54 Oid classId,
const char *objName,
55 int subId,
void *
arg);
57 Oid objectId,
int subId,
void *
arg);
60 const char *queryString,
bool readOnlyTree,
81 "Deny non-superuser set permissions",
95 "Deny non-superuser alter system set permissions",
109 "Deny non-superuser object access permissions",
123 "Deny non-superuser exec permissions",
137 "Deny non-superuser utility commands",
151 "Turn on/off debug audit messages",
165 "Dummy parameter settable by public",
176 "Dummy parameter settable by public",
190 "Dummy parameter settable by superuser",
201 "Dummy parameter settable by superuser",
244 (
errcode(ERRCODE_INTERNAL_ERROR),
248 (
errcode(ERRCODE_INTERNAL_ERROR),
285 (*next_object_access_hook_str) (
access, classId, objName, subId,
arg);
295 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
296 errmsg(
"permission denied: all privileges %s", objName)));
302 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
303 errmsg(
"permission denied: set %s", objName)));
309 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
310 errmsg(
"permission denied: alter system set %s", objName)));
313 elog(
ERROR,
"Unknown ParameterAclRelationId subId: %d", subId);
333 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
334 errmsg(
"permission denied: %s [%s]",
340 (*next_object_access_hook) (
access, classId, objectId, subId,
arg);
357 if (do_abort && !allow)
359 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
360 errmsg(
"permission denied: %s",
"execute")));
381 const char *queryString,
399 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
404 (*next_ProcessUtility_hook) (pstmt, queryString, readOnlyTree,
435 type =
"namespace search";
444 type =
"UNRECOGNIZED ObjectAccessType";
448 return psprintf(
"%s (subId=0x%x, all privileges)",
type, subId);
452 return psprintf(
"%s (subId=0x%x, alter system)",
type, subId);
461 return pstrdup(
"extra info null");
478 ?
"internal action," :
""),
480 ?
"concurrent drop," :
""),
482 ?
"suppress notices," :
""),
484 ?
"keep original object," :
""),
486 ?
"keep extensions," :
""),
488 ?
"normal concurrent drop," :
""));
495 return psprintf(
"%s %s auxiliary object",
506 (ns_arg->
result ?
"allowed" :
"denied"));
512 return pstrdup(
"unexpected extra info pointer received");
514 return pstrdup(
"cannot parse extra info for unrecognized access type");
#define OidIsValid(objectId)
const char * GetCommandTagName(CommandTag commandTag)
#define PERFORM_DELETION_CONCURRENTLY
#define PERFORM_DELETION_SKIP_EXTENSIONS
#define PERFORM_DELETION_CONCURRENT_LOCK
#define PERFORM_DELETION_QUIETLY
#define PERFORM_DELETION_SKIP_ORIGINAL
#define PERFORM_DELETION_INTERNAL
int errcode(int sqlerrcode)
int errmsg(const char *fmt,...)
#define ereport(elevel,...)
ExecutorCheckPerms_hook_type ExecutorCheckPerms_hook
bool(* ExecutorCheckPerms_hook_type)(List *rangeTable, List *rtePermInfos, bool ereport_on_violation)
void DefineCustomBoolVariable(const char *name, const char *short_desc, const char *long_desc, bool *valueAddr, bool bootValue, GucContext context, int flags, GucBoolCheckHook check_hook, GucBoolAssignHook assign_hook, GucShowHook show_hook)
void MarkGUCPrefixReserved(const char *className)
#define GUC_NOT_IN_SAMPLE
#define IsParallelWorker()
char * pstrdup(const char *in)
void pfree(void *pointer)
object_access_hook_type object_access_hook
object_access_hook_type_str object_access_hook_str
void(* object_access_hook_type)(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
void(* object_access_hook_type_str)(ObjectAccessType access, Oid classId, const char *objectStr, int subId, void *arg)
char * psprintf(const char *fmt,...)
bool ereport_on_violation
bool superuser_arg(Oid roleid)
static bool REGRESS_suset_variable1
static bool REGRESS_deny_exec_perms
static bool REGRESS_deny_object_access
static void REGRESS_utility_command(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
static ExecutorCheckPerms_hook_type next_exec_check_perms_hook
static ProcessUtility_hook_type next_ProcessUtility_hook
static void emit_audit_message(const char *type, const char *hook, char *action, char *objName)
static bool REGRESS_deny_set_variable
static bool REGRESS_userset_variable2
static char * accesstype_arg_to_string(ObjectAccessType access, void *arg)
static bool REGRESS_deny_alter_system
static void REGRESS_object_access_hook(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
static void audit_attempt(const char *hook, char *action, char *objName)
static char * accesstype_to_string(ObjectAccessType access, int subId)
static bool REGRESS_exec_check_perms(List *rangeTabls, List *rteperminfos, bool do_abort)
static bool REGRESS_userset_variable1
static void audit_failure(const char *hook, char *action, char *objName)
static bool REGRESS_deny_utility_commands
static object_access_hook_type next_object_access_hook
static object_access_hook_type_str next_object_access_hook_str
static bool REGRESS_suset_variable2
static void REGRESS_object_access_hook_str(ObjectAccessType access, Oid classId, const char *objName, int subId, void *arg)
static void audit_success(const char *hook, char *action, char *objName)
static bool REGRESS_audit
void standard_ProcessUtility(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
CommandTag CreateCommandTag(Node *parsetree)
ProcessUtility_hook_type ProcessUtility_hook
void(* ProcessUtility_hook_type)(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)