PostgreSQL Source Code git master
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
objectaccess.c
Go to the documentation of this file.
1/* -------------------------------------------------------------------------
2 *
3 * objectaccess.c
4 * functions for object_access_hook on various events
5 *
6 * Portions Copyright (c) 1996-2025, PostgreSQL Global Development Group
7 * Portions Copyright (c) 1994, Regents of the University of California
8 *
9 * -------------------------------------------------------------------------
10 */
11#include "postgres.h"
12
13#include "catalog/objectaccess.h"
14#include "catalog/pg_class.h"
15#include "catalog/pg_namespace.h"
16#include "catalog/pg_proc.h"
17
18/*
19 * Hook on object accesses. This is intended as infrastructure for security
20 * and logging plugins.
21 */
22object_access_hook_type object_access_hook = NULL;
23object_access_hook_type_str object_access_hook_str = NULL;
24
25
26/*
27 * RunObjectPostCreateHook
28 *
29 * OAT_POST_CREATE object ID based event hook entrypoint
30 */
31void
32RunObjectPostCreateHook(Oid classId, Oid objectId, int subId,
33 bool is_internal)
34{
35 ObjectAccessPostCreate pc_arg;
36
37 /* caller should check, but just in case... */
38 Assert(object_access_hook != NULL);
39
40 memset(&pc_arg, 0, sizeof(ObjectAccessPostCreate));
41 pc_arg.is_internal = is_internal;
42
43 (*object_access_hook) (OAT_POST_CREATE,
44 classId, objectId, subId,
45 &pc_arg);
46}
47
48/*
49 * RunObjectDropHook
50 *
51 * OAT_DROP object ID based event hook entrypoint
52 */
53void
54RunObjectDropHook(Oid classId, Oid objectId, int subId,
55 int dropflags)
56{
57 ObjectAccessDrop drop_arg;
58
59 /* caller should check, but just in case... */
60 Assert(object_access_hook != NULL);
61
62 memset(&drop_arg, 0, sizeof(ObjectAccessDrop));
63 drop_arg.dropflags = dropflags;
64
65 (*object_access_hook) (OAT_DROP,
66 classId, objectId, subId,
67 &drop_arg);
68}
69
70/*
71 * RunObjectTruncateHook
72 *
73 * OAT_TRUNCATE object ID based event hook entrypoint
74 */
75void
76RunObjectTruncateHook(Oid objectId)
77{
78 /* caller should check, but just in case... */
79 Assert(object_access_hook != NULL);
80
81 (*object_access_hook) (OAT_TRUNCATE,
82 RelationRelationId, objectId, 0,
83 NULL);
84}
85
86/*
87 * RunObjectPostAlterHook
88 *
89 * OAT_POST_ALTER object ID based event hook entrypoint
90 */
91void
92RunObjectPostAlterHook(Oid classId, Oid objectId, int subId,
93 Oid auxiliaryId, bool is_internal)
94{
95 ObjectAccessPostAlter pa_arg;
96
97 /* caller should check, but just in case... */
98 Assert(object_access_hook != NULL);
99
100 memset(&pa_arg, 0, sizeof(ObjectAccessPostAlter));
101 pa_arg.auxiliary_id = auxiliaryId;
102 pa_arg.is_internal = is_internal;
103
104 (*object_access_hook) (OAT_POST_ALTER,
105 classId, objectId, subId,
106 &pa_arg);
107}
108
109/*
110 * RunNamespaceSearchHook
111 *
112 * OAT_NAMESPACE_SEARCH object ID based event hook entrypoint
113 */
114bool
115RunNamespaceSearchHook(Oid objectId, bool ereport_on_violation)
116{
117 ObjectAccessNamespaceSearch ns_arg;
118
119 /* caller should check, but just in case... */
120 Assert(object_access_hook != NULL);
121
122 memset(&ns_arg, 0, sizeof(ObjectAccessNamespaceSearch));
123 ns_arg.ereport_on_violation = ereport_on_violation;
124 ns_arg.result = true;
125
126 (*object_access_hook) (OAT_NAMESPACE_SEARCH,
127 NamespaceRelationId, objectId, 0,
128 &ns_arg);
129
130 return ns_arg.result;
131}
132
133/*
134 * RunFunctionExecuteHook
135 *
136 * OAT_FUNCTION_EXECUTE object ID based event hook entrypoint
137 */
138void
139RunFunctionExecuteHook(Oid objectId)
140{
141 /* caller should check, but just in case... */
142 Assert(object_access_hook != NULL);
143
144 (*object_access_hook) (OAT_FUNCTION_EXECUTE,
145 ProcedureRelationId, objectId, 0,
146 NULL);
147}
148
149/* String versions */
150
151
152/*
153 * RunObjectPostCreateHookStr
154 *
155 * OAT_POST_CREATE object name based event hook entrypoint
156 */
157void
158RunObjectPostCreateHookStr(Oid classId, const char *objectName, int subId,
159 bool is_internal)
160{
161 ObjectAccessPostCreate pc_arg;
162
163 /* caller should check, but just in case... */
164 Assert(object_access_hook_str != NULL);
165
166 memset(&pc_arg, 0, sizeof(ObjectAccessPostCreate));
167 pc_arg.is_internal = is_internal;
168
169 (*object_access_hook_str) (OAT_POST_CREATE,
170 classId, objectName, subId,
171 &pc_arg);
172}
173
174/*
175 * RunObjectDropHookStr
176 *
177 * OAT_DROP object name based event hook entrypoint
178 */
179void
180RunObjectDropHookStr(Oid classId, const char *objectName, int subId,
181 int dropflags)
182{
183 ObjectAccessDrop drop_arg;
184
185 /* caller should check, but just in case... */
186 Assert(object_access_hook_str != NULL);
187
188 memset(&drop_arg, 0, sizeof(ObjectAccessDrop));
189 drop_arg.dropflags = dropflags;
190
191 (*object_access_hook_str) (OAT_DROP,
192 classId, objectName, subId,
193 &drop_arg);
194}
195
196/*
197 * RunObjectTruncateHookStr
198 *
199 * OAT_TRUNCATE object name based event hook entrypoint
200 */
201void
202RunObjectTruncateHookStr(const char *objectName)
203{
204 /* caller should check, but just in case... */
205 Assert(object_access_hook_str != NULL);
206
207 (*object_access_hook_str) (OAT_TRUNCATE,
208 RelationRelationId, objectName, 0,
209 NULL);
210}
211
212/*
213 * RunObjectPostAlterHookStr
214 *
215 * OAT_POST_ALTER object name based event hook entrypoint
216 */
217void
218RunObjectPostAlterHookStr(Oid classId, const char *objectName, int subId,
219 Oid auxiliaryId, bool is_internal)
220{
221 ObjectAccessPostAlter pa_arg;
222
223 /* caller should check, but just in case... */
224 Assert(object_access_hook_str != NULL);
225
226 memset(&pa_arg, 0, sizeof(ObjectAccessPostAlter));
227 pa_arg.auxiliary_id = auxiliaryId;
228 pa_arg.is_internal = is_internal;
229
230 (*object_access_hook_str) (OAT_POST_ALTER,
231 classId, objectName, subId,
232 &pa_arg);
233}
234
235/*
236 * RunNamespaceSearchHookStr
237 *
238 * OAT_NAMESPACE_SEARCH object name based event hook entrypoint
239 */
240bool
241RunNamespaceSearchHookStr(const char *objectName, bool ereport_on_violation)
242{
243 ObjectAccessNamespaceSearch ns_arg;
244
245 /* caller should check, but just in case... */
246 Assert(object_access_hook_str != NULL);
247
248 memset(&ns_arg, 0, sizeof(ObjectAccessNamespaceSearch));
249 ns_arg.ereport_on_violation = ereport_on_violation;
250 ns_arg.result = true;
251
252 (*object_access_hook_str) (OAT_NAMESPACE_SEARCH,
253 NamespaceRelationId, objectName, 0,
254 &ns_arg);
255
256 return ns_arg.result;
257}
258
259/*
260 * RunFunctionExecuteHookStr
261 *
262 * OAT_FUNCTION_EXECUTE object name based event hook entrypoint
263 */
264void
265RunFunctionExecuteHookStr(const char *objectName)
266{
267 /* caller should check, but just in case... */
268 Assert(object_access_hook_str != NULL);
269
270 (*object_access_hook_str) (OAT_FUNCTION_EXECUTE,
271 ProcedureRelationId, objectName, 0,
272 NULL);
273}
Assert
Assert(PointerIsAligned(start, uint64))
RunObjectTruncateHookStr
void RunObjectTruncateHookStr(const char *objectName)
Definition: objectaccess.c:202
RunFunctionExecuteHookStr
void RunFunctionExecuteHookStr(const char *objectName)
Definition: objectaccess.c:265
RunObjectDropHook
void RunObjectDropHook(Oid classId, Oid objectId, int subId, int dropflags)
Definition: objectaccess.c:54
RunObjectPostAlterHook
void RunObjectPostAlterHook(Oid classId, Oid objectId, int subId, Oid auxiliaryId, bool is_internal)
Definition: objectaccess.c:92
RunFunctionExecuteHook
void RunFunctionExecuteHook(Oid objectId)
Definition: objectaccess.c:139
RunNamespaceSearchHook
bool RunNamespaceSearchHook(Oid objectId, bool ereport_on_violation)
Definition: objectaccess.c:115
RunObjectPostCreateHookStr
void RunObjectPostCreateHookStr(Oid classId, const char *objectName, int subId, bool is_internal)
Definition: objectaccess.c:158
object_access_hook
object_access_hook_type object_access_hook
Definition: objectaccess.c:22
RunObjectTruncateHook
void RunObjectTruncateHook(Oid objectId)
Definition: objectaccess.c:76
RunObjectPostAlterHookStr
void RunObjectPostAlterHookStr(Oid classId, const char *objectName, int subId, Oid auxiliaryId, bool is_internal)
Definition: objectaccess.c:218
RunObjectPostCreateHook
void RunObjectPostCreateHook(Oid classId, Oid objectId, int subId, bool is_internal)
Definition: objectaccess.c:32
RunObjectDropHookStr
void RunObjectDropHookStr(Oid classId, const char *objectName, int subId, int dropflags)
Definition: objectaccess.c:180
object_access_hook_str
object_access_hook_type_str object_access_hook_str
Definition: objectaccess.c:23
RunNamespaceSearchHookStr
bool RunNamespaceSearchHookStr(const char *objectName, bool ereport_on_violation)
Definition: objectaccess.c:241
object_access_hook_type
void(* object_access_hook_type)(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
Definition: objectaccess.h:127
object_access_hook_type_str
void(* object_access_hook_type_str)(ObjectAccessType access, Oid classId, const char *objectStr, int subId, void *arg)
Definition: objectaccess.h:133
OAT_NAMESPACE_SEARCH
@ OAT_NAMESPACE_SEARCH
Definition: objectaccess.h:53
OAT_FUNCTION_EXECUTE
@ OAT_FUNCTION_EXECUTE
Definition: objectaccess.h:54
OAT_DROP
@ OAT_DROP
Definition: objectaccess.h:51
OAT_TRUNCATE
@ OAT_TRUNCATE
Definition: objectaccess.h:55
OAT_POST_ALTER
@ OAT_POST_ALTER
Definition: objectaccess.h:52
OAT_POST_CREATE
@ OAT_POST_CREATE
Definition: objectaccess.h:50
pg_class.h
pg_namespace.h
pg_proc.h
Oid
unsigned int Oid
Definition: postgres_ext.h:30