PostgreSQL Source Code  git master
objectaccess.c
Go to the documentation of this file.
1 /* -------------------------------------------------------------------------
2  *
3  * objectaccess.c
4  * functions for object_access_hook on various events
5  *
6  * Portions Copyright (c) 1996-2023, PostgreSQL Global Development Group
7  * Portions Copyright (c) 1994, Regents of the University of California
8  *
9  * -------------------------------------------------------------------------
10  */
11 #include "postgres.h"
12 
13 #include "catalog/objectaccess.h"
14 #include "catalog/pg_class.h"
15 #include "catalog/pg_namespace.h"
16 #include "catalog/pg_proc.h"
17 
18 /*
19  * Hook on object accesses. This is intended as infrastructure for security
20  * and logging plugins.
21  */
22 object_access_hook_type object_access_hook = NULL;
23 object_access_hook_type_str object_access_hook_str = NULL;
24 
25 
26 /*
27  * RunObjectPostCreateHook
28  *
29  * OAT_POST_CREATE object ID based event hook entrypoint
30  */
31 void
32 RunObjectPostCreateHook(Oid classId, Oid objectId, int subId,
33  bool is_internal)
34 {
35  ObjectAccessPostCreate pc_arg;
36 
37  /* caller should check, but just in case... */
38  Assert(object_access_hook != NULL);
39 
40  memset(&pc_arg, 0, sizeof(ObjectAccessPostCreate));
41  pc_arg.is_internal = is_internal;
42 
43  (*object_access_hook) (OAT_POST_CREATE,
44  classId, objectId, subId,
45  (void *) &pc_arg);
46 }
47 
48 /*
49  * RunObjectDropHook
50  *
51  * OAT_DROP object ID based event hook entrypoint
52  */
53 void
54 RunObjectDropHook(Oid classId, Oid objectId, int subId,
55  int dropflags)
56 {
57  ObjectAccessDrop drop_arg;
58 
59  /* caller should check, but just in case... */
60  Assert(object_access_hook != NULL);
61 
62  memset(&drop_arg, 0, sizeof(ObjectAccessDrop));
63  drop_arg.dropflags = dropflags;
64 
65  (*object_access_hook) (OAT_DROP,
66  classId, objectId, subId,
67  (void *) &drop_arg);
68 }
69 
70 /*
71  * RunObjectTruncateHook
72  *
73  * OAT_TRUNCATE object ID based event hook entrypoint
74  */
75 void
76 RunObjectTruncateHook(Oid objectId)
77 {
78  /* caller should check, but just in case... */
79  Assert(object_access_hook != NULL);
80 
81  (*object_access_hook) (OAT_TRUNCATE,
82  RelationRelationId, objectId, 0,
83  NULL);
84 }
85 
86 /*
87  * RunObjectPostAlterHook
88  *
89  * OAT_POST_ALTER object ID based event hook entrypoint
90  */
91 void
92 RunObjectPostAlterHook(Oid classId, Oid objectId, int subId,
93  Oid auxiliaryId, bool is_internal)
94 {
95  ObjectAccessPostAlter pa_arg;
96 
97  /* caller should check, but just in case... */
98  Assert(object_access_hook != NULL);
99 
100  memset(&pa_arg, 0, sizeof(ObjectAccessPostAlter));
101  pa_arg.auxiliary_id = auxiliaryId;
102  pa_arg.is_internal = is_internal;
103 
104  (*object_access_hook) (OAT_POST_ALTER,
105  classId, objectId, subId,
106  (void *) &pa_arg);
107 }
108 
109 /*
110  * RunNamespaceSearchHook
111  *
112  * OAT_NAMESPACE_SEARCH object ID based event hook entrypoint
113  */
114 bool
115 RunNamespaceSearchHook(Oid objectId, bool ereport_on_violation)
116 {
117  ObjectAccessNamespaceSearch ns_arg;
118 
119  /* caller should check, but just in case... */
120  Assert(object_access_hook != NULL);
121 
122  memset(&ns_arg, 0, sizeof(ObjectAccessNamespaceSearch));
123  ns_arg.ereport_on_violation = ereport_on_violation;
124  ns_arg.result = true;
125 
126  (*object_access_hook) (OAT_NAMESPACE_SEARCH,
127  NamespaceRelationId, objectId, 0,
128  (void *) &ns_arg);
129 
130  return ns_arg.result;
131 }
132 
133 /*
134  * RunFunctionExecuteHook
135  *
136  * OAT_FUNCTION_EXECUTE object ID based event hook entrypoint
137  */
138 void
139 RunFunctionExecuteHook(Oid objectId)
140 {
141  /* caller should check, but just in case... */
142  Assert(object_access_hook != NULL);
143 
144  (*object_access_hook) (OAT_FUNCTION_EXECUTE,
145  ProcedureRelationId, objectId, 0,
146  NULL);
147 }
148 
149 /* String versions */
150 
151 
152 /*
153  * RunObjectPostCreateHookStr
154  *
155  * OAT_POST_CREATE object name based event hook entrypoint
156  */
157 void
158 RunObjectPostCreateHookStr(Oid classId, const char *objectName, int subId,
159  bool is_internal)
160 {
161  ObjectAccessPostCreate pc_arg;
162 
163  /* caller should check, but just in case... */
164  Assert(object_access_hook_str != NULL);
165 
166  memset(&pc_arg, 0, sizeof(ObjectAccessPostCreate));
167  pc_arg.is_internal = is_internal;
168 
169  (*object_access_hook_str) (OAT_POST_CREATE,
170  classId, objectName, subId,
171  (void *) &pc_arg);
172 }
173 
174 /*
175  * RunObjectDropHookStr
176  *
177  * OAT_DROP object name based event hook entrypoint
178  */
179 void
180 RunObjectDropHookStr(Oid classId, const char *objectName, int subId,
181  int dropflags)
182 {
183  ObjectAccessDrop drop_arg;
184 
185  /* caller should check, but just in case... */
186  Assert(object_access_hook_str != NULL);
187 
188  memset(&drop_arg, 0, sizeof(ObjectAccessDrop));
189  drop_arg.dropflags = dropflags;
190 
191  (*object_access_hook_str) (OAT_DROP,
192  classId, objectName, subId,
193  (void *) &drop_arg);
194 }
195 
196 /*
197  * RunObjectTruncateHookStr
198  *
199  * OAT_TRUNCATE object name based event hook entrypoint
200  */
201 void
202 RunObjectTruncateHookStr(const char *objectName)
203 {
204  /* caller should check, but just in case... */
205  Assert(object_access_hook_str != NULL);
206 
207  (*object_access_hook_str) (OAT_TRUNCATE,
208  RelationRelationId, objectName, 0,
209  NULL);
210 }
211 
212 /*
213  * RunObjectPostAlterHookStr
214  *
215  * OAT_POST_ALTER object name based event hook entrypoint
216  */
217 void
218 RunObjectPostAlterHookStr(Oid classId, const char *objectName, int subId,
219  Oid auxiliaryId, bool is_internal)
220 {
221  ObjectAccessPostAlter pa_arg;
222 
223  /* caller should check, but just in case... */
224  Assert(object_access_hook_str != NULL);
225 
226  memset(&pa_arg, 0, sizeof(ObjectAccessPostAlter));
227  pa_arg.auxiliary_id = auxiliaryId;
228  pa_arg.is_internal = is_internal;
229 
230  (*object_access_hook_str) (OAT_POST_ALTER,
231  classId, objectName, subId,
232  (void *) &pa_arg);
233 }
234 
235 /*
236  * RunNamespaceSearchHookStr
237  *
238  * OAT_NAMESPACE_SEARCH object name based event hook entrypoint
239  */
240 bool
241 RunNamespaceSearchHookStr(const char *objectName, bool ereport_on_violation)
242 {
243  ObjectAccessNamespaceSearch ns_arg;
244 
245  /* caller should check, but just in case... */
246  Assert(object_access_hook_str != NULL);
247 
248  memset(&ns_arg, 0, sizeof(ObjectAccessNamespaceSearch));
249  ns_arg.ereport_on_violation = ereport_on_violation;
250  ns_arg.result = true;
251 
252  (*object_access_hook_str) (OAT_NAMESPACE_SEARCH,
253  NamespaceRelationId, objectName, 0,
254  (void *) &ns_arg);
255 
256  return ns_arg.result;
257 }
258 
259 /*
260  * RunFunctionExecuteHookStr
261  *
262  * OAT_FUNCTION_EXECUTE object name based event hook entrypoint
263  */
264 void
265 RunFunctionExecuteHookStr(const char *objectName)
266 {
267  /* caller should check, but just in case... */
268  Assert(object_access_hook_str != NULL);
269 
270  (*object_access_hook_str) (OAT_FUNCTION_EXECUTE,
271  ProcedureRelationId, objectName, 0,
272  NULL);
273 }
Assert
Assert(fmt[strlen(fmt) - 1] !='\n')
RunObjectTruncateHookStr
void RunObjectTruncateHookStr(const char *objectName)
Definition: objectaccess.c:202
RunFunctionExecuteHookStr
void RunFunctionExecuteHookStr(const char *objectName)
Definition: objectaccess.c:265
RunObjectDropHook
void RunObjectDropHook(Oid classId, Oid objectId, int subId, int dropflags)
Definition: objectaccess.c:54
RunObjectPostAlterHook
void RunObjectPostAlterHook(Oid classId, Oid objectId, int subId, Oid auxiliaryId, bool is_internal)
Definition: objectaccess.c:92
RunFunctionExecuteHook
void RunFunctionExecuteHook(Oid objectId)
Definition: objectaccess.c:139
RunNamespaceSearchHook
bool RunNamespaceSearchHook(Oid objectId, bool ereport_on_violation)
Definition: objectaccess.c:115
RunObjectPostCreateHookStr
void RunObjectPostCreateHookStr(Oid classId, const char *objectName, int subId, bool is_internal)
Definition: objectaccess.c:158
object_access_hook
object_access_hook_type object_access_hook
Definition: objectaccess.c:22
RunObjectTruncateHook
void RunObjectTruncateHook(Oid objectId)
Definition: objectaccess.c:76
RunObjectPostAlterHookStr
void RunObjectPostAlterHookStr(Oid classId, const char *objectName, int subId, Oid auxiliaryId, bool is_internal)
Definition: objectaccess.c:218
RunObjectPostCreateHook
void RunObjectPostCreateHook(Oid classId, Oid objectId, int subId, bool is_internal)
Definition: objectaccess.c:32
RunObjectDropHookStr
void RunObjectDropHookStr(Oid classId, const char *objectName, int subId, int dropflags)
Definition: objectaccess.c:180
object_access_hook_str
object_access_hook_type_str object_access_hook_str
Definition: objectaccess.c:23
RunNamespaceSearchHookStr
bool RunNamespaceSearchHookStr(const char *objectName, bool ereport_on_violation)
Definition: objectaccess.c:241
object_access_hook_type
void(* object_access_hook_type)(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
Definition: objectaccess.h:127
object_access_hook_type_str
void(* object_access_hook_type_str)(ObjectAccessType access, Oid classId, const char *objectStr, int subId, void *arg)
Definition: objectaccess.h:133
OAT_NAMESPACE_SEARCH
@ OAT_NAMESPACE_SEARCH
Definition: objectaccess.h:53
OAT_FUNCTION_EXECUTE
@ OAT_FUNCTION_EXECUTE
Definition: objectaccess.h:54
OAT_DROP
@ OAT_DROP
Definition: objectaccess.h:51
OAT_TRUNCATE
@ OAT_TRUNCATE
Definition: objectaccess.h:55
OAT_POST_ALTER
@ OAT_POST_ALTER
Definition: objectaccess.h:52
OAT_POST_CREATE
@ OAT_POST_CREATE
Definition: objectaccess.h:50
pg_class.h
pg_namespace.h
pg_proc.h
Oid
unsigned int Oid
Definition: postgres_ext.h:31