53 Oid classId,
const char *objName,
54 int subId,
void *
arg);
56 Oid objectId,
int subId,
void *
arg);
59 const char *queryString,
bool readOnlyTree,
80 "Deny non-superuser set permissions",
94 "Deny non-superuser alter system set permissions",
108 "Deny non-superuser object access permissions",
122 "Deny non-superuser exec permissions",
136 "Deny non-superuser utility commands",
150 "Turn on/off debug audit messages",
164 "Dummy parameter settable by public",
175 "Dummy parameter settable by public",
189 "Dummy parameter settable by superuser",
200 "Dummy parameter settable by superuser",
243 (
errcode(ERRCODE_INTERNAL_ERROR),
247 (
errcode(ERRCODE_INTERNAL_ERROR),
284 (*next_object_access_hook_str) (
access, classId, objName, subId,
arg);
294 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
295 errmsg(
"permission denied: all privileges %s", objName)));
301 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
302 errmsg(
"permission denied: set %s", objName)));
308 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
309 errmsg(
"permission denied: alter system set %s", objName)));
312 elog(
ERROR,
"Unknown ParameterAclRelationId subId: %d", subId);
332 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
333 errmsg(
"permission denied: %s [%s]",
339 (*next_object_access_hook) (
access, classId, objectId, subId,
arg);
356 if (do_abort && !allow)
358 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
359 errmsg(
"permission denied: %s",
"execute")));
380 const char *queryString,
398 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
403 (*next_ProcessUtility_hook) (pstmt, queryString, readOnlyTree,
434 type =
"namespace search";
443 type =
"UNRECOGNIZED ObjectAccessType";
447 return psprintf(
"%s (subId=0x%x, all privileges)",
type, subId);
451 return psprintf(
"%s (subId=0x%x, alter system)",
type, subId);
460 return pstrdup(
"extra info null");
477 ?
"internal action," :
""),
479 ?
"concurrent drop," :
""),
481 ?
"suppress notices," :
""),
483 ?
"keep original object," :
""),
485 ?
"keep extensions," :
""),
487 ?
"normal concurrent drop," :
""));
494 return psprintf(
"%s %s auxiliary object",
505 (ns_arg->
result ?
"allowed" :
"denied"));
511 return pstrdup(
"unexpected extra info pointer received");
513 return pstrdup(
"cannot parse extra info for unrecognized access type");
#define OidIsValid(objectId)
const char * GetCommandTagName(CommandTag commandTag)
#define PERFORM_DELETION_CONCURRENTLY
#define PERFORM_DELETION_SKIP_EXTENSIONS
#define PERFORM_DELETION_CONCURRENT_LOCK
#define PERFORM_DELETION_QUIETLY
#define PERFORM_DELETION_SKIP_ORIGINAL
#define PERFORM_DELETION_INTERNAL
int errcode(int sqlerrcode)
int errmsg(const char *fmt,...)
#define ereport(elevel,...)
ExecutorCheckPerms_hook_type ExecutorCheckPerms_hook
bool(* ExecutorCheckPerms_hook_type)(List *rangeTable, List *rtePermInfos, bool ereport_on_violation)
void DefineCustomBoolVariable(const char *name, const char *short_desc, const char *long_desc, bool *valueAddr, bool bootValue, GucContext context, int flags, GucBoolCheckHook check_hook, GucBoolAssignHook assign_hook, GucShowHook show_hook)
void MarkGUCPrefixReserved(const char *className)
#define GUC_NOT_IN_SAMPLE
#define IsParallelWorker()
char * pstrdup(const char *in)
void pfree(void *pointer)
object_access_hook_type object_access_hook
object_access_hook_type_str object_access_hook_str
void(* object_access_hook_type)(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
void(* object_access_hook_type_str)(ObjectAccessType access, Oid classId, const char *objectStr, int subId, void *arg)
char * psprintf(const char *fmt,...)
bool ereport_on_violation
bool superuser_arg(Oid roleid)
static bool REGRESS_suset_variable1
static bool REGRESS_deny_exec_perms
static bool REGRESS_deny_object_access
static void REGRESS_utility_command(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
static ExecutorCheckPerms_hook_type next_exec_check_perms_hook
static ProcessUtility_hook_type next_ProcessUtility_hook
static void emit_audit_message(const char *type, const char *hook, char *action, char *objName)
static bool REGRESS_deny_set_variable
static bool REGRESS_userset_variable2
static char * accesstype_arg_to_string(ObjectAccessType access, void *arg)
static bool REGRESS_deny_alter_system
static void REGRESS_object_access_hook(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
static void audit_attempt(const char *hook, char *action, char *objName)
static char * accesstype_to_string(ObjectAccessType access, int subId)
static bool REGRESS_exec_check_perms(List *rangeTabls, List *rteperminfos, bool do_abort)
static bool REGRESS_userset_variable1
static void audit_failure(const char *hook, char *action, char *objName)
static bool REGRESS_deny_utility_commands
static object_access_hook_type next_object_access_hook
static object_access_hook_type_str next_object_access_hook_str
static bool REGRESS_suset_variable2
static void REGRESS_object_access_hook_str(ObjectAccessType access, Oid classId, const char *objName, int subId, void *arg)
static void audit_success(const char *hook, char *action, char *objName)
static bool REGRESS_audit
void standard_ProcessUtility(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
CommandTag CreateCommandTag(Node *parsetree)
ProcessUtility_hook_type ProcessUtility_hook
void(* ProcessUtility_hook_type)(PlannedStmt *pstmt, const char *queryString, bool readOnlyTree, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)