PostgreSQL Source Code  git master
test_rls_hooks.c File Reference
#include "postgres.h"
#include "catalog/pg_type.h"
#include "fmgr.h"
#include "miscadmin.h"
#include "nodes/makefuncs.h"
#include "parser/parse_clause.h"
#include "parser/parse_collate.h"
#include "parser/parse_node.h"
#include "parser/parse_relation.h"
#include "rewrite/rowsecurity.h"
#include "test_rls_hooks.h"
#include "utils/acl.h"
#include "utils/rel.h"
#include "utils/relcache.h"
Include dependency graph for test_rls_hooks.c:

Go to the source code of this file.

Functions

void _PG_init (void)
 
void _PG_fini (void)
 
Listtest_rls_hooks_permissive (CmdType cmdtype, Relation relation)
 
Listtest_rls_hooks_restrictive (CmdType cmdtype, Relation relation)
 

Variables

 PG_MODULE_MAGIC
 
static row_security_policy_hook_type prev_row_security_policy_hook_permissive = NULL
 
static row_security_policy_hook_type prev_row_security_policy_hook_restrictive = NULL
 

Function Documentation

◆ _PG_fini()

void _PG_fini ( void  )

Definition at line 54 of file test_rls_hooks.c.

References prev_row_security_policy_hook_permissive, prev_row_security_policy_hook_restrictive, row_security_policy_hook_permissive, and row_security_policy_hook_restrictive.

55 {
58 }
static row_security_policy_hook_type prev_row_security_policy_hook_permissive
row_security_policy_hook_type row_security_policy_hook_permissive
Definition: rowsecurity.c:96
static row_security_policy_hook_type prev_row_security_policy_hook_restrictive
row_security_policy_hook_type row_security_policy_hook_restrictive
Definition: rowsecurity.c:97

◆ _PG_init()

void _PG_init ( void  )

Definition at line 41 of file test_rls_hooks.c.

References prev_row_security_policy_hook_permissive, prev_row_security_policy_hook_restrictive, row_security_policy_hook_permissive, row_security_policy_hook_restrictive, test_rls_hooks_permissive(), and test_rls_hooks_restrictive().

42 {
43  /* Save values for unload */
46 
47  /* Set our hooks */
50 }
static row_security_policy_hook_type prev_row_security_policy_hook_permissive
row_security_policy_hook_type row_security_policy_hook_permissive
Definition: rowsecurity.c:96
List * test_rls_hooks_permissive(CmdType cmdtype, Relation relation)
static row_security_policy_hook_type prev_row_security_policy_hook_restrictive
row_security_policy_hook_type row_security_policy_hook_restrictive
Definition: rowsecurity.c:97
List * test_rls_hooks_restrictive(CmdType cmdtype, Relation relation)

◆ test_rls_hooks_permissive()

List* test_rls_hooks_permissive ( CmdType  cmdtype,
Relation  relation 
)

Definition at line 64 of file test_rls_hooks.c.

References AccessShareLock, ACL_ID_PUBLIC, addNSItemToQuery(), addRangeTableEntryForRelation(), AEXPR_OP, assign_expr_collations(), construct_array(), copyObject, EXPR_KIND_POLICY, ColumnRef::fields, RowSecurityPolicy::hassublinks, list_make1, list_make2, ColumnRef::location, make_parsestate(), makeFuncCall(), makeNode, makeSimpleA_Expr(), makeString(), NIL, ObjectIdGetDatum, palloc0(), RowSecurityPolicy::polcmd, RowSecurityPolicy::policy_name, pstrdup(), RowSecurityPolicy::qual, RelationGetRelationName, RowSecurityPolicy::roles, transformWhereClause(), and RowSecurityPolicy::with_check_qual.

Referenced by _PG_init().

65 {
66  List *policies = NIL;
67  RowSecurityPolicy *policy = palloc0(sizeof(RowSecurityPolicy));
68  Datum role;
69  FuncCall *n;
70  Node *e;
71  ColumnRef *c;
72  ParseState *qual_pstate;
73  ParseNamespaceItem *nsitem;
74 
75  if (strcmp(RelationGetRelationName(relation), "rls_test_permissive") != 0 &&
76  strcmp(RelationGetRelationName(relation), "rls_test_both") != 0)
77  return NIL;
78 
79  qual_pstate = make_parsestate(NULL);
80 
81  nsitem = addRangeTableEntryForRelation(qual_pstate,
82  relation, AccessShareLock,
83  NULL, false, false);
84  addNSItemToQuery(qual_pstate, nsitem, false, true, true);
85 
87 
88  policy->policy_name = pstrdup("extension policy");
89  policy->polcmd = '*';
90  policy->roles = construct_array(&role, 1, OIDOID, sizeof(Oid), true, TYPALIGN_INT);
91 
92  /*
93  * policy->qual = (Expr *) makeConst(BOOLOID, -1, InvalidOid,
94  * sizeof(bool), BoolGetDatum(true), false, true);
95  */
96 
97  n = makeFuncCall(list_make2(makeString("pg_catalog"),
98  makeString("current_user")), NIL, 0);
99 
100  c = makeNode(ColumnRef);
101  c->fields = list_make1(makeString("username"));
102  c->location = 0;
103 
104  e = (Node *) makeSimpleA_Expr(AEXPR_OP, "=", (Node *) n, (Node *) c, 0);
105 
106  policy->qual = (Expr *) transformWhereClause(qual_pstate, copyObject(e),
108  "POLICY");
109  /* Fix up collation information */
110  assign_expr_collations(qual_pstate, (Node *) policy->qual);
111 
112  policy->with_check_qual = copyObject(policy->qual);
113  policy->hassublinks = false;
114 
115  policies = list_make1(policy);
116 
117  return policies;
118 }
#define list_make2(x1, x2)
Definition: pg_list.h:229
Value * makeString(char *str)
Definition: value.c:53
#define NIL
Definition: pg_list.h:65
char * pstrdup(const char *in)
Definition: mcxt.c:1186
ArrayType * construct_array(Datum *elems, int nelems, Oid elmtype, int elmlen, bool elmbyval, char elmalign)
Definition: arrayfuncs.c:3313
#define AccessShareLock
Definition: lockdefs.h:36
void addNSItemToQuery(ParseState *pstate, ParseNamespaceItem *nsitem, bool addToJoinList, bool addToRelNameSpace, bool addToVarNameSpace)
Definition: nodes.h:529
unsigned int Oid
Definition: postgres_ext.h:31
A_Expr * makeSimpleA_Expr(A_Expr_Kind kind, char *name, Node *lexpr, Node *rexpr, int location)
Definition: makefuncs.c:48
ParseNamespaceItem * addRangeTableEntryForRelation(ParseState *pstate, Relation rel, int lockmode, Alias *alias, bool inh, bool inFromCl)
ParseState * make_parsestate(ParseState *parentParseState)
Definition: parse_node.c:43
int location
Definition: parsenodes.h:237
#define list_make1(x1)
Definition: pg_list.h:227
void assign_expr_collations(ParseState *pstate, Node *expr)
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
char * c
Expr * with_check_qual
Definition: rowsecurity.h:27
#define RelationGetRelationName(relation)
Definition: rel.h:490
ArrayType * roles
Definition: rowsecurity.h:24
FuncCall * makeFuncCall(List *name, List *args, int location)
Definition: makefuncs.c:585
void * palloc0(Size size)
Definition: mcxt.c:980
uintptr_t Datum
Definition: postgres.h:367
#define makeNode(_type_)
Definition: nodes.h:577
Node * transformWhereClause(ParseState *pstate, Node *clause, ParseExprKind exprKind, const char *constructName)
e
Definition: preproc-init.c:82
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define copyObject(obj)
Definition: nodes.h:645
Definition: pg_list.h:50
List * fields
Definition: parsenodes.h:236

◆ test_rls_hooks_restrictive()

List* test_rls_hooks_restrictive ( CmdType  cmdtype,
Relation  relation 
)

Definition at line 129 of file test_rls_hooks.c.

References AccessShareLock, ACL_ID_PUBLIC, addNSItemToQuery(), addRangeTableEntryForRelation(), AEXPR_OP, assign_expr_collations(), construct_array(), copyObject, EXPR_KIND_POLICY, ColumnRef::fields, RowSecurityPolicy::hassublinks, list_make1, list_make2, ColumnRef::location, make_parsestate(), makeFuncCall(), makeNode, makeSimpleA_Expr(), makeString(), NIL, ObjectIdGetDatum, palloc0(), RowSecurityPolicy::polcmd, RowSecurityPolicy::policy_name, pstrdup(), RowSecurityPolicy::qual, RelationGetRelationName, RowSecurityPolicy::roles, transformWhereClause(), and RowSecurityPolicy::with_check_qual.

Referenced by _PG_init().

130 {
131  List *policies = NIL;
132  RowSecurityPolicy *policy = palloc0(sizeof(RowSecurityPolicy));
133  Datum role;
134  FuncCall *n;
135  Node *e;
136  ColumnRef *c;
137  ParseState *qual_pstate;
138  ParseNamespaceItem *nsitem;
139 
140  if (strcmp(RelationGetRelationName(relation), "rls_test_restrictive") != 0 &&
141  strcmp(RelationGetRelationName(relation), "rls_test_both") != 0)
142  return NIL;
143 
144  qual_pstate = make_parsestate(NULL);
145 
146  nsitem = addRangeTableEntryForRelation(qual_pstate,
147  relation, AccessShareLock,
148  NULL, false, false);
149  addNSItemToQuery(qual_pstate, nsitem, false, true, true);
150 
152 
153  policy->policy_name = pstrdup("extension policy");
154  policy->polcmd = '*';
155  policy->roles = construct_array(&role, 1, OIDOID, sizeof(Oid), true, TYPALIGN_INT);
156 
157  n = makeFuncCall(list_make2(makeString("pg_catalog"),
158  makeString("current_user")), NIL, 0);
159 
160  c = makeNode(ColumnRef);
161  c->fields = list_make1(makeString("supervisor"));
162  c->location = 0;
163 
164  e = (Node *) makeSimpleA_Expr(AEXPR_OP, "=", (Node *) n, (Node *) c, 0);
165 
166  policy->qual = (Expr *) transformWhereClause(qual_pstate, copyObject(e),
168  "POLICY");
169  /* Fix up collation information */
170  assign_expr_collations(qual_pstate, (Node *) policy->qual);
171 
172  policy->with_check_qual = copyObject(policy->qual);
173  policy->hassublinks = false;
174 
175  policies = list_make1(policy);
176 
177  return policies;
178 }
#define list_make2(x1, x2)
Definition: pg_list.h:229
Value * makeString(char *str)
Definition: value.c:53
#define NIL
Definition: pg_list.h:65
char * pstrdup(const char *in)
Definition: mcxt.c:1186
ArrayType * construct_array(Datum *elems, int nelems, Oid elmtype, int elmlen, bool elmbyval, char elmalign)
Definition: arrayfuncs.c:3313
#define AccessShareLock
Definition: lockdefs.h:36
void addNSItemToQuery(ParseState *pstate, ParseNamespaceItem *nsitem, bool addToJoinList, bool addToRelNameSpace, bool addToVarNameSpace)
Definition: nodes.h:529
unsigned int Oid
Definition: postgres_ext.h:31
A_Expr * makeSimpleA_Expr(A_Expr_Kind kind, char *name, Node *lexpr, Node *rexpr, int location)
Definition: makefuncs.c:48
ParseNamespaceItem * addRangeTableEntryForRelation(ParseState *pstate, Relation rel, int lockmode, Alias *alias, bool inh, bool inFromCl)
ParseState * make_parsestate(ParseState *parentParseState)
Definition: parse_node.c:43
int location
Definition: parsenodes.h:237
#define list_make1(x1)
Definition: pg_list.h:227
void assign_expr_collations(ParseState *pstate, Node *expr)
#define ObjectIdGetDatum(X)
Definition: postgres.h:507
char * c
Expr * with_check_qual
Definition: rowsecurity.h:27
#define RelationGetRelationName(relation)
Definition: rel.h:490
ArrayType * roles
Definition: rowsecurity.h:24
FuncCall * makeFuncCall(List *name, List *args, int location)
Definition: makefuncs.c:585
void * palloc0(Size size)
Definition: mcxt.c:980
uintptr_t Datum
Definition: postgres.h:367
#define makeNode(_type_)
Definition: nodes.h:577
Node * transformWhereClause(ParseState *pstate, Node *clause, ParseExprKind exprKind, const char *constructName)
e
Definition: preproc-init.c:82
#define ACL_ID_PUBLIC
Definition: acl.h:46
#define copyObject(obj)
Definition: nodes.h:645
Definition: pg_list.h:50
List * fields
Definition: parsenodes.h:236

Variable Documentation

◆ PG_MODULE_MAGIC

PG_MODULE_MAGIC

Definition at line 30 of file test_rls_hooks.c.

◆ prev_row_security_policy_hook_permissive

row_security_policy_hook_type prev_row_security_policy_hook_permissive = NULL
static

Definition at line 33 of file test_rls_hooks.c.

Referenced by _PG_fini(), and _PG_init().

◆ prev_row_security_policy_hook_restrictive

row_security_policy_hook_type prev_row_security_policy_hook_restrictive = NULL
static

Definition at line 34 of file test_rls_hooks.c.

Referenced by _PG_fini(), and _PG_init().