test_rls_hooks.h File Reference

#include "rewrite/rowsecurity.h"

Include dependency graph for test_rls_hooks.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions
List *	test_rls_hooks_permissive (CmdType cmdtype, Relation relation)
List *	test_rls_hooks_restrictive (CmdType cmdtype, Relation relation)

Function Documentation

test_rls_hooks_permissive()

List * test_rls_hooks_permissive ( CmdType  cmdtype, Relation  relation  )

extern

Definition at line 44 of file test_rls_hooks.c.

{
    List       *policies = NIL;
    RowSecurityPolicy *policy = palloc0_object(RowSecurityPolicy);
    Datum       role;
    FuncCall   *n;
    Node       *e;
    ColumnRef  *c;
    ParseState *qual_pstate;
    ParseNamespaceItem *nsitem;
 
    if (strcmp(RelationGetRelationName(relation), "rls_test_permissive") != 0 &&
        strcmp(RelationGetRelationName(relation), "rls_test_both") != 0)
        return NIL;
 
    qual_pstate = make_parsestate(NULL);
 
    nsitem = addRangeTableEntryForRelation(qual_pstate,
                                           relation, AccessShareLock,
                                           NULL, false, false);
    addNSItemToQuery(qual_pstate, nsitem, false, true, true);
 
    role = ObjectIdGetDatum(ACL_ID_PUBLIC);
 
    policy->policy_name = pstrdup("extension policy");
    policy->polcmd = '*';
    policy->roles = construct_array_builtin(&role, 1, OIDOID);
 
    /*
     * policy->qual = (Expr *) makeConst(BOOLOID, -1, InvalidOid,
     * sizeof(bool), BoolGetDatum(true), false, true);
     */
 
    n = makeFuncCall(list_make2(makeString("pg_catalog"),
                                makeString("current_user")),
                     NIL,
                     COERCE_EXPLICIT_CALL,
                     -1);
 
    c = makeNode(ColumnRef);
    c->fields = list_make1(makeString("username"));
    c->location = 0;
 
    e = (Node *) makeSimpleA_Expr(AEXPR_OP, "=", (Node *) n, (Node *) c, 0);
 
    policy->qual = (Expr *) transformWhereClause(qual_pstate, copyObject(e),
                                                 EXPR_KIND_POLICY,
                                                 "POLICY");
    /* Fix up collation information */
    assign_expr_collations(qual_pstate, (Node *) policy->qual);
 
    policy->with_check_qual = copyObject(policy->qual);
    policy->hassublinks = false;
 
    policies = list_make1(policy);
 
    return policies;
}

References AccessShareLock, ACL_ID_PUBLIC, addNSItemToQuery(), addRangeTableEntryForRelation(), AEXPR_OP, assign_expr_collations(), COERCE_EXPLICIT_CALL, construct_array_builtin(), copyObject, EXPR_KIND_POLICY, fb(), list_make1, list_make2, make_parsestate(), makeFuncCall(), makeNode, makeSimpleA_Expr(), makeString(), NIL, ObjectIdGetDatum(), palloc0_object, pstrdup(), RelationGetRelationName, and transformWhereClause().

Referenced by _PG_init().

test_rls_hooks_restrictive()

List * test_rls_hooks_restrictive ( CmdType  cmdtype, Relation  relation  )

extern

Definition at line 112 of file test_rls_hooks.c.

{
    List       *policies = NIL;
    RowSecurityPolicy *policy = palloc0_object(RowSecurityPolicy);
    Datum       role;
    FuncCall   *n;
    Node       *e;
    ColumnRef  *c;
    ParseState *qual_pstate;
    ParseNamespaceItem *nsitem;
 
    if (strcmp(RelationGetRelationName(relation), "rls_test_restrictive") != 0 &&
        strcmp(RelationGetRelationName(relation), "rls_test_both") != 0)
        return NIL;
 
    qual_pstate = make_parsestate(NULL);
 
    nsitem = addRangeTableEntryForRelation(qual_pstate,
                                           relation, AccessShareLock,
                                           NULL, false, false);
    addNSItemToQuery(qual_pstate, nsitem, false, true, true);
 
    role = ObjectIdGetDatum(ACL_ID_PUBLIC);
 
    policy->policy_name = pstrdup("extension policy");
    policy->polcmd = '*';
    policy->roles = construct_array_builtin(&role, 1, OIDOID);
 
    n = makeFuncCall(list_make2(makeString("pg_catalog"),
                                makeString("current_user")),
                     NIL,
                     COERCE_EXPLICIT_CALL,
                     -1);
 
    c = makeNode(ColumnRef);
    c->fields = list_make1(makeString("supervisor"));
    c->location = 0;
 
    e = (Node *) makeSimpleA_Expr(AEXPR_OP, "=", (Node *) n, (Node *) c, 0);
 
    policy->qual = (Expr *) transformWhereClause(qual_pstate, copyObject(e),
                                                 EXPR_KIND_POLICY,
                                                 "POLICY");
    /* Fix up collation information */
    assign_expr_collations(qual_pstate, (Node *) policy->qual);
 
    policy->with_check_qual = copyObject(policy->qual);
    policy->hassublinks = false;
 
    policies = list_make1(policy);
 
    return policies;
}

References AccessShareLock, ACL_ID_PUBLIC, addNSItemToQuery(), addRangeTableEntryForRelation(), AEXPR_OP, assign_expr_collations(), COERCE_EXPLICIT_CALL, construct_array_builtin(), copyObject, EXPR_KIND_POLICY, fb(), list_make1, list_make2, make_parsestate(), makeFuncCall(), makeNode, makeSimpleA_Expr(), makeString(), NIL, ObjectIdGetDatum(), palloc0_object, pstrdup(), RelationGetRelationName, and transformWhereClause().

Referenced by _PG_init().