Fix assorted bugs in privileges-for-types patch.
authorTom Lane
Sun, 9 Dec 2012 05:08:30 +0000 (00:08 -0500)
committerTom Lane
Sun, 9 Dec 2012 05:08:30 +0000 (00:08 -0500)
Commit 729205571e81b4767efc42ad7beb53663e08d1ff added privileges on data
types, but there were a number of oversights.  The implementation of
default privileges for types missed a few places, and pg_dump was
utterly innocent of the whole concept.  Per bug #7741 from Nathan Alden,
and subsequent wider investigation.

doc/src/sgml/catalogs.sgml
src/backend/catalog/aclchk.c
src/backend/catalog/dependency.c
src/bin/pg_dump/dumputils.c
src/bin/pg_dump/pg_dump.c
src/bin/pg_dump/pg_dump.h
src/bin/psql/describe.c

index 4851ae198f49ab728a20724c31383096a539b254..c608830857a1a4cbfa87acdfd86a026fcaccc2f3 100644 (file)
        Type of object this entry is for:
        r = relation (table, view),
        S = sequence,
-       f = function
+       f = function,
+       T = type
       
      
 
index 56c40b14e002ea7ccd892c8f086a29efb5f55805..296dfd314220c2b9e1acc4b3431dd4cb1e24dd2e 100644 (file)
@@ -1340,10 +1340,13 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid)
            case DEFACLOBJ_FUNCTION:
                iacls.objtype = ACL_OBJECT_FUNCTION;
                break;
+           case DEFACLOBJ_TYPE:
+               iacls.objtype = ACL_OBJECT_TYPE;
+               break;
            default:
                /* Shouldn't get here */
-               elog(ERROR, "unexpected default ACL type %d",
-                    pg_default_acl_tuple->defaclobjtype);
+               elog(ERROR, "unexpected default ACL type: %d",
+                    (int) pg_default_acl_tuple->defaclobjtype);
                break;
        }
 
index c0ba5cc21754f1a689d3313b3cca1aa3b6f0b4c5..e0813e1ea264809f0aa873f3915999d804c5ea87 100644 (file)
@@ -2888,6 +2888,11 @@ getObjectDescription(const ObjectAddress *object)
                                         _("default privileges on new functions belonging to role %s"),
                                      GetUserNameFromId(defacl->defaclrole));
                        break;
+                   case DEFACLOBJ_TYPE:
+                       appendStringInfo(&buffer,
+                                        _("default privileges on new types belonging to role %s"),
+                                     GetUserNameFromId(defacl->defaclrole));
+                       break;
                    default:
                        /* shouldn't get here */
                        appendStringInfo(&buffer,
index 91f2774955c0f3b3ef9705ed71cc6328fe009c78..639ee9e63adf18f168f27088219f96ff3ad1b265 100644 (file)
@@ -890,6 +890,9 @@ do { \
    }
    else if (strcmp(type, "TABLESPACE") == 0)
        CONVERT_PRIV('C', "CREATE");
+   else if (strcmp(type, "TYPE") == 0 ||
+            strcmp(type, "TYPES") == 0)
+       CONVERT_PRIV('U', "USAGE");
    else if (strcmp(type, "FOREIGN DATA WRAPPER") == 0)
        CONVERT_PRIV('U', "USAGE");
    else if (strcmp(type, "FOREIGN SERVER") == 0)
index 9bd943c78fcf2088a154637312070e4d2ff0013f..f432579449fe289114745970cedf575f66e1ae08 100644 (file)
@@ -2818,6 +2818,7 @@ getTypes(Archive *fout, int *numTypes)
    int         i_oid;
    int         i_typname;
    int         i_typnamespace;
+   int         i_typacl;
    int         i_rolname;
    int         i_typinput;
    int         i_typoutput;
@@ -2847,10 +2848,25 @@ getTypes(Archive *fout, int *numTypes)
    /* Make sure we are in proper schema */
    selectSourceSchema(fout, "pg_catalog");
 
-   if (fout->remoteVersion >= 80300)
+   if (fout->remoteVersion >= 90200)
    {
        appendPQExpBuffer(query, "SELECT tableoid, oid, typname, "
-                         "typnamespace, "
+                         "typnamespace, typacl, "
+                         "(%s typowner) AS rolname, "
+                         "typinput::oid AS typinput, "
+                         "typoutput::oid AS typoutput, typelem, typrelid, "
+                         "CASE WHEN typrelid = 0 THEN ' '::\"char\" "
+                         "ELSE (SELECT relkind FROM pg_class WHERE oid = typrelid) END AS typrelkind, "
+                         "typtype, typisdefined, "
+                         "typname[0] = '_' AND typelem != 0 AND "
+                         "(SELECT typarray FROM pg_type te WHERE oid = pg_type.typelem) = oid AS isarray "
+                         "FROM pg_type",
+                         username_subquery);
+   }
+   else if (fout->remoteVersion >= 80300)
+   {
+       appendPQExpBuffer(query, "SELECT tableoid, oid, typname, "
+                         "typnamespace, '{=U}' AS typacl, "
                          "(%s typowner) AS rolname, "
                          "typinput::oid AS typinput, "
                          "typoutput::oid AS typoutput, typelem, typrelid, "
@@ -2865,7 +2881,7 @@ getTypes(Archive *fout, int *numTypes)
    else if (fout->remoteVersion >= 70300)
    {
        appendPQExpBuffer(query, "SELECT tableoid, oid, typname, "
-                         "typnamespace, "
+                         "typnamespace, '{=U}' AS typacl, "
                          "(%s typowner) AS rolname, "
                          "typinput::oid AS typinput, "
                          "typoutput::oid AS typoutput, typelem, typrelid, "
@@ -2879,7 +2895,7 @@ getTypes(Archive *fout, int *numTypes)
    else if (fout->remoteVersion >= 70100)
    {
        appendPQExpBuffer(query, "SELECT tableoid, oid, typname, "
-                         "0::oid AS typnamespace, "
+                         "0::oid AS typnamespace, '{=U}' AS typacl, "
                          "(%s typowner) AS rolname, "
                          "typinput::oid AS typinput, "
                          "typoutput::oid AS typoutput, typelem, typrelid, "
@@ -2895,7 +2911,7 @@ getTypes(Archive *fout, int *numTypes)
        appendPQExpBuffer(query, "SELECT "
         "(SELECT oid FROM pg_class WHERE relname = 'pg_type') AS tableoid, "
                          "oid, typname, "
-                         "0::oid AS typnamespace, "
+                         "0::oid AS typnamespace, '{=U}' AS typacl, "
                          "(%s typowner) AS rolname, "
                          "typinput::oid AS typinput, "
                          "typoutput::oid AS typoutput, typelem, typrelid, "
@@ -2917,6 +2933,7 @@ getTypes(Archive *fout, int *numTypes)
    i_oid = PQfnumber(res, "oid");
    i_typname = PQfnumber(res, "typname");
    i_typnamespace = PQfnumber(res, "typnamespace");
+   i_typacl = PQfnumber(res, "typacl");
    i_rolname = PQfnumber(res, "rolname");
    i_typinput = PQfnumber(res, "typinput");
    i_typoutput = PQfnumber(res, "typoutput");
@@ -2939,6 +2956,7 @@ getTypes(Archive *fout, int *numTypes)
                          atooid(PQgetvalue(res, i, i_typnamespace)),
                          tyinfo[i].dobj.catId.oid);
        tyinfo[i].rolname = pg_strdup(PQgetvalue(res, i, i_rolname));
+       tyinfo[i].typacl = pg_strdup(PQgetvalue(res, i, i_typacl));
        tyinfo[i].typelem = atooid(PQgetvalue(res, i, i_typelem));
        tyinfo[i].typrelid = atooid(PQgetvalue(res, i, i_typrelid));
        tyinfo[i].typrelkind = *PQgetvalue(res, i, i_typrelkind);
@@ -7463,6 +7481,7 @@ dumpEnumType(Archive *fout, TypeInfo *tyinfo)
    int         num,
                i;
    Oid         enum_oid;
+   char       *qtypname;
    char       *label;
 
    /* Set proper schema search path */
@@ -7485,6 +7504,8 @@ dumpEnumType(Archive *fout, TypeInfo *tyinfo)
 
    num = PQntuples(res);
 
+   qtypname = pg_strdup(fmtId(tyinfo->dobj.name));
+
    /*
     * DROP must be fully qualified in case same name appears in pg_catalog.
     * CASCADE shouldn't be required here as for normal types since the I/O
@@ -7493,14 +7514,14 @@ dumpEnumType(Archive *fout, TypeInfo *tyinfo)
    appendPQExpBuffer(delq, "DROP TYPE %s.",
                      fmtId(tyinfo->dobj.namespace->dobj.name));
    appendPQExpBuffer(delq, "%s;\n",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
    if (binary_upgrade)
        binary_upgrade_set_type_oids_by_type_oid(fout, q,
                                                 tyinfo->dobj.catId.oid);
 
    appendPQExpBuffer(q, "CREATE TYPE %s AS ENUM (",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
    if (!binary_upgrade)
    {
@@ -7533,13 +7554,13 @@ dumpEnumType(Archive *fout, TypeInfo *tyinfo)
            appendPQExpBuffer(q, "ALTER TYPE %s.",
                              fmtId(tyinfo->dobj.namespace->dobj.name));
            appendPQExpBuffer(q, "%s ADD VALUE ",
-                             fmtId(tyinfo->dobj.name));
+                             qtypname);
            appendStringLiteralAH(q, label, fout);
            appendPQExpBuffer(q, ";\n\n");
        }
    }
 
-   appendPQExpBuffer(labelq, "TYPE %s", fmtId(tyinfo->dobj.name));
+   appendPQExpBuffer(labelq, "TYPE %s", qtypname);
 
    if (binary_upgrade)
        binary_upgrade_extension_member(q, &tyinfo->dobj, labelq->data);
@@ -7562,6 +7583,11 @@ dumpEnumType(Archive *fout, TypeInfo *tyinfo)
                 tyinfo->dobj.namespace->dobj.name, tyinfo->rolname,
                 tyinfo->dobj.catId, 0, tyinfo->dobj.dumpId);
 
+   dumpACL(fout, tyinfo->dobj.catId, tyinfo->dobj.dumpId, "TYPE",
+           qtypname, NULL, tyinfo->dobj.name,
+           tyinfo->dobj.namespace->dobj.name,
+           tyinfo->rolname, tyinfo->typacl);
+
    PQclear(res);
    destroyPQExpBuffer(q);
    destroyPQExpBuffer(delq);
@@ -7582,6 +7608,7 @@ dumpRangeType(Archive *fout, TypeInfo *tyinfo)
    PQExpBuffer query = createPQExpBuffer();
    PGresult   *res;
    Oid         collationOid;
+   char       *qtypname;
    char       *procname;
 
    /*
@@ -7607,6 +7634,8 @@ dumpRangeType(Archive *fout, TypeInfo *tyinfo)
 
    res = ExecuteSqlQueryForSingleRow(fout, query->data);
 
+   qtypname = pg_strdup(fmtId(tyinfo->dobj.name));
+
    /*
     * DROP must be fully qualified in case same name appears in pg_catalog.
     * CASCADE shouldn't be required here as for normal types since the I/O
@@ -7615,14 +7644,14 @@ dumpRangeType(Archive *fout, TypeInfo *tyinfo)
    appendPQExpBuffer(delq, "DROP TYPE %s.",
                      fmtId(tyinfo->dobj.namespace->dobj.name));
    appendPQExpBuffer(delq, "%s;\n",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
    if (binary_upgrade)
        binary_upgrade_set_type_oids_by_type_oid(fout,
                                                 q, tyinfo->dobj.catId.oid);
 
    appendPQExpBuffer(q, "CREATE TYPE %s AS RANGE (",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
    appendPQExpBuffer(q, "\n    subtype = %s",
                      PQgetvalue(res, 0, PQfnumber(res, "rngsubtype")));
@@ -7664,7 +7693,7 @@ dumpRangeType(Archive *fout, TypeInfo *tyinfo)
 
    appendPQExpBuffer(q, "\n);\n");
 
-   appendPQExpBuffer(labelq, "TYPE %s", fmtId(tyinfo->dobj.name));
+   appendPQExpBuffer(labelq, "TYPE %s", qtypname);
 
    if (binary_upgrade)
        binary_upgrade_extension_member(q, &tyinfo->dobj, labelq->data);
@@ -7687,6 +7716,11 @@ dumpRangeType(Archive *fout, TypeInfo *tyinfo)
                 tyinfo->dobj.namespace->dobj.name, tyinfo->rolname,
                 tyinfo->dobj.catId, 0, tyinfo->dobj.dumpId);
 
+   dumpACL(fout, tyinfo->dobj.catId, tyinfo->dobj.dumpId, "TYPE",
+           qtypname, NULL, tyinfo->dobj.name,
+           tyinfo->dobj.namespace->dobj.name,
+           tyinfo->rolname, tyinfo->typacl);
+
    PQclear(res);
    destroyPQExpBuffer(q);
    destroyPQExpBuffer(delq);
@@ -7706,6 +7740,7 @@ dumpBaseType(Archive *fout, TypeInfo *tyinfo)
    PQExpBuffer labelq = createPQExpBuffer();
    PQExpBuffer query = createPQExpBuffer();
    PGresult   *res;
+   char       *qtypname;
    char       *typlen;
    char       *typinput;
    char       *typoutput;
@@ -7938,6 +7973,8 @@ dumpBaseType(Archive *fout, TypeInfo *tyinfo)
    else
        typdefault = NULL;
 
+   qtypname = pg_strdup(fmtId(tyinfo->dobj.name));
+
    /*
     * DROP must be fully qualified in case same name appears in pg_catalog.
     * The reason we include CASCADE is that the circular dependency between
@@ -7947,7 +7984,7 @@ dumpBaseType(Archive *fout, TypeInfo *tyinfo)
    appendPQExpBuffer(delq, "DROP TYPE %s.",
                      fmtId(tyinfo->dobj.namespace->dobj.name));
    appendPQExpBuffer(delq, "%s CASCADE;\n",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
    /* We might already have a shell type, but setting pg_type_oid is harmless */
    if (binary_upgrade)
@@ -7957,7 +7994,7 @@ dumpBaseType(Archive *fout, TypeInfo *tyinfo)
    appendPQExpBuffer(q,
                      "CREATE TYPE %s (\n"
                      "    INTERNALLENGTH = %s",
-                     fmtId(tyinfo->dobj.name),
+                     qtypname,
                      (strcmp(typlen, "-1") == 0) ? "variable" : typlen);
 
    if (fout->remoteVersion >= 70300)
@@ -8046,7 +8083,7 @@ dumpBaseType(Archive *fout, TypeInfo *tyinfo)
 
    appendPQExpBuffer(q, "\n);\n");
 
-   appendPQExpBuffer(labelq, "TYPE %s", fmtId(tyinfo->dobj.name));
+   appendPQExpBuffer(labelq, "TYPE %s", qtypname);
 
    if (binary_upgrade)
        binary_upgrade_extension_member(q, &tyinfo->dobj, labelq->data);
@@ -8069,6 +8106,11 @@ dumpBaseType(Archive *fout, TypeInfo *tyinfo)
                 tyinfo->dobj.namespace->dobj.name, tyinfo->rolname,
                 tyinfo->dobj.catId, 0, tyinfo->dobj.dumpId);
 
+   dumpACL(fout, tyinfo->dobj.catId, tyinfo->dobj.dumpId, "TYPE",
+           qtypname, NULL, tyinfo->dobj.name,
+           tyinfo->dobj.namespace->dobj.name,
+           tyinfo->rolname, tyinfo->typacl);
+
    PQclear(res);
    destroyPQExpBuffer(q);
    destroyPQExpBuffer(delq);
@@ -8089,6 +8131,7 @@ dumpDomain(Archive *fout, TypeInfo *tyinfo)
    PQExpBuffer query = createPQExpBuffer();
    PGresult   *res;
    int         i;
+   char       *qtypname;
    char       *typnotnull;
    char       *typdefn;
    char       *typdefault;
@@ -8144,9 +8187,11 @@ dumpDomain(Archive *fout, TypeInfo *tyinfo)
        binary_upgrade_set_type_oids_by_type_oid(fout, q,
                                                 tyinfo->dobj.catId.oid);
 
+   qtypname = pg_strdup(fmtId(tyinfo->dobj.name));
+
    appendPQExpBuffer(q,
                      "CREATE DOMAIN %s AS %s",
-                     fmtId(tyinfo->dobj.name),
+                     qtypname,
                      typdefn);
 
    /* Print collation only if different from base type's collation */
@@ -8199,9 +8244,9 @@ dumpDomain(Archive *fout, TypeInfo *tyinfo)
    appendPQExpBuffer(delq, "DROP DOMAIN %s.",
                      fmtId(tyinfo->dobj.namespace->dobj.name));
    appendPQExpBuffer(delq, "%s;\n",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
-   appendPQExpBuffer(labelq, "DOMAIN %s", fmtId(tyinfo->dobj.name));
+   appendPQExpBuffer(labelq, "DOMAIN %s", qtypname);
 
    if (binary_upgrade)
        binary_upgrade_extension_member(q, &tyinfo->dobj, labelq->data);
@@ -8224,6 +8269,11 @@ dumpDomain(Archive *fout, TypeInfo *tyinfo)
                 tyinfo->dobj.namespace->dobj.name, tyinfo->rolname,
                 tyinfo->dobj.catId, 0, tyinfo->dobj.dumpId);
 
+   dumpACL(fout, tyinfo->dobj.catId, tyinfo->dobj.dumpId, "TYPE",
+           qtypname, NULL, tyinfo->dobj.name,
+           tyinfo->dobj.namespace->dobj.name,
+           tyinfo->rolname, tyinfo->typacl);
+
    destroyPQExpBuffer(q);
    destroyPQExpBuffer(delq);
    destroyPQExpBuffer(labelq);
@@ -8244,6 +8294,7 @@ dumpCompositeType(Archive *fout, TypeInfo *tyinfo)
    PQExpBuffer labelq = createPQExpBuffer();
    PQExpBuffer query = createPQExpBuffer();
    PGresult   *res;
+   char       *qtypname;
    int         ntups;
    int         i_attname;
    int         i_atttypdefn;
@@ -8321,8 +8372,10 @@ dumpCompositeType(Archive *fout, TypeInfo *tyinfo)
        binary_upgrade_set_pg_class_oids(fout, q, typrelid, false);
    }
 
+   qtypname = pg_strdup(fmtId(tyinfo->dobj.name));
+
    appendPQExpBuffer(q, "CREATE TYPE %s AS (",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
    actual_atts = 0;
    for (i = 0; i < ntups; i++)
@@ -8388,11 +8441,11 @@ dumpCompositeType(Archive *fout, TypeInfo *tyinfo)
                              "WHERE attname = ", attlen, attalign);
            appendStringLiteralAH(dropped, attname, fout);
            appendPQExpBuffer(dropped, "\n  AND attrelid = ");
-           appendStringLiteralAH(dropped, fmtId(tyinfo->dobj.name), fout);
+           appendStringLiteralAH(dropped, qtypname, fout);
            appendPQExpBuffer(dropped, "::pg_catalog.regclass;\n");
 
            appendPQExpBuffer(dropped, "ALTER TYPE %s ",
-                             fmtId(tyinfo->dobj.name));
+                             qtypname);
            appendPQExpBuffer(dropped, "DROP ATTRIBUTE %s;\n",
                              fmtId(attname));
        }
@@ -8406,9 +8459,9 @@ dumpCompositeType(Archive *fout, TypeInfo *tyinfo)
    appendPQExpBuffer(delq, "DROP TYPE %s.",
                      fmtId(tyinfo->dobj.namespace->dobj.name));
    appendPQExpBuffer(delq, "%s;\n",
-                     fmtId(tyinfo->dobj.name));
+                     qtypname);
 
-   appendPQExpBuffer(labelq, "TYPE %s", fmtId(tyinfo->dobj.name));
+   appendPQExpBuffer(labelq, "TYPE %s", qtypname);
 
    if (binary_upgrade)
        binary_upgrade_extension_member(q, &tyinfo->dobj, labelq->data);
@@ -8432,6 +8485,11 @@ dumpCompositeType(Archive *fout, TypeInfo *tyinfo)
                 tyinfo->dobj.namespace->dobj.name, tyinfo->rolname,
                 tyinfo->dobj.catId, 0, tyinfo->dobj.dumpId);
 
+   dumpACL(fout, tyinfo->dobj.catId, tyinfo->dobj.dumpId, "TYPE",
+           qtypname, NULL, tyinfo->dobj.name,
+           tyinfo->dobj.namespace->dobj.name,
+           tyinfo->rolname, tyinfo->typacl);
+
    PQclear(res);
    destroyPQExpBuffer(q);
    destroyPQExpBuffer(dropped);
@@ -11703,10 +11761,13 @@ dumpDefaultACL(Archive *fout, DefaultACLInfo *daclinfo)
        case DEFACLOBJ_FUNCTION:
            type = "FUNCTIONS";
            break;
+       case DEFACLOBJ_TYPE:
+           type = "TYPES";
+           break;
        default:
            /* shouldn't get here */
            exit_horribly(NULL,
-                         "unknown object type (%d) in default privileges\n",
+                         "unrecognized object type in default privileges: %d\n",
                          (int) daclinfo->defaclobjtype);
            type = "";          /* keep compiler quiet */
    }
index dad791d5c3e038b9d75796cfc67aec27e9a9735d..5d18db8b5ae3d2344f33e8cac172140099dd5d82 100644 (file)
@@ -163,6 +163,7 @@ typedef struct _typeInfo
     * produce something different than typname
     */
    char       *rolname;        /* name of owner, or empty string */
+   char       *typacl;
    Oid         typelem;
    Oid         typrelid;
    char        typrelkind;     /* 'r', 'v', 'c', etc */
index b910c18b38bdf89391c87e8402b988c7e79ab7dd..bcad3e880af0ae349eb2dc88216cde5617d11507 100644 (file)
@@ -14,6 +14,8 @@
 
 #include 
 
+#include "catalog/pg_default_acl.h"
+
 #include "common.h"
 #include "describe.h"
 #include "dumputils.h"
@@ -774,7 +776,7 @@ permissionsList(const char *pattern)
 /*
  * \ddp
  *
- * List DefaultACLs.  The pattern can match either schema or role name.
+ * List Default ACLs.  The pattern can match either schema or role name.
  */
 bool
 listDefaultACLs(const char *pattern)
@@ -796,13 +798,18 @@ listDefaultACLs(const char *pattern)
    printfPQExpBuffer(&buf,
               "SELECT pg_catalog.pg_get_userbyid(d.defaclrole) AS \"%s\",\n"
                      "  n.nspname AS \"%s\",\n"
-                     "  CASE d.defaclobjtype WHEN 'r' THEN '%s' WHEN 'S' THEN '%s' WHEN 'f' THEN '%s' END AS \"%s\",\n"
+                     "  CASE d.defaclobjtype WHEN '%c' THEN '%s' WHEN '%c' THEN '%s' WHEN '%c' THEN '%s' WHEN '%c' THEN '%s' END AS \"%s\",\n"
                      "  ",
                      gettext_noop("Owner"),
                      gettext_noop("Schema"),
+                     DEFACLOBJ_RELATION,
                      gettext_noop("table"),
+                     DEFACLOBJ_SEQUENCE,
                      gettext_noop("sequence"),
+                     DEFACLOBJ_FUNCTION,
                      gettext_noop("function"),
+                     DEFACLOBJ_TYPE,
+                     gettext_noop("type"),
                      gettext_noop("Type"));
 
    printACLColumn(&buf, "d.defaclacl");