PostgreSQL Source Code git master
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
test_oat_hooks.c
Go to the documentation of this file.
1/*--------------------------------------------------------------------------
2 *
3 * test_oat_hooks.c
4 * Code for testing mandatory access control (MAC) using object access hooks.
5 *
6 * Copyright (c) 2015-2025, PostgreSQL Global Development Group
7 *
8 * IDENTIFICATION
9 * src/test/modules/test_oat_hooks/test_oat_hooks.c
10 *
11 * -------------------------------------------------------------------------
12 */
13
14#include "postgres.h"
15
16#include "access/parallel.h"
17#include "catalog/dependency.h"
18#include "catalog/objectaccess.h"
19#include "executor/executor.h"
20#include "fmgr.h"
21#include "miscadmin.h"
22#include "tcop/utility.h"
23
24PG_MODULE_MAGIC;
25
26/*
27 * GUCs controlling which operations to deny
28 */
29static bool REGRESS_deny_set_variable = false;
30static bool REGRESS_deny_alter_system = false;
31static bool REGRESS_deny_object_access = false;
32static bool REGRESS_deny_exec_perms = false;
33static bool REGRESS_deny_utility_commands = false;
34static bool REGRESS_audit = false;
35
36/*
37 * GUCs for testing privileges on USERSET and SUSET variables,
38 * with and without privileges granted prior to module load.
39 */
40static bool REGRESS_userset_variable1 = false;
41static bool REGRESS_userset_variable2 = false;
42static bool REGRESS_suset_variable1 = false;
43static bool REGRESS_suset_variable2 = false;
44
45/* Saved hook values */
46static object_access_hook_type next_object_access_hook = NULL;
47static object_access_hook_type_str next_object_access_hook_str = NULL;
48static ExecutorCheckPerms_hook_type next_exec_check_perms_hook = NULL;
49static ProcessUtility_hook_type next_ProcessUtility_hook = NULL;
50
51/* Test Object Access Type Hook hooks */
52static void REGRESS_object_access_hook_str(ObjectAccessType access,
53 Oid classId, const char *objName,
54 int subId, void *arg);
55static void REGRESS_object_access_hook(ObjectAccessType access, Oid classId,
56 Oid objectId, int subId, void *arg);
57static bool REGRESS_exec_check_perms(List *rangeTabls, List *rteperminfos, bool do_abort);
58static void REGRESS_utility_command(PlannedStmt *pstmt,
59 const char *queryString, bool readOnlyTree,
60 ProcessUtilityContext context,
61 ParamListInfo params,
62 QueryEnvironment *queryEnv,
63 DestReceiver *dest, QueryCompletion *qc);
64
65/* Helper functions */
66static char *accesstype_to_string(ObjectAccessType access, int subId);
67static char *accesstype_arg_to_string(ObjectAccessType access, void *arg);
68
69
70/*
71 * Module load callback
72 */
73void
74_PG_init(void)
75{
76 /*
77 * test_oat_hooks.deny_set_variable = (on|off)
78 */
79 DefineCustomBoolVariable("test_oat_hooks.deny_set_variable",
80 "Deny non-superuser set permissions",
81 NULL,
82 &REGRESS_deny_set_variable,
83 false,
84 PGC_SUSET,
85 GUC_NOT_IN_SAMPLE,
86 NULL,
87 NULL,
88 NULL);
89
90 /*
91 * test_oat_hooks.deny_alter_system = (on|off)
92 */
93 DefineCustomBoolVariable("test_oat_hooks.deny_alter_system",
94 "Deny non-superuser alter system set permissions",
95 NULL,
96 &REGRESS_deny_alter_system,
97 false,
98 PGC_SUSET,
99 GUC_NOT_IN_SAMPLE,
100 NULL,
101 NULL,
102 NULL);
103
104 /*
105 * test_oat_hooks.deny_object_access = (on|off)
106 */
107 DefineCustomBoolVariable("test_oat_hooks.deny_object_access",
108 "Deny non-superuser object access permissions",
109 NULL,
110 &REGRESS_deny_object_access,
111 false,
112 PGC_SUSET,
113 GUC_NOT_IN_SAMPLE,
114 NULL,
115 NULL,
116 NULL);
117
118 /*
119 * test_oat_hooks.deny_exec_perms = (on|off)
120 */
121 DefineCustomBoolVariable("test_oat_hooks.deny_exec_perms",
122 "Deny non-superuser exec permissions",
123 NULL,
124 &REGRESS_deny_exec_perms,
125 false,
126 PGC_SUSET,
127 GUC_NOT_IN_SAMPLE,
128 NULL,
129 NULL,
130 NULL);
131
132 /*
133 * test_oat_hooks.deny_utility_commands = (on|off)
134 */
135 DefineCustomBoolVariable("test_oat_hooks.deny_utility_commands",
136 "Deny non-superuser utility commands",
137 NULL,
138 &REGRESS_deny_utility_commands,
139 false,
140 PGC_SUSET,
141 GUC_NOT_IN_SAMPLE,
142 NULL,
143 NULL,
144 NULL);
145
146 /*
147 * test_oat_hooks.audit = (on|off)
148 */
149 DefineCustomBoolVariable("test_oat_hooks.audit",
150 "Turn on/off debug audit messages",
151 NULL,
152 &REGRESS_audit,
153 false,
154 PGC_SUSET,
155 GUC_NOT_IN_SAMPLE,
156 NULL,
157 NULL,
158 NULL);
159
160 /*
161 * test_oat_hooks.user_var{1,2} = (on|off)
162 */
163 DefineCustomBoolVariable("test_oat_hooks.user_var1",
164 "Dummy parameter settable by public",
165 NULL,
166 &REGRESS_userset_variable1,
167 false,
168 PGC_USERSET,
169 GUC_NOT_IN_SAMPLE,
170 NULL,
171 NULL,
172 NULL);
173
174 DefineCustomBoolVariable("test_oat_hooks.user_var2",
175 "Dummy parameter settable by public",
176 NULL,
177 &REGRESS_userset_variable2,
178 false,
179 PGC_USERSET,
180 GUC_NOT_IN_SAMPLE,
181 NULL,
182 NULL,
183 NULL);
184
185 /*
186 * test_oat_hooks.super_var{1,2} = (on|off)
187 */
188 DefineCustomBoolVariable("test_oat_hooks.super_var1",
189 "Dummy parameter settable by superuser",
190 NULL,
191 &REGRESS_suset_variable1,
192 false,
193 PGC_SUSET,
194 GUC_NOT_IN_SAMPLE,
195 NULL,
196 NULL,
197 NULL);
198
199 DefineCustomBoolVariable("test_oat_hooks.super_var2",
200 "Dummy parameter settable by superuser",
201 NULL,
202 &REGRESS_suset_variable2,
203 false,
204 PGC_SUSET,
205 GUC_NOT_IN_SAMPLE,
206 NULL,
207 NULL,
208 NULL);
209
210 MarkGUCPrefixReserved("test_oat_hooks");
211
212 /* Object access hook */
213 next_object_access_hook = object_access_hook;
214 object_access_hook = REGRESS_object_access_hook;
215
216 /* Object access hook str */
217 next_object_access_hook_str = object_access_hook_str;
218 object_access_hook_str = REGRESS_object_access_hook_str;
219
220 /* DML permission check */
221 next_exec_check_perms_hook = ExecutorCheckPerms_hook;
222 ExecutorCheckPerms_hook = REGRESS_exec_check_perms;
223
224 /* ProcessUtility hook */
225 next_ProcessUtility_hook = ProcessUtility_hook;
226 ProcessUtility_hook = REGRESS_utility_command;
227}
228
229static void
230emit_audit_message(const char *type, const char *hook, char *action, char *objName)
231{
232 /*
233 * Ensure that audit messages are not duplicated by only emitting them
234 * from a leader process, not a worker process. This makes the test
235 * results deterministic even if run with debug_parallel_query = regress.
236 */
237 if (REGRESS_audit && !IsParallelWorker())
238 {
239 const char *who = superuser_arg(GetUserId()) ? "superuser" : "non-superuser";
240
241 if (objName)
242 ereport(NOTICE,
243 (errcode(ERRCODE_INTERNAL_ERROR),
244 errmsg("in %s: %s %s %s [%s]", hook, who, type, action, objName)));
245 else
246 ereport(NOTICE,
247 (errcode(ERRCODE_INTERNAL_ERROR),
248 errmsg("in %s: %s %s %s", hook, who, type, action)));
249 }
250
251 if (action)
252 pfree(action);
253 if (objName)
254 pfree(objName);
255}
256
257static void
258audit_attempt(const char *hook, char *action, char *objName)
259{
260 emit_audit_message("attempting", hook, action, objName);
261}
262
263static void
264audit_success(const char *hook, char *action, char *objName)
265{
266 emit_audit_message("finished", hook, action, objName);
267}
268
269static void
270audit_failure(const char *hook, char *action, char *objName)
271{
272 emit_audit_message("denied", hook, action, objName);
273}
274
275static void
276REGRESS_object_access_hook_str(ObjectAccessType access, Oid classId, const char *objName, int subId, void *arg)
277{
278 audit_attempt("object_access_hook_str",
279 accesstype_to_string(access, subId),
280 pstrdup(objName));
281
282 if (next_object_access_hook_str)
283 {
284 (*next_object_access_hook_str) (access, classId, objName, subId, arg);
285 }
286
287 switch (access)
288 {
289 case OAT_POST_ALTER:
290 if ((subId & ACL_SET) && (subId & ACL_ALTER_SYSTEM))
291 {
292 if (REGRESS_deny_set_variable && !superuser_arg(GetUserId()))
293 ereport(ERROR,
294 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
295 errmsg("permission denied: all privileges %s", objName)));
296 }
297 else if (subId & ACL_SET)
298 {
299 if (REGRESS_deny_set_variable && !superuser_arg(GetUserId()))
300 ereport(ERROR,
301 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
302 errmsg("permission denied: set %s", objName)));
303 }
304 else if (subId & ACL_ALTER_SYSTEM)
305 {
306 if (REGRESS_deny_alter_system && !superuser_arg(GetUserId()))
307 ereport(ERROR,
308 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
309 errmsg("permission denied: alter system set %s", objName)));
310 }
311 else
312 elog(ERROR, "Unknown ParameterAclRelationId subId: %d", subId);
313 break;
314 default:
315 break;
316 }
317
318 audit_success("object_access_hook_str",
319 accesstype_to_string(access, subId),
320 pstrdup(objName));
321}
322
323static void
324REGRESS_object_access_hook(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
325{
326 audit_attempt("object access",
327 accesstype_to_string(access, 0),
328 accesstype_arg_to_string(access, arg));
329
330 if (REGRESS_deny_object_access && !superuser_arg(GetUserId()))
331 ereport(ERROR,
332 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
333 errmsg("permission denied: %s [%s]",
334 accesstype_to_string(access, 0),
335 accesstype_arg_to_string(access, arg))));
336
337 /* Forward to next hook in the chain */
338 if (next_object_access_hook)
339 (*next_object_access_hook) (access, classId, objectId, subId, arg);
340
341 audit_success("object access",
342 accesstype_to_string(access, 0),
343 accesstype_arg_to_string(access, arg));
344}
345
346static bool
347REGRESS_exec_check_perms(List *rangeTabls, List *rteperminfos, bool do_abort)
348{
349 bool am_super = superuser_arg(GetUserId());
350 bool allow = true;
351
352 audit_attempt("executor check perms", pstrdup("execute"), NULL);
353
354 /* Perform our check */
355 allow = !REGRESS_deny_exec_perms || am_super;
356 if (do_abort && !allow)
357 ereport(ERROR,
358 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
359 errmsg("permission denied: %s", "execute")));
360
361 /* Forward to next hook in the chain */
362 if (next_exec_check_perms_hook &&
363 !(*next_exec_check_perms_hook) (rangeTabls, rteperminfos, do_abort))
364 allow = false;
365
366 if (allow)
367 audit_success("executor check perms",
368 pstrdup("execute"),
369 NULL);
370 else
371 audit_failure("executor check perms",
372 pstrdup("execute"),
373 NULL);
374
375 return allow;
376}
377
378static void
379REGRESS_utility_command(PlannedStmt *pstmt,
380 const char *queryString,
381 bool readOnlyTree,
382 ProcessUtilityContext context,
383 ParamListInfo params,
384 QueryEnvironment *queryEnv,
385 DestReceiver *dest,
386 QueryCompletion *qc)
387{
388 Node *parsetree = pstmt->utilityStmt;
389 const char *action = GetCommandTagName(CreateCommandTag(parsetree));
390
391 audit_attempt("process utility",
392 pstrdup(action),
393 NULL);
394
395 /* Check permissions */
396 if (REGRESS_deny_utility_commands && !superuser_arg(GetUserId()))
397 ereport(ERROR,
398 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
399 errmsg("permission denied: %s", action)));
400
401 /* Forward to next hook in the chain */
402 if (next_ProcessUtility_hook)
403 (*next_ProcessUtility_hook) (pstmt, queryString, readOnlyTree,
404 context, params, queryEnv,
405 dest, qc);
406 else
407 standard_ProcessUtility(pstmt, queryString, readOnlyTree,
408 context, params, queryEnv,
409 dest, qc);
410
411 /* We're done */
412 audit_success("process utility",
413 pstrdup(action),
414 NULL);
415}
416
417static char *
418accesstype_to_string(ObjectAccessType access, int subId)
419{
420 const char *type;
421
422 switch (access)
423 {
424 case OAT_POST_CREATE:
425 type = "create";
426 break;
427 case OAT_DROP:
428 type = "drop";
429 break;
430 case OAT_POST_ALTER:
431 type = "alter";
432 break;
433 case OAT_NAMESPACE_SEARCH:
434 type = "namespace search";
435 break;
436 case OAT_FUNCTION_EXECUTE:
437 type = "execute";
438 break;
439 case OAT_TRUNCATE:
440 type = "truncate";
441 break;
442 default:
443 type = "UNRECOGNIZED ObjectAccessType";
444 }
445
446 if ((subId & ACL_SET) && (subId & ACL_ALTER_SYSTEM))
447 return psprintf("%s (subId=0x%x, all privileges)", type, subId);
448 if (subId & ACL_SET)
449 return psprintf("%s (subId=0x%x, set)", type, subId);
450 if (subId & ACL_ALTER_SYSTEM)
451 return psprintf("%s (subId=0x%x, alter system)", type, subId);
452
453 return psprintf("%s (subId=0x%x)", type, subId);
454}
455
456static char *
457accesstype_arg_to_string(ObjectAccessType access, void *arg)
458{
459 if (arg == NULL)
460 return pstrdup("extra info null");
461
462 switch (access)
463 {
464 case OAT_POST_CREATE:
465 {
466 ObjectAccessPostCreate *pc_arg = (ObjectAccessPostCreate *) arg;
467
468 return pstrdup(pc_arg->is_internal ? "internal" : "explicit");
469 }
470 break;
471 case OAT_DROP:
472 {
473 ObjectAccessDrop *drop_arg = (ObjectAccessDrop *) arg;
474
475 return psprintf("%s%s%s%s%s%s",
476 ((drop_arg->dropflags & PERFORM_DELETION_INTERNAL)
477 ? "internal action," : ""),
478 ((drop_arg->dropflags & PERFORM_DELETION_CONCURRENTLY)
479 ? "concurrent drop," : ""),
480 ((drop_arg->dropflags & PERFORM_DELETION_QUIETLY)
481 ? "suppress notices," : ""),
482 ((drop_arg->dropflags & PERFORM_DELETION_SKIP_ORIGINAL)
483 ? "keep original object," : ""),
484 ((drop_arg->dropflags & PERFORM_DELETION_SKIP_EXTENSIONS)
485 ? "keep extensions," : ""),
486 ((drop_arg->dropflags & PERFORM_DELETION_CONCURRENT_LOCK)
487 ? "normal concurrent drop," : ""));
488 }
489 break;
490 case OAT_POST_ALTER:
491 {
492 ObjectAccessPostAlter *pa_arg = (ObjectAccessPostAlter *) arg;
493
494 return psprintf("%s %s auxiliary object",
495 (pa_arg->is_internal ? "internal" : "explicit"),
496 (OidIsValid(pa_arg->auxiliary_id) ? "with" : "without"));
497 }
498 break;
499 case OAT_NAMESPACE_SEARCH:
500 {
501 ObjectAccessNamespaceSearch *ns_arg = (ObjectAccessNamespaceSearch *) arg;
502
503 return psprintf("%s, %s",
504 (ns_arg->ereport_on_violation ? "report on violation" : "no report on violation"),
505 (ns_arg->result ? "allowed" : "denied"));
506 }
507 break;
508 case OAT_TRUNCATE:
509 case OAT_FUNCTION_EXECUTE:
510 /* hook takes no arg. */
511 return pstrdup("unexpected extra info pointer received");
512 default:
513 return pstrdup("cannot parse extra info for unrecognized access type");
514 }
515
516 return pstrdup("unknown");
517}
OidIsValid
#define OidIsValid(objectId)
Definition: c.h:746
GetCommandTagName
const char * GetCommandTagName(CommandTag commandTag)
Definition: cmdtag.c:47
PERFORM_DELETION_CONCURRENTLY
#define PERFORM_DELETION_CONCURRENTLY
Definition: dependency.h:93
PERFORM_DELETION_SKIP_EXTENSIONS
#define PERFORM_DELETION_SKIP_EXTENSIONS
Definition: dependency.h:96
PERFORM_DELETION_CONCURRENT_LOCK
#define PERFORM_DELETION_CONCURRENT_LOCK
Definition: dependency.h:97
PERFORM_DELETION_QUIETLY
#define PERFORM_DELETION_QUIETLY
Definition: dependency.h:94
PERFORM_DELETION_SKIP_ORIGINAL
#define PERFORM_DELETION_SKIP_ORIGINAL
Definition: dependency.h:95
PERFORM_DELETION_INTERNAL
#define PERFORM_DELETION_INTERNAL
Definition: dependency.h:92
errcode
int errcode(int sqlerrcode)
Definition: elog.c:854
errmsg
int errmsg(const char *fmt,...)
Definition: elog.c:1071
ERROR
#define ERROR
Definition: elog.h:39
elog
#define elog(elevel,...)
Definition: elog.h:225
NOTICE
#define NOTICE
Definition: elog.h:35
ereport
#define ereport(elevel,...)
Definition: elog.h:149
ExecutorCheckPerms_hook
ExecutorCheckPerms_hook_type ExecutorCheckPerms_hook
Definition: execMain.c:74
ExecutorCheckPerms_hook_type
bool(* ExecutorCheckPerms_hook_type)(List *rangeTable, List *rtePermInfos, bool ereport_on_violation)
Definition: executor.h:93
DefineCustomBoolVariable
void DefineCustomBoolVariable(const char *name, const char *short_desc, const char *long_desc, bool *valueAddr, bool bootValue, GucContext context, int flags, GucBoolCheckHook check_hook, GucBoolAssignHook assign_hook, GucShowHook show_hook)
Definition: guc.c:5133
MarkGUCPrefixReserved
void MarkGUCPrefixReserved(const char *className)
Definition: guc.c:5280
PGC_SUSET
@ PGC_SUSET
Definition: guc.h:78
PGC_USERSET
@ PGC_USERSET
Definition: guc.h:79
GUC_NOT_IN_SAMPLE
#define GUC_NOT_IN_SAMPLE
Definition: guc.h:221
IsParallelWorker
#define IsParallelWorker()
Definition: parallel.h:60
pstrdup
char * pstrdup(const char *in)
Definition: mcxt.c:1703
pfree
void pfree(void *pointer)
Definition: mcxt.c:1528
GetUserId
Oid GetUserId(void)
Definition: miscinit.c:520
generate_unaccent_rules.dest
dest
Definition: generate_unaccent_rules.py:285
generate_unaccent_rules.action
action
Definition: generate_unaccent_rules.py:287
object_access_hook
object_access_hook_type object_access_hook
Definition: objectaccess.c:22
object_access_hook_str
object_access_hook_type_str object_access_hook_str
Definition: objectaccess.c:23
object_access_hook_type
void(* object_access_hook_type)(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
Definition: objectaccess.h:127
object_access_hook_type_str
void(* object_access_hook_type_str)(ObjectAccessType access, Oid classId, const char *objectStr, int subId, void *arg)
Definition: objectaccess.h:133
ObjectAccessType
ObjectAccessType
Definition: objectaccess.h:49
OAT_NAMESPACE_SEARCH
@ OAT_NAMESPACE_SEARCH
Definition: objectaccess.h:53
OAT_FUNCTION_EXECUTE
@ OAT_FUNCTION_EXECUTE
Definition: objectaccess.h:54
OAT_DROP
@ OAT_DROP
Definition: objectaccess.h:51
OAT_TRUNCATE
@ OAT_TRUNCATE
Definition: objectaccess.h:55
OAT_POST_ALTER
@ OAT_POST_ALTER
Definition: objectaccess.h:52
OAT_POST_CREATE
@ OAT_POST_CREATE
Definition: objectaccess.h:50
ACL_SET
#define ACL_SET
Definition: parsenodes.h:88
ACL_ALTER_SYSTEM
#define ACL_ALTER_SYSTEM
Definition: parsenodes.h:89
arg
void * arg
Definition: pg_backup_utils.c:29
Oid
unsigned int Oid
Definition: postgres_ext.h:30
access
short access
Definition: preproc-type.c:36
psprintf
char * psprintf(const char *fmt,...)
Definition: psprintf.c:43
List
Definition: pg_list.h:54
Node
Definition: nodes.h:135
PlannedStmt::utilityStmt
Node * utilityStmt
Definition: plannodes.h:132
_DestReceiver
Definition: dest.h:116
superuser_arg
bool superuser_arg(Oid roleid)
Definition: superuser.c:56
REGRESS_suset_variable1
static bool REGRESS_suset_variable1
Definition: test_oat_hooks.c:42
REGRESS_deny_exec_perms
static bool REGRESS_deny_exec_perms
Definition: test_oat_hooks.c:32
REGRESS_deny_object_access
static bool REGRESS_deny_object_access
Definition: test_oat_hooks.c:31
REGRESS_utility_command
static void REGRESS_utility_command(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
Definition: test_oat_hooks.c:379
_PG_init
void _PG_init(void)
Definition: test_oat_hooks.c:74
next_exec_check_perms_hook
static ExecutorCheckPerms_hook_type next_exec_check_perms_hook
Definition: test_oat_hooks.c:48
next_ProcessUtility_hook
static ProcessUtility_hook_type next_ProcessUtility_hook
Definition: test_oat_hooks.c:49
emit_audit_message
static void emit_audit_message(const char *type, const char *hook, char *action, char *objName)
Definition: test_oat_hooks.c:230
REGRESS_deny_set_variable
static bool REGRESS_deny_set_variable
Definition: test_oat_hooks.c:29
REGRESS_userset_variable2
static bool REGRESS_userset_variable2
Definition: test_oat_hooks.c:41
PG_MODULE_MAGIC
PG_MODULE_MAGIC
Definition: test_oat_hooks.c:24
accesstype_arg_to_string
static char * accesstype_arg_to_string(ObjectAccessType access, void *arg)
Definition: test_oat_hooks.c:457
REGRESS_deny_alter_system
static bool REGRESS_deny_alter_system
Definition: test_oat_hooks.c:30
REGRESS_object_access_hook
static void REGRESS_object_access_hook(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
Definition: test_oat_hooks.c:324
audit_attempt
static void audit_attempt(const char *hook, char *action, char *objName)
Definition: test_oat_hooks.c:258
accesstype_to_string
static char * accesstype_to_string(ObjectAccessType access, int subId)
Definition: test_oat_hooks.c:418
REGRESS_exec_check_perms
static bool REGRESS_exec_check_perms(List *rangeTabls, List *rteperminfos, bool do_abort)
Definition: test_oat_hooks.c:347
REGRESS_userset_variable1
static bool REGRESS_userset_variable1
Definition: test_oat_hooks.c:40
audit_failure
static void audit_failure(const char *hook, char *action, char *objName)
Definition: test_oat_hooks.c:270
REGRESS_deny_utility_commands
static bool REGRESS_deny_utility_commands
Definition: test_oat_hooks.c:33
next_object_access_hook
static object_access_hook_type next_object_access_hook
Definition: test_oat_hooks.c:46
next_object_access_hook_str
static object_access_hook_type_str next_object_access_hook_str
Definition: test_oat_hooks.c:47
REGRESS_suset_variable2
static bool REGRESS_suset_variable2
Definition: test_oat_hooks.c:43
REGRESS_object_access_hook_str
static void REGRESS_object_access_hook_str(ObjectAccessType access, Oid classId, const char *objName, int subId, void *arg)
Definition: test_oat_hooks.c:276
audit_success
static void audit_success(const char *hook, char *action, char *objName)
Definition: test_oat_hooks.c:264
REGRESS_audit
static bool REGRESS_audit
Definition: test_oat_hooks.c:34
standard_ProcessUtility
void standard_ProcessUtility(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
Definition: utility.c:543
CreateCommandTag
CommandTag CreateCommandTag(Node *parsetree)
Definition: utility.c:2362
ProcessUtility_hook
ProcessUtility_hook_type ProcessUtility_hook
Definition: utility.c:70
ProcessUtility_hook_type
void(* ProcessUtility_hook_type)(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
Definition: utility.h:71
ProcessUtilityContext
ProcessUtilityContext
Definition: utility.h:21
type
const char * type
Definition: wait_event_funcs.c:27