition: pg_authid.h:56
#define NAMEDATALEN
#define sprintf
Definition: port.h:240
void ReleaseSysCache(HeapTuple tuple)
Definition: syscache.c:865
HeapTuple SearchSysCache1(int cacheId, Datum key1)
Definition: syscache.c:817
@ AUTHOID
Definition: syscache.h:45

References ACL_ALL_RIGHTS_STR, ACL_ID_PUBLIC, ACLITEM_GET_GOPTIONS, ACLITEM_GET_PRIVS, AclItem::ai_grantee, AclItem::ai_grantor, AUTHOID, GETSTRUCT, HeapTupleIsValid, i, N_ACL_RIGHTS, NAMEDATALEN, NameStr, ObjectIdGetDatum(), palloc(), PG_GETARG_ACLITEM_P, PG_RETURN_CSTRING, putid(), ReleaseSysCache(), rolname, SearchSysCache1(), and sprintf.

◆ aclitemsort()

void aclitemsort ( Acl acl)

Definition at line 522 of file acl.c.

523 {
524  if (acl != NULL && ACL_NUM(acl) > 1)
525  qsort(ACL_DAT(acl), ACL_NUM(acl), sizeof(AclItem), aclitemComparator);
526 }
static int aclitemComparator(const void *arg1, const void *arg2)
Definition: acl.c:701
#define qsort(a, b, c, d)
Definition: port.h:445

References ACL_DAT, ACL_NUM, aclitemComparator(), and qsort.

Referenced by get_user_default_acl(), and SetDefaultACL().

◆ aclmask()

AclMode aclmask ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)

Definition at line 1359 of file acl.c.

1361 {
1362  AclMode result;
1364  AclItem *aidat;
1365  int i,
1366  num;
1367 
1368  /*
1369  * Null ACL should not happen, since caller should have inserted
1370  * appropriate default
1371  */
1372  if (acl == NULL)
1373  elog(ERROR, "null ACL");
1374 
1375  check_acl(acl);
1376 
1377  /* Quick exit for mask == 0 */
1378  if (mask == 0)
1379  return 0;
1380 
1381  result = 0;
1382 
1383  /* Owner always implicitly has all grant options */
1384  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1385  has_privs_of_role(roleid, ownerId))
1386  {
1387  result = mask & ACLITEM_ALL_GOPTION_BITS;
1388  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1389  return result;
1390  }
1391 
1392  num = ACL_NUM(acl);
1393  aidat = ACL_DAT(acl);
1394 
1395  /*
1396  * Check privileges granted directly to roleid or to public
1397  */
1398  for (i = 0; i < num; i++)
1399  {
1400  AclItem *aidata = &aidat[i];
1401 
1402  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1403  aidata->ai_grantee == roleid)
1404  {
1405  result |= aidata->ai_privs & mask;
1406  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1407  return result;
1408  }
1409  }
1410 
1411  /*
1412  * Check privileges granted indirectly via role memberships. We do this in
1413  * a separate pass to minimize expensive indirect membership tests. In
1414  * particular, it's worth testing whether a given ACL entry grants any
1415  * privileges still of interest before we perform the has_privs_of_role
1416  * test.
1417  */
1418  remaining = mask & ~result;
1419  for (i = 0; i < num; i++)
1420  {
1421  AclItem *aidata = &aidat[i];
1422 
1423  if (aidata->ai_grantee == ACL_ID_PUBLIC ||
1424  aidata->ai_grantee == roleid)
1425  continue; /* already checked it */
1426 
1427  if ((aidata->ai_privs & remaining) &&
1428  has_privs_of_role(roleid, aidata->ai_grantee))
1429  {
1430  result |= aidata->ai_privs & mask;
1431  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1432  return result;
1433  remaining = mask & ~result;
1434  }
1435  }
1436 
1437  return result;
1438 }
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:4969
#define ACLITEM_ALL_GOPTION_BITS
Definition: acl.h:88
@ ACLMASK_ALL
Definition: acl.h:176
int remaining
Definition: informix.c:667
AclMode ai_privs
Definition: acl.h:58

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog(), ERROR, has_privs_of_role(), i, and remaining.

Referenced by check_circularity(), LockTableAclCheck(), object_aclmask(), pg_attribute_aclmask_ext(), pg_class_aclmask_ext(), pg_largeobject_aclmask_snapshot(), pg_namespace_aclmask(), pg_parameter_acl_aclmask(), pg_parameter_aclmask(), pg_type_aclmask(), and recursive_revoke().

◆ aclmask_direct()

static AclMode aclmask_direct ( const Acl acl,
Oid  roleid,
Oid  ownerId,
AclMode  mask,
AclMaskHow  how 
)
static

Definition at line 1448 of file acl.c.

1450 {
1451  AclMode result;
1452  AclItem *aidat;
1453  int i,
1454  num;
1455 
1456  /*
1457  * Null ACL should not happen, since caller should have inserted
1458  * appropriate default
1459  */
1460  if (acl == NULL)
1461  elog(ERROR, "null ACL");
1462 
1463  check_acl(acl);
1464 
1465  /* Quick exit for mask == 0 */
1466  if (mask == 0)
1467  return 0;
1468 
1469  result = 0;
1470 
1471  /* Owner always implicitly has all grant options */
1472  if ((mask & ACLITEM_ALL_GOPTION_BITS) &&
1473  roleid == ownerId)
1474  {
1475  result = mask & ACLITEM_ALL_GOPTION_BITS;
1476  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1477  return result;
1478  }
1479 
1480  num = ACL_NUM(acl);
1481  aidat = ACL_DAT(acl);
1482 
1483  /*
1484  * Check privileges granted directly to roleid (and not to public)
1485  */
1486  for (i = 0; i < num; i++)
1487  {
1488  AclItem *aidata = &aidat[i];
1489 
1490  if (aidata->ai_grantee == roleid)
1491  {
1492  result |= aidata->ai_privs & mask;
1493  if ((how == ACLMASK_ALL) ? (result == mask) : (result != 0))
1494  return result;
1495  }
1496  }
1497 
1498  return result;
1499 }

References ACL_DAT, ACL_NUM, ACLITEM_ALL_GOPTION_BITS, ACLMASK_ALL, AclItem::ai_grantee, AclItem::ai_privs, check_acl(), elog(), ERROR, and i.

Referenced by select_best_grantor().

◆ aclmembers()

int aclmembers ( const Acl acl,
Oid **  roleids 
)

Definition at line 1511 of file acl.c.

1512 {
1513  Oid *list;
1514  const AclItem *acldat;
1515  int i,
1516  j;
1517 
1518  if (acl == NULL || ACL_NUM(acl) == 0)
1519  {
1520  *roleids = NULL;
1521  return 0;
1522  }
1523 
1524  check_acl(acl);
1525 
1526  /* Allocate the worst-case space requirement */
1527  list = palloc(ACL_NUM(acl) * 2 * sizeof(Oid));
1528  acldat = ACL_DAT(acl);
1529 
1530  /*
1531  * Walk the ACL collecting mentioned RoleIds.
1532  */
1533  j = 0;
1534  for (i = 0; i < ACL_NUM(acl); i++)
1535  {
1536  const AclItem *ai = &acldat[i];
1537 
1538  if (ai->ai_grantee != ACL_ID_PUBLIC)
1539  list[j++] = ai->ai_grantee;
1540  /* grantor is currently never PUBLIC, but let's check anyway */
1541  if (ai->ai_grantor != ACL_ID_PUBLIC)
1542  list[j++] = ai->ai_grantor;
1543  }
1544 
1545  /* Sort the array */
1546  qsort(list, j, sizeof(Oid), oid_cmp);
1547 
1548  /*
1549  * We could repalloc the array down to minimum size, but it's hardly worth
1550  * it since it's only transient memory.
1551  */
1552  *roleids = list;
1553 
1554  /* Remove duplicates from the array */
1555  return qunique(list, j, sizeof(Oid), oid_cmp);
1556 }
int j
Definition: isn.c:74
int oid_cmp(const void *p1, const void *p2)
Definition: oid.c:257
static size_t qunique(void *array, size_t elements, size_t width, int(*compare)(const void *, const void *))
Definition: qunique.h:21

References ACL_DAT, ACL_ID_PUBLIC, ACL_NUM, AclItem::ai_grantee, AclItem::ai_grantor, check_acl(), i, j, sort-test::list, oid_cmp(), palloc(), qsort, and qunique().

Referenced by ExecGrant_Attribute(), ExecGrant_common(), ExecGrant_Largeobject(), ExecGrant_Parameter(), ExecGrant_Relation(), recordDependencyOnNewAcl(), and SetDefaultACL().

◆ aclmerge()

Acl* aclmerge ( const Acl left_acl,
const Acl right_acl,
Oid  ownerId 
)

Definition at line 478 of file acl.c.

479 {
480  Acl *result_acl;
481  AclItem *aip;
482  int i,
483  num;
484 
485  /* Check for cases where one or both are empty/null */
486  if (left_acl == NULL || ACL_NUM(left_acl) == 0)
487  {
488  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
489  return NULL;
490  else
491  return aclcopy(right_acl);
492  }
493  else
494  {
495  if (right_acl == NULL || ACL_NUM(right_acl) == 0)
496  return aclcopy(left_acl);
497  }
498 
499  /* Merge them the hard way, one item at a time */
500  result_acl = aclcopy(left_acl);
501 
502  aip = ACL_DAT(right_acl);
503  num = ACL_NUM(right_acl);
504 
505  for (i = 0; i < num; i++, aip++)
506  {
507  Acl *tmp_acl;
508 
509  tmp_acl = aclupdate(result_acl, aip, ACL_MODECHG_ADD,
510  ownerId, DROP_RESTRICT);
511  pfree(result_acl);
512  result_acl = tmp_acl;
513  }
514 
515  return result_acl;
516 }
Acl * aclupdate(const Acl *old_acl, const AclItem *mod_aip, int modechg, Oid ownerId, DropBehavior behavior)
Definition: acl.c:969
Acl * aclcopy(const Acl *orig_acl)
Definition: acl.c:434
#define ACL_MODECHG_ADD
Definition: acl.h:129
void pfree(void *pointer)
Definition: mcxt.c:1436
@ DROP_RESTRICT
Definition: parsenodes.h:2048

References ACL_DAT, ACL_MODECHG_ADD, ACL_NUM, aclcopy(), aclupdate(), DROP_RESTRICT, i, and pfree().

Referenced by get_user_default_acl().

◆ aclnewowner()

Acl* aclnewowner ( const Acl old_acl,
Oid  oldOwnerId,
Oid  newOwnerId 
)

Definition at line 1090 of file acl.c.

1091 {
1092  Acl *new_acl;
1093  AclItem *new_aip;
1094  AclItem *old_aip;
1095  AclItem *dst_aip;
1096  AclItem *src_aip;
1097  AclItem *targ_aip;
1098  bool newpresent = false;
1099  int dst,
1100  src,
1101  targ,
1102  num;
1103 
1104  check_acl(old_acl);
1105 
1106  /*
1107  * Make a copy of the given ACL, substituting new owner ID for old
1108  * wherever it appears as either grantor or grantee. Also note if the new
1109  * owner ID is already present.
1110  */
1111  num = ACL_NUM(old_acl);
1112  old_aip = ACL_DAT(old_acl);
1113  new_acl = allocacl(num);
1114  new_aip = ACL_DAT(new_acl);
1115  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1116  for (dst = 0, dst_aip = new_aip; dst < num; dst++, dst_aip++)
1117  {
1118  if (dst_aip->ai_grantor == oldOwnerId)
1119  dst_aip->ai_grantor = newOwnerId;
1120  else if (dst_aip->ai_grantor == newOwnerId)
1121  newpresent = true;
1122  if (dst_aip->ai_grantee == oldOwnerId)
1123  dst_aip->ai_grantee = newOwnerId;
1124  else if (dst_aip->ai_grantee == newOwnerId)
1125  newpresent = true;
1126  }
1127 
1128  /*
1129  * If the old ACL contained any references to the new owner, then we may
1130  * now have generated an ACL containing duplicate entries. Find them and
1131  * merge them so that there are not duplicates. (This is relatively
1132  * expensive since we use a stupid O(N^2) algorithm, but it's unlikely to
1133  * be the normal case.)
1134  *
1135  * To simplify deletion of duplicate entries, we temporarily leave them in
1136  * the array but set their privilege masks to zero; when we reach such an
1137  * entry it's just skipped. (Thus, a side effect of this code will be to
1138  * remove privilege-free entries, should there be any in the input.) dst
1139  * is the next output slot, targ is the currently considered input slot
1140  * (always >= dst), and src scans entries to the right of targ looking for
1141  * duplicates. Once an entry has been emitted to dst it is known
1142  * duplicate-free and need not be considered anymore.
1143  */
1144  if (newpresent)
1145  {
1146  dst = 0;
1147  for (targ = 0, targ_aip = new_aip; targ < num; targ++, targ_aip++)
1148  {
1149  /* ignore if deleted in an earlier pass */
1150  if (ACLITEM_GET_RIGHTS(*targ_aip) == ACL_NO_RIGHTS)
1151  continue;
1152  /* find and merge any duplicates */
1153  for (src = targ + 1, src_aip = targ_aip + 1; src < num;
1154  src++, src_aip++)
1155  {
1156  if (ACLITEM_GET_RIGHTS(*src_aip) == ACL_NO_RIGHTS)
1157  continue;
1158  if (aclitem_match(targ_aip, src_aip))
1159  {
1160  ACLITEM_SET_RIGHTS(*targ_aip,
1161  ACLITEM_GET_RIGHTS(*targ_aip) |
1162  ACLITEM_GET_RIGHTS(*src_aip));
1163  /* mark the duplicate deleted */
1164  ACLITEM_SET_RIGHTS(*src_aip, ACL_NO_RIGHTS);
1165  }
1166  }
1167  /* and emit to output */
1168  new_aip[dst] = *targ_aip;
1169  dst++;
1170  }
1171  /* Adjust array size to be 'dst' items */
1172  ARR_DIMS(new_acl)[0] = dst;
1173  SET_VARSIZE(new_acl, ACL_N_SIZE(dst));
1174  }
1175 
1176  return new_acl;
1177 }
static bool aclitem_match(const AclItem *a1, const AclItem *a2)
Definition: acl.c:690
#define ACL_N_SIZE(N)
Definition: acl.h:110
#define ACLITEM_SET_RIGHTS(item, rights)
Definition: acl.h:79
#define ARR_DIMS(a)
Definition: array.h:287
#define SET_VARSIZE(PTR, len)
Definition: varatt.h:305

References ACL_DAT, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, check_acl(), and SET_VARSIZE.

Referenced by AlterDatabaseOwner(), AlterForeignDataWrapperOwner_internal(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwnerInternal(), ATExecChangeOwner(), and change_owner_fix_column_acls().

◆ aclparse()

static const char * aclparse ( const char *  s,
AclItem aip,
Node escontext 
)
static

Definition at line 247 of file acl.c.

248 {
249  AclMode privs,
250  goption,
251  read;
252  char name[NAMEDATALEN];
253  char name2[NAMEDATALEN];
254 
255  Assert(s && aip);
256 
257  s = getid(s, name, escontext);
258  if (s == NULL)
259  return NULL;
260  if (*s != '=')
261  {
262  /* we just read a keyword, not a name */
263  if (strcmp(name, "group") != 0 && strcmp(name, "user") != 0)
264  ereturn(escontext, NULL,
265  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
266  errmsg("unrecognized key word: \"%s\"", name),
267  errhint("ACL key word must be \"group\" or \"user\".")));
268  /* move s to the name beyond the keyword */
269  s = getid(s, name, escontext);
270  if (s == NULL)
271  return NULL;
272  if (name[0] == '\0')
273  ereturn(escontext, NULL,
274  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
275  errmsg("missing name"),
276  errhint("A name must follow the \"group\" or \"user\" key word.")));
277  }
278 
279  if (*s != '=')
280  ereturn(escontext, NULL,
281  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
282  errmsg("missing \"=\" sign")));
283 
284  privs = goption = ACL_NO_RIGHTS;
285 
286  for (++s, read = 0; isalpha((unsigned char) *s) || *s == '*'; s++)
287  {
288  switch (*s)
289  {
290  case '*':
291  goption |= read;
292  break;
293  case ACL_INSERT_CHR:
294  read = ACL_INSERT;
295  break;
296  case ACL_SELECT_CHR:
297  read = ACL_SELECT;
298  break;
299  case ACL_UPDATE_CHR:
300  read = ACL_UPDATE;
301  break;
302  case ACL_DELETE_CHR:
303  read = ACL_DELETE;
304  break;
305  case ACL_TRUNCATE_CHR:
306  read = ACL_TRUNCATE;
307  break;
308  case ACL_REFERENCES_CHR:
310  break;
311  case ACL_TRIGGER_CHR:
312  read = ACL_TRIGGER;
313  break;
314  case ACL_EXECUTE_CHR:
315  read = ACL_EXECUTE;
316  break;
317  case ACL_USAGE_CHR:
318  read = ACL_USAGE;
319  break;
320  case ACL_CREATE_CHR:
321  read = ACL_CREATE;
322  break;
323  case ACL_CREATE_TEMP_CHR:
325  break;
326  case ACL_CONNECT_CHR:
327  read = ACL_CONNECT;
328  break;
329  case ACL_SET_CHR:
330  read = ACL_SET;
331  break;
334  break;
335  case ACL_MAINTAIN_CHR:
336  read = ACL_MAINTAIN;
337  break;
338  case 'R': /* ignore old RULE privileges */
339  read = 0;
340  break;
341  default:
342  ereturn(escontext, NULL,
343  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
344  errmsg("invalid mode character: must be one of \"%s\"",
346  }
347 
348  privs |= read;
349  }
350 
351  if (name[0] == '\0')
352  aip->ai_grantee = ACL_ID_PUBLIC;
353  else
354  {
355  aip->ai_grantee = get_role_oid(name, true);
356  if (!OidIsValid(aip->ai_grantee))
357  ereturn(escontext, NULL,
358  (errcode(ERRCODE_UNDEFINED_OBJECT),
359  errmsg("role \"%s\" does not exist", name)));
360  }
361 
362  /*
363  * XXX Allow a degree of backward compatibility by defaulting the grantor
364  * to the superuser.
365  */
366  if (*s == '/')
367  {
368  s = getid(s + 1, name2, escontext);
369  if (s == NULL)
370  return NULL;
371  if (name2[0] == '\0')
372  ereturn(escontext, NULL,
373  (errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
374  errmsg("a name must follow the \"/\" sign")));
375  aip->ai_grantor = get_role_oid(name2, true);
376  if (!OidIsValid(aip->ai_grantor))
377  ereturn(escontext, NULL,
378  (errcode(ERRCODE_UNDEFINED_OBJECT),
379  errmsg("role \"%s\" does not exist", name2)));
380  }
381  else
382  {
383  aip->ai_grantor = BOOTSTRAP_SUPERUSERID;
385  (errcode(ERRCODE_INVALID_GRANTOR),
386  errmsg("defaulting grantor to user ID %u",
387  BOOTSTRAP_SUPERUSERID)));
388  }
389 
390  ACLITEM_SET_PRIVS_GOPTIONS(*aip, privs, goption);
391 
392  return s;
393 }
static const char * getid(const char *s, char *n, Node *escontext)
Definition: acl.c:143
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5255
#define ACL_CREATE_CHR
Definition: acl.h:146
#define ACL_SET_CHR
Definition: acl.h:149
#define ACL_REFERENCES_CHR
Definition: acl.h:142
#define ACL_TRUNCATE_CHR
Definition: acl.h:141
#define ACL_SELECT_CHR
Definition: acl.h:138
#define ACL_EXECUTE_CHR
Definition: acl.h:144
#define ACL_DELETE_CHR
Definition: acl.h:140
#define ACL_INSERT_CHR
Definition: acl.h:137
#define ACL_UPDATE_CHR
Definition: acl.h:139
#define ACL_ALTER_SYSTEM_CHR
Definition: acl.h:150
#define ACL_USAGE_CHR
Definition: acl.h:145
#define ACL_CONNECT_CHR
Definition: acl.h:148
#define ACL_TRIGGER_CHR
Definition: acl.h:143
#define ACL_CREATE_TEMP_CHR
Definition: acl.h:147
#define ACL_MAINTAIN_CHR
Definition: acl.h:151
#define OidIsValid(objectId)
Definition: c.h:759
int errhint(const char *fmt,...)
Definition: elog.c:1316
#define WARNING
Definition: elog.h:36
const char * name
Definition: encode.c:571
#define read(a, b, c)
Definition: win32.h:13
Assert(fmt[strlen(fmt) - 1] !='\n')
#define ACL_SET
Definition: parsenodes.h:95
#define ACL_DELETE
Definition: parsenodes.h:86
#define ACL_MAINTAIN
Definition: parsenodes.h:97
#define ACL_INSERT
Definition: parsenodes.h:83
#define ACL_UPDATE
Definition: parsenodes.h:85
#define ACL_ALTER_SYSTEM
Definition: parsenodes.h:96
#define ACL_REFERENCES
Definition: parsenodes.h:88
#define ACL_SELECT
Definition: parsenodes.h:84
#define ACL_TRUNCATE
Definition: parsenodes.h:87
#define ACL_CREATE
Definition: parsenodes.h:92
#define ACL_TRIGGER
Definition: parsenodes.h:89

References ACL_ALL_RIGHTS_STR, ACL_ALTER_SYSTEM, ACL_ALTER_SYSTEM_CHR, ACL_CONNECT, ACL_CONNECT_CHR, ACL_CREATE, ACL_CREATE_CHR, ACL_CREATE_TEMP, ACL_CREATE_TEMP_CHR, ACL_DELETE, ACL_DELETE_CHR, ACL_EXECUTE, ACL_EXECUTE_CHR, ACL_ID_PUBLIC, ACL_INSERT, ACL_INSERT_CHR, ACL_MAINTAIN, ACL_MAINTAIN_CHR, ACL_NO_RIGHTS, ACL_REFERENCES, ACL_REFERENCES_CHR, ACL_SELECT, ACL_SELECT_CHR, ACL_SET, ACL_SET_CHR, ACL_TRIGGER, ACL_TRIGGER_CHR, ACL_TRUNCATE, ACL_TRUNCATE_CHR, ACL_UPDATE, ACL_UPDATE_CHR, ACL_USAGE, ACL_USAGE_CHR, ACLITEM_SET_PRIVS_GOPTIONS, AclItem::ai_grantee, AclItem::ai_grantor, Assert(), ereport, ereturn, errcode(), errhint(), errmsg(), get_role_oid(), getid(), name, NAMEDATALEN, OidIsValid, read, and WARNING.

Referenced by aclitemin().

◆ aclremove()

Datum aclremove ( PG_FUNCTION_ARGS  )

Definition at line 1573 of file acl.c.

1574 {
1575  ereport(ERROR,
1576  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1577  errmsg("aclremove is no longer supported")));
1578 
1579  PG_RETURN_NULL(); /* keep compiler quiet */
1580 }

References ereport, errcode(), errmsg(), ERROR, and PG_RETURN_NULL.

◆ aclupdate()

Acl* aclupdate ( const Acl old_acl,
const AclItem mod_aip,
int  modechg,
Oid  ownerId,
DropBehavior  behavior 
)

Definition at line 969 of file acl.c.

971 {
972  Acl *new_acl = NULL;
973  AclItem *old_aip,
974  *new_aip = NULL;
975  AclMode old_rights,
976  old_goptions,
977  new_rights,
978  new_goptions;
979  int dst,
980  num;
981 
982  /* Caller probably already checked old_acl, but be safe */
983  check_acl(old_acl);
984 
985  /* If granting grant options, check for circularity */
986  if (modechg != ACL_MODECHG_DEL &&
987  ACLITEM_GET_GOPTIONS(*mod_aip) != ACL_NO_RIGHTS)
988  check_circularity(old_acl, mod_aip, ownerId);
989 
990  num = ACL_NUM(old_acl);
991  old_aip = ACL_DAT(old_acl);
992 
993  /*
994  * Search the ACL for an existing entry for this grantee and grantor. If
995  * one exists, just modify the entry in-place (well, in the same position,
996  * since we actually return a copy); otherwise, insert the new entry at
997  * the end.
998  */
999 
1000  for (dst = 0; dst < num; ++dst)
1001  {
1002  if (aclitem_match(mod_aip, old_aip + dst))
1003  {
1004  /* found a match, so modify existing item */
1005  new_acl = allocacl(num);
1006  new_aip = ACL_DAT(new_acl);
1007  memcpy(new_acl, old_acl, ACL_SIZE(old_acl));
1008  break;
1009  }
1010  }
1011 
1012  if (dst == num)
1013  {
1014  /* need to append a new item */
1015  new_acl = allocacl(num + 1);
1016  new_aip = ACL_DAT(new_acl);
1017  memcpy(new_aip, old_aip, num * sizeof(AclItem));
1018 
1019  /* initialize the new entry with no permissions */
1020  new_aip[dst].ai_grantee = mod_aip->ai_grantee;
1021  new_aip[dst].ai_grantor = mod_aip->ai_grantor;
1022  ACLITEM_SET_PRIVS_GOPTIONS(new_aip[dst],
1024  num++; /* set num to the size of new_acl */
1025  }
1026 
1027  old_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1028  old_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1029 
1030  /* apply the specified permissions change */
1031  switch (modechg)
1032  {
1033  case ACL_MODECHG_ADD:
1034  ACLITEM_SET_RIGHTS(new_aip[dst],
1035  old_rights | ACLITEM_GET_RIGHTS(*mod_aip));
1036  break;
1037  case ACL_MODECHG_DEL:
1038  ACLITEM_SET_RIGHTS(new_aip[dst],
1039  old_rights & ~ACLITEM_GET_RIGHTS(*mod_aip));
1040  break;
1041  case ACL_MODECHG_EQL:
1042  ACLITEM_SET_RIGHTS(new_aip[dst],
1043  ACLITEM_GET_RIGHTS(*mod_aip));
1044  break;
1045  }
1046 
1047  new_rights = ACLITEM_GET_RIGHTS(new_aip[dst]);
1048  new_goptions = ACLITEM_GET_GOPTIONS(new_aip[dst]);
1049 
1050  /*
1051  * If the adjusted entry has no permissions, delete it from the list.
1052  */
1053  if (new_rights == ACL_NO_RIGHTS)
1054  {
1055  memmove(new_aip + dst,
1056  new_aip + dst + 1,
1057  (num - dst - 1) * sizeof(AclItem));
1058  /* Adjust array size to be 'num - 1' items */
1059  ARR_DIMS(new_acl)[0] = num - 1;
1060  SET_VARSIZE(new_acl, ACL_N_SIZE(num - 1));
1061  }
1062 
1063  /*
1064  * Remove abandoned privileges (cascading revoke). Currently we can only
1065  * handle this when the grantee is not PUBLIC.
1066  */
1067  if ((old_goptions & ~new_goptions) != 0)
1068  {
1069  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1070  new_acl = recursive_revoke(new_acl, mod_aip->ai_grantee,
1071  (old_goptions & ~new_goptions),
1072  ownerId, behavior);
1073  }
1074 
1075  return new_acl;
1076 }
static Acl * recursive_revoke(Acl *acl, Oid grantee, AclMode revoke_privs, Oid ownerId, DropBehavior behavior)
Definition: acl.c:1273
static void check_circularity(const Acl *old_acl, const AclItem *mod_aip, Oid ownerId)
Definition: acl.c:1193
#define ACL_SIZE(ACL)
Definition: acl.h:111
#define ACL_MODECHG_DEL
Definition: acl.h:130
#define ACL_MODECHG_EQL
Definition: acl.h:131

References ACL_DAT, ACL_ID_PUBLIC, ACL_MODECHG_ADD, ACL_MODECHG_DEL, ACL_MODECHG_EQL, ACL_N_SIZE, ACL_NO_RIGHTS, ACL_NUM, ACL_SIZE, ACLITEM_GET_GOPTIONS, ACLITEM_GET_RIGHTS, aclitem_match(), ACLITEM_SET_PRIVS_GOPTIONS, ACLITEM_SET_RIGHTS, AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), ARR_DIMS, Assert(), check_acl(), check_circularity(), recursive_revoke(), and SET_VARSIZE.

Referenced by aclmerge(), check_circularity(), merge_acl_with_grant(), and recursive_revoke().

◆ allocacl()

static Acl * allocacl ( int  n)
static

Definition at line 403 of file acl.c.

404 {
405  Acl *new_acl;
406  Size size;
407 
408  if (n < 0)
409  elog(ERROR, "invalid size: %d", n);
410  size = ACL_N_SIZE(n);
411  new_acl = (Acl *) palloc0(size);
412  SET_VARSIZE(new_acl, size);
413  new_acl->ndim = 1;
414  new_acl->dataoffset = 0; /* we never put in any nulls */
415  new_acl->elemtype = ACLITEMOID;
416  ARR_LBOUND(new_acl)[0] = 1;
417  ARR_DIMS(new_acl)[0] = n;
418  return new_acl;
419 }
#define ARR_LBOUND(a)
Definition: array.h:289
size_t Size
Definition: c.h:589
void * palloc0(Size size)
Definition: mcxt.c:1241
Oid elemtype
Definition: array.h:90
int ndim
Definition: array.h:88
int32 dataoffset
Definition: array.h:89

References ACL_N_SIZE, ARR_DIMS, ARR_LBOUND, ArrayType::dataoffset, ArrayType::elemtype, elog(), ERROR, ArrayType::ndim, palloc0(), and SET_VARSIZE.

Referenced by aclconcat(), aclcopy(), acldefault(), aclnewowner(), aclupdate(), check_circularity(), and make_empty_acl().

◆ check_acl()

static void check_acl ( const Acl acl)
static

Definition at line 567 of file acl.c.

568 {
569  if (ARR_ELEMTYPE(acl) != ACLITEMOID)
570  ereport(ERROR,
571  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
572  errmsg("ACL array contains wrong data type")));
573  if (ARR_NDIM(acl) != 1)
574  ereport(ERROR,
575  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
576  errmsg("ACL arrays must be one-dimensional")));
577  if (ARR_HASNULL(acl))
578  ereport(ERROR,
579  (errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
580  errmsg("ACL arrays must not contain null values")));
581 }
#define ARR_NDIM(a)
Definition: array.h:283
#define ARR_ELEMTYPE(a)
Definition: array.h:285
#define ARR_HASNULL(a)
Definition: array.h:284

References ARR_ELEMTYPE, ARR_HASNULL, ARR_NDIM, ereport, errcode(), errmsg(), and ERROR.

Referenced by aclcontains(), aclexplode(), aclmask(), aclmask_direct(), aclmembers(), aclnewowner(), aclupdate(), check_circularity(), and recursive_revoke().

◆ check_can_set_role()

void check_can_set_role ( Oid  member,
Oid  role 
)

Definition at line 5026 of file acl.c.

5027 {
5028  if (!member_can_set_role(member, role))
5029  ereport(ERROR,
5030  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
5031  errmsg("must be able to SET ROLE \"%s\"",
5032  GetUserNameFromId(role, false))));
5033 }
bool member_can_set_role(Oid member, Oid role)
Definition: acl.c:5003
char * GetUserNameFromId(Oid roleid, bool noerr)
Definition: miscinit.c:984

References ereport, errcode(), errmsg(), ERROR, GetUserNameFromId(), and member_can_set_role().

Referenced by AlterDatabaseOwner(), AlterForeignServerOwner_internal(), AlterObjectOwner_internal(), AlterPublicationOwner_internal(), AlterSchemaOwner_internal(), AlterTypeOwner(), ATExecChangeOwner(), createdb(), and CreateSchemaCommand().

◆ check_circularity()

static void check_circularity ( const Acl old_acl,
const AclItem mod_aip,
Oid  ownerId 
)
static

Definition at line 1193 of file acl.c.

1195 {
1196  Acl *acl;
1197  AclItem *aip;
1198  int i,
1199  num;
1200  AclMode own_privs;
1201 
1202  check_acl(old_acl);
1203 
1204  /*
1205  * For now, grant options can only be granted to roles, not PUBLIC.
1206  * Otherwise we'd have to work a bit harder here.
1207  */
1208  Assert(mod_aip->ai_grantee != ACL_ID_PUBLIC);
1209 
1210  /* The owner always has grant options, no need to check */
1211  if (mod_aip->ai_grantor == ownerId)
1212  return;
1213 
1214  /* Make a working copy */
1215  acl = allocacl(ACL_NUM(old_acl));
1216  memcpy(acl, old_acl, ACL_SIZE(old_acl));
1217 
1218  /* Zap all grant options of target grantee, plus what depends on 'em */
1219 cc_restart:
1220  num = ACL_NUM(acl);
1221  aip = ACL_DAT(acl);
1222  for (i = 0; i < num; i++)
1223  {
1224  if (aip[i].ai_grantee == mod_aip->ai_grantee &&
1226  {
1227  Acl *new_acl;
1228 
1229  /* We'll actually zap ordinary privs too, but no matter */
1230  new_acl = aclupdate(acl, &aip[i], ACL_MODECHG_DEL,
1231  ownerId, DROP_CASCADE);
1232 
1233  pfree(acl);
1234  acl = new_acl;
1235 
1236  goto cc_restart;
1237  }
1238  }
1239 
1240  /* Now we can compute grantor's independently-derived privileges */
1241  own_privs = aclmask(acl,
1242  mod_aip->ai_grantor,
1243  ownerId,
1245  ACLMASK_ALL);
1246  own_privs = ACL_OPTION_TO_PRIVS(own_privs);
1247 
1248  if ((ACLITEM_GET_GOPTIONS(*mod_aip) & ~own_privs) != 0)
1249  ereport(ERROR,
1250  (errcode(ERRCODE_INVALID_GRANT_OPERATION),
1251  errmsg("grant options cannot be granted back to your own grantor")));
1252 
1253  pfree(acl);
1254 }
AclMode aclmask(const Acl *acl, Oid roleid, Oid ownerId, AclMode mask, AclMaskHow how)
Definition: acl.c:1359
#define ACL_OPTION_TO_PRIVS(privs)
Definition: acl.h:71
#define ACL_GRANT_OPTION_FOR(privs)
Definition: acl.h:70
@ DROP_CASCADE
Definition: parsenodes.h:2049

References ACL_DAT, ACL_GRANT_OPTION_FOR, ACL_ID_PUBLIC, ACL_MODECHG_DEL, ACL_NO_RIGHTS, ACL_NUM, ACL_OPTION_TO_PRIVS, ACL_SIZE, ACLITEM_GET_GOPTIONS, aclmask(), ACLMASK_ALL, aclupdate(), AclItem::ai_grantee, AclItem::ai_grantor, allocacl(), Assert(), check_acl(), DROP_CASCADE, ereport, errcode(), errmsg(), ERROR, i, and pfree().

Referenced by aclupdate().

◆ check_rolespec_name()

void check_rolespec_name ( const RoleSpec role,
const char *  detail_msg 
)

Definition at line 5396 of file acl.c.

5397 {
5398  if (!role)
5399  return;
5400 
5401  if (role->roletype != ROLESPEC_CSTRING)
5402  return;
5403 
5404  if (IsReservedName(role->rolename))
5405  {
5406  if (detail_msg)
5407  ereport(ERROR,
5408  (errcode(ERRCODE_RESERVED_NAME),
5409  errmsg("role name \"%s\" is reserved",
5410  role->rolename),
5411  errdetail_internal("%s", detail_msg)));
5412  else
5413  ereport(ERROR,
5414  (errcode(ERRCODE_RESERVED_NAME),
5415  errmsg("role name \"%s\" is reserved",
5416  role->rolename)));
5417  }
5418 }
bool IsReservedName(const char *name)
Definition: catalog.c:219
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1229
@ ROLESPEC_CSTRING
Definition: parsenodes.h:392
RoleSpecType roletype
Definition: parsenodes.h:402
char * rolename
Definition: parsenodes.h:403

References ereport, errcode(), errdetail_internal(), errmsg(), ERROR, IsReservedName(), RoleSpec::rolename, ROLESPEC_CSTRING, and RoleSpec::roletype.

Referenced by AlterRole(), and AlterRoleSet().

◆ column_privilege_check()

static int column_privilege_check ( Oid  tableoid,
AttrNumber  attnum,
Oid  roleid,
AclMode  mode 
)
static

Definition at line 2482 of file acl.c.

2484 {
2485  AclResult aclresult;
2486  bool is_missing = false;
2487 
2488  /*
2489  * If convert_column_name failed, we can just return -1 immediately.
2490  */
2491  if (attnum == InvalidAttrNumber)
2492  return -1;
2493 
2494  /*
2495  * Check for column-level privileges first. This serves in part as a check
2496  * on whether the column even exists, so we need to do it before checking
2497  * table-level privilege.
2498  */
2499  aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
2500  mode, &is_missing);
2501  if (aclresult == ACLCHECK_OK)
2502  return 1;
2503  else if (is_missing)
2504  return -1;
2505 
2506  /* Next check if we have the privilege at the table level */
2507  aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
2508  if (aclresult == ACLCHECK_OK)
2509  return 1;
2510  else if (is_missing)
2511  return -1;
2512  else
2513  return 0;
2514 }
AclResult
Definition: acl.h:182
@ ACLCHECK_OK
Definition: acl.h:183
AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3943
AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum, Oid roleid, AclMode mode, bool *is_missing)
Definition: aclchk.c:3816
#define InvalidAttrNumber
Definition: attnum.h:23
int16 attnum
Definition: pg_attribute.h:83
static PgChecksumMode mode
Definition: pg_checksums.c:65

References ACLCHECK_OK, attnum, InvalidAttrNumber, mode, pg_attribute_aclcheck_ext(), and pg_class_aclcheck_ext().

Referenced by has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_aclright_to_string()

static const char* convert_aclright_to_string ( int  aclright)
static

Definition at line 1706 of file acl.c.

1707 {
1708  switch (aclright)
1709  {
1710  case ACL_INSERT:
1711  return "INSERT";
1712  case ACL_SELECT:
1713  return "SELECT";
1714  case ACL_UPDATE:
1715  return "UPDATE";
1716  case ACL_DELETE:
1717  return "DELETE";
1718  case ACL_TRUNCATE:
1719  return "TRUNCATE";
1720  case ACL_REFERENCES:
1721  return "REFERENCES";
1722  case ACL_TRIGGER:
1723  return "TRIGGER";
1724  case ACL_EXECUTE:
1725  return "EXECUTE";
1726  case ACL_USAGE:
1727  return "USAGE";
1728  case ACL_CREATE:
1729  return "CREATE";
1730  case ACL_CREATE_TEMP:
1731  return "TEMPORARY";
1732  case ACL_CONNECT:
1733  return "CONNECT";
1734  case ACL_SET:
1735  return "SET";
1736  case ACL_ALTER_SYSTEM:
1737  return "ALTER SYSTEM";
1738  case ACL_MAINTAIN:
1739  return "MAINTAIN";
1740  default:
1741  elog(ERROR, "unrecognized aclright: %d", aclright);
1742  return NULL;
1743  }
1744 }

References ACL_ALTER_SYSTEM, ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_DELETE, ACL_EXECUTE, ACL_INSERT, ACL_MAINTAIN, ACL_REFERENCES, ACL_SELECT, ACL_SET, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, ACL_USAGE, elog(), and ERROR.

Referenced by aclexplode().

◆ convert_any_priv_string()

static AclMode convert_any_priv_string ( text priv_type_text,
const priv_map privileges 
)
static

Definition at line 1658 of file acl.c.

1660 {
1661  AclMode result = 0;
1662  char *priv_type = text_to_cstring(priv_type_text);
1663  char *chunk;
1664  char *next_chunk;
1665 
1666  /* We rely on priv_type being a private, modifiable string */
1667  for (chunk = priv_type; chunk; chunk = next_chunk)
1668  {
1669  int chunk_len;
1670  const priv_map *this_priv;
1671 
1672  /* Split string at commas */
1673  next_chunk = strchr(chunk, ',');
1674  if (next_chunk)
1675  *next_chunk++ = '\0';
1676 
1677  /* Drop leading/trailing whitespace in this chunk */
1678  while (*chunk && isspace((unsigned char) *chunk))
1679  chunk++;
1680  chunk_len = strlen(chunk);
1681  while (chunk_len > 0 && isspace((unsigned char) chunk[chunk_len - 1]))
1682  chunk_len--;
1683  chunk[chunk_len] = '\0';
1684 
1685  /* Match to the privileges list */
1686  for (this_priv = privileges; this_priv->name; this_priv++)
1687  {
1688  if (pg_strcasecmp(this_priv->name, chunk) == 0)
1689  {
1690  result |= this_priv->value;
1691  break;
1692  }
1693  }
1694  if (!this_priv->name)
1695  ereport(ERROR,
1696  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
1697  errmsg("unrecognized privilege type: \"%s\"", chunk)));
1698  }
1699 
1700  pfree(priv_type);
1701  return result;
1702 }
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
Definition: acl.c:54
const char * name
Definition: acl.c:55
AclMode value
Definition: acl.c:56
char * text_to_cstring(const text *t)
Definition: varlena.c:215

References ereport, errcode(), errmsg(), ERROR, priv_map::name, pfree(), pg_strcasecmp(), text_to_cstring(), and priv_map::value.

Referenced by convert_column_priv_string(), convert_database_priv_string(), convert_foreign_data_wrapper_priv_string(), convert_function_priv_string(), convert_language_priv_string(), convert_parameter_priv_string(), convert_role_priv_string(), convert_schema_priv_string(), convert_sequence_priv_string(), convert_server_priv_string(), convert_table_priv_string(), convert_tablespace_priv_string(), convert_type_priv_string(), and makeaclitem().

◆ convert_column_name()

static AttrNumber convert_column_name ( Oid  tableoid,
text column 
)
static

Definition at line 2842 of file acl.c.

2843 {
2844  char *colname;
2845  HeapTuple attTuple;
2847 
2848  colname = text_to_cstring(column);
2849 
2850  /*
2851  * We don't use get_attnum() here because it will report that dropped
2852  * columns don't exist. We need to treat dropped columns differently from
2853  * nonexistent columns.
2854  */
2855  attTuple = SearchSysCache2(ATTNAME,
2856  ObjectIdGetDatum(tableoid),
2857  CStringGetDatum(colname));
2858  if (HeapTupleIsValid(attTuple))
2859  {
2860  Form_pg_attribute attributeForm;
2861 
2862  attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
2863  /* We want to return NULL for dropped columns */
2864  if (attributeForm->attisdropped)
2866  else
2867  attnum = attributeForm->attnum;
2868  ReleaseSysCache(attTuple);
2869  }
2870  else
2871  {
2872  char *tablename = get_rel_name(tableoid);
2873 
2874  /*
2875  * If the table OID is bogus, or it's just been dropped, we'll get
2876  * NULL back. In such cases we want has_column_privilege to return
2877  * NULL too, so just return InvalidAttrNumber.
2878  */
2879  if (tablename != NULL)
2880  {
2881  /* tableoid exists, colname does not, so throw error */
2882  ereport(ERROR,
2883  (errcode(ERRCODE_UNDEFINED_COLUMN),
2884  errmsg("column \"%s\" of relation \"%s\" does not exist",
2885  colname, tablename)));
2886  }
2887  /* tableoid doesn't exist, so act like attisdropped case */
2889  }
2890 
2891  pfree(colname);
2892  return attnum;
2893 }
char * get_rel_name(Oid relid)
Definition: lsyscache.c:1910
FormData_pg_attribute * Form_pg_attribute
Definition: pg_attribute.h:207
static Datum CStringGetDatum(const char *X)
Definition: postgres.h:350
HeapTuple SearchSysCache2(int cacheId, Datum key1, Datum key2)
Definition: syscache.c:828
@ ATTNAME
Definition: syscache.h:40

References ATTNAME, attnum, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), GETSTRUCT, HeapTupleIsValid, InvalidAttrNumber, ObjectIdGetDatum(), pfree(), ReleaseSysCache(), SearchSysCache2(), and text_to_cstring().

Referenced by has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_name(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), and has_column_privilege_name_name_name().

◆ convert_column_priv_string()

static AclMode convert_column_priv_string ( text priv_type_text)
static

Definition at line 2900 of file acl.c.

2901 {
2902  static const priv_map column_priv_map[] = {
2903  {"SELECT", ACL_SELECT},
2904  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2905  {"INSERT", ACL_INSERT},
2906  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2907  {"UPDATE", ACL_UPDATE},
2908  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2909  {"REFERENCES", ACL_REFERENCES},
2910  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2911  {NULL, 0}
2912  };
2913 
2914  return convert_any_priv_string(priv_type_text, column_priv_map);
2915 }
static AclMode convert_any_priv_string(text *priv_type_text, const priv_map *privileges)
Definition: acl.c:1658

References ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_REFERENCES, ACL_SELECT, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_any_column_privilege_id(), has_any_column_privilege_id_id(), has_any_column_privilege_id_name(), has_any_column_privilege_name(), has_any_column_privilege_name_id(), has_any_column_privilege_name_name(), has_column_privilege_id_attnum(), has_column_privilege_id_id_attnum(), has_column_privilege_id_id_name(), has_column_privilege_id_name(), has_column_privilege_id_name_attnum(), has_column_privilege_id_name_name(), has_column_privilege_name_attnum(), has_column_privilege_name_id_attnum(), has_column_privilege_name_id_name(), has_column_privilege_name_name(), has_column_privilege_name_name_attnum(), and has_column_privilege_name_name_name().

◆ convert_database_name()

static Oid convert_database_name ( text databasename)
static

Definition at line 3085 of file acl.c.

3086 {
3087  char *dbname = text_to_cstring(databasename);
3088 
3089  return get_database_oid(dbname, false);
3090 }
Oid get_database_oid(const char *dbname, bool missing_ok)
Definition: dbcommands.c:2981
char * dbname
Definition: streamutil.c:51

References dbname, get_database_oid(), and text_to_cstring().

Referenced by has_database_privilege_id_name(), has_database_privilege_name(), and has_database_privilege_name_name().

◆ convert_database_priv_string()

static AclMode convert_database_priv_string ( text priv_type_text)
static

Definition at line 3097 of file acl.c.

3098 {
3099  static const priv_map database_priv_map[] = {
3100  {"CREATE", ACL_CREATE},
3101  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3102  {"TEMPORARY", ACL_CREATE_TEMP},
3103  {"TEMPORARY WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3104  {"TEMP", ACL_CREATE_TEMP},
3105  {"TEMP WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP)},
3106  {"CONNECT", ACL_CONNECT},
3107  {"CONNECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CONNECT)},
3108  {NULL, 0}
3109  };
3110 
3111  return convert_any_priv_string(priv_type_text, database_priv_map);
3112 }

References ACL_CONNECT, ACL_CREATE, ACL_CREATE_TEMP, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_database_privilege_id(), has_database_privilege_id_id(), has_database_privilege_id_name(), has_database_privilege_name(), has_database_privilege_name_id(), and has_database_privilege_name_name().

◆ convert_foreign_data_wrapper_name()

static Oid convert_foreign_data_wrapper_name ( text fdwname)
static

Definition at line 3282 of file acl.c.

3283 {
3284  char *fdwstr = text_to_cstring(fdwname);
3285 
3286  return get_foreign_data_wrapper_oid(fdwstr, false);
3287 }
Oid get_foreign_data_wrapper_oid(const char *fdwname, bool missing_ok)
Definition: foreign.c:667

References get_foreign_data_wrapper_oid(), and text_to_cstring().

Referenced by has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_foreign_data_wrapper_priv_string()

static AclMode convert_foreign_data_wrapper_priv_string ( text priv_type_text)
static

Definition at line 3294 of file acl.c.

3295 {
3296  static const priv_map foreign_data_wrapper_priv_map[] = {
3297  {"USAGE", ACL_USAGE},
3298  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3299  {NULL, 0}
3300  };
3301 
3302  return convert_any_priv_string(priv_type_text, foreign_data_wrapper_priv_map);
3303 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_foreign_data_wrapper_privilege_id(), has_foreign_data_wrapper_privilege_id_id(), has_foreign_data_wrapper_privilege_id_name(), has_foreign_data_wrapper_privilege_name(), has_foreign_data_wrapper_privilege_name_id(), and has_foreign_data_wrapper_privilege_name_name().

◆ convert_function_name()

static Oid convert_function_name ( text functionname)
static

Definition at line 3473 of file acl.c.

3474 {
3475  char *funcname = text_to_cstring(functionname);
3476  Oid oid;
3477 
3480 
3481  if (!OidIsValid(oid))
3482  ereport(ERROR,
3483  (errcode(ERRCODE_UNDEFINED_FUNCTION),
3484  errmsg("function \"%s\" does not exist", funcname)));
3485 
3486  return oid;
3487 }
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:642
#define funcname
Definition: indent_codes.h:69
static Oid DatumGetObjectId(Datum X)
Definition: postgres.h:242
Datum regprocedurein(PG_FUNCTION_ARGS)
Definition: regproc.c:224

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, funcname, OidIsValid, regprocedurein(), and text_to_cstring().

Referenced by has_function_privilege_id_name(), has_function_privilege_name(), and has_function_privilege_name_name().

◆ convert_function_priv_string()

static AclMode convert_function_priv_string ( text priv_type_text)
static

Definition at line 3494 of file acl.c.

3495 {
3496  static const priv_map function_priv_map[] = {
3497  {"EXECUTE", ACL_EXECUTE},
3498  {"EXECUTE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_EXECUTE)},
3499  {NULL, 0}
3500  };
3501 
3502  return convert_any_priv_string(priv_type_text, function_priv_map);
3503 }

References ACL_EXECUTE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_function_privilege_id(), has_function_privilege_id_id(), has_function_privilege_id_name(), has_function_privilege_name(), has_function_privilege_name_id(), and has_function_privilege_name_name().

◆ convert_language_name()

static Oid convert_language_name ( text languagename)
static

Definition at line 3673 of file acl.c.

3674 {
3675  char *langname = text_to_cstring(languagename);
3676 
3677  return get_language_oid(langname, false);
3678 }
Oid get_language_oid(const char *langname, bool missing_ok)
Definition: proclang.c:228

References get_language_oid(), and text_to_cstring().

Referenced by has_language_privilege_id_name(), has_language_privilege_name(), and has_language_privilege_name_name().

◆ convert_language_priv_string()

static AclMode convert_language_priv_string ( text priv_type_text)
static

Definition at line 3685 of file acl.c.

3686 {
3687  static const priv_map language_priv_map[] = {
3688  {"USAGE", ACL_USAGE},
3689  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3690  {NULL, 0}
3691  };
3692 
3693  return convert_any_priv_string(priv_type_text, language_priv_map);
3694 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_language_privilege_id(), has_language_privilege_id_id(), has_language_privilege_id_name(), has_language_privilege_name(), has_language_privilege_name_id(), and has_language_privilege_name_name().

◆ convert_parameter_priv_string()

static AclMode convert_parameter_priv_string ( text priv_text)
static

Definition at line 4548 of file acl.c.

4549 {
4550  static const priv_map parameter_priv_map[] = {
4551  {"SET", ACL_SET},
4552  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SET)},
4553  {"ALTER SYSTEM", ACL_ALTER_SYSTEM},
4554  {"ALTER SYSTEM WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_ALTER_SYSTEM)},
4555  {NULL, 0}
4556  };
4557 
4558  return convert_any_priv_string(priv_text, parameter_priv_map);
4559 }

References ACL_ALTER_SYSTEM, ACL_GRANT_OPTION_FOR, ACL_SET, and convert_any_priv_string().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ convert_role_priv_string()

static AclMode convert_role_priv_string ( text priv_type_text)
static

Definition at line 4726 of file acl.c.

4727 {
4728  static const priv_map role_priv_map[] = {
4729  {"USAGE", ACL_USAGE},
4730  {"MEMBER", ACL_CREATE},
4731  {"SET", ACL_SET},
4732  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4733  {"USAGE WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4734  {"MEMBER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4735  {"MEMBER WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4736  {"SET WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4737  {"SET WITH ADMIN OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4738  {NULL, 0}
4739  };
4740 
4741  return convert_any_priv_string(priv_type_text, role_priv_map);
4742 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_SET, ACL_USAGE, and convert_any_priv_string().

Referenced by pg_has_role_id(), pg_has_role_id_id(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), and pg_has_role_name_name().

◆ convert_schema_name()

static Oid convert_schema_name ( text schemaname)
static

Definition at line 3864 of file acl.c.

3865 {
3866  char *nspname = text_to_cstring(schemaname);
3867 
3868  return get_namespace_oid(nspname, false);
3869 }
Oid get_namespace_oid(const char *nspname, bool missing_ok)
Definition: namespace.c:3086

References get_namespace_oid(), and text_to_cstring().

Referenced by has_schema_privilege_id_name(), has_schema_privilege_name(), and has_schema_privilege_name_name().

◆ convert_schema_priv_string()

static AclMode convert_schema_priv_string ( text priv_type_text)
static

Definition at line 3876 of file acl.c.

3877 {
3878  static const priv_map schema_priv_map[] = {
3879  {"CREATE", ACL_CREATE},
3880  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
3881  {"USAGE", ACL_USAGE},
3882  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
3883  {NULL, 0}
3884  };
3885 
3886  return convert_any_priv_string(priv_type_text, schema_priv_map);
3887 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_schema_privilege_id(), has_schema_privilege_id_id(), has_schema_privilege_id_name(), has_schema_privilege_name(), has_schema_privilege_name_id(), and has_schema_privilege_name_name().

◆ convert_sequence_priv_string()

static AclMode convert_sequence_priv_string ( text priv_type_text)
static

Definition at line 2257 of file acl.c.

2258 {
2259  static const priv_map sequence_priv_map[] = {
2260  {"USAGE", ACL_USAGE},
2261  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
2262  {"SELECT", ACL_SELECT},
2263  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2264  {"UPDATE", ACL_UPDATE},
2265  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2266  {NULL, 0}
2267  };
2268 
2269  return convert_any_priv_string(priv_type_text, sequence_priv_map);
2270 }

References ACL_GRANT_OPTION_FOR, ACL_SELECT, ACL_UPDATE, ACL_USAGE, and convert_any_priv_string().

Referenced by has_sequence_privilege_id(), has_sequence_privilege_id_id(), has_sequence_privilege_id_name(), has_sequence_privilege_name(), has_sequence_privilege_name_id(), and has_sequence_privilege_name_name().

◆ convert_server_name()

static Oid convert_server_name ( text servername)
static

Definition at line 4057 of file acl.c.

4058 {
4059  char *serverstr = text_to_cstring(servername);
4060 
4061  return get_foreign_server_oid(serverstr, false);
4062 }
Oid get_foreign_server_oid(const char *servername, bool missing_ok)
Definition: foreign.c:690

References get_foreign_server_oid(), and text_to_cstring().

Referenced by has_server_privilege_id_name(), has_server_privilege_name(), and has_server_privilege_name_name().

◆ convert_server_priv_string()

static AclMode convert_server_priv_string ( text priv_type_text)
static

Definition at line 4069 of file acl.c.

4070 {
4071  static const priv_map server_priv_map[] = {
4072  {"USAGE", ACL_USAGE},
4073  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4074  {NULL, 0}
4075  };
4076 
4077  return convert_any_priv_string(priv_type_text, server_priv_map);
4078 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_server_privilege_id(), has_server_privilege_id_id(), has_server_privilege_id_name(), has_server_privilege_name(), has_server_privilege_name_id(), and has_server_privilege_name_name().

◆ convert_table_name()

static Oid convert_table_name ( text tablename)
static

◆ convert_table_priv_string()

static AclMode convert_table_priv_string ( text priv_type_text)
static

Definition at line 2032 of file acl.c.

2033 {
2034  static const priv_map table_priv_map[] = {
2035  {"SELECT", ACL_SELECT},
2036  {"SELECT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_SELECT)},
2037  {"INSERT", ACL_INSERT},
2038  {"INSERT WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_INSERT)},
2039  {"UPDATE", ACL_UPDATE},
2040  {"UPDATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_UPDATE)},
2041  {"DELETE", ACL_DELETE},
2042  {"DELETE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_DELETE)},
2043  {"TRUNCATE", ACL_TRUNCATE},
2044  {"TRUNCATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRUNCATE)},
2045  {"REFERENCES", ACL_REFERENCES},
2046  {"REFERENCES WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_REFERENCES)},
2047  {"TRIGGER", ACL_TRIGGER},
2048  {"TRIGGER WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_TRIGGER)},
2049  {"MAINTAIN", ACL_MAINTAIN},
2050  {"MAINTAIN WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_MAINTAIN)},
2051  {"RULE", 0}, /* ignore old RULE privileges */
2052  {"RULE WITH GRANT OPTION", 0},
2053  {NULL, 0}
2054  };
2055 
2056  return convert_any_priv_string(priv_type_text, table_priv_map);
2057 }

References ACL_DELETE, ACL_GRANT_OPTION_FOR, ACL_INSERT, ACL_MAINTAIN, ACL_REFERENCES, ACL_SELECT, ACL_TRIGGER, ACL_TRUNCATE, ACL_UPDATE, and convert_any_priv_string().

Referenced by has_table_privilege_id(), has_table_privilege_id_id(), has_table_privilege_id_name(), has_table_privilege_name(), has_table_privilege_name_id(), and has_table_privilege_name_name().

◆ convert_tablespace_name()

static Oid convert_tablespace_name ( text tablespacename)
static

Definition at line 4248 of file acl.c.

4249 {
4250  char *spcname = text_to_cstring(tablespacename);
4251 
4252  return get_tablespace_oid(spcname, false);
4253 }
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1432

References get_tablespace_oid(), and text_to_cstring().

Referenced by has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), and has_tablespace_privilege_name_name().

◆ convert_tablespace_priv_string()

static AclMode convert_tablespace_priv_string ( text priv_type_text)
static

Definition at line 4260 of file acl.c.

4261 {
4262  static const priv_map tablespace_priv_map[] = {
4263  {"CREATE", ACL_CREATE},
4264  {"CREATE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_CREATE)},
4265  {NULL, 0}
4266  };
4267 
4268  return convert_any_priv_string(priv_type_text, tablespace_priv_map);
4269 }

References ACL_CREATE, ACL_GRANT_OPTION_FOR, and convert_any_priv_string().

Referenced by has_tablespace_privilege_id(), has_tablespace_privilege_id_id(), has_tablespace_privilege_id_name(), has_tablespace_privilege_name(), has_tablespace_privilege_name_id(), and has_tablespace_privilege_name_name().

◆ convert_type_name()

static Oid convert_type_name ( text typename)
static

Definition at line 4438 of file acl.c.

4439 {
4440  char *typname = text_to_cstring(typename);
4441  Oid oid;
4442 
4445 
4446  if (!OidIsValid(oid))
4447  ereport(ERROR,
4448  (errcode(ERRCODE_UNDEFINED_OBJECT),
4449  errmsg("type \"%s\" does not exist", typname)));
4450 
4451  return oid;
4452 }
NameData typname
Definition: pg_type.h:41
Datum regtypein(PG_FUNCTION_ARGS)
Definition: regproc.c:1176

References CStringGetDatum(), DatumGetObjectId(), DirectFunctionCall1, ereport, errcode(), errmsg(), ERROR, OidIsValid, regtypein(), text_to_cstring(), and typname.

Referenced by has_type_privilege_id_name(), has_type_privilege_name(), and has_type_privilege_name_name().

◆ convert_type_priv_string()

static AclMode convert_type_priv_string ( text priv_type_text)
static

Definition at line 4459 of file acl.c.

4460 {
4461  static const priv_map type_priv_map[] = {
4462  {"USAGE", ACL_USAGE},
4463  {"USAGE WITH GRANT OPTION", ACL_GRANT_OPTION_FOR(ACL_USAGE)},
4464  {NULL, 0}
4465  };
4466 
4467  return convert_any_priv_string(priv_type_text, type_priv_map);
4468 }

References ACL_GRANT_OPTION_FOR, ACL_USAGE, and convert_any_priv_string().

Referenced by has_type_privilege_id(), has_type_privilege_id_id(), has_type_privilege_id_name(), has_type_privilege_name(), has_type_privilege_name_id(), and has_type_privilege_name_name().

◆ count_one_bits()

static int count_one_bits ( AclMode  mask)
static

Definition at line 5139 of file acl.c.

5140 {
5141  int nbits = 0;
5142 
5143  /* this code relies on AclMode being an unsigned type */
5144  while (mask)
5145  {
5146  if (mask & 1)
5147  nbits++;
5148  mask >>= 1;
5149  }
5150  return nbits;
5151 }

Referenced by select_best_grantor().

◆ get_role_oid()

Oid get_role_oid ( const char *  rolname,
bool  missing_ok 
)

Definition at line 5255 of file acl.c.

5256 {
5257  Oid oid;
5258 
5259  oid = GetSysCacheOid1(AUTHNAME, Anum_pg_authid_oid,
5261  if (!OidIsValid(oid) && !missing_ok)
5262  ereport(ERROR,
5263  (errcode(ERRCODE_UNDEFINED_OBJECT),
5264  errmsg("role \"%s\" does not exist", rolname)));
5265  return oid;
5266 }
@ AUTHNAME
Definition: syscache.h:44
#define GetSysCacheOid1(cacheId, oidcol, key1)
Definition: syscache.h:197

References AUTHNAME, CStringGetDatum(), ereport, errcode(), errmsg(), ERROR, GetSysCacheOid1, OidIsValid, and rolname.

Referenced by aclparse(), check_hba(), check_ident_usermap(), createdb(), CreateRole(), get_object_address_unqualified(), get_role_oid_or_public(), get_rolespec_oid(), GrantRole(), is_member(), pg_has_role_id_name(), pg_has_role_name(), pg_has_role_name_id(), pg_has_role_name_name(), regrolein(), and shell_check_detail().

◆ get_role_oid_or_public()

◆ get_rolespec_name()

char* get_rolespec_name ( const RoleSpec role)

Definition at line 5374 of file acl.c.

5375 {
5376  HeapTuple tp;
5377  Form_pg_authid authForm;
5378  char *rolename;
5379 
5380  tp = get_rolespec_tuple(role);
5381  authForm = (Form_pg_authid) GETSTRUCT(tp);
5382  rolename = pstrdup(NameStr(authForm->rolname));
5383  ReleaseSysCache(tp);
5384 
5385  return rolename;
5386 }
HeapTuple get_rolespec_tuple(const RoleSpec *role)
Definition: acl.c:5328
char * pstrdup(const char *in)
Definition: mcxt.c:1624

References get_rolespec_tuple(), GETSTRUCT, NameStr, pstrdup(), and ReleaseSysCache().

Referenced by AddRoleMems(), and DelRoleMems().

◆ get_rolespec_oid()

Oid get_rolespec_oid ( const RoleSpec role,
bool  missing_ok 
)

Definition at line 5289 of file acl.c.

5290 {
5291  Oid oid;
5292 
5293  switch (role->roletype)
5294  {
5295  case ROLESPEC_CSTRING:
5296  Assert(role->rolename);
5297  oid = get_role_oid(role->rolename, missing_ok);
5298  break;
5299 
5300  case ROLESPEC_CURRENT_ROLE:
5301  case ROLESPEC_CURRENT_USER:
5302  oid = GetUserId();
5303  break;
5304 
5305  case ROLESPEC_SESSION_USER:
5306  oid = GetSessionUserId();
5307  break;
5308 
5309  case ROLESPEC_PUBLIC:
5310  ereport(ERROR,
5311  (errcode(ERRCODE_UNDEFINED_OBJECT),
5312  errmsg("role \"%s\" does not exist", "public")));
5313  oid = InvalidOid; /* make compiler happy */
5314  break;
5315 
5316  default:
5317  elog(ERROR, "unexpected role type %d", role->roletype);
5318  }
5319 
5320  return oid;
5321 }
Oid GetUserId(void)
Definition: miscinit.c:510
Oid GetSessionUserId(void)
Definition: miscinit.c:544
@ ROLESPEC_CURRENT_USER
Definition: parsenodes.h:394
@ ROLESPEC_SESSION_USER
Definition: parsenodes.h:395
@ ROLESPEC_CURRENT_ROLE
Definition: parsenodes.h:393
@ ROLESPEC_PUBLIC
Definition: parsenodes.h:396
#define InvalidOid
Definition: postgres_ext.h:36

References Assert(), elog(), ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetSessionUserId(), GetUserId(), InvalidOid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, and RoleSpec::roletype.

Referenced by AlterUserMapping(), ATExecCmd(), CreateSchemaCommand(), CreateTableSpace(), CreateUserMapping(), ExecAlterDefaultPrivilegesStmt(), ExecAlterOwnerStmt(), ExecuteGrantStmt(), GrantRole(), policy_role_list_to_array(), ReassignOwnedObjects(), RemoveUserMapping(), and roleSpecsToIds().

◆ get_rolespec_tuple()

HeapTuple get_rolespec_tuple ( const RoleSpec role)

Definition at line 5328 of file acl.c.

5329 {
5330  HeapTuple tuple;
5331 
5332  switch (role->roletype)
5333  {
5334  case ROLESPEC_CSTRING:
5335  Assert(role->rolename);
5337  if (!HeapTupleIsValid(tuple))
5338  ereport(ERROR,
5339  (errcode(ERRCODE_UNDEFINED_OBJECT),
5340  errmsg("role \"%s\" does not exist", role->rolename)));
5341  break;
5342 
5343  case ROLESPEC_CURRENT_ROLE:
5344  case ROLESPEC_CURRENT_USER:
5345  tuple = SearchSysCache1(AUTHOID, GetUserId());
5346  if (!HeapTupleIsValid(tuple))
5347  elog(ERROR, "cache lookup failed for role %u", GetUserId());
5348  break;
5349 
5350  case ROLESPEC_SESSION_USER:
5352  if (!HeapTupleIsValid(tuple))
5353  elog(ERROR, "cache lookup failed for role %u", GetSessionUserId());
5354  break;
5355 
5356  case ROLESPEC_PUBLIC:
5357  ereport(ERROR,
5358  (errcode(ERRCODE_UNDEFINED_OBJECT),
5359  errmsg("role \"%s\" does not exist", "public")));
5360  tuple = NULL; /* make compiler happy */
5361  break;
5362 
5363  default:
5364  elog(ERROR, "unexpected role type %d", role->roletype);
5365  }
5366 
5367  return tuple;
5368 }

References Assert(), AUTHNAME, AUTHOID, CStringGetDatum(), elog(), ereport, errcode(), errmsg(), ERROR, GetSessionUserId(), GetUserId(), HeapTupleIsValid, RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, ROLESPEC_CURRENT_USER, ROLESPEC_PUBLIC, ROLESPEC_SESSION_USER, RoleSpec::roletype, and SearchSysCache1().

Referenced by AlterRole(), AlterRoleSet(), CreateRole(), and get_rolespec_name().

◆ getid()

static const char * getid ( const char *  s,
char *  n,
Node escontext 
)
static

Definition at line 143 of file acl.c.

144 {
145  int len = 0;
146  bool in_quotes = false;
147 
148  Assert(s && n);
149 
150  while (isspace((unsigned char) *s))
151  s++;
152  /* This code had better match what putid() does, below */
153  for (;
154  *s != '\0' &&
155  (isalnum((unsigned char) *s) ||
156  *s == '_' ||
157  *s == '"' ||
158  in_quotes);
159  s++)
160  {
161  if (*s == '"')
162  {
163  /* safe to look at next char (could be '\0' though) */
164  if (*(s + 1) != '"')
165  {
166  in_quotes = !in_quotes;
167  continue;
168  }
169  /* it's an escaped double quote; skip the escaping char */
170  s++;
171  }
172 
173  /* Add the character to the string */
174  if (len >= NAMEDATALEN - 1)
175  ereturn(escontext, NULL,
176  (errcode(ERRCODE_NAME_TOO_LONG),
177  errmsg("identifier too long"),
178  errdetail("Identifier must be less than %d characters.",
179  NAMEDATALEN)));
180 
181  n[len++] = *s;
182  }
183  n[len] = '\0';
184  while (isspace((unsigned char) *s))
185  s++;
186  return s;
187 }
int errdetail(const char *fmt,...)
Definition: elog.c:1202
const void size_t len

References Assert(), ereturn, errcode(), errdetail(), errmsg(), len, and NAMEDATALEN.

Referenced by aclparse().

◆ has_any_column_privilege_id()

Datum has_any_column_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2379 of file acl.c.

2380 {
2381  Oid tableoid = PG_GETARG_OID(0);
2382  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2383  Oid roleid;
2384  AclMode mode;
2385  AclResult aclresult;
2386 
2387  roleid = GetUserId();
2388  mode = convert_column_priv_string(priv_type_text);
2389 
2391  PG_RETURN_NULL();
2392 
2393  /* First check at table level, then examine each column if needed */
2394  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2395  if (aclresult != ACLCHECK_OK)
2396  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2397  ACLMASK_ANY);
2398 
2399  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2400 }
static AclMode convert_column_priv_string(text *priv_type_text)
Definition: acl.c:2900
@ ACLMASK_ANY
Definition: acl.h:177
AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid, AclMode mode, AclMaskHow how)
Definition: aclchk.c:3846
AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
Definition: aclchk.c:3931
#define PG_GETARG_TEXT_PP(n)
Definition: fmgr.h:309
Definition: c.h:671
@ RELOID
Definition: syscache.h:89
#define SearchSysCacheExists1(cacheId, key1)
Definition: syscache.h:188

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), GetUserId(), mode, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_id()

Datum has_any_column_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2435 of file acl.c.

2436 {
2437  Oid roleid = PG_GETARG_OID(0);
2438  Oid tableoid = PG_GETARG_OID(1);
2439  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2440  AclMode mode;
2441  AclResult aclresult;
2442 
2443  mode = convert_column_priv_string(priv_type_text);
2444 
2446  PG_RETURN_NULL();
2447 
2448  /* First check at table level, then examine each column if needed */
2449  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2450  if (aclresult != ACLCHECK_OK)
2451  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2452  ACLMASK_ANY);
2453 
2454  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2455 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), mode, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_any_column_privilege_id_name()

Datum has_any_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2408 of file acl.c.

2409 {
2410  Oid roleid = PG_GETARG_OID(0);
2411  text *tablename = PG_GETARG_TEXT_PP(1);
2412  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2413  Oid tableoid;
2414  AclMode mode;
2415  AclResult aclresult;
2416 
2417  tableoid = convert_table_name(tablename);
2418  mode = convert_column_priv_string(priv_type_text);
2419 
2420  /* First check at table level, then examine each column if needed */
2421  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2422  if (aclresult != ACLCHECK_OK)
2423  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2424  ACLMASK_ANY);
2425 
2426  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2427 }
static Oid convert_table_name(text *tablename)
Definition: acl.c:2017

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name()

Datum has_any_column_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2320 of file acl.c.

2321 {
2322  text *tablename = PG_GETARG_TEXT_PP(0);
2323  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2324  Oid roleid;
2325  Oid tableoid;
2326  AclMode mode;
2327  AclResult aclresult;
2328 
2329  roleid = GetUserId();
2330  tableoid = convert_table_name(tablename);
2331  mode = convert_column_priv_string(priv_type_text);
2332 
2333  /* First check at table level, then examine each column if needed */
2334  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2335  if (aclresult != ACLCHECK_OK)
2336  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2337  ACLMASK_ANY);
2338 
2339  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2340 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), GetUserId(), mode, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_any_column_privilege_name_id()

Datum has_any_column_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2348 of file acl.c.

2349 {
2351  Oid tableoid = PG_GETARG_OID(1);
2352  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2353  Oid roleid;
2354  AclMode mode;
2355  AclResult aclresult;
2356 
2358  mode = convert_column_priv_string(priv_type_text);
2359 
2361  PG_RETURN_NULL();
2362 
2363  /* First check at table level, then examine each column if needed */
2364  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2365  if (aclresult != ACLCHECK_OK)
2366  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2367  ACLMASK_ANY);
2368 
2369  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2370 }
Oid get_role_oid_or_public(const char *rolname)
Definition: acl.c:5273
#define PG_GETARG_NAME(n)
Definition: fmgr.h:278
const char * username
Definition: pgbench.c:306
Definition: c.h:725

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum(), pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_any_column_privilege_name_name()

Datum has_any_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2290 of file acl.c.

2291 {
2292  Name rolename = PG_GETARG_NAME(0);
2293  text *tablename = PG_GETARG_TEXT_PP(1);
2294  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2295  Oid roleid;
2296  Oid tableoid;
2297  AclMode mode;
2298  AclResult aclresult;
2299 
2300  roleid = get_role_oid_or_public(NameStr(*rolename));
2301  tableoid = convert_table_name(tablename);
2302  mode = convert_column_priv_string(priv_type_text);
2303 
2304  /* First check at table level, then examine each column if needed */
2305  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2306  if (aclresult != ACLCHECK_OK)
2307  aclresult = pg_attribute_aclcheck_all(tableoid, roleid, mode,
2308  ACLMASK_ANY);
2309 
2310  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2311 }

References ACLCHECK_OK, ACLMASK_ANY, convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, pg_attribute_aclcheck_all(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_column_privilege_id_attnum()

Datum has_column_privilege_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2814 of file acl.c.

2815 {
2816  Oid tableoid = PG_GETARG_OID(0);
2817  AttrNumber colattnum = PG_GETARG_INT16(1);
2818  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2819  Oid roleid;
2820  AclMode mode;
2821  int privresult;
2822 
2823  roleid = GetUserId();
2824  mode = convert_column_priv_string(priv_type_text);
2825 
2826  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2827  if (privresult < 0)
2828  PG_RETURN_NULL();
2829  PG_RETURN_BOOL(privresult);
2830 }
static int column_privilege_check(Oid tableoid, AttrNumber attnum, Oid roleid, AclMode mode)
Definition: acl.c:2482
#define PG_GETARG_INT16(n)
Definition: fmgr.h:271

References column_privilege_check(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_attnum()

Datum has_column_privilege_id_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2707 of file acl.c.

2708 {
2709  Oid roleid = PG_GETARG_OID(0);
2710  Oid tableoid = PG_GETARG_OID(1);
2711  AttrNumber colattnum = PG_GETARG_INT16(2);
2712  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2713  AclMode mode;
2714  int privresult;
2715 
2716  mode = convert_column_priv_string(priv_type_text);
2717 
2718  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2719  if (privresult < 0)
2720  PG_RETURN_NULL();
2721  PG_RETURN_BOOL(privresult);
2722 }

References column_privilege_check(), convert_column_priv_string(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_id_name()

Datum has_column_privilege_id_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2682 of file acl.c.

2683 {
2684  Oid roleid = PG_GETARG_OID(0);
2685  Oid tableoid = PG_GETARG_OID(1);
2686  text *column = PG_GETARG_TEXT_PP(2);
2687  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2688  AttrNumber colattnum;
2689  AclMode mode;
2690  int privresult;
2691 
2692  colattnum = convert_column_name(tableoid, column);
2693  mode = convert_column_priv_string(priv_type_text);
2694 
2695  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2696  if (privresult < 0)
2697  PG_RETURN_NULL();
2698  PG_RETURN_BOOL(privresult);
2699 }
static AttrNumber convert_column_name(Oid tableoid, text *column)
Definition: acl.c:2842

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name()

Datum has_column_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2787 of file acl.c.

2788 {
2789  Oid tableoid = PG_GETARG_OID(0);
2790  text *column = PG_GETARG_TEXT_PP(1);
2791  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2792  Oid roleid;
2793  AttrNumber colattnum;
2794  AclMode mode;
2795  int privresult;
2796 
2797  roleid = GetUserId();
2798  colattnum = convert_column_name(tableoid, column);
2799  mode = convert_column_priv_string(priv_type_text);
2800 
2801  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2802  if (privresult < 0)
2803  PG_RETURN_NULL();
2804  PG_RETURN_BOOL(privresult);
2805 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), GetUserId(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_attnum()

Datum has_column_privilege_id_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2657 of file acl.c.

2658 {
2659  Oid roleid = PG_GETARG_OID(0);
2660  text *tablename = PG_GETARG_TEXT_PP(1);
2661  AttrNumber colattnum = PG_GETARG_INT16(2);
2662  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2663  Oid tableoid;
2664  AclMode mode;
2665  int privresult;
2666 
2667  tableoid = convert_table_name(tablename);
2668  mode = convert_column_priv_string(priv_type_text);
2669 
2670  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2671  if (privresult < 0)
2672  PG_RETURN_NULL();
2673  PG_RETURN_BOOL(privresult);
2674 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_INT16, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_id_name_name()

Datum has_column_privilege_id_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2630 of file acl.c.

2631 {
2632  Oid roleid = PG_GETARG_OID(0);
2633  text *tablename = PG_GETARG_TEXT_PP(1);
2634  text *column = PG_GETARG_TEXT_PP(2);
2635  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2636  Oid tableoid;
2637  AttrNumber colattnum;
2638  AclMode mode;
2639  int privresult;
2640 
2641  tableoid = convert_table_name(tablename);
2642  colattnum = convert_column_name(tableoid, column);
2643  mode = convert_column_priv_string(priv_type_text);
2644 
2645  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2646  if (privresult < 0)
2647  PG_RETURN_NULL();
2648  PG_RETURN_BOOL(privresult);
2649 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), mode, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_attnum()

Datum has_column_privilege_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2760 of file acl.c.

2761 {
2762  text *tablename = PG_GETARG_TEXT_PP(0);
2763  AttrNumber colattnum = PG_GETARG_INT16(1);
2764  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2765  Oid roleid;
2766  Oid tableoid;
2767  AclMode mode;
2768  int privresult;
2769 
2770  roleid = GetUserId();
2771  tableoid = convert_table_name(tablename);
2772  mode = convert_column_priv_string(priv_type_text);
2773 
2774  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2775  if (privresult < 0)
2776  PG_RETURN_NULL();
2777  PG_RETURN_BOOL(privresult);
2778 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_INT16, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_id_attnum()

Datum has_column_privilege_name_id_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2605 of file acl.c.

2606 {
2608  Oid tableoid = PG_GETARG_OID(1);
2609  AttrNumber colattnum = PG_GETARG_INT16(2);
2610  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2611  Oid roleid;
2612  AclMode mode;
2613  int privresult;
2614 
2616  mode = convert_column_priv_string(priv_type_text);
2617 
2618  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2619  if (privresult < 0)
2620  PG_RETURN_NULL();
2621  PG_RETURN_BOOL(privresult);
2622 }

References column_privilege_check(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_id_name()

Datum has_column_privilege_name_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2578 of file acl.c.

2579 {
2581  Oid tableoid = PG_GETARG_OID(1);
2582  text *column = PG_GETARG_TEXT_PP(2);
2583  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2584  Oid roleid;
2585  AttrNumber colattnum;
2586  AclMode mode;
2587  int privresult;
2588 
2590  colattnum = convert_column_name(tableoid, column);
2591  mode = convert_column_priv_string(priv_type_text);
2592 
2593  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2594  if (privresult < 0)
2595  PG_RETURN_NULL();
2596  PG_RETURN_BOOL(privresult);
2597 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_column_privilege_name_name()

Datum has_column_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2731 of file acl.c.

2732 {
2733  text *tablename = PG_GETARG_TEXT_PP(0);
2734  text *column = PG_GETARG_TEXT_PP(1);
2735  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2736  Oid roleid;
2737  Oid tableoid;
2738  AttrNumber colattnum;
2739  AclMode mode;
2740  int privresult;
2741 
2742  roleid = GetUserId();
2743  tableoid = convert_table_name(tablename);
2744  colattnum = convert_column_name(tableoid, column);
2745  mode = convert_column_priv_string(priv_type_text);
2746 
2747  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2748  if (privresult < 0)
2749  PG_RETURN_NULL();
2750  PG_RETURN_BOOL(privresult);
2751 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), GetUserId(), mode, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_attnum()

Datum has_column_privilege_name_name_attnum ( PG_FUNCTION_ARGS  )

Definition at line 2551 of file acl.c.

2552 {
2553  Name rolename = PG_GETARG_NAME(0);
2554  text *tablename = PG_GETARG_TEXT_PP(1);
2555  AttrNumber colattnum = PG_GETARG_INT16(2);
2556  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2557  Oid roleid;
2558  Oid tableoid;
2559  AclMode mode;
2560  int privresult;
2561 
2562  roleid = get_role_oid_or_public(NameStr(*rolename));
2563  tableoid = convert_table_name(tablename);
2564  mode = convert_column_priv_string(priv_type_text);
2565 
2566  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2567  if (privresult < 0)
2568  PG_RETURN_NULL();
2569  PG_RETURN_BOOL(privresult);
2570 }

References column_privilege_check(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_INT16, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_column_privilege_name_name_name()

Datum has_column_privilege_name_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2522 of file acl.c.

2523 {
2524  Name rolename = PG_GETARG_NAME(0);
2525  text *tablename = PG_GETARG_TEXT_PP(1);
2526  text *column = PG_GETARG_TEXT_PP(2);
2527  text *priv_type_text = PG_GETARG_TEXT_PP(3);
2528  Oid roleid;
2529  Oid tableoid;
2530  AttrNumber colattnum;
2531  AclMode mode;
2532  int privresult;
2533 
2534  roleid = get_role_oid_or_public(NameStr(*rolename));
2535  tableoid = convert_table_name(tablename);
2536  colattnum = convert_column_name(tableoid, column);
2537  mode = convert_column_priv_string(priv_type_text);
2538 
2539  privresult = column_privilege_check(tableoid, colattnum, roleid, mode);
2540  if (privresult < 0)
2541  PG_RETURN_NULL();
2542  PG_RETURN_BOOL(privresult);
2543 }

References column_privilege_check(), convert_column_name(), convert_column_priv_string(), convert_table_name(), get_role_oid_or_public(), mode, NameStr, PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_database_privilege_id()

Datum has_database_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3011 of file acl.c.

3012 {
3013  Oid databaseoid = PG_GETARG_OID(0);
3014  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3015  Oid roleid;
3016  AclMode mode;
3017  AclResult aclresult;
3018 
3019  roleid = GetUserId();
3020  mode = convert_database_priv_string(priv_type_text);
3021 
3023  PG_RETURN_NULL();
3024 
3025  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3026 
3027  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3028 }
static AclMode convert_database_priv_string(text *priv_type_text)
Definition: acl.c:3097
AclResult object_aclcheck(Oid classid, Oid objectid, Oid roleid, AclMode mode)
Definition: aclchk.c:3783
@ DATABASEOID
Definition: syscache.h:55

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_id()

Datum has_database_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3059 of file acl.c.

3060 {
3061  Oid roleid = PG_GETARG_OID(0);
3062  Oid databaseoid = PG_GETARG_OID(1);
3063  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3064  AclMode mode;
3065  AclResult aclresult;
3066 
3067  mode = convert_database_priv_string(priv_type_text);
3068 
3070  PG_RETURN_NULL();
3071 
3072  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3073 
3074  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3075 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_database_privilege_id_name()

Datum has_database_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3036 of file acl.c.

3037 {
3038  Oid roleid = PG_GETARG_OID(0);
3039  text *databasename = PG_GETARG_TEXT_PP(1);
3040  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3041  Oid databaseoid;
3042  AclMode mode;
3043  AclResult aclresult;
3044 
3045  databaseoid = convert_database_name(databasename);
3046  mode = convert_database_priv_string(priv_type_text);
3047 
3048  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3049 
3050  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3051 }
static Oid convert_database_name(text *databasename)
Definition: acl.c:3085

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name()

Datum has_database_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2960 of file acl.c.

2961 {
2962  text *databasename = PG_GETARG_TEXT_PP(0);
2963  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2964  Oid roleid;
2965  Oid databaseoid;
2966  AclMode mode;
2967  AclResult aclresult;
2968 
2969  roleid = GetUserId();
2970  databaseoid = convert_database_name(databasename);
2971  mode = convert_database_priv_string(priv_type_text);
2972 
2973  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2974 
2975  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2976 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_database_privilege_name_id()

Datum has_database_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2984 of file acl.c.

2985 {
2987  Oid databaseoid = PG_GETARG_OID(1);
2988  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2989  Oid roleid;
2990  AclMode mode;
2991  AclResult aclresult;
2992 
2994  mode = convert_database_priv_string(priv_type_text);
2995 
2997  PG_RETURN_NULL();
2998 
2999  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
3000 
3001  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3002 }

References ACLCHECK_OK, convert_database_priv_string(), DATABASEOID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_database_privilege_name_name()

Datum has_database_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2934 of file acl.c.

2935 {
2937  text *databasename = PG_GETARG_TEXT_PP(1);
2938  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2939  Oid roleid;
2940  Oid databaseoid;
2941  AclMode mode;
2942  AclResult aclresult;
2943 
2945  databaseoid = convert_database_name(databasename);
2946  mode = convert_database_priv_string(priv_type_text);
2947 
2948  aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode);
2949 
2950  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2951 }

References ACLCHECK_OK, convert_database_name(), convert_database_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_foreign_data_wrapper_privilege_id()

Datum has_foreign_data_wrapper_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3208 of file acl.c.

3209 {
3210  Oid fdwid = PG_GETARG_OID(0);
3211  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3212  Oid roleid;
3213  AclMode mode;
3214  AclResult aclresult;
3215 
3216  roleid = GetUserId();
3218 
3220  PG_RETURN_NULL();
3221 
3222  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3223 
3224  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3225 }
static AclMode convert_foreign_data_wrapper_priv_string(text *priv_type_text)
Definition: acl.c:3294
@ FOREIGNDATAWRAPPEROID
Definition: syscache.h:62

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_id()

Datum has_foreign_data_wrapper_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3256 of file acl.c.

3257 {
3258  Oid roleid = PG_GETARG_OID(0);
3259  Oid fdwid = PG_GETARG_OID(1);
3260  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3261  AclMode mode;
3262  AclResult aclresult;
3263 
3265 
3267  PG_RETURN_NULL();
3268 
3269  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3270 
3271  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3272 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_foreign_data_wrapper_privilege_id_name()

Datum has_foreign_data_wrapper_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3233 of file acl.c.

3234 {
3235  Oid roleid = PG_GETARG_OID(0);
3236  text *fdwname = PG_GETARG_TEXT_PP(1);
3237  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3238  Oid fdwid;
3239  AclMode mode;
3240  AclResult aclresult;
3241 
3242  fdwid = convert_foreign_data_wrapper_name(fdwname);
3244 
3245  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3246 
3247  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3248 }
static Oid convert_foreign_data_wrapper_name(text *fdwname)
Definition: acl.c:3282

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name()

Datum has_foreign_data_wrapper_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3157 of file acl.c.

3158 {
3159  text *fdwname = PG_GETARG_TEXT_PP(0);
3160  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3161  Oid roleid;
3162  Oid fdwid;
3163  AclMode mode;
3164  AclResult aclresult;
3165 
3166  roleid = GetUserId();
3167  fdwid = convert_foreign_data_wrapper_name(fdwname);
3169 
3170  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3171 
3172  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3173 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_foreign_data_wrapper_privilege_name_id()

Datum has_foreign_data_wrapper_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3181 of file acl.c.

3182 {
3184  Oid fdwid = PG_GETARG_OID(1);
3185  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3186  Oid roleid;
3187  AclMode mode;
3188  AclResult aclresult;
3189 
3192 
3194  PG_RETURN_NULL();
3195 
3196  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3197 
3198  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3199 }

References ACLCHECK_OK, convert_foreign_data_wrapper_priv_string(), FOREIGNDATAWRAPPEROID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_foreign_data_wrapper_privilege_name_name()

Datum has_foreign_data_wrapper_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3131 of file acl.c.

3132 {
3134  text *fdwname = PG_GETARG_TEXT_PP(1);
3135  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3136  Oid roleid;
3137  Oid fdwid;
3138  AclMode mode;
3139  AclResult aclresult;
3140 
3142  fdwid = convert_foreign_data_wrapper_name(fdwname);
3144 
3145  aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode);
3146 
3147  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3148 }

References ACLCHECK_OK, convert_foreign_data_wrapper_name(), convert_foreign_data_wrapper_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_function_privilege_id()

Datum has_function_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3399 of file acl.c.

3400 {
3401  Oid functionoid = PG_GETARG_OID(0);
3402  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3403  Oid roleid;
3404  AclMode mode;
3405  AclResult aclresult;
3406 
3407  roleid = GetUserId();
3408  mode = convert_function_priv_string(priv_type_text);
3409 
3410  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3411  PG_RETURN_NULL();
3412 
3413  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3414 
3415  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3416 }
static AclMode convert_function_priv_string(text *priv_type_text)
Definition: acl.c:3494
@ PROCOID
Definition: syscache.h:79

References ACLCHECK_OK, convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_id()

Datum has_function_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3447 of file acl.c.

3448 {
3449  Oid roleid = PG_GETARG_OID(0);
3450  Oid functionoid = PG_GETARG_OID(1);
3451  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3452  AclMode mode;
3453  AclResult aclresult;
3454 
3455  mode = convert_function_priv_string(priv_type_text);
3456 
3457  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3458  PG_RETURN_NULL();
3459 
3460  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3461 
3462  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3463 }

References ACLCHECK_OK, convert_function_priv_string(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, and SearchSysCacheExists1.

◆ has_function_privilege_id_name()

Datum has_function_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3424 of file acl.c.

3425 {
3426  Oid roleid = PG_GETARG_OID(0);
3427  text *functionname = PG_GETARG_TEXT_PP(1);
3428  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3429  Oid functionoid;
3430  AclMode mode;
3431  AclResult aclresult;
3432 
3433  functionoid = convert_function_name(functionname);
3434  mode = convert_function_priv_string(priv_type_text);
3435 
3436  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3437 
3438  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3439 }
static Oid convert_function_name(text *functionname)
Definition: acl.c:3473

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name()

Datum has_function_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3348 of file acl.c.

3349 {
3350  text *functionname = PG_GETARG_TEXT_PP(0);
3351  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3352  Oid roleid;
3353  Oid functionoid;
3354  AclMode mode;
3355  AclResult aclresult;
3356 
3357  roleid = GetUserId();
3358  functionoid = convert_function_name(functionname);
3359  mode = convert_function_priv_string(priv_type_text);
3360 
3361  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3362 
3363  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3364 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_function_privilege_name_id()

Datum has_function_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3372 of file acl.c.

3373 {
3375  Oid functionoid = PG_GETARG_OID(1);
3376  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3377  Oid roleid;
3378  AclMode mode;
3379  AclResult aclresult;
3380 
3382  mode = convert_function_priv_string(priv_type_text);
3383 
3384  if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid)))
3385  PG_RETURN_NULL();
3386 
3387  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3388 
3389  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3390 }

References ACLCHECK_OK, convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, PROCOID, SearchSysCacheExists1, and username.

◆ has_function_privilege_name_name()

Datum has_function_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3322 of file acl.c.

3323 {
3325  text *functionname = PG_GETARG_TEXT_PP(1);
3326  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3327  Oid roleid;
3328  Oid functionoid;
3329  AclMode mode;
3330  AclResult aclresult;
3331 
3333  functionoid = convert_function_name(functionname);
3334  mode = convert_function_priv_string(priv_type_text);
3335 
3336  aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode);
3337 
3338  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3339 }

References ACLCHECK_OK, convert_function_name(), convert_function_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_language_privilege_id()

Datum has_language_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3599 of file acl.c.

3600 {
3601  Oid languageoid = PG_GETARG_OID(0);
3602  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3603  Oid roleid;
3604  AclMode mode;
3605  AclResult aclresult;
3606 
3607  roleid = GetUserId();
3608  mode = convert_language_priv_string(priv_type_text);
3609 
3610  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3611  PG_RETURN_NULL();
3612 
3613  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3614 
3615  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3616 }
static AclMode convert_language_priv_string(text *priv_type_text)
Definition: acl.c:3685
@ LANGOID
Definition: syscache.h:68

References ACLCHECK_OK, convert_language_priv_string(), GetUserId(), LANGOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_id()

Datum has_language_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3647 of file acl.c.

3648 {
3649  Oid roleid = PG_GETARG_OID(0);
3650  Oid languageoid = PG_GETARG_OID(1);
3651  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3652  AclMode mode;
3653  AclResult aclresult;
3654 
3655  mode = convert_language_priv_string(priv_type_text);
3656 
3657  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3658  PG_RETURN_NULL();
3659 
3660  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3661 
3662  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3663 }

References ACLCHECK_OK, convert_language_priv_string(), LANGOID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_language_privilege_id_name()

Datum has_language_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3624 of file acl.c.

3625 {
3626  Oid roleid = PG_GETARG_OID(0);
3627  text *languagename = PG_GETARG_TEXT_PP(1);
3628  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3629  Oid languageoid;
3630  AclMode mode;
3631  AclResult aclresult;
3632 
3633  languageoid = convert_language_name(languagename);
3634  mode = convert_language_priv_string(priv_type_text);
3635 
3636  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3637 
3638  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3639 }
static Oid convert_language_name(text *languagename)
Definition: acl.c:3673

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name()

Datum has_language_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3548 of file acl.c.

3549 {
3550  text *languagename = PG_GETARG_TEXT_PP(0);
3551  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3552  Oid roleid;
3553  Oid languageoid;
3554  AclMode mode;
3555  AclResult aclresult;
3556 
3557  roleid = GetUserId();
3558  languageoid = convert_language_name(languagename);
3559  mode = convert_language_priv_string(priv_type_text);
3560 
3561  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3562 
3563  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3564 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_language_privilege_name_id()

Datum has_language_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3572 of file acl.c.

3573 {
3575  Oid languageoid = PG_GETARG_OID(1);
3576  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3577  Oid roleid;
3578  AclMode mode;
3579  AclResult aclresult;
3580 
3582  mode = convert_language_priv_string(priv_type_text);
3583 
3584  if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid)))
3585  PG_RETURN_NULL();
3586 
3587  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3588 
3589  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3590 }

References ACLCHECK_OK, convert_language_priv_string(), get_role_oid_or_public(), LANGOID, mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_language_privilege_name_name()

Datum has_language_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3522 of file acl.c.

3523 {
3525  text *languagename = PG_GETARG_TEXT_PP(1);
3526  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3527  Oid roleid;
3528  Oid languageoid;
3529  AclMode mode;
3530  AclResult aclresult;
3531 
3533  languageoid = convert_language_name(languagename);
3534  mode = convert_language_priv_string(priv_type_text);
3535 
3536  aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode);
3537 
3538  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3539 }

References ACLCHECK_OK, convert_language_name(), convert_language_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_param_priv_byname()

static bool has_param_priv_byname ( Oid  roleid,
const text parameter,
AclMode  priv 
)
static

Definition at line 4487 of file acl.c.

4488 {
4489  char *paramstr = text_to_cstring(parameter);
4490 
4491  return pg_parameter_aclcheck(paramstr, roleid, priv) == ACLCHECK_OK;
4492 }
AclResult pg_parameter_aclcheck(const char *name, Oid roleid, AclMode mode)
Definition: aclchk.c:3958

References ACLCHECK_OK, pg_parameter_aclcheck(), and text_to_cstring().

Referenced by has_parameter_privilege_id_name(), has_parameter_privilege_name(), and has_parameter_privilege_name_name().

◆ has_parameter_privilege_id_name()

Datum has_parameter_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4530 of file acl.c.

4531 {
4532  Oid roleid = PG_GETARG_OID(0);
4533  text *parameter = PG_GETARG_TEXT_PP(1);
4535 
4536  PG_RETURN_BOOL(has_param_priv_byname(roleid, parameter, priv));
4537 }
static bool has_param_priv_byname(Oid roleid, const text *parameter, AclMode priv)
Definition: acl.c:4487
static AclMode convert_parameter_priv_string(text *priv_text)
Definition: acl.c:4548

References convert_parameter_priv_string(), has_param_priv_byname(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name()

Datum has_parameter_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4516 of file acl.c.

4517 {
4518  text *parameter = PG_GETARG_TEXT_PP(0);
4520 
4521  PG_RETURN_BOOL(has_param_priv_byname(GetUserId(), parameter, priv));
4522 }

References convert_parameter_priv_string(), GetUserId(), has_param_priv_byname(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_parameter_privilege_name_name()

Datum has_parameter_privilege_name_name ( PG_FUNCTION_ARGS  )

◆ has_privs_of_role()

bool has_privs_of_role ( Oid  member,
Oid  role 
)

Definition at line 4969 of file acl.c.

4970 {
4971  /* Fast path for simple case */
4972  if (member == role)
4973  return true;
4974 
4975  /* Superusers have every privilege, so are part of every role */
4976  if (superuser_arg(member))
4977  return true;
4978 
4979  /*
4980  * Find all the roles that member has the privileges of, including
4981  * multi-level recursion, then see if target role is any one of them.
4982  */
4984  InvalidOid, NULL),
4985  role);
4986 }
static List * roles_is_member_of(Oid roleid, enum RoleRecurseType type, Oid admin_of, Oid *admin_role)
Definition: acl.c:4844
bool list_member_oid(const List *list, Oid datum)
Definition: list.c:721
bool superuser_arg(Oid roleid)
Definition: superuser.c:56

References InvalidOid, list_member_oid(), ROLERECURSE_PRIVS, roles_is_member_of(), and superuser_arg().

Referenced by aclmask(), AlterObjectNamespace_internal(), AlterObjectOwner_internal(), AlterObjectRename_internal(), bbsink_server_new(), calculate_database_size(), calculate_tablespace_size(), check_role_for_policy(), check_role_grantor(), ConfigOptionIsVisible(), convert_and_check_filename(), DoCopy(), DropOwnedObjects(), ExecAlterDefaultPrivilegesStmt(), file_fdw_validator(), GetConfigOptionValues(), InitPostgres(), object_ownercheck(), pg_class_aclmask_ext(), pg_namespace_aclmask(), pg_role_aclcheck(), pg_signal_backend(), pg_stat_get_wal_receiver(), pg_stat_get_wal_senders(), pg_stat_statements_internal(), pgrowlocks(), ReassignOwnedObjects(), ReindexMultipleTables(), shell_check_detail(), standard_ProcessUtility(), and TerminateOtherDBBackends().

◆ has_schema_privilege_id()

Datum has_schema_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3790 of file acl.c.

3791 {
3792  Oid schemaoid = PG_GETARG_OID(0);
3793  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3794  Oid roleid;
3795  AclMode mode;
3796  AclResult aclresult;
3797 
3798  roleid = GetUserId();
3799  mode = convert_schema_priv_string(priv_type_text);
3800 
3802  PG_RETURN_NULL();
3803 
3804  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3805 
3806  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3807 }
static AclMode convert_schema_priv_string(text *priv_type_text)
Definition: acl.c:3876
@ NAMESPACEOID
Definition: syscache.h:70

References ACLCHECK_OK, convert_schema_priv_string(), GetUserId(), mode, NAMESPACEOID, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_id()

Datum has_schema_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 3838 of file acl.c.

3839 {
3840  Oid roleid = PG_GETARG_OID(0);
3841  Oid schemaoid = PG_GETARG_OID(1);
3842  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3843  AclMode mode;
3844  AclResult aclresult;
3845 
3846  mode = convert_schema_priv_string(priv_type_text);
3847 
3849  PG_RETURN_NULL();
3850 
3851  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3852 
3853  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3854 }

References ACLCHECK_OK, convert_schema_priv_string(), mode, NAMESPACEOID, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_schema_privilege_id_name()

Datum has_schema_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 3815 of file acl.c.

3816 {
3817  Oid roleid = PG_GETARG_OID(0);
3818  text *schemaname = PG_GETARG_TEXT_PP(1);
3819  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3820  Oid schemaoid;
3821  AclMode mode;
3822  AclResult aclresult;
3823 
3824  schemaoid = convert_schema_name(schemaname);
3825  mode = convert_schema_priv_string(priv_type_text);
3826 
3827  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3828 
3829  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3830 }
static Oid convert_schema_name(text *schemaname)
Definition: acl.c:3864

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name()

Datum has_schema_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3739 of file acl.c.

3740 {
3741  text *schemaname = PG_GETARG_TEXT_PP(0);
3742  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3743  Oid roleid;
3744  Oid schemaoid;
3745  AclMode mode;
3746  AclResult aclresult;
3747 
3748  roleid = GetUserId();
3749  schemaoid = convert_schema_name(schemaname);
3750  mode = convert_schema_priv_string(priv_type_text);
3751 
3752  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3753 
3754  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3755 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_schema_privilege_name_id()

Datum has_schema_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3763 of file acl.c.

3764 {
3766  Oid schemaoid = PG_GETARG_OID(1);
3767  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3768  Oid roleid;
3769  AclMode mode;
3770  AclResult aclresult;
3771 
3773  mode = convert_schema_priv_string(priv_type_text);
3774 
3776  PG_RETURN_NULL();
3777 
3778  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3779 
3780  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3781 }

References ACLCHECK_OK, convert_schema_priv_string(), get_role_oid_or_public(), mode, NAMESPACEOID, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_schema_privilege_name_name()

Datum has_schema_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3713 of file acl.c.

3714 {
3716  text *schemaname = PG_GETARG_TEXT_PP(1);
3717  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3718  Oid roleid;
3719  Oid schemaoid;
3720  AclMode mode;
3721  AclResult aclresult;
3722 
3724  schemaoid = convert_schema_name(schemaname);
3725  mode = convert_schema_priv_string(priv_type_text);
3726 
3727  aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode);
3728 
3729  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3730 }

References ACLCHECK_OK, convert_schema_name(), convert_schema_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_sequence_privilege_id()

Datum has_sequence_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 2169 of file acl.c.

2170 {
2171  Oid sequenceoid = PG_GETARG_OID(0);
2172  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2173  Oid roleid;
2174  AclMode mode;
2175  AclResult aclresult;
2176  char relkind;
2177 
2178  roleid = GetUserId();
2179  mode = convert_sequence_priv_string(priv_type_text);
2180  relkind = get_rel_relkind(sequenceoid);
2181  if (relkind == '\0')
2182  PG_RETURN_NULL();
2183  else if (relkind != RELKIND_SEQUENCE)
2184  ereport(ERROR,
2185  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2186  errmsg("\"%s\" is not a sequence",
2187  get_rel_name(sequenceoid))));
2188 
2189  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2190 
2191  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2192 }
static AclMode convert_sequence_priv_string(text *priv_type_text)
Definition: acl.c:2257
char get_rel_relkind(Oid relid)
Definition: lsyscache.c:1985

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_id()

Datum has_sequence_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 2228 of file acl.c.

2229 {
2230  Oid roleid = PG_GETARG_OID(0);
2231  Oid sequenceoid = PG_GETARG_OID(1);
2232  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2233  AclMode mode;
2234  AclResult aclresult;
2235  char relkind;
2236 
2237  mode = convert_sequence_priv_string(priv_type_text);
2238  relkind = get_rel_relkind(sequenceoid);
2239  if (relkind == '\0')
2240  PG_RETURN_NULL();
2241  else if (relkind != RELKIND_SEQUENCE)
2242  ereport(ERROR,
2243  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2244  errmsg("\"%s\" is not a sequence",
2245  get_rel_name(sequenceoid))));
2246 
2247  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2248 
2249  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2250 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and PG_RETURN_NULL.

◆ has_sequence_privilege_id_name()

Datum has_sequence_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 2200 of file acl.c.

2201 {
2202  Oid roleid = PG_GETARG_OID(0);
2203  text *sequencename = PG_GETARG_TEXT_PP(1);
2204  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2205  Oid sequenceoid;
2206  AclMode mode;
2207  AclResult aclresult;
2208 
2209  mode = convert_sequence_priv_string(priv_type_text);
2210  sequenceoid = convert_table_name(sequencename);
2211  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2212  ereport(ERROR,
2213  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2214  errmsg("\"%s\" is not a sequence",
2215  text_to_cstring(sequencename))));
2216 
2217  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2218 
2219  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2220 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name()

Datum has_sequence_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 2107 of file acl.c.

2108 {
2109  text *sequencename = PG_GETARG_TEXT_PP(0);
2110  text *priv_type_text = PG_GETARG_TEXT_PP(1);
2111  Oid roleid;
2112  Oid sequenceoid;
2113  AclMode mode;
2114  AclResult aclresult;
2115 
2116  roleid = GetUserId();
2117  mode = convert_sequence_priv_string(priv_type_text);
2118  sequenceoid = convert_table_name(sequencename);
2119  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2120  ereport(ERROR,
2121  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2122  errmsg("\"%s\" is not a sequence",
2123  text_to_cstring(sequencename))));
2124 
2125  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2126 
2127  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2128 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_sequence_privilege_name_id()

Datum has_sequence_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 2136 of file acl.c.

2137 {
2139  Oid sequenceoid = PG_GETARG_OID(1);
2140  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2141  Oid roleid;
2142  AclMode mode;
2143  AclResult aclresult;
2144  char relkind;
2145 
2147  mode = convert_sequence_priv_string(priv_type_text);
2148  relkind = get_rel_relkind(sequenceoid);
2149  if (relkind == '\0')
2150  PG_RETURN_NULL();
2151  else if (relkind != RELKIND_SEQUENCE)
2152  ereport(ERROR,
2153  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2154  errmsg("\"%s\" is not a sequence",
2155  get_rel_name(sequenceoid))));
2156 
2157  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2158 
2159  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2160 }

References ACLCHECK_OK, convert_sequence_priv_string(), ereport, errcode(), errmsg(), ERROR, get_rel_name(), get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and username.

◆ has_sequence_privilege_name_name()

Datum has_sequence_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 2076 of file acl.c.

2077 {
2078  Name rolename = PG_GETARG_NAME(0);
2079  text *sequencename = PG_GETARG_TEXT_PP(1);
2080  text *priv_type_text = PG_GETARG_TEXT_PP(2);
2081  Oid roleid;
2082  Oid sequenceoid;
2083  AclMode mode;
2084  AclResult aclresult;
2085 
2086  roleid = get_role_oid_or_public(NameStr(*rolename));
2087  mode = convert_sequence_priv_string(priv_type_text);
2088  sequenceoid = convert_table_name(sequencename);
2089  if (get_rel_relkind(sequenceoid) != RELKIND_SEQUENCE)
2090  ereport(ERROR,
2091  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
2092  errmsg("\"%s\" is not a sequence",
2093  text_to_cstring(sequencename))));
2094 
2095  aclresult = pg_class_aclcheck(sequenceoid, roleid, mode);
2096 
2097  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2098 }

References ACLCHECK_OK, convert_sequence_priv_string(), convert_table_name(), ereport, errcode(), errmsg(), ERROR, get_rel_relkind(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and text_to_cstring().

◆ has_server_privilege_id()

Datum has_server_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 3983 of file acl.c.

3984 {
3985  Oid serverid = PG_GETARG_OID(0);
3986  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3987  Oid roleid;
3988  AclMode mode;
3989  AclResult aclresult;
3990 
3991  roleid = GetUserId();
3992  mode = convert_server_priv_string(priv_type_text);
3993 
3995  PG_RETURN_NULL();
3996 
3997  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3998 
3999  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4000 }
static AclMode convert_server_priv_string(text *priv_type_text)
Definition: acl.c:4069
@ FOREIGNSERVEROID
Definition: syscache.h:64

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_id()

Datum has_server_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4031 of file acl.c.

4032 {
4033  Oid roleid = PG_GETARG_OID(0);
4034  Oid serverid = PG_GETARG_OID(1);
4035  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4036  AclMode mode;
4037  AclResult aclresult;
4038 
4039  mode = convert_server_priv_string(priv_type_text);
4040 
4042  PG_RETURN_NULL();
4043 
4044  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4045 
4046  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4047 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, and SearchSysCacheExists1.

◆ has_server_privilege_id_name()

Datum has_server_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4008 of file acl.c.

4009 {
4010  Oid roleid = PG_GETARG_OID(0);
4011  text *servername = PG_GETARG_TEXT_PP(1);
4012  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4013  Oid serverid;
4014  AclMode mode;
4015  AclResult aclresult;
4016 
4017  serverid = convert_server_name(servername);
4018  mode = convert_server_priv_string(priv_type_text);
4019 
4020  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
4021 
4022  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4023 }
static Oid convert_server_name(text *servername)
Definition: acl.c:4057

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name()

Datum has_server_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 3932 of file acl.c.

3933 {
3934  text *servername = PG_GETARG_TEXT_PP(0);
3935  text *priv_type_text = PG_GETARG_TEXT_PP(1);
3936  Oid roleid;
3937  Oid serverid;
3938  AclMode mode;
3939  AclResult aclresult;
3940 
3941  roleid = GetUserId();
3942  serverid = convert_server_name(servername);
3943  mode = convert_server_priv_string(priv_type_text);
3944 
3945  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3946 
3947  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3948 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), GetUserId(), mode, object_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_server_privilege_name_id()

Datum has_server_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 3956 of file acl.c.

3957 {
3959  Oid serverid = PG_GETARG_OID(1);
3960  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3961  Oid roleid;
3962  AclMode mode;
3963  AclResult aclresult;
3964 
3966  mode = convert_server_priv_string(priv_type_text);
3967 
3969  PG_RETURN_NULL();
3970 
3971  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3972 
3973  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3974 }

References ACLCHECK_OK, convert_server_priv_string(), FOREIGNSERVEROID, get_role_oid_or_public(), mode, NameStr, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and username.

◆ has_server_privilege_name_name()

Datum has_server_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 3906 of file acl.c.

3907 {
3909  text *servername = PG_GETARG_TEXT_PP(1);
3910  text *priv_type_text = PG_GETARG_TEXT_PP(2);
3911  Oid roleid;
3912  Oid serverid;
3913  AclMode mode;
3914  AclResult aclresult;
3915 
3917  serverid = convert_server_name(servername);
3918  mode = convert_server_priv_string(priv_type_text);
3919 
3920  aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode);
3921 
3922  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
3923 }

References ACLCHECK_OK, convert_server_name(), convert_server_priv_string(), get_role_oid_or_public(), mode, NameStr, object_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, and username.

◆ has_table_privilege_id()

Datum has_table_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 1943 of file acl.c.

1944 {
1945  Oid tableoid = PG_GETARG_OID(0);
1946  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1947  Oid roleid;
1948  AclMode mode;
1949  AclResult aclresult;
1950 
1951  roleid = GetUserId();
1952  mode = convert_table_priv_string(priv_type_text);
1953 
1955  PG_RETURN_NULL();
1956 
1957  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1958 
1959  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1960 }
static AclMode convert_table_priv_string(text *priv_type_text)
Definition: acl.c:2032

References ACLCHECK_OK, convert_table_priv_string(), GetUserId(), mode, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_id()

Datum has_table_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 1991 of file acl.c.

1992 {
1993  Oid roleid = PG_GETARG_OID(0);
1994  Oid tableoid = PG_GETARG_OID(1);
1995  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1996  AclMode mode;
1997  AclResult aclresult;
1998 
1999  mode = convert_table_priv_string(priv_type_text);
2000 
2002  PG_RETURN_NULL();
2003 
2004  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
2005 
2006  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
2007 }

References ACLCHECK_OK, convert_table_priv_string(), mode, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, and SearchSysCacheExists1.

◆ has_table_privilege_id_name()

Datum has_table_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 1968 of file acl.c.

1969 {
1970  Oid roleid = PG_GETARG_OID(0);
1971  text *tablename = PG_GETARG_TEXT_PP(1);
1972  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1973  Oid tableoid;
1974  AclMode mode;
1975  AclResult aclresult;
1976 
1977  tableoid = convert_table_name(tablename);
1978  mode = convert_table_priv_string(priv_type_text);
1979 
1980  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1981 
1982  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1983 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), mode, pg_class_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name()

Datum has_table_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 1892 of file acl.c.

1893 {
1894  text *tablename = PG_GETARG_TEXT_PP(0);
1895  text *priv_type_text = PG_GETARG_TEXT_PP(1);
1896  Oid roleid;
1897  Oid tableoid;
1898  AclMode mode;
1899  AclResult aclresult;
1900 
1901  roleid = GetUserId();
1902  tableoid = convert_table_name(tablename);
1903  mode = convert_table_priv_string(priv_type_text);
1904 
1905  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1906 
1907  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1908 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), GetUserId(), mode, pg_class_aclcheck(), PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_table_privilege_name_id()

Datum has_table_privilege_name_id ( PG_FUNCTION_ARGS  )

Definition at line 1916 of file acl.c.

1917 {
1919  Oid tableoid = PG_GETARG_OID(1);
1920  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1921  Oid roleid;
1922  AclMode mode;
1923  AclResult aclresult;
1924 
1926  mode = convert_table_priv_string(priv_type_text);
1927 
1929  PG_RETURN_NULL();
1930 
1931  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1932 
1933  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1934 }

References ACLCHECK_OK, convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, ObjectIdGetDatum(), pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, RELOID, SearchSysCacheExists1, and username.

◆ has_table_privilege_name_name()

Datum has_table_privilege_name_name ( PG_FUNCTION_ARGS  )

Definition at line 1866 of file acl.c.

1867 {
1868  Name rolename = PG_GETARG_NAME(0);
1869  text *tablename = PG_GETARG_TEXT_PP(1);
1870  text *priv_type_text = PG_GETARG_TEXT_PP(2);
1871  Oid roleid;
1872  Oid tableoid;
1873  AclMode mode;
1874  AclResult aclresult;
1875 
1876  roleid = get_role_oid_or_public(NameStr(*rolename));
1877  tableoid = convert_table_name(tablename);
1878  mode = convert_table_priv_string(priv_type_text);
1879 
1880  aclresult = pg_class_aclcheck(tableoid, roleid, mode);
1881 
1882  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
1883 }

References ACLCHECK_OK, convert_table_name(), convert_table_priv_string(), get_role_oid_or_public(), mode, NameStr, pg_class_aclcheck(), PG_GETARG_NAME, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_id()

Datum has_tablespace_privilege_id ( PG_FUNCTION_ARGS  )

Definition at line 4174 of file acl.c.

4175 {
4176  Oid tablespaceoid = PG_GETARG_OID(0);
4177  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4178  Oid roleid;
4179  AclMode mode;
4180  AclResult aclresult;
4181 
4182  roleid = GetUserId();
4183  mode = convert_tablespace_priv_string(priv_type_text);
4184 
4186  PG_RETURN_NULL();
4187 
4188  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4189 
4190  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4191 }
static AclMode convert_tablespace_priv_string(text *priv_type_text)
Definition: acl.c:4260
@ TABLESPACEOID
Definition: syscache.h:101

References ACLCHECK_OK, convert_tablespace_priv_string(), GetUserId(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and TABLESPACEOID.

◆ has_tablespace_privilege_id_id()

Datum has_tablespace_privilege_id_id ( PG_FUNCTION_ARGS  )

Definition at line 4222 of file acl.c.

4223 {
4224  Oid roleid = PG_GETARG_OID(0);
4225  Oid tablespaceoid = PG_GETARG_OID(1);
4226  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4227  AclMode mode;
4228  AclResult aclresult;
4229 
4230  mode = convert_tablespace_priv_string(priv_type_text);
4231 
4233  PG_RETURN_NULL();
4234 
4235  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4236 
4237  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4238 }

References ACLCHECK_OK, convert_tablespace_priv_string(), mode, object_aclcheck(), ObjectIdGetDatum(), PG_GETARG_OID, PG_GETARG_TEXT_PP, PG_RETURN_BOOL, PG_RETURN_NULL, SearchSysCacheExists1, and TABLESPACEOID.

◆ has_tablespace_privilege_id_name()

Datum has_tablespace_privilege_id_name ( PG_FUNCTION_ARGS  )

Definition at line 4199 of file acl.c.

4200 {
4201  Oid roleid = PG_GETARG_OID(0);
4202  text *tablespacename = PG_GETARG_TEXT_PP(1);
4203  text *priv_type_text = PG_GETARG_TEXT_PP(2);
4204  Oid tablespaceoid;
4205  AclMode mode;
4206  AclResult aclresult;
4207 
4208  tablespaceoid = convert_tablespace_name(tablespacename);
4209  mode = convert_tablespace_priv_string(priv_type_text);
4210 
4211  aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode);
4212 
4213  PG_RETURN_BOOL(aclresult == ACLCHECK_OK);
4214 }
static Oid convert_tablespace_name(text *tablespacename)
Definition: acl.c:4248

References ACLCHECK_OK, convert_tablespace_name(), convert_tablespace_priv_string(), mode, object_aclcheck(), PG_GETARG_OID, PG_GETARG_TEXT_PP, and PG_RETURN_BOOL.

◆ has_tablespace_privilege_name()

Datum has_tablespace_privilege_name ( PG_FUNCTION_ARGS  )

Definition at line 4123 of file acl.c.

4124 {
4125  text *tablespacename = PG_GETARG_TEXT_PP(0);
4126  text *priv_type_text = PG_GETARG_TEXT_PP(1);
4127  Oid roleid;
4128  Oid tablespaceoid;
4129  AclMode mode;
4130  AclResult aclresult;
4131 
4132  roleid = GetUserId();
4133  tablespaceoid = convert_tablespace_name(tablespacename);
4134  mode =