*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.65 2002/04/12 20:38:17 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.66 2002/04/21 00:26:42 tgl Exp $
*
* NOTES
* See acl.h.
#include "postgres.h"
#include "access/heapam.h"
-#include "access/transam.h"
#include "catalog/catalog.h"
#include "catalog/catname.h"
#include "catalog/indexing.h"
#include "catalog/namespace.h"
-#include "catalog/pg_aggregate.h"
+#include "catalog/pg_database.h"
#include "catalog/pg_group.h"
#include "catalog/pg_language.h"
+#include "catalog/pg_namespace.h"
#include "catalog/pg_operator.h"
#include "catalog/pg_proc.h"
#include "catalog/pg_shadow.h"
#include "catalog/pg_type.h"
#include "miscadmin.h"
-#include "nodes/parsenodes.h"
-#include "parser/keywords.h"
-#include "parser/parse.h"
-#include "parser/parse_agg.h"
#include "parser/parse_func.h"
-#include "parser/parse_expr.h"
-#include "parser/parse_type.h"
#include "utils/acl.h"
+#include "utils/fmgroids.h"
+#include "utils/lsyscache.h"
#include "utils/syscache.h"
-static void ExecuteGrantStmt_Table(GrantStmt *stmt);
+static void ExecuteGrantStmt_Relation(GrantStmt *stmt);
+static void ExecuteGrantStmt_Database(GrantStmt *stmt);
static void ExecuteGrantStmt_Function(GrantStmt *stmt);
-static void ExecuteGrantStmt_Lang(GrantStmt *stmt);
+static void ExecuteGrantStmt_Language(GrantStmt *stmt);
+static void ExecuteGrantStmt_Namespace(GrantStmt *stmt);
-static const char *privilege_token_string(int token);
+static const char *privilege_to_string(AclMode privilege);
-static int32 aclcheck(Acl *acl, AclId id, AclIdType idtype, AclMode mode);
+static int32 aclcheck(Acl *acl, AclId id, uint32 idtype, AclMode mode);
/* warning messages, now more explicit. */
/* MUST correspond to the order of the ACLCHECK_* result codes in acl.h. */
* grantees to the existing old_acl. If is_grant is false, the
* privileges for the given grantees are removed from old_acl.
*/
-static Acl*
-merge_acl_with_grant(Acl *old_acl, bool is_grant, List *grantees, char *privileges)
+static Acl *
+merge_acl_with_grant(Acl *old_acl, bool is_grant,
+ List *grantees, AclMode privileges)
{
+ unsigned modechg;
List *j;
Acl *new_acl;
+ modechg = is_grant ? ACL_MODECHG_ADD : ACL_MODECHG_DEL;
+
#ifdef ACLDEBUG
dumpacl(old_acl);
#endif
foreach(j, grantees)
{
PrivGrantee *grantee = (PrivGrantee *) lfirst(j);
- char *granteeString;
- char *aclString;
- AclItem aclitem;
- unsigned modechg;
+ AclItem aclitem;
+ uint32 idtype;
if (grantee->username)
- granteeString = aclmakeuser("U", grantee->username);
+ {
+ aclitem.ai_id = get_usesysid(grantee->username);
+ idtype = ACL_IDTYPE_UID;
+ }
else if (grantee->groupname)
- granteeString = aclmakeuser("G", grantee->groupname);
+ {
+ aclitem.ai_id = get_grosysid(grantee->groupname);
+ idtype = ACL_IDTYPE_GID;
+ }
else
- granteeString = aclmakeuser("A", "");
+ {
+ aclitem.ai_id = ACL_ID_WORLD;
+ idtype = ACL_IDTYPE_WORLD;
+ }
- aclString = makeAclString(privileges, granteeString,
- is_grant ? '+' : '-');
+ ACLITEM_SET_PRIVS_IDTYPE(aclitem, privileges, idtype);
- /* Convert string ACL spec into internal form */
- aclparse(aclString, &aclitem, &modechg);
new_acl = aclinsert3(new_acl, &aclitem, modechg);
#ifdef ACLDEBUG
void
ExecuteGrantStmt(GrantStmt *stmt)
{
- /* see comment in pg_type.h */
- Assert(ACLITEMSIZE == sizeof(AclItem));
-
- switch(stmt->objtype)
+ switch (stmt->objtype)
{
- case TABLE:
- ExecuteGrantStmt_Table(stmt);
+ case ACL_OBJECT_RELATION:
+ ExecuteGrantStmt_Relation(stmt);
+ break;
+ case ACL_OBJECT_DATABASE:
+ ExecuteGrantStmt_Database(stmt);
break;
- case FUNCTION:
+ case ACL_OBJECT_FUNCTION:
ExecuteGrantStmt_Function(stmt);
break;
- case LANGUAGE:
- ExecuteGrantStmt_Lang(stmt);
+ case ACL_OBJECT_LANGUAGE:
+ ExecuteGrantStmt_Language(stmt);
+ break;
+ case ACL_OBJECT_NAMESPACE:
+ ExecuteGrantStmt_Namespace(stmt);
break;
default:
- elog(ERROR, "bogus GrantStmt.objtype %d", stmt->objtype);
+ elog(ERROR, "bogus GrantStmt.objtype %d", (int) stmt->objtype);
}
}
-
static void
-ExecuteGrantStmt_Table(GrantStmt *stmt)
+ExecuteGrantStmt_Relation(GrantStmt *stmt)
{
+ AclMode privileges;
List *i;
- char *privstring;
- if (lfirsti(stmt->privileges) == ALL)
- privstring = aclmakepriv(ACL_MODE_STR, 0);
+ if (lfirsti(stmt->privileges) == ACL_ALL_RIGHTS)
+ privileges = ACL_ALL_RIGHTS_RELATION;
else
{
- privstring = "";
+ privileges = ACL_NO_RIGHTS;
foreach(i, stmt->privileges)
{
- int c = 0;
+ AclMode priv = lfirsti(i);
- switch(lfirsti(i))
- {
- case SELECT:
- c = ACL_MODE_SELECT_CHR;
- break;
- case INSERT:
- c = ACL_MODE_INSERT_CHR;
- break;
- case UPDATE:
- c = ACL_MODE_UPDATE_CHR;
- break;
- case DELETE:
- c = ACL_MODE_DELETE_CHR;
- break;
- case RULE:
- c = ACL_MODE_RULE_CHR;
- break;
- case REFERENCES:
- c = ACL_MODE_REFERENCES_CHR;
- break;
- case TRIGGER:
- c = ACL_MODE_TRIGGER_CHR;
- break;
- default:
- elog(ERROR, "invalid privilege type %s for table object",
- privilege_token_string(lfirsti(i)));
- }
-
- privstring = aclmakepriv(privstring, c);
+ if (priv & ~((AclMode) ACL_ALL_RIGHTS_RELATION))
+ elog(ERROR, "invalid privilege type %s for table object",
+ privilege_to_string(priv));
+ privileges |= priv;
}
}
-
foreach(i, stmt->objects)
{
RangeVar *relvar = (RangeVar *) lfirst(i);
bool isNull;
Acl *old_acl;
Acl *new_acl;
- unsigned i;
HeapTuple newtuple;
Datum values[Natts_pg_class];
char nulls[Natts_pg_class];
aclDatum = SysCacheGetAttr(RELOID, tuple, Anum_pg_class_relacl,
&isNull);
if (isNull)
- old_acl = acldefault(pg_class_tuple->relowner);
+ old_acl = acldefault(ACL_OBJECT_RELATION,
+ pg_class_tuple->relowner);
else
- /* get a detoasted copy of the rel's ACL */
+ /* get a detoasted copy of the ACL */
old_acl = DatumGetAclPCopy(aclDatum);
new_acl = merge_acl_with_grant(old_acl, stmt->is_grant,
- stmt->grantees, privstring);
+ stmt->grantees, privileges);
/* finished building new ACL value, now insert it */
- for (i = 0; i < Natts_pg_class; ++i)
- {
- replaces[i] = ' ';
- nulls[i] = ' '; /* ignored if replaces[i]==' ' anyway */
- values[i] = (Datum) NULL; /* ignored if replaces[i]==' '
- * anyway */
- }
+ MemSet(values, 0, sizeof(values));
+ MemSet(nulls, ' ', sizeof(nulls));
+ MemSet(replaces, ' ', sizeof(replaces));
+
replaces[Anum_pg_class_relacl - 1] = 'r';
values[Anum_pg_class_relacl - 1] = PointerGetDatum(new_acl);
+
newtuple = heap_modifytuple(tuple, relation, values, nulls, replaces);
ReleaseSysCache(tuple);
}
}
+static void
+ExecuteGrantStmt_Database(GrantStmt *stmt)
+{
+ AclMode privileges;
+ List *i;
+
+ if (lfirsti(stmt->privileges) == ACL_ALL_RIGHTS)
+ privileges = ACL_ALL_RIGHTS_DATABASE;
+ else
+ {
+ privileges = ACL_NO_RIGHTS;
+ foreach(i, stmt->privileges)
+ {
+ AclMode priv = lfirsti(i);
+
+ if (priv & ~((AclMode) ACL_ALL_RIGHTS_DATABASE))
+ elog(ERROR, "invalid privilege type %s for database object",
+ privilege_to_string(priv));
+ privileges |= priv;
+ }
+ }
+
+ foreach(i, stmt->objects)
+ {
+ char *dbname = strVal(lfirst(i));
+ Relation relation;
+ ScanKeyData entry[1];
+ HeapScanDesc scan;
+ HeapTuple tuple;
+ Form_pg_database pg_database_tuple;
+ Datum aclDatum;
+ bool isNull;
+ Acl *old_acl;
+ Acl *new_acl;
+ HeapTuple newtuple;
+ Datum values[Natts_pg_database];
+ char nulls[Natts_pg_database];
+ char replaces[Natts_pg_database];
+
+ relation = heap_openr(DatabaseRelationName, RowExclusiveLock);
+ ScanKeyEntryInitialize(&entry[0], 0,
+ Anum_pg_database_datname, F_NAMEEQ,
+ CStringGetDatum(dbname));
+ scan = heap_beginscan(relation, 0, SnapshotNow, 1, entry);
+ tuple = heap_getnext(scan, 0);
+ if (!HeapTupleIsValid(tuple))
+ elog(ERROR, "database \"%s\" not found", dbname);
+ pg_database_tuple = (Form_pg_database) GETSTRUCT(tuple);
+
+ if (!superuser() && pg_database_tuple->datdba != GetUserId())
+ elog(ERROR, "permission denied");
+
+ /*
+ * If there's no ACL, create a default.
+ */
+ aclDatum = heap_getattr(tuple, Anum_pg_database_datacl,
+ RelationGetDescr(relation), &isNull);
+ if (isNull)
+ old_acl = acldefault(ACL_OBJECT_DATABASE,
+ pg_database_tuple->datdba);
+ else
+ /* get a detoasted copy of the ACL */
+ old_acl = DatumGetAclPCopy(aclDatum);
+
+ new_acl = merge_acl_with_grant(old_acl, stmt->is_grant,
+ stmt->grantees, privileges);
+
+ /* finished building new ACL value, now insert it */
+ MemSet(values, 0, sizeof(values));
+ MemSet(nulls, ' ', sizeof(nulls));
+ MemSet(replaces, ' ', sizeof(replaces));
+
+ replaces[Anum_pg_database_datacl - 1] = 'r';
+ values[Anum_pg_database_datacl - 1] = PointerGetDatum(new_acl);
+
+ newtuple = heap_modifytuple(tuple, relation, values, nulls, replaces);
+
+ simple_heap_update(relation, &newtuple->t_self, newtuple);
+
+ {
+ /* keep the catalog indexes up to date */
+ Relation idescs[Num_pg_database_indices];
+
+ CatalogOpenIndices(Num_pg_database_indices, Name_pg_database_indices,
+ idescs);
+ CatalogIndexInsert(idescs, Num_pg_database_indices, relation, newtuple);
+ CatalogCloseIndices(Num_pg_database_indices, idescs);
+ }
+
+ pfree(old_acl);
+ pfree(new_acl);
+
+ heap_endscan(scan);
+
+ heap_close(relation, RowExclusiveLock);
+ }
+}
static void
ExecuteGrantStmt_Function(GrantStmt *stmt)
{
+ AclMode privileges;
List *i;
- char *privstring = NULL;
- if (lfirsti(stmt->privileges) == ALL)
- privstring = aclmakepriv("", ACL_MODE_SELECT_CHR);
+ if (lfirsti(stmt->privileges) == ACL_ALL_RIGHTS)
+ privileges = ACL_ALL_RIGHTS_FUNCTION;
else
{
+ privileges = ACL_NO_RIGHTS;
foreach(i, stmt->privileges)
{
- if (lfirsti(i) != EXECUTE)
+ AclMode priv = lfirsti(i);
+
+ if (priv & ~((AclMode) ACL_ALL_RIGHTS_FUNCTION))
elog(ERROR, "invalid privilege type %s for function object",
- privilege_token_string(lfirsti(i)));
+ privilege_to_string(priv));
+ privileges |= priv;
}
-
- privstring = aclmakepriv("", ACL_MODE_SELECT_CHR);
}
foreach(i, stmt->objects)
bool isNull;
Acl *old_acl;
Acl *new_acl;
- unsigned i;
HeapTuple newtuple;
Datum values[Natts_pg_proc];
char nulls[Natts_pg_proc];
oid = LookupFuncNameTypeNames(func->funcname, func->funcargs,
true, "GRANT");
relation = heap_openr(ProcedureRelationName, RowExclusiveLock);
- tuple = SearchSysCache(PROCOID, ObjectIdGetDatum(oid), 0, 0, 0);
+ tuple = SearchSysCache(PROCOID,
+ ObjectIdGetDatum(oid),
+ 0, 0, 0);
if (!HeapTupleIsValid(tuple))
- {
- heap_close(relation, RowExclusiveLock);
elog(ERROR, "function %u not found", oid);
- }
pg_proc_tuple = (Form_pg_proc) GETSTRUCT(tuple);
- if (pg_proc_tuple->proowner != GetUserId())
+ if (!pg_proc_ownercheck(oid, GetUserId()))
elog(ERROR, "permission denied");
/*
aclDatum = SysCacheGetAttr(PROCOID, tuple, Anum_pg_proc_proacl,
&isNull);
if (isNull)
- old_acl = acldefault(pg_proc_tuple->proowner);
+ old_acl = acldefault(ACL_OBJECT_FUNCTION,
+ pg_proc_tuple->proowner);
else
- /* get a detoasted copy of the rel's ACL */
+ /* get a detoasted copy of the ACL */
old_acl = DatumGetAclPCopy(aclDatum);
new_acl = merge_acl_with_grant(old_acl, stmt->is_grant,
- stmt->grantees, privstring);
+ stmt->grantees, privileges);
/* finished building new ACL value, now insert it */
- for (i = 0; i < Natts_pg_proc; ++i)
- {
- replaces[i] = ' ';
- nulls[i] = ' '; /* ignored if replaces[i]==' ' anyway */
- values[i] = (Datum) NULL; /* ignored if replaces[i]==' '
- * anyway */
- }
+ MemSet(values, 0, sizeof(values));
+ MemSet(nulls, ' ', sizeof(nulls));
+ MemSet(replaces, ' ', sizeof(replaces));
+
replaces[Anum_pg_proc_proacl - 1] = 'r';
values[Anum_pg_proc_proacl - 1] = PointerGetDatum(new_acl);
+
newtuple = heap_modifytuple(tuple, relation, values, nulls, replaces);
ReleaseSysCache(tuple);
}
}
-
static void
-ExecuteGrantStmt_Lang(GrantStmt *stmt)
+ExecuteGrantStmt_Language(GrantStmt *stmt)
{
+ AclMode privileges;
List *i;
- char *privstring = NULL;
- if (lfirsti(stmt->privileges) == ALL)
- privstring = aclmakepriv("", ACL_MODE_SELECT_CHR);
+ if (lfirsti(stmt->privileges) == ACL_ALL_RIGHTS)
+ privileges = ACL_ALL_RIGHTS_LANGUAGE;
else
{
+ privileges = ACL_NO_RIGHTS;
foreach(i, stmt->privileges)
{
- if (lfirsti(i) != USAGE)
+ AclMode priv = lfirsti(i);
+
+ if (priv & ~((AclMode) ACL_ALL_RIGHTS_LANGUAGE))
elog(ERROR, "invalid privilege type %s for language object",
- privilege_token_string(lfirsti(i)));
+ privilege_to_string(priv));
+ privileges |= priv;
}
-
- privstring = aclmakepriv("", ACL_MODE_SELECT_CHR);
}
foreach(i, stmt->objects)
bool isNull;
Acl *old_acl;
Acl *new_acl;
- unsigned i;
HeapTuple newtuple;
Datum values[Natts_pg_language];
char nulls[Natts_pg_language];
elog(ERROR, "permission denied");
relation = heap_openr(LanguageRelationName, RowExclusiveLock);
- tuple = SearchSysCache(LANGNAME, PointerGetDatum(langname), 0, 0, 0);
+ tuple = SearchSysCache(LANGNAME,
+ PointerGetDatum(langname),
+ 0, 0, 0);
if (!HeapTupleIsValid(tuple))
- {
- heap_close(relation, RowExclusiveLock);
elog(ERROR, "language \"%s\" not found", langname);
- }
pg_language_tuple = (Form_pg_language) GETSTRUCT(tuple);
if (!pg_language_tuple->lanpltrusted)
- {
- heap_close(relation, RowExclusiveLock);
elog(ERROR, "language \"%s\" is not trusted", langname);
- }
/*
* If there's no ACL, create a default.
aclDatum = SysCacheGetAttr(LANGNAME, tuple, Anum_pg_language_lanacl,
&isNull);
if (isNull)
- old_acl = acldefault(InvalidOid);
+ old_acl = acldefault(ACL_OBJECT_LANGUAGE,
+ InvalidOid);
else
- /* get a detoasted copy of the rel's ACL */
+ /* get a detoasted copy of the ACL */
old_acl = DatumGetAclPCopy(aclDatum);
new_acl = merge_acl_with_grant(old_acl, stmt->is_grant,
- stmt->grantees, privstring);
+ stmt->grantees, privileges);
/* finished building new ACL value, now insert it */
- for (i = 0; i < Natts_pg_language; ++i)
- {
- replaces[i] = ' ';
- nulls[i] = ' '; /* ignored if replaces[i]==' ' anyway */
- values[i] = (Datum) NULL; /* ignored if replaces[i]==' '
- * anyway */
- }
+ MemSet(values, 0, sizeof(values));
+ MemSet(nulls, ' ', sizeof(nulls));
+ MemSet(replaces, ' ', sizeof(replaces));
+
replaces[Anum_pg_language_lanacl - 1] = 'r';
values[Anum_pg_language_lanacl - 1] = PointerGetDatum(new_acl);
+
newtuple = heap_modifytuple(tuple, relation, values, nulls, replaces);
ReleaseSysCache(tuple);
}
}
-
-
-static const char *
-privilege_token_string(int token)
+static void
+ExecuteGrantStmt_Namespace(GrantStmt *stmt)
{
- const char *s = TokenString(token);
+ AclMode privileges;
+ List *i;
- if (s)
- return s;
+ if (lfirsti(stmt->privileges) == ACL_ALL_RIGHTS)
+ privileges = ACL_ALL_RIGHTS_NAMESPACE;
else
- elog(ERROR, "privilege_token_string: invalid token number");
- return NULL; /* appease compiler */
+ {
+ privileges = ACL_NO_RIGHTS;
+ foreach(i, stmt->privileges)
+ {
+ AclMode priv = lfirsti(i);
+
+ if (priv & ~((AclMode) ACL_ALL_RIGHTS_NAMESPACE))
+ elog(ERROR, "invalid privilege type %s for namespace object",
+ privilege_to_string(priv));
+ privileges |= priv;
+ }
+ }
+
+ foreach(i, stmt->objects)
+ {
+ char *nspname = strVal(lfirst(i));
+ Relation relation;
+ HeapTuple tuple;
+ Form_pg_namespace pg_namespace_tuple;
+ Datum aclDatum;
+ bool isNull;
+ Acl *old_acl;
+ Acl *new_acl;
+ HeapTuple newtuple;
+ Datum values[Natts_pg_namespace];
+ char nulls[Natts_pg_namespace];
+ char replaces[Natts_pg_namespace];
+
+ relation = heap_openr(NamespaceRelationName, RowExclusiveLock);
+ tuple = SearchSysCache(NAMESPACENAME,
+ CStringGetDatum(nspname),
+ 0, 0, 0);
+ if (!HeapTupleIsValid(tuple))
+ elog(ERROR, "namespace \"%s\" not found", nspname);
+ pg_namespace_tuple = (Form_pg_namespace) GETSTRUCT(tuple);
+
+ if (!pg_namespace_ownercheck(tuple->t_data->t_oid, GetUserId()))
+ elog(ERROR, "permission denied");
+
+ /*
+ * If there's no ACL, create a default using the pg_namespace.nspowner
+ * field.
+ */
+ aclDatum = SysCacheGetAttr(NAMESPACENAME, tuple,
+ Anum_pg_namespace_nspacl,
+ &isNull);
+ if (isNull)
+ old_acl = acldefault(ACL_OBJECT_NAMESPACE,
+ pg_namespace_tuple->nspowner);
+ else
+ /* get a detoasted copy of the ACL */
+ old_acl = DatumGetAclPCopy(aclDatum);
+
+ new_acl = merge_acl_with_grant(old_acl, stmt->is_grant,
+ stmt->grantees, privileges);
+
+ /* finished building new ACL value, now insert it */
+ MemSet(values, 0, sizeof(values));
+ MemSet(nulls, ' ', sizeof(nulls));
+ MemSet(replaces, ' ', sizeof(replaces));
+
+ replaces[Anum_pg_namespace_nspacl - 1] = 'r';
+ values[Anum_pg_namespace_nspacl - 1] = PointerGetDatum(new_acl);
+
+ newtuple = heap_modifytuple(tuple, relation, values, nulls, replaces);
+
+ ReleaseSysCache(tuple);
+
+ simple_heap_update(relation, &newtuple->t_self, newtuple);
+
+ {
+ /* keep the catalog indexes up to date */
+ Relation idescs[Num_pg_namespace_indices];
+
+ CatalogOpenIndices(Num_pg_namespace_indices, Name_pg_namespace_indices,
+ idescs);
+ CatalogIndexInsert(idescs, Num_pg_namespace_indices, relation, newtuple);
+ CatalogCloseIndices(Num_pg_namespace_indices, idescs);
+ }
+
+ pfree(old_acl);
+ pfree(new_acl);
+
+ heap_close(relation, RowExclusiveLock);
+ }
}
+static const char *
+privilege_to_string(AclMode privilege)
+{
+ switch (privilege)
+ {
+ case ACL_INSERT:
+ return "INSERT";
+ case ACL_SELECT:
+ return "SELECT";
+ case ACL_UPDATE:
+ return "UPDATE";
+ case ACL_DELETE:
+ return "DELETE";
+ case ACL_RULE:
+ return "RULE";
+ case ACL_REFERENCES:
+ return "REFERENCES";
+ case ACL_TRIGGER:
+ return "TRIGGER";
+ case ACL_EXECUTE:
+ return "EXECUTE";
+ case ACL_USAGE:
+ return "USAGE";
+ case ACL_CREATE:
+ return "CREATE";
+ case ACL_CREATE_TEMP:
+ return "TEMP";
+ default:
+ elog(ERROR, "privilege_to_string: unrecognized privilege %d",
+ privilege);
+ }
+ return NULL; /* appease compiler */
+}
+
AclId
get_grosysid(char *groname)
* The ACL list is expected to be sorted in standard order.
*/
static int32
-aclcheck(Acl *acl, AclId id, AclIdType idtype, AclMode mode)
+aclcheck(Acl *acl, AclId id, uint32 idtype, AclMode mode)
{
AclItem *aip,
*aidat;
* "World" rights are applicable regardless of the passed-in ID, and
* since they're much the cheapest to check, check 'em first.
*/
- if (aidat->ai_idtype != ACL_IDTYPE_WORLD)
+ if (ACLITEM_GET_IDTYPE(*aidat) != ACL_IDTYPE_WORLD)
elog(ERROR, "aclcheck: first entry in ACL is not 'world' entry");
- if (aidat->ai_mode & mode)
+ if (aidat->ai_privs & mode)
{
#ifdef ACLDEBUG
- elog(DEBUG1, "aclcheck: using world=%d", aidat->ai_mode);
+ elog(DEBUG1, "aclcheck: using world=%d", ACLITEM_GET_PRIVS(*aidat));
#endif
return ACLCHECK_OK;
}
case ACL_IDTYPE_UID:
/* See if permission is granted directly to user */
for (i = 1, aip = aidat + 1; /* skip world entry */
- i < num && aip->ai_idtype == ACL_IDTYPE_UID;
+ i < num && ACLITEM_GET_IDTYPE(*aip) == ACL_IDTYPE_UID;
++i, ++aip)
{
if (aip->ai_id == id)
{
#ifdef ACLDEBUG
elog(DEBUG1, "aclcheck: found user %u/%d",
- aip->ai_id, aip->ai_mode);
+ aip->ai_id, ACLITEM_GET_PRIVS(*aip));
#endif
- if (aip->ai_mode & mode)
+ if (aip->ai_privs & mode)
return ACLCHECK_OK;
}
}
/* See if he has the permission via any group */
for (;
- i < num && aip->ai_idtype == ACL_IDTYPE_GID;
+ i < num && ACLITEM_GET_IDTYPE(*aip) == ACL_IDTYPE_GID;
++i, ++aip)
{
- if (aip->ai_mode & mode)
+ if (aip->ai_privs & mode)
{
if (in_group(id, aip->ai_id))
{
#ifdef ACLDEBUG
elog(DEBUG1, "aclcheck: found group %u/%d",
- aip->ai_id, aip->ai_mode);
+ aip->ai_id, ACLITEM_GET_PRIVS(*aip));
#endif
return ACLCHECK_OK;
}
case ACL_IDTYPE_GID:
/* Look for this group ID */
for (i = 1, aip = aidat + 1; /* skip world entry */
- i < num && aip->ai_idtype == ACL_IDTYPE_UID;
+ i < num && ACLITEM_GET_IDTYPE(*aip) == ACL_IDTYPE_UID;
++i, ++aip)
/* skip UID entry */ ;
for (;
- i < num && aip->ai_idtype == ACL_IDTYPE_GID;
+ i < num && ACLITEM_GET_IDTYPE(*aip) == ACL_IDTYPE_GID;
++i, ++aip)
{
if (aip->ai_id == id)
{
#ifdef ACLDEBUG
elog(DEBUG1, "aclcheck: found group %u/%d",
- aip->ai_id, aip->ai_mode);
+ aip->ai_id, ACLITEM_GET_PRIVS(*aip));
#endif
- if (aip->ai_mode & mode)
+ if (aip->ai_privs & mode)
return ACLCHECK_OK;
}
}
AclId ownerId;
ownerId = ((Form_pg_class) GETSTRUCT(tuple))->relowner;
- acl = acldefault(ownerId);
+ acl = acldefault(ACL_OBJECT_RELATION, ownerId);
aclDatum = (Datum) 0;
}
else
acl = DatumGetAclP(aclDatum);
}
- result = aclcheck(acl, userid, (AclIdType) ACL_IDTYPE_UID, mode);
+ result = aclcheck(acl, userid, ACL_IDTYPE_UID, mode);
/* if we have a detoasted copy, free it */
if (acl && (Pointer) acl != DatumGetPointer(aclDatum))
return result;
}
+/*
+ * Exported routine for checking a user's access privileges to a database
+ *
+ * Returns an ACLCHECK_* result code.
+ */
+int32
+pg_database_aclcheck(Oid db_oid, Oid userid, AclMode mode)
+{
+ int32 result;
+ Relation pg_database;
+ ScanKeyData entry[1];
+ HeapScanDesc scan;
+ HeapTuple tuple;
+ Datum aclDatum;
+ bool isNull;
+ Acl *acl;
+
+ /* Superusers bypass all permission checking. */
+ if (superuser_arg(userid))
+ return ACLCHECK_OK;
+
+ /*
+ * Get the database's ACL from pg_database
+ *
+ * There's no syscache for pg_database, so must look the hard way
+ */
+ pg_database = heap_openr(DatabaseRelationName, AccessShareLock);
+ ScanKeyEntryInitialize(&entry[0], 0x0,
+ ObjectIdAttributeNumber, F_OIDEQ,
+ ObjectIdGetDatum(db_oid));
+ scan = heap_beginscan(pg_database, 0, SnapshotNow, 1, entry);
+ tuple = heap_getnext(scan, 0);
+ if (!HeapTupleIsValid(tuple))
+ elog(ERROR, "pg_database_aclcheck: database %u not found", db_oid);
+
+ aclDatum = heap_getattr(tuple, Anum_pg_database_datacl,
+ RelationGetDescr(pg_database), &isNull);
+
+ if (isNull)
+ {
+ /* No ACL, so build default ACL */
+ AclId ownerId;
+
+ ownerId = ((Form_pg_database) GETSTRUCT(tuple))->datdba;
+ acl = acldefault(ACL_OBJECT_DATABASE, ownerId);
+ aclDatum = (Datum) 0;
+ }
+ else
+ {
+ /* detoast ACL if necessary */
+ acl = DatumGetAclP(aclDatum);
+ }
+
+ result = aclcheck(acl, userid, ACL_IDTYPE_UID, mode);
+
+ /* if we have a detoasted copy, free it */
+ if (acl && (Pointer) acl != DatumGetPointer(aclDatum))
+ pfree(acl);
+
+ heap_endscan(scan);
+ heap_close(pg_database, AccessShareLock);
+
+ return result;
+}
+
/*
* Exported routine for checking a user's access privileges to a function
*
* Returns an ACLCHECK_* result code.
*/
int32
-pg_proc_aclcheck(Oid proc_oid, Oid userid)
+pg_proc_aclcheck(Oid proc_oid, Oid userid, AclMode mode)
{
int32 result;
HeapTuple tuple;
AclId ownerId;
ownerId = ((Form_pg_proc) GETSTRUCT(tuple))->proowner;
- acl = acldefault(ownerId);
+ acl = acldefault(ACL_OBJECT_FUNCTION, ownerId);
aclDatum = (Datum) 0;
}
else
acl = DatumGetAclP(aclDatum);
}
- /*
- * Functions only have one kind of privilege, which is encoded as
- * "SELECT" here.
- */
- result = aclcheck(acl, userid, (AclIdType) ACL_IDTYPE_UID, ACL_SELECT);
+ result = aclcheck(acl, userid, ACL_IDTYPE_UID, mode);
/* if we have a detoasted copy, free it */
if (acl && (Pointer) acl != DatumGetPointer(aclDatum))
* Returns an ACLCHECK_* result code.
*/
int32
-pg_language_aclcheck(Oid lang_oid, Oid userid)
+pg_language_aclcheck(Oid lang_oid, Oid userid, AclMode mode)
{
int32 result;
HeapTuple tuple;
if (isNull)
{
/* No ACL, so build default ACL */
- acl = acldefault(InvalidOid);
+ acl = acldefault(ACL_OBJECT_LANGUAGE, InvalidOid);
aclDatum = (Datum) 0;
}
else
acl = DatumGetAclP(aclDatum);
}
+ result = aclcheck(acl, userid, ACL_IDTYPE_UID, mode);
+
+ /* if we have a detoasted copy, free it */
+ if (acl && (Pointer) acl != DatumGetPointer(aclDatum))
+ pfree(acl);
+
+ ReleaseSysCache(tuple);
+
+ return result;
+}
+
+/*
+ * Exported routine for checking a user's access privileges to a namespace
+ *
+ * Returns an ACLCHECK_* result code.
+ */
+int32
+pg_namespace_aclcheck(Oid nsp_oid, Oid userid, AclMode mode)
+{
+ int32 result;
+ HeapTuple tuple;
+ Datum aclDatum;
+ bool isNull;
+ Acl *acl;
+
+ /* Superusers bypass all permission checking. */
+ if (superuser_arg(userid))
+ return ACLCHECK_OK;
+
/*
- * Languages only have one kind of privilege, which is encoded as
- * "SELECT" here.
+ * Get the function's ACL from pg_namespace
*/
- result = aclcheck(acl, userid, (AclIdType) ACL_IDTYPE_UID, ACL_SELECT);
+ tuple = SearchSysCache(NAMESPACEOID,
+ ObjectIdGetDatum(nsp_oid),
+ 0, 0, 0);
+ if (!HeapTupleIsValid(tuple))
+ elog(ERROR, "pg_namespace_aclcheck: namespace %u not found", nsp_oid);
+
+ aclDatum = SysCacheGetAttr(NAMESPACEOID, tuple, Anum_pg_namespace_nspacl,
+ &isNull);
+ if (isNull)
+ {
+ /* No ACL, so build default ACL */
+ AclId ownerId;
+
+ ownerId = ((Form_pg_namespace) GETSTRUCT(tuple))->nspowner;
+ acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId);
+ aclDatum = (Datum) 0;
+ }
+ else
+ {
+ /* detoast ACL if necessary */
+ acl = DatumGetAclP(aclDatum);
+ }
+
+ result = aclcheck(acl, userid, ACL_IDTYPE_UID, mode);
/* if we have a detoasted copy, free it */
if (acl && (Pointer) acl != DatumGetPointer(aclDatum))
return userid == owner_id;
}
+
+/*
+ * Ownership check for a namespace (specified by OID).
+ */
+bool
+pg_namespace_ownercheck(Oid nsp_oid, Oid userid)
+{
+ HeapTuple tuple;
+ AclId owner_id;
+
+ /* Superusers bypass all permission checking. */
+ if (superuser_arg(userid))
+ return true;
+
+ tuple = SearchSysCache(NAMESPACEOID,
+ ObjectIdGetDatum(nsp_oid),
+ 0, 0, 0);
+ if (!HeapTupleIsValid(tuple))
+ elog(ERROR, "pg_namespace_ownercheck: namespace %u not found",
+ nsp_oid);
+
+ owner_id = ((Form_pg_namespace) GETSTRUCT(tuple))->nspowner;
+
+ ReleaseSysCache(tuple);
+
+ return userid == owner_id;
+}
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.70 2002/03/26 19:16:05 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.71 2002/04/21 00:26:43 tgl Exp $
*
*-------------------------------------------------------------------------
*/
#include
-#include "access/heapam.h"
-#include "catalog/catalog.h"
#include "catalog/namespace.h"
#include "catalog/pg_shadow.h"
-#include "catalog/pg_type.h"
-#include "lib/stringinfo.h"
#include "miscadmin.h"
#include "utils/acl.h"
#include "utils/builtins.h"
-#include "utils/memutils.h"
#include "utils/lsyscache.h"
#include "utils/syscache.h"
#define ACL_IDTYPE_UID_KEYWORD "user"
static const char *getid(const char *s, char *n);
+static Acl *makeacl(int n);
+static const char *aclparse(const char *s, AclItem *aip, unsigned *modechg);
static bool aclitemeq(const AclItem *a1, const AclItem *a2);
static bool aclitemgt(const AclItem *a1, const AclItem *a2);
* UID/GID, id type identifier and mode type values.
* - loads 'modechg' with the mode change flag.
*/
-const char *
+static const char *
aclparse(const char *s, AclItem *aip, unsigned *modechg)
{
+ AclMode privs;
+ uint32 idtype;
char name[NAMEDATALEN];
Assert(s && aip && modechg);
#ifdef ACLDEBUG
elog(LOG, "aclparse: input = '%s'", s);
#endif
- aip->ai_idtype = ACL_IDTYPE_UID;
+ idtype = ACL_IDTYPE_UID;
s = getid(s, name);
if (*s != ACL_MODECHG_ADD_CHR &&
*s != ACL_MODECHG_DEL_CHR &&
*s != ACL_MODECHG_EQL_CHR)
{
/* we just read a keyword, not a name */
- if (!strcmp(name, ACL_IDTYPE_GID_KEYWORD))
- aip->ai_idtype = ACL_IDTYPE_GID;
- else if (strcmp(name, ACL_IDTYPE_UID_KEYWORD))
+ if (strcmp(name, ACL_IDTYPE_GID_KEYWORD) == 0)
+ idtype = ACL_IDTYPE_GID;
+ else if (strcmp(name, ACL_IDTYPE_UID_KEYWORD) != 0)
elog(ERROR, "aclparse: bad keyword, must be [group|user]");
s = getid(s, name); /* move s to the name beyond the keyword */
if (name[0] == '\0')
elog(ERROR, "aclparse: a name must follow the [group|user] keyword");
}
if (name[0] == '\0')
- aip->ai_idtype = ACL_IDTYPE_WORLD;
+ idtype = ACL_IDTYPE_WORLD;
switch (*s)
{
*modechg = ACL_MODECHG_EQL;
break;
default:
- elog(ERROR, "aclparse: mode change flag must use \"%s\"",
- ACL_MODECHG_STR);
+ elog(ERROR, "aclparse: mode change flag must use \"%c%c%c\"",
+ ACL_MODECHG_ADD_CHR,
+ ACL_MODECHG_DEL_CHR,
+ ACL_MODECHG_EQL_CHR);
}
- aip->ai_mode = ACL_NO;
+ privs = ACL_NO_RIGHTS;
+
while (isalpha((unsigned char) *++s))
{
switch (*s)
{
- case ACL_MODE_INSERT_CHR:
- aip->ai_mode |= ACL_INSERT;
+ case ACL_INSERT_CHR:
+ privs |= ACL_INSERT;
+ break;
+ case ACL_SELECT_CHR:
+ privs |= ACL_SELECT;
+ break;
+ case ACL_UPDATE_CHR:
+ privs |= ACL_UPDATE;
+ break;
+ case ACL_DELETE_CHR:
+ privs |= ACL_DELETE;
break;
- case ACL_MODE_SELECT_CHR:
- aip->ai_mode |= ACL_SELECT;
+ case ACL_RULE_CHR:
+ privs |= ACL_RULE;
break;
- case ACL_MODE_UPDATE_CHR:
- aip->ai_mode |= ACL_UPDATE;
+ case ACL_REFERENCES_CHR:
+ privs |= ACL_REFERENCES;
break;
- case ACL_MODE_DELETE_CHR:
- aip->ai_mode |= ACL_DELETE;
+ case ACL_TRIGGER_CHR:
+ privs |= ACL_TRIGGER;
break;
- case ACL_MODE_RULE_CHR:
- aip->ai_mode |= ACL_RULE;
+ case ACL_EXECUTE_CHR:
+ privs |= ACL_EXECUTE;
break;
- case ACL_MODE_REFERENCES_CHR:
- aip->ai_mode |= ACL_REFERENCES;
+ case ACL_USAGE_CHR:
+ privs |= ACL_USAGE;
break;
- case ACL_MODE_TRIGGER_CHR:
- aip->ai_mode |= ACL_TRIGGER;
+ case ACL_CREATE_CHR:
+ privs |= ACL_CREATE;
+ break;
+ case ACL_CREATE_TEMP_CHR:
+ privs |= ACL_CREATE_TEMP;
break;
default:
elog(ERROR, "aclparse: mode flags must use \"%s\"",
- ACL_MODE_STR);
+ ACL_ALL_RIGHTS_STR);
}
}
- switch (aip->ai_idtype)
+ switch (idtype)
{
case ACL_IDTYPE_UID:
aip->ai_id = get_usesysid(name);
break;
}
+ ACLITEM_SET_PRIVS_IDTYPE(*aip, privs, idtype);
+
#ifdef ACLDEBUG
elog(LOG, "aclparse: correctly read [%x %d %x], modechg=%x",
- aip->ai_idtype, aip->ai_id, aip->ai_mode, *modechg);
+ idtype, aip->ai_id, privs, *modechg);
#endif
return s;
}
* RETURNS:
* the new Acl
*/
-Acl *
+static Acl *
makeacl(int n)
{
Acl *new_acl;
unsigned i;
char *tmpname;
- p = out = palloc(strlen("group =" ACL_MODE_STR " ") + 1 + NAMEDATALEN);
+ p = out = palloc(strlen("group = ") + N_ACL_RIGHTS + NAMEDATALEN + 1);
*p = '\0';
- switch (aip->ai_idtype)
+ switch (ACLITEM_GET_IDTYPE(*aip))
{
case ACL_IDTYPE_UID:
htup = SearchSysCache(SHADOWSYSID,
case ACL_IDTYPE_WORLD:
break;
default:
- elog(ERROR, "aclitemout: bad ai_idtype: %d", aip->ai_idtype);
+ elog(ERROR, "aclitemout: bad idtype: %d",
+ ACLITEM_GET_IDTYPE(*aip));
break;
}
while (*p)
++p;
*p++ = '=';
- for (i = 0; i < N_ACL_MODES; ++i)
- if ((aip->ai_mode >> i) & 01)
- *p++ = ACL_MODE_STR[i];
+ for (i = 0; i < N_ACL_RIGHTS; ++i)
+ if (aip->ai_privs & (1 << i))
+ *p++ = ACL_ALL_RIGHTS_STR[i];
*p = '\0';
PG_RETURN_CSTRING(out);
* aclitemeq
* aclitemgt
* AclItem equality and greater-than comparison routines.
- * Two AclItems are considered equal iff they have the
- * same identifier (and identifier type); the mode is ignored.
+ * Two AclItems are considered equal iff they have the same
+ * identifier (and identifier type); the privileges are ignored.
* Note that these routines are really only useful for sorting
* AclItems into identifier order.
*
static bool
aclitemeq(const AclItem *a1, const AclItem *a2)
{
- return a1->ai_idtype == a2->ai_idtype && a1->ai_id == a2->ai_id;
+ return ACLITEM_GET_IDTYPE(*a1) == ACLITEM_GET_IDTYPE(*a2) &&
+ a1->ai_id == a2->ai_id;
}
static bool
aclitemgt(const AclItem *a1, const AclItem *a2)
{
- return ((a1->ai_idtype > a2->ai_idtype) ||
- (a1->ai_idtype == a2->ai_idtype && a1->ai_id > a2->ai_id));
+ return ((ACLITEM_GET_IDTYPE(*a1) > ACLITEM_GET_IDTYPE(*a2)) ||
+ (ACLITEM_GET_IDTYPE(*a1) == ACLITEM_GET_IDTYPE(*a2) &&
+ a1->ai_id > a2->ai_id));
}
* newly-created tables (or any table with a NULL acl entry in pg_class)
*/
Acl *
-acldefault(AclId ownerid)
+acldefault(GrantObjectType objtype, AclId ownerid)
{
+ AclMode world_default;
+ AclMode owner_default;
Acl *acl;
AclItem *aip;
-#define ACL_WORLD_DEFAULT (ACL_NO)
-#define ACL_OWNER_DEFAULT (ACL_INSERT|ACL_SELECT|ACL_UPDATE|ACL_DELETE|ACL_RULE|ACL_REFERENCES|ACL_TRIGGER)
+ switch (objtype)
+ {
+ case ACL_OBJECT_RELATION:
+ world_default = ACL_NO_RIGHTS;
+ owner_default = ACL_ALL_RIGHTS_RELATION;
+ break;
+ case ACL_OBJECT_DATABASE:
+ world_default = ACL_NO_RIGHTS;
+ owner_default = ACL_ALL_RIGHTS_DATABASE;
+ break;
+ case ACL_OBJECT_FUNCTION:
+ world_default = ACL_NO_RIGHTS;
+ owner_default = ACL_ALL_RIGHTS_FUNCTION;
+ break;
+ case ACL_OBJECT_LANGUAGE:
+ world_default = ACL_NO_RIGHTS;
+ owner_default = ACL_ALL_RIGHTS_LANGUAGE;
+ break;
+ case ACL_OBJECT_NAMESPACE:
+ world_default = ACL_NO_RIGHTS;
+ owner_default = ACL_ALL_RIGHTS_NAMESPACE;
+ break;
+ default:
+ elog(ERROR, "acldefault: bogus objtype %d", (int) objtype);
+ world_default = ACL_NO_RIGHTS; /* keep compiler quiet */
+ owner_default = ACL_NO_RIGHTS;
+ break;
+ }
acl = makeacl(ownerid ? 2 : 1);
aip = ACL_DAT(acl);
- aip[0].ai_idtype = ACL_IDTYPE_WORLD;
+
aip[0].ai_id = ACL_ID_WORLD;
- aip[0].ai_mode = ACL_WORLD_DEFAULT;
- /* FIXME: The owner's default should vary with the object type. */
+ ACLITEM_SET_PRIVS_IDTYPE(aip[0], world_default, ACL_IDTYPE_WORLD);
if (ownerid)
{
- aip[1].ai_idtype = ACL_IDTYPE_UID;
aip[1].ai_id = ownerid;
- aip[1].ai_mode = ACL_OWNER_DEFAULT;
+ ACLITEM_SET_PRIVS_IDTYPE(aip[1], owner_default, ACL_IDTYPE_UID);
}
+
return acl;
}
}
/* initialize the new entry with no permissions */
new_aip[dst].ai_id = mod_aip->ai_id;
- new_aip[dst].ai_idtype = mod_aip->ai_idtype;
- new_aip[dst].ai_mode = 0;
+ ACLITEM_SET_PRIVS_IDTYPE(new_aip[dst], ACL_NO_RIGHTS,
+ ACLITEM_GET_IDTYPE(*mod_aip));
num++; /* set num to the size of new_acl */
}
switch (modechg)
{
case ACL_MODECHG_ADD:
- new_aip[dst].ai_mode |= mod_aip->ai_mode;
+ new_aip[dst].ai_privs |= ACLITEM_GET_PRIVS(*mod_aip);
break;
case ACL_MODECHG_DEL:
- new_aip[dst].ai_mode &= ~mod_aip->ai_mode;
+ new_aip[dst].ai_privs &= ~ACLITEM_GET_PRIVS(*mod_aip);
break;
case ACL_MODECHG_EQL:
- new_aip[dst].ai_mode = mod_aip->ai_mode;
+ ACLITEM_SET_PRIVS_IDTYPE(new_aip[dst],
+ ACLITEM_GET_PRIVS(*mod_aip),
+ ACLITEM_GET_IDTYPE(new_aip[dst]));
break;
}
* For example, this helps in removing entries for users who no longer
* exist. EXCEPTION: never remove the world entry.
*/
- if (new_aip[dst].ai_mode == 0 && dst > 0)
+ if (ACLITEM_GET_PRIVS(new_aip[dst]) == ACL_NO_RIGHTS && dst > 0)
{
memmove((char *) (new_aip + dst),
(char *) (new_aip + dst + 1),
aidat = ACL_DAT(acl);
for (i = 0; i < num; ++i)
{
- /* Note that aclitemeq only considers id, not mode */
- if (aclitemeq(aip, aidat + i) &&
- aip->ai_mode == aidat[i].ai_mode)
+ if (aip->ai_id == aidat[i].ai_id &&
+ aip->ai_privs == aidat[i].ai_privs)
PG_RETURN_BOOL(true);
}
PG_RETURN_BOOL(false);
}
-/*
- * Parser support routines for ACL-related statements.
- *
- * XXX CAUTION: these are called from gram.y, which is not allowed to
- * do any table accesses. Therefore, it is not kosher to do things
- * like trying to translate usernames to user IDs here. Keep it all
- * in string form until statement execution time.
- */
-
-/*
- * aclmakepriv
- * make a acl privilege string out of an existing privilege string
- * and a new privilege
- *
- * does not add duplicate privileges
- */
-char *
-aclmakepriv(const char *old_privlist, char new_priv)
-{
- char *priv;
- int i;
- int l;
-
- Assert(strlen(old_privlist) <= strlen(ACL_MODE_STR));
- priv = palloc(strlen(ACL_MODE_STR) + 1);
-
- if (old_privlist == NULL || old_privlist[0] == '\0')
- {
- priv[0] = new_priv;
- priv[1] = '\0';
- return priv;
- }
-
- strcpy(priv, old_privlist);
-
- l = strlen(old_privlist);
-
- if (l == strlen(ACL_MODE_STR))
- { /* can't add any more privileges */
- return priv;
- }
-
- /* check to see if the new privilege is already in the old string */
- for (i = 0; i < l; i++)
- {
- if (priv[i] == new_priv)
- break;
- }
- if (i == l)
- { /* we really have a new privilege */
- priv[l] = new_priv;
- priv[l + 1] = '\0';
- }
-
- return priv;
-}
-
-/*
- * aclmakeuser
- * user_type must be "A" - all users
- * "G" - group
- * "U" - user
- *
- * Just concatenates the two strings together with a space in between.
- * Per above comments, we can't try to resolve a user or group name here.
- */
-char *
-aclmakeuser(const char *user_type, const char *user)
-{
- char *user_list;
-
- user_list = palloc(strlen(user_type) + strlen(user) + 2);
- sprintf(user_list, "%s %s", user_type, user);
- return user_list;
-}
-
-
-/*
- * makeAclString: We take in the privileges and grantee as well as a
- * single character '+' or '-' to indicate grant or revoke.
- *
- * We convert the information to the same external form recognized by
- * aclitemin (see aclparse) and return that string. Conversion to
- * internal form happens when the statement is executed.
- */
-char *
-makeAclString(const char *privileges, const char *grantee, char grant_or_revoke)
-{
- StringInfoData str;
- char *ret;
-
- initStringInfo(&str);
-
- /* the grantee string is "G ", "U ", or "ALL" */
- if (grantee[0] == 'G') /* group permissions */
- {
- appendStringInfo(&str, "%s \"%s\"%c%s",
- ACL_IDTYPE_GID_KEYWORD,
- grantee + 2, grant_or_revoke, privileges);
- }
- else if (grantee[0] == 'U') /* user permission */
- {
- appendStringInfo(&str, "%s \"%s\"%c%s",
- ACL_IDTYPE_UID_KEYWORD,
- grantee + 2, grant_or_revoke, privileges);
- }
- else
- {
- /* all permission */
- appendStringInfo(&str, "%c%s",
- grant_or_revoke, privileges);
- }
- ret = pstrdup(str.data);
- pfree(str.data);
- return ret;
-}
-
-
/*
* has_table_privilege_name_name
* Check user privileges on a relation given
/*
* We should never get here, but stop the compiler from complaining
*/
- return ACL_NO;
+ return ACL_NO_RIGHTS;
}
/*
projects / postgresql.git / commitdiff