PostgreSQL Source Code
git master
|
#include "postgres.h"
#include "access/genam.h"
#include "access/htup_details.h"
#include "access/table.h"
#include "access/xact.h"
#include "catalog/binary_upgrade.h"
#include "catalog/catalog.h"
#include "catalog/dependency.h"
#include "catalog/indexing.h"
#include "catalog/objectaccess.h"
#include "catalog/pg_auth_members.h"
#include "catalog/pg_authid.h"
#include "catalog/pg_database.h"
#include "catalog/pg_db_role_setting.h"
#include "commands/comment.h"
#include "commands/dbcommands.h"
#include "commands/defrem.h"
#include "commands/seclabel.h"
#include "commands/user.h"
#include "libpq/crypt.h"
#include "miscadmin.h"
#include "storage/lmgr.h"
#include "utils/acl.h"
#include "utils/builtins.h"
#include "utils/catcache.h"
#include "utils/fmgroids.h"
#include "utils/syscache.h"
#include "utils/varlena.h"
Go to the source code of this file.
Data Structures | |
struct | GrantRoleOptions |
Macros | |
#define | GRANT_ROLE_SPECIFIED_ADMIN 0x0001 |
#define | GRANT_ROLE_SPECIFIED_INHERIT 0x0002 |
#define | GRANT_ROLE_SPECIFIED_SET 0x0004 |
Enumerations | |
enum | RevokeRoleGrantAction { RRG_NOOP , RRG_REMOVE_ADMIN_OPTION , RRG_REMOVE_INHERIT_OPTION , RRG_REMOVE_SET_OPTION , RRG_DELETE_GRANT } |
Variables | |
Oid | binary_upgrade_next_pg_authid_oid = InvalidOid |
int | Password_encryption = PASSWORD_TYPE_SCRAM_SHA_256 |
char * | createrole_self_grant = "" |
static bool | createrole_self_grant_enabled = false |
static GrantRoleOptions | createrole_self_grant_options |
check_password_hook_type | check_password_hook = NULL |
|
static |
Definition at line 1681 of file user.c.
References GrantRoleOptions::admin, Assert, BoolGetDatum(), CatalogTupleInsert(), CatalogTupleUpdate(), check_role_grantor(), CommandCounterIncrement(), elog, ereport, errcode(), errmsg(), ERROR, forboth, get_rolespec_name(), GetNewOidWithIndex(), GETSTRUCT, GetUserNameFromId(), GRANT_ROLE_SPECIFIED_ADMIN, GRANT_ROLE_SPECIFIED_INHERIT, GRANT_ROLE_SPECIFIED_SET, heap_form_tuple(), heap_modify_tuple(), HeapTupleIsValid, i, GrantRoleOptions::inherit, initialize_revoke_actions(), InvalidOid, is_member_of_role_nosuper(), lfirst_node, lfirst_oid, list_length(), LockSharedObject(), catclist::members, catclist::n_members, NoLock, NOTICE, ObjectIdGetDatum(), palloc(), plan_member_revoke(), RelationGetDescr, ReleaseSysCache(), ReleaseSysCacheList, RowExclusiveLock, RRG_NOOP, SearchSysCache1(), SearchSysCache3(), SearchSysCacheList1, GrantRoleOptions::set, ShareUpdateExclusiveLock, GrantRoleOptions::specified, HeapTupleData::t_self, table_close(), table_open(), catctup::tuple, and updateAclDependencies().
Referenced by AlterRole(), CreateRole(), and GrantRole().
Oid AlterRole | ( | ParseState * | pstate, |
AlterRoleStmt * | stmt | ||
) |
Definition at line 619 of file user.c.
References _, AddRoleMems(), DefElem::arg, BoolGetDatum(), boolVal, CatalogTupleUpdate(), check_password_hook, check_rolespec_name(), CommandCounterIncrement(), CStringGetDatum(), CStringGetTextDatum, DefElem::defname, DelRoleMems(), DirectFunctionCall3, DROP_RESTRICT, elog, encrypt_password(), ereport, errcode(), errdetail(), errmsg(), ERROR, errorConflictingDefElem(), get_password_type(), get_rolespec_tuple(), GETSTRUCT, GetUserId(), has_bypassrls_privilege(), has_rolreplication(), have_createdb_privilege(), have_createrole_privilege(), heap_freetuple(), heap_modify_tuple(), InitGrantRoleOptions(), Int32GetDatum(), intVal, InvalidOid, InvokeObjectPostAlterHook, is_admin_of_role(), lfirst, NameStr, NoLock, NOTICE, ObjectIdGetDatum(), password, Password_encryption, plain_crypt_verify(), pstrdup(), RelationGetDescr, ReleaseSysCache(), roleSpecsToIds(), RowExclusiveLock, STATUS_OK, stmt, strVal, superuser(), SysCacheGetAttr(), HeapTupleData::t_self, table_close(), table_open(), and timestamptz_in().
Referenced by standard_ProcessUtility().
Oid AlterRoleSet | ( | AlterRoleSetStmt * | stmt | ) |
Definition at line 1000 of file user.c.
References _, aclcheck_error(), ACLCHECK_NOT_OWNER, AlterSetting(), check_rolespec_name(), ereport, errcode(), errdetail(), errmsg(), ERROR, get_database_oid(), get_rolespec_tuple(), GETSTRUCT, GetUserId(), have_createrole_privilege(), InvalidOid, is_admin_of_role(), NameStr, OBJECT_DATABASE, object_ownercheck(), ReleaseSysCache(), shdepLockAndCheckObject(), stmt, and superuser().
Referenced by standard_ProcessUtility().
void assign_createrole_self_grant | ( | const char * | newval, |
void * | extra | ||
) |
Definition at line 2568 of file user.c.
References GrantRoleOptions::admin, createrole_self_grant_enabled, createrole_self_grant_options, GRANT_ROLE_SPECIFIED_ADMIN, GRANT_ROLE_SPECIFIED_INHERIT, GRANT_ROLE_SPECIFIED_SET, GrantRoleOptions::inherit, GrantRoleOptions::set, and GrantRoleOptions::specified.
Definition at line 2517 of file user.c.
References GRANT_ROLE_SPECIFIED_INHERIT, GRANT_ROLE_SPECIFIED_SET, GUC_check_errdetail, guc_malloc(), lfirst, list_free(), LOG, newval, options, pfree(), pg_strcasecmp(), pstrdup(), and SplitIdentifierString().
|
static |
Definition at line 2205 of file user.c.
References elog, ereport, errcode(), errdetail(), errmsg(), ERROR, GetUserNameFromId(), has_privs_of_role(), OidIsValid, select_best_admin(), and superuser_arg().
Referenced by AddRoleMems(), and DelRoleMems().
|
static |
Definition at line 2111 of file user.c.
References ereport, errcode(), errdetail(), errmsg(), ERROR, GetUserNameFromId(), is_admin_of_role(), and superuser_arg().
Referenced by CreateRole(), and GrantRole().
Oid CreateRole | ( | ParseState * | pstate, |
CreateRoleStmt * | stmt | ||
) |
Definition at line 132 of file user.c.
References AddRoleMems(), GrantRoleOptions::admin, DefElem::arg, binary_upgrade_next_pg_authid_oid, BoolGetDatum(), boolVal, CatalogTupleInsert(), check_password_hook, check_role_membership_authorization(), CommandCounterIncrement(), createdb(), createrole_self_grant_enabled, createrole_self_grant_options, CStringGetDatum(), CStringGetTextDatum, DefElem::defname, DirectFunctionCall1, DirectFunctionCall3, elog, encrypt_password(), ereport, errcode(), ERRCODE_DUPLICATE_OBJECT, errdetail(), errmsg(), ERROR, errorConflictingDefElem(), get_password_type(), get_role_oid(), get_rolespec_tuple(), GetNewOidWithIndex(), GETSTRUCT, GetUserId(), GRANT_ROLE_SPECIFIED_ADMIN, GRANT_ROLE_SPECIFIED_INHERIT, GRANT_ROLE_SPECIFIED_SET, has_bypassrls_privilege(), has_createrole_privilege(), has_rolreplication(), have_createdb_privilege(), heap_form_tuple(), if(), GrantRoleOptions::inherit, InitGrantRoleOptions(), Int32GetDatum(), intVal, InvalidOid, InvokeObjectPostCreateHook, IsBinaryUpgrade, IsReservedName(), lfirst, list_make1, list_make1_oid, RoleSpec::location, makeNode, namein(), NameStr, NIL, NoLock, NOTICE, ObjectIdGetDatum(), OidIsValid, password, Password_encryption, plain_crypt_verify(), RelationGetDescr, ReleaseSysCache(), RoleSpec::rolename, ROLESPEC_CSTRING, ROLESPEC_CURRENT_ROLE, roleSpecsToIds(), ROLESTMT_GROUP, ROLESTMT_ROLE, ROLESTMT_USER, RoleSpec::roletype, RowExclusiveLock, GrantRoleOptions::set, GrantRoleOptions::specified, STATUS_OK, stmt, strVal, superuser(), superuser_arg(), table_close(), table_open(), timestamptz_in(), and WARNING.
Referenced by standard_ProcessUtility().
|
static |
Definition at line 1979 of file user.c.
References Assert, BoolGetDatum(), CatalogTupleDelete(), CatalogTupleUpdate(), check_role_grantor(), deleteSharedDependencyRecordsFor(), elog, ereport, errmsg(), ERROR, forboth, get_rolespec_name(), GETSTRUCT, GetUserNameFromId(), heap_modify_tuple(), i, initialize_revoke_actions(), lfirst, lfirst_oid, list_length(), LockSharedObject(), catclist::members, catclist::n_members, NoLock, ObjectIdGetDatum(), plan_single_revoke(), RelationGetDescr, ReleaseSysCacheList, RowExclusiveLock, RRG_DELETE_GRANT, RRG_NOOP, RRG_REMOVE_ADMIN_OPTION, RRG_REMOVE_INHERIT_OPTION, RRG_REMOVE_SET_OPTION, SearchSysCacheList1, ShareUpdateExclusiveLock, HeapTupleData::t_self, table_close(), table_open(), catctup::tuple, and WARNING.
Referenced by AlterRole(), and GrantRole().
void DropOwnedObjects | ( | DropOwnedStmt * | stmt | ) |
Definition at line 1583 of file user.c.
References ereport, errcode(), errdetail(), errmsg(), ERROR, GetUserId(), GetUserNameFromId(), has_privs_of_role(), lfirst_oid, roleSpecsToIds(), shdepDropOwned(), and stmt.
Referenced by ProcessUtilitySlow().
void DropRole | ( | DropRoleStmt * | stmt | ) |
Definition at line 1090 of file user.c.
References AccessExclusiveLock, BTEqualStrategyNumber, CatalogTupleDelete(), checkSharedDependencies(), CommandCounterIncrement(), DeleteSharedComments(), deleteSharedDependencyRecordsFor(), DeleteSharedSecurityLabel(), DropSetting(), elog, ereport, errcode(), errdetail(), errdetail_internal(), errdetail_log(), errmsg(), ERROR, GetOuterUserId(), GetSessionUserId(), GETSTRUCT, GetUserId(), have_createrole_privilege(), HeapTupleIsValid, InvalidOid, InvokeObjectDropHook, is_admin_of_role(), lfirst, lfirst_oid, list_append_unique_oid(), LockSharedObject(), NameStr, NIL, NoLock, NOTICE, ObjectIdGetDatum(), PointerGetDatum(), ReleaseSysCache(), RoleSpec::rolename, ROLESPEC_CSTRING, RoleSpec::roletype, RowExclusiveLock, ScanKeyInit(), SearchSysCache1(), stmt, superuser(), systable_beginscan(), systable_endscan(), systable_getnext(), HeapTupleData::t_self, table_close(), and table_open().
Referenced by standard_ProcessUtility().
void GrantRole | ( | ParseState * | pstate, |
GrantRoleStmt * | stmt | ||
) |
Definition at line 1480 of file user.c.
References AccessShareLock, AddRoleMems(), GrantRoleOptions::admin, check_role_membership_authorization(), AccessPriv::cols, defGetString(), DefElem::defname, DelRoleMems(), ereport, errcode(), errmsg(), ERROR, get_role_oid(), get_rolespec_oid(), GetUserId(), GRANT_ROLE_SPECIFIED_ADMIN, GRANT_ROLE_SPECIFIED_INHERIT, GRANT_ROLE_SPECIFIED_SET, GrantRoleOptions::inherit, InitGrantRoleOptions(), InvalidOid, lfirst, DefElem::location, NIL, NoLock, parse_bool(), parser_errposition(), AccessPriv::priv_name, roleSpecsToIds(), GrantRoleOptions::set, GrantRoleOptions::specified, stmt, table_close(), and table_open().
Referenced by standard_ProcessUtility().
|
static |
Definition at line 122 of file user.c.
References GetUserId(), and has_createrole_privilege().
Referenced by AlterRole(), AlterRoleSet(), DropRole(), and RenameRole().
|
static |
Definition at line 2505 of file user.c.
References GrantRoleOptions::admin, GrantRoleOptions::inherit, GrantRoleOptions::set, and GrantRoleOptions::specified.
Referenced by AlterRole(), CreateRole(), and GrantRole().
|
static |
Definition at line 2290 of file user.c.
References i, catclist::n_members, palloc(), and RRG_NOOP.
Referenced by AddRoleMems(), and DelRoleMems().
|
static |
Definition at line 2391 of file user.c.
References DROP_CASCADE, GETSTRUCT, i, catclist::members, catclist::n_members, plan_recursive_revoke(), and catctup::tuple.
Referenced by AddRoleMems().
|
static |
Definition at line 2415 of file user.c.
References DROP_RESTRICT, ereport, errcode(), errhint(), errmsg(), ERROR, GETSTRUCT, i, catclist::members, catclist::n_members, RRG_DELETE_GRANT, RRG_NOOP, RRG_REMOVE_ADMIN_OPTION, and catctup::tuple.
Referenced by plan_member_revoke(), and plan_single_revoke().
|
static |
Definition at line 2321 of file user.c.
References Assert, GETSTRUCT, GRANT_ROLE_SPECIFIED_ADMIN, GRANT_ROLE_SPECIFIED_INHERIT, GRANT_ROLE_SPECIFIED_SET, i, catclist::members, catclist::n_members, pg_popcount32(), plan_recursive_revoke(), RRG_REMOVE_INHERIT_OPTION, RRG_REMOVE_SET_OPTION, GrantRoleOptions::specified, and catctup::tuple.
Referenced by DelRoleMems().
void ReassignOwnedObjects | ( | ReassignOwnedStmt * | stmt | ) |
Definition at line 1611 of file user.c.
References ereport, errcode(), errdetail(), errmsg(), ERROR, get_rolespec_oid(), GetUserId(), GetUserNameFromId(), has_privs_of_role(), lfirst_oid, roleSpecsToIds(), shdepReassignOwned(), and stmt.
Referenced by standard_ProcessUtility().
ObjectAddress RenameRole | ( | const char * | oldname, |
const char * | newname | ||
) |
Definition at line 1334 of file user.c.
References CatalogTupleUpdate(), CStringGetDatum(), DirectFunctionCall1, elog, ereport, errcode(), ERRCODE_DUPLICATE_OBJECT, errdetail(), errmsg(), ERROR, get_password_type(), GetOuterUserId(), GetSessionUserId(), GETSTRUCT, GetUserId(), have_createrole_privilege(), heap_getattr(), heap_modify_tuple(), HeapTupleIsValid, i, InvokeObjectPostAlterHook, is_admin_of_role(), IsReservedName(), namein(), NameStr, NoLock, NOTICE, ObjectAddressSet, PASSWORD_TYPE_MD5, RelationGetDescr, ReleaseSysCache(), RowExclusiveLock, SearchSysCache1(), SearchSysCacheExists1, superuser(), HeapTupleData::t_self, table_close(), table_open(), TextDatumGetCString, and WARNING.
Referenced by ExecRenameStmt().
Definition at line 1652 of file user.c.
References get_rolespec_oid(), lappend_oid(), lfirst_node, and NIL.
Referenced by AlterRole(), AlterTableMoveAll(), CreateRole(), DropOwnedObjects(), GrantRole(), and ReassignOwnedObjects().
Oid binary_upgrade_next_pg_authid_oid = InvalidOid |
Definition at line 70 of file user.c.
Referenced by binary_upgrade_set_next_pg_authid_oid(), and CreateRole().
check_password_hook_type check_password_hook = NULL |
Definition at line 91 of file user.c.
Referenced by _PG_init(), AlterRole(), and CreateRole().
Definition at line 87 of file user.c.
Referenced by assign_createrole_self_grant(), and CreateRole().
|
static |
Definition at line 88 of file user.c.
Referenced by assign_createrole_self_grant(), and CreateRole().
int Password_encryption = PASSWORD_TYPE_SCRAM_SHA_256 |
Definition at line 85 of file user.c.
Referenced by AlterRole(), CheckPWChallengeAuth(), and CreateRole().