Adjust 'permission denied' messages to be more useful and consistent.
This commit is contained in:
Tom Lane
parent
a063d4b3ec
commit
c4cf7fb814
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.84 2003/07/21 01:59:07 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.85 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
* NOTES
|
||||
* See acl.h.
|
||||
@ -223,7 +223,7 @@ ExecuteGrantStmt_Relation(GrantStmt *stmt)
|
||||
if (stmt->is_grant
|
||||
&& !pg_class_ownercheck(relOid, GetUserId())
|
||||
&& pg_class_aclcheck(relOid, GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, relvar->relname);
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS, relvar->relname);
|
||||
|
||||
/* Not sensible to grant on an index */
|
||||
if (pg_class_tuple->relkind == RELKIND_INDEX)
|
||||
@ -329,7 +329,8 @@ ExecuteGrantStmt_Database(GrantStmt *stmt)
|
||||
if (stmt->is_grant
|
||||
&& pg_database_tuple->datdba != GetUserId()
|
||||
&& pg_database_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, NameStr(pg_database_tuple->datname));
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_DATABASE,
|
||||
NameStr(pg_database_tuple->datname));
|
||||
|
||||
/*
|
||||
* If there's no ACL, create a default.
|
||||
@ -424,7 +425,7 @@ ExecuteGrantStmt_Function(GrantStmt *stmt)
|
||||
if (stmt->is_grant
|
||||
&& !pg_proc_ownercheck(oid, GetUserId())
|
||||
&& pg_proc_aclcheck(oid, GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
|
||||
aclcheck_error(ACLCHECK_NO_PRIV,
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_PROC,
|
||||
NameStr(pg_proc_tuple->proname));
|
||||
|
||||
/*
|
||||
@ -525,7 +526,8 @@ ExecuteGrantStmt_Language(GrantStmt *stmt)
|
||||
if (stmt->is_grant
|
||||
&& !superuser()
|
||||
&& pg_language_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, NameStr(pg_language_tuple->lanname));
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
|
||||
NameStr(pg_language_tuple->lanname));
|
||||
|
||||
/*
|
||||
* If there's no ACL, create a default.
|
||||
@ -619,7 +621,8 @@ ExecuteGrantStmt_Namespace(GrantStmt *stmt)
|
||||
if (stmt->is_grant
|
||||
&& !pg_namespace_ownercheck(HeapTupleGetOid(tuple), GetUserId())
|
||||
&& pg_namespace_aclcheck(HeapTupleGetOid(tuple), GetUserId(), ACL_GRANT_OPTION_FOR(privileges)) != ACLCHECK_OK)
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, nspname);
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_NAMESPACE,
|
||||
nspname);
|
||||
|
||||
/*
|
||||
* If there's no ACL, create a default using the
|
||||
@ -848,9 +851,59 @@ aclcheck(Acl *acl, AclId userid, AclMode mode)
|
||||
|
||||
/*
|
||||
* Standardized reporting of aclcheck permissions failures.
|
||||
*
|
||||
* Note: we do not double-quote the %s's below, because many callers
|
||||
* supply strings that might be already quoted.
|
||||
*/
|
||||
|
||||
static const char * const no_priv_msg[MAX_ACL_KIND] =
|
||||
{
|
||||
/* ACL_KIND_CLASS */
|
||||
gettext_noop("permission denied for relation %s"),
|
||||
/* ACL_KIND_DATABASE */
|
||||
gettext_noop("permission denied for database %s"),
|
||||
/* ACL_KIND_PROC */
|
||||
gettext_noop("permission denied for function %s"),
|
||||
/* ACL_KIND_OPER */
|
||||
gettext_noop("permission denied for operator %s"),
|
||||
/* ACL_KIND_TYPE */
|
||||
gettext_noop("permission denied for type %s"),
|
||||
/* ACL_KIND_LANGUAGE */
|
||||
gettext_noop("permission denied for language %s"),
|
||||
/* ACL_KIND_NAMESPACE */
|
||||
gettext_noop("permission denied for schema %s"),
|
||||
/* ACL_KIND_OPCLASS */
|
||||
gettext_noop("permission denied for operator class %s"),
|
||||
/* ACL_KIND_CONVERSION */
|
||||
gettext_noop("permission denied for conversion %s")
|
||||
};
|
||||
|
||||
static const char * const not_owner_msg[MAX_ACL_KIND] =
|
||||
{
|
||||
/* ACL_KIND_CLASS */
|
||||
gettext_noop("must be owner of relation %s"),
|
||||
/* ACL_KIND_DATABASE */
|
||||
gettext_noop("must be owner of database %s"),
|
||||
/* ACL_KIND_PROC */
|
||||
gettext_noop("must be owner of function %s"),
|
||||
/* ACL_KIND_OPER */
|
||||
gettext_noop("must be owner of operator %s"),
|
||||
/* ACL_KIND_TYPE */
|
||||
gettext_noop("must be owner of type %s"),
|
||||
/* ACL_KIND_LANGUAGE */
|
||||
gettext_noop("must be owner of language %s"),
|
||||
/* ACL_KIND_NAMESPACE */
|
||||
gettext_noop("must be owner of schema %s"),
|
||||
/* ACL_KIND_OPCLASS */
|
||||
gettext_noop("must be owner of operator class %s"),
|
||||
/* ACL_KIND_CONVERSION */
|
||||
gettext_noop("must be owner of conversion %s")
|
||||
};
|
||||
|
||||
|
||||
void
|
||||
aclcheck_error(AclResult aclerr, const char *objectname)
|
||||
aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
|
||||
const char *objectname)
|
||||
{
|
||||
switch (aclerr)
|
||||
{
|
||||
@ -860,12 +913,12 @@ aclcheck_error(AclResult aclerr, const char *objectname)
|
||||
case ACLCHECK_NO_PRIV:
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied for \"%s\"", objectname)));
|
||||
errmsg(no_priv_msg[objectkind], objectname)));
|
||||
break;
|
||||
case ACLCHECK_NOT_OWNER:
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("must be owner of \"%s\"", objectname)));
|
||||
errmsg(not_owner_msg[objectkind], objectname)));
|
||||
break;
|
||||
default:
|
||||
elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.54 2003/07/21 01:59:09 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.55 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -1201,7 +1201,8 @@ LookupExplicitNamespace(const char *nspname)
|
||||
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, nspname);
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
nspname);
|
||||
|
||||
return namespaceId;
|
||||
}
|
||||
@ -1624,7 +1625,7 @@ InitTempTableNamespace(void)
|
||||
ACL_CREATE_TEMP) != ACLCHECK_OK)
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("not authorized to create temp tables in database \"%s\"",
|
||||
errmsg("permission denied to create temp tables in database \"%s\"",
|
||||
get_database_name(MyDatabaseId))));
|
||||
|
||||
snprintf(namespaceName, sizeof(namespaceName), "pg_temp_%d", MyBackendId);
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_conversion.c,v 1.12 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_conversion.c,v 1.13 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -146,9 +146,8 @@ ConversionDrop(Oid conversionOid, DropBehavior behavior)
|
||||
|
||||
if (!superuser() &&
|
||||
((Form_pg_conversion) GETSTRUCT(tuple))->conowner != GetUserId())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
|
||||
NameStr(((Form_pg_conversion) GETSTRUCT(tuple))->conname));
|
||||
|
||||
ReleaseSysCache(tuple);
|
||||
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.80 2003/07/21 01:59:11 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.81 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
* NOTES
|
||||
* these routines moved here from commands/define.c and somewhat cleaned up.
|
||||
@ -732,7 +732,8 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
|
||||
aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(otherNamespace));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(otherNamespace));
|
||||
|
||||
other_oid = OperatorShellMake(otherName,
|
||||
otherNamespace,
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_proc.c,v 1.101 2003/07/21 01:59:11 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_proc.c,v 1.102 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -27,6 +27,7 @@
|
||||
#include "parser/parse_expr.h"
|
||||
#include "parser/parse_type.h"
|
||||
#include "tcop/tcopprot.h"
|
||||
#include "utils/acl.h"
|
||||
#include "utils/builtins.h"
|
||||
#include "utils/lsyscache.h"
|
||||
#include "utils/sets.h"
|
||||
@ -219,10 +220,8 @@ ProcedureCreate(const char *procedureName,
|
||||
errmsg("function \"%s\" already exists with same argument types",
|
||||
procedureName)));
|
||||
if (GetUserId() != oldproc->proowner && !superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("you do not have permission to replace function \"%s\"",
|
||||
procedureName)));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
procedureName);
|
||||
|
||||
/*
|
||||
* Not okay to change the return type of the existing proc, since
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.11 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.12 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
* DESCRIPTION
|
||||
* The "DefineFoo" routines take the parse tree and pick out the
|
||||
@ -64,7 +64,8 @@ DefineAggregate(List *names, List *parameters)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(aggNamespace));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(aggNamespace));
|
||||
|
||||
foreach(pl, parameters)
|
||||
{
|
||||
@ -191,7 +192,8 @@ RemoveAggregate(RemoveAggrStmt *stmt)
|
||||
if (!pg_proc_ownercheck(procOid, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(((Form_pg_proc) GETSTRUCT(tup))->pronamespace,
|
||||
GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(aggName));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
NameListToString(aggName));
|
||||
|
||||
/* find_aggregate_func already checked it is an aggregate */
|
||||
|
||||
@ -269,12 +271,14 @@ RenameAggregate(List *name, TypeName *basetype, const char *newname)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_proc_ownercheck(procOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
NameListToString(name));
|
||||
|
||||
/* must have CREATE privilege on namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceOid));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceOid));
|
||||
|
||||
/* rename */
|
||||
namestrcpy(&(((Form_pg_proc) GETSTRUCT(tup))->proname), newname);
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/alter.c,v 1.3 2003/07/22 19:00:07 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/alter.c,v 1.4 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -102,7 +102,7 @@ ExecRenameStmt(RenameStmt *stmt)
|
||||
GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult,
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceId));
|
||||
|
||||
renamerel(relid, stmt->newname);
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/cluster.c,v 1.111 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/cluster.c,v 1.112 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -69,7 +69,6 @@ static void copy_heap_data(Oid OIDNewHeap, Oid OIDOldHeap, Oid OIDOldIndex);
|
||||
static List *get_indexattr_list(Relation OldHeap, Oid OldIndex);
|
||||
static void rebuild_indexes(Oid OIDOldHeap, List *indexes);
|
||||
static void swap_relfilenodes(Oid r1, Oid r2);
|
||||
static bool check_cluster_permitted(Oid relOid);
|
||||
static List *get_tables_to_cluster(MemoryContext cluster_context);
|
||||
|
||||
|
||||
@ -115,10 +114,9 @@ cluster(ClusterStmt *stmt)
|
||||
tableOid = RelationGetRelid(rel);
|
||||
|
||||
/* Check permissions */
|
||||
if (!check_cluster_permitted(tableOid))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
if (!pg_class_ownercheck(tableOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (stmt->indexname == NULL)
|
||||
{
|
||||
@ -279,7 +277,7 @@ cluster_rel(RelToCluster *rvtc, bool recheck)
|
||||
return;
|
||||
|
||||
/* Check that the user still owns the relation */
|
||||
if (!check_cluster_permitted(rvtc->tableOid))
|
||||
if (!pg_class_ownercheck(rvtc->tableOid, GetUserId()))
|
||||
return;
|
||||
|
||||
/*
|
||||
@ -850,17 +848,6 @@ swap_relfilenodes(Oid r1, Oid r2)
|
||||
heap_close(relRelation, RowExclusiveLock);
|
||||
}
|
||||
|
||||
/*
|
||||
* Checks if the user is allowed to cluster (ie, owns) the relation.
|
||||
* Superusers are allowed to cluster any table.
|
||||
*/
|
||||
static bool
|
||||
check_cluster_permitted(Oid relOid)
|
||||
{
|
||||
/* Superusers bypass this check */
|
||||
return pg_class_ownercheck(relOid, GetUserId());
|
||||
}
|
||||
|
||||
/*
|
||||
* Get a list of tables that the current user owns and
|
||||
* have indisclustered set. Return the list in a List * of rvsToCluster
|
||||
@ -894,7 +881,8 @@ get_tables_to_cluster(MemoryContext cluster_context)
|
||||
while ((indexTuple = heap_getnext(scan, ForwardScanDirection)) != NULL)
|
||||
{
|
||||
index = (Form_pg_index) GETSTRUCT(indexTuple);
|
||||
if (!check_cluster_permitted(index->indrelid))
|
||||
|
||||
if (!pg_class_ownercheck(index->indrelid, GetUserId()))
|
||||
continue;
|
||||
|
||||
/*
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
* Copyright (c) 1996-2001, PostgreSQL Global Development Group
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/comment.c,v 1.66 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/comment.c,v 1.67 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -295,7 +295,8 @@ CommentRelation(int objtype, List *relname, char *comment)
|
||||
|
||||
/* Check object security */
|
||||
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(relation));
|
||||
|
||||
/* Next, verify that the relation type matches the intent */
|
||||
|
||||
@ -373,7 +374,8 @@ CommentAttribute(List *qualname, char *comment)
|
||||
/* Check object security */
|
||||
|
||||
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(relation));
|
||||
|
||||
/* Now, fetch the attribute number from the system cache */
|
||||
|
||||
@ -449,7 +451,8 @@ CommentDatabase(List *qualname, char *comment)
|
||||
|
||||
/* Check object security */
|
||||
if (!pg_database_ownercheck(oid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, database);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
database);
|
||||
|
||||
/* Create the comment with the pg_database oid */
|
||||
CreateComments(oid, RelOid_pg_database, 0, comment);
|
||||
@ -487,7 +490,8 @@ CommentNamespace(List *qualname, char *comment)
|
||||
|
||||
/* Check object security */
|
||||
if (!pg_namespace_ownercheck(oid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, namespace);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
|
||||
namespace);
|
||||
|
||||
/* pg_namespace doesn't have a hard-coded OID, so must look it up */
|
||||
classoid = get_system_catalog_relid(NamespaceRelationName);
|
||||
@ -600,7 +604,8 @@ CommentRule(List *qualname, char *comment)
|
||||
/* Check object security */
|
||||
aclcheck = pg_class_aclcheck(reloid, GetUserId(), ACL_RULE);
|
||||
if (aclcheck != ACLCHECK_OK)
|
||||
aclcheck_error(aclcheck, rulename);
|
||||
aclcheck_error(aclcheck, ACL_KIND_CLASS,
|
||||
get_rel_name(reloid));
|
||||
|
||||
/* pg_rewrite doesn't have a hard-coded OID, so must look it up */
|
||||
classoid = get_system_catalog_relid(RewriteRelationName);
|
||||
@ -638,7 +643,8 @@ CommentType(List *typename, char *comment)
|
||||
/* Check object security */
|
||||
|
||||
if (!pg_type_ownercheck(oid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(tname));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE,
|
||||
TypeNameToString(tname));
|
||||
|
||||
/* Call CreateComments() to create/drop the comments */
|
||||
|
||||
@ -673,7 +679,8 @@ CommentAggregate(List *aggregate, List *arguments, char *comment)
|
||||
/* Next, validate the user's attempt to comment */
|
||||
|
||||
if (!pg_proc_ownercheck(oid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(aggregate));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
NameListToString(aggregate));
|
||||
|
||||
/* Call CreateComments() to create/drop the comments */
|
||||
|
||||
@ -701,7 +708,8 @@ CommentProc(List *function, List *arguments, char *comment)
|
||||
/* Now, validate the user's ability to comment on this function */
|
||||
|
||||
if (!pg_proc_ownercheck(oid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(function));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
NameListToString(function));
|
||||
|
||||
/* Call CreateComments() to create/drop the comments */
|
||||
|
||||
@ -731,7 +739,8 @@ CommentOperator(List *opername, List *arguments, char *comment)
|
||||
|
||||
/* Valid user's ability to comment on this operator */
|
||||
if (!pg_oper_ownercheck(oid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(opername));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
|
||||
NameListToString(opername));
|
||||
|
||||
/* pg_operator doesn't have a hard-coded OID, so must look it up */
|
||||
classoid = get_system_catalog_relid(OperatorRelationName);
|
||||
@ -777,7 +786,8 @@ CommentTrigger(List *qualname, char *comment)
|
||||
/* Check object security */
|
||||
|
||||
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(relation));
|
||||
|
||||
/*
|
||||
* Fetch the trigger tuple from pg_trigger. There can be only one
|
||||
@ -854,7 +864,8 @@ CommentConstraint(List *qualname, char *comment)
|
||||
/* Check object security */
|
||||
|
||||
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(relation));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(relation));
|
||||
|
||||
/*
|
||||
* Fetch the constraint tuple from pg_constraint. There may be more
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/conversioncmds.c,v 1.8 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/conversioncmds.c,v 1.9 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -55,7 +55,8 @@ CreateConversionCommand(CreateConversionStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceId));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceId));
|
||||
|
||||
/* Check the encoding names */
|
||||
from_encoding = pg_char_to_encoding(from_encoding_name);
|
||||
@ -82,7 +83,8 @@ CreateConversionCommand(CreateConversionStmt *stmt)
|
||||
/* Check we have EXECUTE rights for the function */
|
||||
aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, NameListToString(func_name));
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
NameListToString(func_name));
|
||||
|
||||
/*
|
||||
* All seem ok, go ahead (possible failure would be a duplicate
|
||||
@ -150,13 +152,16 @@ RenameConversion(List *name, const char *newname)
|
||||
newname, get_namespace_name(namespaceOid))));
|
||||
|
||||
/* must be owner */
|
||||
if (!superuser() && ((Form_pg_conversion) GETSTRUCT(tup))->conowner != GetUserId())
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name));
|
||||
if (!superuser() &&
|
||||
((Form_pg_conversion) GETSTRUCT(tup))->conowner != GetUserId())
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
|
||||
NameListToString(name));
|
||||
|
||||
/* must have CREATE privilege on namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceOid));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceOid));
|
||||
|
||||
/* rename */
|
||||
namestrcpy(&(((Form_pg_conversion) GETSTRUCT(tup))->conname), newname);
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.204 2003/07/22 19:00:07 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.205 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -730,7 +730,8 @@ DoCopy(const CopyStmt *stmt)
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
|
||||
required_access);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, RelationGetRelationName(rel));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
if (!pipe && !superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.118 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.119 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -180,7 +180,7 @@ createdb(const CreatedbStmt *stmt)
|
||||
if (!superuser() && !have_createdb_privilege())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("permission denied to create database")));
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -189,7 +189,7 @@ createdb(const CreatedbStmt *stmt)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to create database for another user")));
|
||||
}
|
||||
|
||||
/* don't call this in a transaction block */
|
||||
@ -239,7 +239,7 @@ createdb(const CreatedbStmt *stmt)
|
||||
if (!superuser() && GetUserId() != src_owner)
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission to copy \"%s\" denied",
|
||||
errmsg("permission denied to copy database \"%s\"",
|
||||
dbtemplate)));
|
||||
}
|
||||
|
||||
@ -481,9 +481,8 @@ dropdb(const char *dbname)
|
||||
errmsg("database \"%s\" does not exist", dbname)));
|
||||
|
||||
if (GetUserId() != db_owner && !superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
dbname);
|
||||
|
||||
/*
|
||||
* Disallow dropping a DB that is marked istemplate. This is just to
|
||||
@ -633,13 +632,14 @@ RenameDatabase(const char *oldname, const char *newname)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_database_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, oldname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
oldname);
|
||||
|
||||
/* must have createdb */
|
||||
if (!have_createdb_privilege())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("permission denied to rename database")));
|
||||
|
||||
/* rename */
|
||||
newtup = heap_copytuple(tup);
|
||||
@ -690,9 +690,8 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
|
||||
|
||||
if (!(superuser()
|
||||
|| ((Form_pg_database) GETSTRUCT(tuple))->datdba == GetUserId()))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
stmt->dbname);
|
||||
|
||||
MemSet(repl_repl, ' ', sizeof(repl_repl));
|
||||
repl_repl[Anum_pg_database_datconfig - 1] = 'r';
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/functioncmds.c,v 1.30 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/functioncmds.c,v 1.31 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
* DESCRIPTION
|
||||
* These routines take the parse tree and pick out the
|
||||
@ -118,7 +118,8 @@ compute_return_type(TypeName *returnType, Oid languageOid,
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceId));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceId));
|
||||
rettype = TypeShellMake(typname, namespaceId);
|
||||
Assert(OidIsValid(rettype));
|
||||
}
|
||||
@ -414,7 +415,8 @@ CreateFunction(CreateFunctionStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceId));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceId));
|
||||
|
||||
/* defaults attributes */
|
||||
isStrict = false;
|
||||
@ -447,13 +449,15 @@ CreateFunction(CreateFunctionStmt *stmt)
|
||||
|
||||
aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, NameStr(languageStruct->lanname));
|
||||
aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
|
||||
NameStr(languageStruct->lanname));
|
||||
}
|
||||
else
|
||||
{
|
||||
/* if untrusted language, must be superuser */
|
||||
if (!superuser())
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, NameStr(languageStruct->lanname));
|
||||
aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
|
||||
NameStr(languageStruct->lanname));
|
||||
}
|
||||
|
||||
languageValidator = languageStruct->lanvalidator;
|
||||
@ -546,7 +550,8 @@ RemoveFunction(RemoveFuncStmt *stmt)
|
||||
if (!pg_proc_ownercheck(funcOid, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(((Form_pg_proc) GETSTRUCT(tup))->pronamespace,
|
||||
GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(functionName));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
NameListToString(functionName));
|
||||
|
||||
if (((Form_pg_proc) GETSTRUCT(tup))->proisagg)
|
||||
ereport(ERROR,
|
||||
@ -681,12 +686,14 @@ RenameFunction(List *name, List *argtypes, const char *newname)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_proc_ownercheck(procOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
|
||||
NameListToString(name));
|
||||
|
||||
/* must have CREATE privilege on namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceOid));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceOid));
|
||||
|
||||
/* rename */
|
||||
namestrcpy(&(procForm->proname), newname);
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.102 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.103 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -135,7 +135,8 @@ DefineIndex(RangeVar *heapRelation,
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceId));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceId));
|
||||
}
|
||||
|
||||
/*
|
||||
@ -621,13 +622,13 @@ ReindexIndex(RangeVar *indexRelation, bool force /* currently unused */ )
|
||||
if (!allowSystemTableMods)
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system index",
|
||||
errmsg("permission denied: \"%s\" is a system index",
|
||||
indexRelation->relname),
|
||||
errhint("Do REINDEX in standalone postgres with -O -P options.")));
|
||||
if (!IsIgnoringSystemIndexes())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system index",
|
||||
errmsg("permission denied: \"%s\" is a system index",
|
||||
indexRelation->relname),
|
||||
errhint("Do REINDEX in standalone postgres with -P -O options.")));
|
||||
}
|
||||
@ -710,9 +711,8 @@ ReindexDatabase(const char *dbname, bool force, bool all)
|
||||
errmsg("can only reindex the currently open database")));
|
||||
|
||||
if (!pg_database_ownercheck(MyDatabaseId, GetUserId()))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
|
||||
dbname);
|
||||
|
||||
if (!allowSystemTableMods)
|
||||
ereport(ERROR,
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/lockcmds.c,v 1.5 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/lockcmds.c,v 1.6 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -56,7 +56,8 @@ LockTableCommand(LockStmt *lockstmt)
|
||||
ACL_UPDATE | ACL_DELETE);
|
||||
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_rel_name(reloid));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
get_rel_name(reloid));
|
||||
|
||||
rel = relation_open(reloid, lockstmt->mode);
|
||||
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/opclasscmds.c,v 1.14 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/opclasscmds.c,v 1.15 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -78,7 +78,8 @@ DefineOpClass(CreateOpClassStmt *stmt)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceoid));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceoid));
|
||||
|
||||
/* Get necessary info about access method */
|
||||
tup = SearchSysCache(AMNAME,
|
||||
@ -117,7 +118,8 @@ DefineOpClass(CreateOpClassStmt *stmt)
|
||||
/* XXX this is unnecessary given the superuser check above */
|
||||
/* Check we have ownership of the datatype */
|
||||
if (!pg_type_ownercheck(typeoid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, format_type_be(typeoid));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE,
|
||||
format_type_be(typeoid));
|
||||
#endif
|
||||
|
||||
/* Storage datatype is optional */
|
||||
@ -178,7 +180,8 @@ DefineOpClass(CreateOpClassStmt *stmt)
|
||||
aclresult = pg_proc_aclcheck(funcOid, GetUserId(),
|
||||
ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_func_name(funcOid));
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
get_func_name(funcOid));
|
||||
operators[item->number - 1] = operOid;
|
||||
recheck[item->number - 1] = item->recheck;
|
||||
break;
|
||||
@ -200,7 +203,8 @@ DefineOpClass(CreateOpClassStmt *stmt)
|
||||
aclresult = pg_proc_aclcheck(funcOid, GetUserId(),
|
||||
ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_func_name(funcOid));
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
get_func_name(funcOid));
|
||||
procedures[item->number - 1] = funcOid;
|
||||
break;
|
||||
case OPCLASS_ITEM_STORAGETYPE:
|
||||
@ -536,7 +540,7 @@ RemoveOpClass(RemoveOpClassStmt *stmt)
|
||||
if (!pg_opclass_ownercheck(opcID, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(((Form_pg_opclass) GETSTRUCT(tuple))->opcnamespace,
|
||||
GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS,
|
||||
NameListToString(stmt->opclassname));
|
||||
|
||||
ReleaseSysCache(tuple);
|
||||
@ -699,12 +703,14 @@ RenameOpClass(List *name, const char *access_method, const char *newname)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_opclass_ownercheck(opcOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(name));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS,
|
||||
NameListToString(name));
|
||||
|
||||
/* must have CREATE privilege on namespace */
|
||||
aclresult = pg_namespace_aclcheck(namespaceOid, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceOid));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceOid));
|
||||
|
||||
/* rename */
|
||||
namestrcpy(&(((Form_pg_opclass) GETSTRUCT(tup))->opcname), newname);
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/operatorcmds.c,v 1.9 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/operatorcmds.c,v 1.10 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
* DESCRIPTION
|
||||
* The "DefineFoo" routines take the parse tree and pick out the
|
||||
@ -87,7 +87,8 @@ DefineOperator(List *names, List *parameters)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(oprNamespace));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(oprNamespace));
|
||||
|
||||
/*
|
||||
* loop over the definition list and extract the information we need.
|
||||
@ -224,7 +225,8 @@ RemoveOperator(RemoveOperStmt *stmt)
|
||||
if (!pg_oper_ownercheck(operOid, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(((Form_pg_operator) GETSTRUCT(tup))->oprnamespace,
|
||||
GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, NameListToString(operatorName));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
|
||||
NameListToString(operatorName));
|
||||
|
||||
ReleaseSysCache(tup);
|
||||
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/proclang.c,v 1.46 2003/07/18 23:20:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/proclang.c,v 1.47 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -266,7 +266,7 @@ RenameLanguage(const char *oldname, const char *newname)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to rename procedural language")));
|
||||
|
||||
/* rename */
|
||||
namestrcpy(&(((Form_pg_language) GETSTRUCT(tup))->lanname), newname);
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/schemacmds.c,v 1.13 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/schemacmds.c,v 1.14 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -91,7 +91,8 @@ CreateSchemaCommand(CreateSchemaStmt *stmt)
|
||||
*/
|
||||
aclresult = pg_database_aclcheck(MyDatabaseId, saved_userid, ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_database_name(MyDatabaseId));
|
||||
aclcheck_error(aclresult, ACL_KIND_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
||||
if (!allowSystemTableMods && IsReservedName(schemaName))
|
||||
ereport(ERROR,
|
||||
@ -181,7 +182,8 @@ RemoveSchema(List *names, DropBehavior behavior)
|
||||
|
||||
/* Permission check */
|
||||
if (!pg_namespace_ownercheck(namespaceId, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, namespaceName);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
|
||||
namespaceName);
|
||||
|
||||
/*
|
||||
* Do the deletion. Objects contained in the schema are removed by
|
||||
@ -255,12 +257,14 @@ RenameSchema(const char *oldname, const char *newname)
|
||||
|
||||
/* must be owner */
|
||||
if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, oldname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
|
||||
oldname);
|
||||
|
||||
/* must have CREATE privilege on database */
|
||||
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_database_name(MyDatabaseId));
|
||||
aclcheck_error(aclresult, ACL_KIND_DATABASE,
|
||||
get_database_name(MyDatabaseId));
|
||||
|
||||
if (!allowSystemTableMods && IsReservedName(newname))
|
||||
ereport(ERROR,
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/sequence.c,v 1.98 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/sequence.c,v 1.99 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -314,9 +314,10 @@ AlterSequence(AlterSeqStmt *stmt)
|
||||
/* open and AccessShareLock sequence */
|
||||
init_sequence(stmt->sequence, &elm, &seqrel);
|
||||
|
||||
/* Allow DROP to sequence owner only*/
|
||||
/* allow DROP to sequence owner only */
|
||||
if (!pg_class_ownercheck(elm->relid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, stmt->sequence->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
stmt->sequence->relname);
|
||||
|
||||
/* lock page' buffer and read tuple into new sequence structure */
|
||||
seq = read_info(elm, seqrel, &buf);
|
||||
@ -417,7 +418,7 @@ nextval(PG_FUNCTION_ARGS)
|
||||
if (pg_class_aclcheck(elm->relid, GetUserId(), ACL_UPDATE) != ACLCHECK_OK)
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("%s.nextval: permission denied",
|
||||
errmsg("permission denied for sequence %s",
|
||||
sequence->relname)));
|
||||
|
||||
if (elm->last != elm->cached) /* some numbers were cached */
|
||||
@ -609,7 +610,7 @@ currval(PG_FUNCTION_ARGS)
|
||||
if (pg_class_aclcheck(elm->relid, GetUserId(), ACL_SELECT) != ACLCHECK_OK)
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("%s.currval: permission denied",
|
||||
errmsg("permission denied for sequence %s",
|
||||
sequence->relname)));
|
||||
|
||||
if (elm->increment == 0) /* nextval/read_info were not called */
|
||||
@ -652,7 +653,7 @@ do_setval(RangeVar *sequence, int64 next, bool iscalled)
|
||||
if (pg_class_aclcheck(elm->relid, GetUserId(), ACL_UPDATE) != ACLCHECK_OK)
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("%s.setval: permission denied",
|
||||
errmsg("permission denied for sequence %s",
|
||||
sequence->relname)));
|
||||
|
||||
/* lock page' buffer and read tuple */
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/tablecmds.c,v 1.75 2003/07/20 21:56:32 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/tablecmds.c,v 1.76 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -162,7 +162,8 @@ DefineRelation(CreateStmt *stmt, char relkind)
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceId));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceId));
|
||||
}
|
||||
|
||||
/*
|
||||
@ -382,12 +383,13 @@ TruncateRelation(const RangeVar *relation)
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(relid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -576,7 +578,7 @@ MergeAttributes(List *schema, List *supers, bool istemp,
|
||||
* demand that creator of a child table own the parent.
|
||||
*/
|
||||
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(relation));
|
||||
|
||||
/*
|
||||
@ -1139,12 +1141,12 @@ renameatt(Oid myrelid,
|
||||
* normally, only the owner of a class can change its schema.
|
||||
*/
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER,
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(targetrelation));
|
||||
if (!allowSystemTableMods && IsSystemRelation(targetrelation))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(targetrelation))));
|
||||
|
||||
/*
|
||||
@ -1349,7 +1351,7 @@ renamerel(Oid myrelid, const char *newrelname)
|
||||
if (!allowSystemTableMods && IsSystemRelation(targetrelation))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(targetrelation))));
|
||||
|
||||
relkind = targetrelation->rd_rel->relkind;
|
||||
@ -1681,12 +1683,13 @@ AlterTableAddColumn(Oid myrelid,
|
||||
* normally, only the owner of a class can change its schema.
|
||||
*/
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -1966,12 +1969,13 @@ AlterTableAlterColumnDropNotNull(Oid myrelid, bool recurse,
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -2109,12 +2113,13 @@ AlterTableAlterColumnSetNotNull(Oid myrelid, bool recurse,
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -2236,12 +2241,13 @@ AlterTableAlterColumnDefault(Oid myrelid, bool recurse,
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -2341,7 +2347,8 @@ AlterTableAlterColumnFlags(Oid myrelid, bool recurse,
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
/*
|
||||
* we allow statistics case for system tables
|
||||
@ -2349,7 +2356,7 @@ AlterTableAlterColumnFlags(Oid myrelid, bool recurse,
|
||||
if (*flagType != 'S' && !allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -2506,12 +2513,13 @@ AlterTableAlterOids(Oid myrelid, bool recurse, bool setOid)
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -2639,12 +2647,13 @@ AlterTableDropColumn(Oid myrelid, bool recurse, bool recursing,
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -2819,12 +2828,13 @@ AlterTableAddConstraint(Oid myrelid, bool recurse,
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
if (recurse)
|
||||
@ -3120,18 +3130,20 @@ AlterTableAddForeignKeyConstraint(Relation rel, FkConstraint *fkconstraint)
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(pkrel), GetUserId(),
|
||||
ACL_REFERENCES);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, RelationGetRelationName(pkrel));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(pkrel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(pkrel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(pkrel))));
|
||||
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
|
||||
ACL_REFERENCES);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, RelationGetRelationName(rel));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (isTempNamespace(RelationGetNamespace(pkrel)) &&
|
||||
!isTempNamespace(RelationGetNamespace(rel)))
|
||||
@ -3804,12 +3816,13 @@ AlterTableDropConstraint(Oid myrelid, bool recurse,
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(myrelid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
@ -4071,7 +4084,8 @@ AlterTableCreateToastTable(Oid relOid, bool silent)
|
||||
|
||||
/* Permissions checks */
|
||||
if (!pg_class_ownercheck(relOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
/*
|
||||
* Toast table is shared if and only if its parent is.
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.152 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/trigger.c,v 1.153 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -146,7 +146,7 @@ CreateTrigger(CreateTrigStmt *stmt, bool forConstraint)
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/* permission checks */
|
||||
@ -158,13 +158,15 @@ CreateTrigger(CreateTrigStmt *stmt, bool forConstraint)
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
|
||||
ACL_REFERENCES);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, RelationGetRelationName(rel));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
if (constrrelid != InvalidOid)
|
||||
{
|
||||
aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
|
||||
ACL_REFERENCES);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_rel_name(constrrelid));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
get_rel_name(constrrelid));
|
||||
}
|
||||
}
|
||||
else
|
||||
@ -173,7 +175,8 @@ CreateTrigger(CreateTrigStmt *stmt, bool forConstraint)
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
|
||||
ACL_TRIGGER);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, RelationGetRelationName(rel));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
}
|
||||
|
||||
/*
|
||||
@ -481,7 +484,8 @@ DropTrigger(Oid relid, const char *trigname, DropBehavior behavior)
|
||||
trigname, get_rel_name(relid))));
|
||||
|
||||
if (!pg_class_ownercheck(relid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, get_rel_name(relid));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
get_rel_name(relid));
|
||||
|
||||
object.classId = RelationGetRelid(tgrel);
|
||||
object.objectId = HeapTupleGetOid(tup);
|
||||
@ -544,7 +548,7 @@ RemoveTriggerById(Oid trigOid)
|
||||
if (!allowSystemTableMods && IsSystemRelation(rel))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
/*
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/typecmds.c,v 1.39 2003/07/20 21:56:33 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/typecmds.c,v 1.40 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
* DESCRIPTION
|
||||
* The "DefineFoo" routines take the parse tree and pick out the
|
||||
@ -121,7 +121,8 @@ DefineType(List *names, List *parameters)
|
||||
/* Check we have creation rights in target namespace */
|
||||
aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(typeNamespace));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(typeNamespace));
|
||||
|
||||
/*
|
||||
* Type names must be one character shorter than other names, allowing
|
||||
@ -416,7 +417,8 @@ RemoveType(List *names, DropBehavior behavior)
|
||||
if (!pg_type_ownercheck(typeoid, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(((Form_pg_type) GETSTRUCT(tup))->typnamespace,
|
||||
GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(typename));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE,
|
||||
TypeNameToString(typename));
|
||||
|
||||
ReleaseSysCache(tup);
|
||||
|
||||
@ -501,7 +503,8 @@ DefineDomain(CreateDomainStmt *stmt)
|
||||
aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(domainNamespace));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(domainNamespace));
|
||||
|
||||
/*
|
||||
* Domainnames, unlike typenames don't need to account for the '_'
|
||||
@ -789,7 +792,8 @@ RemoveDomain(List *names, DropBehavior behavior)
|
||||
if (!pg_type_ownercheck(typeoid, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(((Form_pg_type) GETSTRUCT(tup))->typnamespace,
|
||||
GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(typename));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE,
|
||||
TypeNameToString(typename));
|
||||
|
||||
/* Check that this is actually a domain */
|
||||
typtype = ((Form_pg_type) GETSTRUCT(tup))->typtype;
|
||||
@ -1726,7 +1730,8 @@ domainOwnerCheck(HeapTuple tup, TypeName *typename)
|
||||
|
||||
/* Permission check: must own type */
|
||||
if (!pg_type_ownercheck(HeapTupleGetOid(tup), GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, TypeNameToString(typename));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE,
|
||||
TypeNameToString(typename));
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/user.c,v 1.121 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/user.c,v 1.122 2003/08/01 00:15:19 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -601,7 +601,7 @@ CreateUser(CreateUserStmt *stmt)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to create users")));
|
||||
|
||||
if (strcmp(stmt->user, "public") == 0)
|
||||
ereport(ERROR,
|
||||
@ -1023,7 +1023,7 @@ DropUser(DropUserStmt *stmt)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to drop users")));
|
||||
|
||||
/*
|
||||
* Scan the pg_shadow relation to find the usesysid of the user to be
|
||||
@ -1194,7 +1194,7 @@ RenameUser(const char *oldname, const char *newname)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to rename users")));
|
||||
|
||||
/* rename */
|
||||
namestrcpy(&(((Form_pg_shadow) GETSTRUCT(tup))->usename), newname);
|
||||
@ -1307,7 +1307,7 @@ CreateGroup(CreateGroupStmt *stmt)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to create groups")));
|
||||
|
||||
if (strcmp(stmt->name, "public") == 0)
|
||||
ereport(ERROR,
|
||||
@ -1434,7 +1434,7 @@ AlterGroup(AlterGroupStmt *stmt, const char *tag)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to alter groups")));
|
||||
|
||||
/*
|
||||
* Secure exclusive lock to protect our update of the flat group file.
|
||||
@ -1678,7 +1678,7 @@ DropGroup(DropGroupStmt *stmt)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to drop groups")));
|
||||
|
||||
/*
|
||||
* Secure exclusive lock to protect our update of the flat group file.
|
||||
@ -1742,7 +1742,7 @@ RenameGroup(const char *oldname, const char *newname)
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to rename groups")));
|
||||
|
||||
/* rename */
|
||||
namestrcpy(&(((Form_pg_group) GETSTRUCT(tup))->groname), newname);
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/view.c,v 1.74 2003/07/20 21:56:34 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/commands/view.c,v 1.75 2003/08/01 00:15:20 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -114,7 +114,8 @@ DefineVirtualRelation(const RangeVar *relation, List *tlist, bool replace)
|
||||
RelationGetRelationName(rel))));
|
||||
|
||||
if (!pg_class_ownercheck(viewOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, RelationGetRelationName(rel));
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(rel));
|
||||
|
||||
/*
|
||||
* Create a tuple descriptor to compare against the existing view,
|
||||
|
||||
@ -26,7 +26,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.211 2003/07/28 00:09:14 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.212 2003/08/01 00:15:20 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -387,7 +387,8 @@ ExecCheckRTEPerms(RangeTblEntry *rte, CmdType operation)
|
||||
{
|
||||
aclcheck_result = CHECK(ACL_SELECT);
|
||||
if (aclcheck_result != ACLCHECK_OK)
|
||||
aclcheck_error(aclcheck_result, get_rel_name(relOid));
|
||||
aclcheck_error(aclcheck_result, ACL_KIND_CLASS,
|
||||
get_rel_name(relOid));
|
||||
}
|
||||
|
||||
if (rte->checkForWrite)
|
||||
@ -416,7 +417,8 @@ ExecCheckRTEPerms(RangeTblEntry *rte, CmdType operation)
|
||||
break;
|
||||
}
|
||||
if (aclcheck_result != ACLCHECK_OK)
|
||||
aclcheck_error(aclcheck_result, get_rel_name(relOid));
|
||||
aclcheck_error(aclcheck_result, ACL_KIND_CLASS,
|
||||
get_rel_name(relOid));
|
||||
}
|
||||
}
|
||||
|
||||
@ -774,7 +776,8 @@ InitPlan(QueryDesc *queryDesc, bool explainOnly)
|
||||
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
|
||||
ACL_CREATE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(namespaceId));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(namespaceId));
|
||||
|
||||
/*
|
||||
* have to copy tupType to get rid of constraints
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/executor/execQual.c,v 1.137 2003/07/30 19:02:18 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/executor/execQual.c,v 1.138 2003/08/01 00:15:21 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -612,7 +612,7 @@ init_fcache(Oid foid, FuncExprState *fcache, MemoryContext fcacheCxt)
|
||||
/* Check permission to call function */
|
||||
aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_func_name(foid));
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid));
|
||||
|
||||
/* Safety check (should never fail, as parser should check sooner) */
|
||||
if (length(fcache->args) > FUNC_MAX_ARGS)
|
||||
|
||||
@ -45,7 +45,7 @@
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.111 2003/07/21 17:05:09 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/executor/nodeAgg.c,v 1.112 2003/08/01 00:15:21 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -1241,7 +1241,8 @@ ExecInitAgg(Agg *node, EState *estate)
|
||||
aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(),
|
||||
ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_func_name(aggref->aggfnoid));
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
get_func_name(aggref->aggfnoid));
|
||||
|
||||
peraggstate->transfn_oid = transfn_oid = aggform->aggtransfn;
|
||||
peraggstate->finalfn_oid = finalfn_oid = aggform->aggfinalfn;
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.282 2003/07/28 00:09:15 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.283 2003/08/01 00:15:22 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -1193,7 +1193,8 @@ transformInhRelation(ParseState *pstate, CreateStmtContext *cxt,
|
||||
aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(),
|
||||
ACL_SELECT);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, RelationGetRelationName(relation));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(relation));
|
||||
|
||||
tupleDesc = RelationGetDescr(relation);
|
||||
constr = tupleDesc->constr;
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.83 2003/07/25 00:01:08 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.84 2003/08/01 00:15:22 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -213,7 +213,8 @@ DefineQueryRewrite(RuleStmt *stmt)
|
||||
*/
|
||||
aclresult = pg_class_aclcheck(ev_relid, GetUserId(), ACL_RULE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, RelationGetRelationName(event_relation));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
RelationGetRelationName(event_relation));
|
||||
|
||||
/*
|
||||
* No rule actions that modify OLD or NEW
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteRemove.c,v 1.54 2003/07/25 00:01:09 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteRemove.c,v 1.55 2003/08/01 00:15:22 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -66,7 +66,8 @@ RemoveRewriteRule(Oid owningRel, const char *ruleName, DropBehavior behavior)
|
||||
Assert(eventRelationOid == owningRel);
|
||||
aclresult = pg_class_aclcheck(eventRelationOid, GetUserId(), ACL_RULE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_rel_name(eventRelationOid));
|
||||
aclcheck_error(aclresult, ACL_KIND_CLASS,
|
||||
get_rel_name(eventRelationOid));
|
||||
|
||||
/*
|
||||
* Do the deletion
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.65 2003/07/22 19:00:11 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/tcop/fastpath.c,v 1.66 2003/08/01 00:15:22 tgl Exp $
|
||||
*
|
||||
* NOTES
|
||||
* This cruft is the server side of PQfn.
|
||||
@ -326,11 +326,13 @@ HandleFunctionRequest(StringInfo msgBuf)
|
||||
*/
|
||||
aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_namespace_name(fip->namespace));
|
||||
aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
|
||||
get_namespace_name(fip->namespace));
|
||||
|
||||
aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE);
|
||||
if (aclresult != ACLCHECK_OK)
|
||||
aclcheck_error(aclresult, get_func_name(fid));
|
||||
aclcheck_error(aclresult, ACL_KIND_PROC,
|
||||
get_func_name(fid));
|
||||
|
||||
/*
|
||||
* Set up a query snapshot in case function needs one.
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.202 2003/07/22 19:00:12 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.203 2003/08/01 00:15:23 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -153,12 +153,13 @@ CheckDropPermissions(RangeVar *rel, char rightkind)
|
||||
/* Allow DROP to either table owner or schema owner */
|
||||
if (!pg_class_ownercheck(relOid, GetUserId()) &&
|
||||
!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, rel->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
rel->relname);
|
||||
|
||||
if (!allowSystemTableMods && IsSystemClass(classform))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
rel->relname)));
|
||||
|
||||
ReleaseSysCache(tuple);
|
||||
@ -184,7 +185,8 @@ CheckRelationOwnership(RangeVar *rel, bool noCatalogs)
|
||||
elog(ERROR, "cache lookup failed for relation %u", relOid);
|
||||
|
||||
if (!pg_class_ownercheck(relOid, GetUserId()))
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, rel->relname);
|
||||
aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
|
||||
rel->relname);
|
||||
|
||||
if (noCatalogs)
|
||||
{
|
||||
@ -192,7 +194,7 @@ CheckRelationOwnership(RangeVar *rel, bool noCatalogs)
|
||||
IsSystemClass((Form_pg_class) GETSTRUCT(tuple)))
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\" is a system catalog",
|
||||
errmsg("permission denied: \"%s\" is a system catalog",
|
||||
rel->relname)));
|
||||
}
|
||||
|
||||
@ -589,7 +591,7 @@ ProcessUtility(Node *parsetree,
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to alter owner")));
|
||||
/* get_usesysid raises an error if no such user */
|
||||
AlterTableOwner(relid,
|
||||
get_usesysid(stmt->name));
|
||||
@ -651,7 +653,7 @@ ProcessUtility(Node *parsetree,
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to alter owner")));
|
||||
/* get_usesysid raises an error if no such user */
|
||||
AlterTypeOwner(stmt->typename,
|
||||
get_usesysid(stmt->name));
|
||||
@ -972,7 +974,7 @@ ProcessUtility(Node *parsetree,
|
||||
if (!superuser())
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("must be superuser to do CHECKPOINT")));
|
||||
CreateCheckPoint(false, false);
|
||||
break;
|
||||
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.109 2003/07/31 18:36:25 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.110 2003/08/01 00:15:23 tgl Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -620,7 +620,7 @@ SetSessionAuthorization(AclId userid, bool is_superuser)
|
||||
!AuthenticatedUserIsSuperuser)
|
||||
ereport(ERROR,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("permission denied")));
|
||||
errmsg("permission denied to set session authorization")));
|
||||
|
||||
SetSessionUserId(userid);
|
||||
SetUserId(userid);
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
* Written by Peter Eisentraut <peter_e@gmx.net>.
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.144 2003/07/29 00:03:18 tgl Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.145 2003/08/01 00:15:23 tgl Exp $
|
||||
*
|
||||
*--------------------------------------------------------------------
|
||||
*/
|
||||
@ -2484,7 +2484,7 @@ set_config_option(const char *name, const char *value,
|
||||
{
|
||||
ereport(elevel,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\": permission denied",
|
||||
errmsg("permission denied to set option \"%s\"",
|
||||
name)));
|
||||
return false;
|
||||
}
|
||||
@ -2554,7 +2554,7 @@ set_config_option(const char *name, const char *value,
|
||||
{
|
||||
ereport(elevel,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\": permission denied",
|
||||
errmsg("permission denied to set option \"%s\"",
|
||||
name),
|
||||
errhint("Must be superuser to change this value to false.")));
|
||||
return false;
|
||||
@ -2651,7 +2651,7 @@ set_config_option(const char *name, const char *value,
|
||||
{
|
||||
ereport(elevel,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\": permission denied",
|
||||
errmsg("permission denied to set option \"%s\"",
|
||||
name),
|
||||
errhint("Must be superuser to increase this value or set it to zero.")));
|
||||
return false;
|
||||
@ -2747,7 +2747,7 @@ set_config_option(const char *name, const char *value,
|
||||
{
|
||||
ereport(elevel,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\": permission denied",
|
||||
errmsg("permission denied to set option \"%s\"",
|
||||
name),
|
||||
errhint("Must be superuser to increase this value.")));
|
||||
return false;
|
||||
@ -2845,7 +2845,7 @@ set_config_option(const char *name, const char *value,
|
||||
{
|
||||
ereport(elevel,
|
||||
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
|
||||
errmsg("\"%s\": permission denied",
|
||||
errmsg("permission denied to set option \"%s\"",
|
||||
name),
|
||||
errhint("Must be superuser to increase this value.")));
|
||||
return false;
|
||||
|
||||
@ -7,7 +7,7 @@
|
||||
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: acl.h,v 1.57 2003/07/21 01:59:11 tgl Exp $
|
||||
* $Id: acl.h,v 1.58 2003/08/01 00:15:25 tgl Exp $
|
||||
*
|
||||
* NOTES
|
||||
* For backward-compatibility purposes we have to allow there
|
||||
@ -176,6 +176,22 @@ typedef enum
|
||||
ACLCHECK_NOT_OWNER
|
||||
} AclResult;
|
||||
|
||||
/* this enum covers all object types that can have privilege errors */
|
||||
/* currently it's only used to tell aclcheck_error what to say */
|
||||
typedef enum AclObjectKind
|
||||
{
|
||||
ACL_KIND_CLASS, /* pg_class */
|
||||
ACL_KIND_DATABASE, /* pg_database */
|
||||
ACL_KIND_PROC, /* pg_proc */
|
||||
ACL_KIND_OPER, /* pg_operator */
|
||||
ACL_KIND_TYPE, /* pg_type */
|
||||
ACL_KIND_LANGUAGE, /* pg_language */
|
||||
ACL_KIND_NAMESPACE, /* pg_namespace */
|
||||
ACL_KIND_OPCLASS, /* pg_opclass */
|
||||
ACL_KIND_CONVERSION, /* pg_conversion */
|
||||
MAX_ACL_KIND /* MUST BE LAST */
|
||||
} AclObjectKind;
|
||||
|
||||
/*
|
||||
* routines used internally
|
||||
*/
|
||||
@ -207,7 +223,8 @@ extern AclResult pg_proc_aclcheck(Oid proc_oid, AclId userid, AclMode mode);
|
||||
extern AclResult pg_language_aclcheck(Oid lang_oid, AclId userid, AclMode mode);
|
||||
extern AclResult pg_namespace_aclcheck(Oid nsp_oid, AclId userid, AclMode mode);
|
||||
|
||||
extern void aclcheck_error(AclResult aclerr, const char *objectname);
|
||||
extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
|
||||
const char *objectname);
|
||||
|
||||
/* ownercheck routines just return true (owner) or false (not) */
|
||||
extern bool pg_class_ownercheck(Oid class_oid, AclId userid);
|
||||
|
||||
@ -617,9 +617,9 @@ drop table atacc1;
|
||||
-- alter table / alter column [set/drop] not null tests
|
||||
-- try altering system catalogs, should fail
|
||||
alter table pg_class alter column relname drop not null;
|
||||
ERROR: "pg_class" is a system catalog
|
||||
ERROR: permission denied: "pg_class" is a system catalog
|
||||
alter table pg_class alter relname set not null;
|
||||
ERROR: "pg_class" is a system catalog
|
||||
ERROR: permission denied: "pg_class" is a system catalog
|
||||
-- try altering non-existent table, should fail
|
||||
alter table non_existent alter column bar set not null;
|
||||
ERROR: relation "non_existent" does not exist
|
||||
@ -744,7 +744,7 @@ drop table def_test;
|
||||
-- alter table / drop column tests
|
||||
-- try altering system catalogs, should fail
|
||||
alter table pg_class drop column relname;
|
||||
ERROR: "pg_class" is a system catalog
|
||||
ERROR: permission denied: "pg_class" is a system catalog
|
||||
-- try altering non-existent table, should fail
|
||||
alter table foo drop column bar;
|
||||
ERROR: relation "foo" does not exist
|
||||
|
||||
@ -69,11 +69,11 @@ SELECT * FROM atest2; -- ok
|
||||
|
||||
INSERT INTO atest1 VALUES (2, 'two'); -- ok
|
||||
INSERT INTO atest2 VALUES ('foo', true); -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
INSERT INTO atest1 SELECT 1, b FROM atest1; -- ok
|
||||
UPDATE atest1 SET a = 1 WHERE a = 2; -- ok
|
||||
UPDATE atest2 SET col2 = NOT col2; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
SELECT * FROM atest1 FOR UPDATE; -- ok
|
||||
a | b
|
||||
---+-----
|
||||
@ -82,15 +82,15 @@ SELECT * FROM atest1 FOR UPDATE; -- ok
|
||||
(2 rows)
|
||||
|
||||
SELECT * FROM atest2 FOR UPDATE; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
DELETE FROM atest2; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
COPY atest2 FROM stdin; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
GRANT ALL ON atest1 TO PUBLIC; -- fail
|
||||
ERROR: permission denied for "atest1"
|
||||
ERROR: permission denied for relation atest1
|
||||
-- checks in subquery, both ok
|
||||
SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) );
|
||||
a | b
|
||||
@ -117,33 +117,33 @@ SELECT * FROM atest1; -- ok
|
||||
(2 rows)
|
||||
|
||||
SELECT * FROM atest2; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
INSERT INTO atest1 VALUES (2, 'two'); -- fail
|
||||
ERROR: permission denied for "atest1"
|
||||
ERROR: permission denied for relation atest1
|
||||
INSERT INTO atest2 VALUES ('foo', true); -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
INSERT INTO atest1 SELECT 1, b FROM atest1; -- fail
|
||||
ERROR: permission denied for "atest1"
|
||||
ERROR: permission denied for relation atest1
|
||||
UPDATE atest1 SET a = 1 WHERE a = 2; -- fail
|
||||
ERROR: permission denied for "atest1"
|
||||
ERROR: permission denied for relation atest1
|
||||
UPDATE atest2 SET col2 = NULL; -- ok
|
||||
UPDATE atest2 SET col2 = NOT col2; -- fails; requires SELECT on atest2
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
UPDATE atest2 SET col2 = true WHERE atest1.a = 5; -- ok
|
||||
SELECT * FROM atest1 FOR UPDATE; -- fail
|
||||
ERROR: permission denied for "atest1"
|
||||
ERROR: permission denied for relation atest1
|
||||
SELECT * FROM atest2 FOR UPDATE; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
DELETE FROM atest2; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- ok
|
||||
COPY atest2 FROM stdin; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
-- checks in subquery, both fail
|
||||
SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) );
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) );
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
SET SESSION AUTHORIZATION regressuser4;
|
||||
COPY atest2 FROM stdin; -- ok
|
||||
SELECT * FROM atest1; -- ok
|
||||
@ -159,7 +159,7 @@ CREATE TABLE atest3 (one int, two int, three int);
|
||||
GRANT DELETE ON atest3 TO GROUP regressgroup2;
|
||||
SET SESSION AUTHORIZATION regressuser1;
|
||||
SELECT * FROM atest3; -- fail
|
||||
ERROR: permission denied for "atest3"
|
||||
ERROR: permission denied for relation atest3
|
||||
DELETE FROM atest3; -- ok
|
||||
-- views
|
||||
SET SESSION AUTHORIZATION regressuser3;
|
||||
@ -175,7 +175,7 @@ SELECT * FROM atestv1; -- ok
|
||||
(2 rows)
|
||||
|
||||
SELECT * FROM atestv2; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
GRANT SELECT ON atestv1, atestv3 TO regressuser4;
|
||||
GRANT SELECT ON atestv2 TO regressuser2;
|
||||
SET SESSION AUTHORIZATION regressuser4;
|
||||
@ -187,7 +187,7 @@ SELECT * FROM atestv1; -- ok
|
||||
(2 rows)
|
||||
|
||||
SELECT * FROM atestv2; -- fail
|
||||
ERROR: permission denied for "atestv2"
|
||||
ERROR: permission denied for relation atestv2
|
||||
SELECT * FROM atestv3; -- ok
|
||||
one | two | three
|
||||
-----+-----+-------
|
||||
@ -203,7 +203,7 @@ GRANT SELECT ON atestv4 TO regressuser2;
|
||||
SET SESSION AUTHORIZATION regressuser2;
|
||||
-- Two complex cases:
|
||||
SELECT * FROM atestv3; -- fail
|
||||
ERROR: permission denied for "atestv3"
|
||||
ERROR: permission denied for relation atestv3
|
||||
SELECT * FROM atestv4; -- ok (even though regressuser2 cannot access underlying atestv3)
|
||||
one | two | three
|
||||
-----+-----+-------
|
||||
@ -216,7 +216,7 @@ SELECT * FROM atest2; -- ok
|
||||
(1 row)
|
||||
|
||||
SELECT * FROM atestv2; -- fail (even though regressuser2 can access underlying atest2)
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
-- privileges on functions, languages
|
||||
-- switch to superuser
|
||||
\c -
|
||||
@ -226,7 +226,7 @@ GRANT USAGE ON LANGUAGE c TO PUBLIC; -- fail
|
||||
ERROR: language "c" is not trusted
|
||||
SET SESSION AUTHORIZATION regressuser1;
|
||||
GRANT USAGE ON LANGUAGE sql TO regressuser2; -- fail
|
||||
ERROR: permission denied for "sql"
|
||||
ERROR: permission denied for language sql
|
||||
CREATE FUNCTION testfunc1(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql;
|
||||
CREATE FUNCTION testfunc2(int) RETURNS int AS 'select 3 * $1;' LANGUAGE sql;
|
||||
REVOKE ALL ON FUNCTION testfunc1(int), testfunc2(int) FROM PUBLIC;
|
||||
@ -248,12 +248,12 @@ SELECT testfunc1(5), testfunc2(5); -- ok
|
||||
(1 row)
|
||||
|
||||
CREATE FUNCTION testfunc3(int) RETURNS int AS 'select 2 * $1;' LANGUAGE sql; -- fail
|
||||
ERROR: permission denied for "sql"
|
||||
ERROR: permission denied for language sql
|
||||
SET SESSION AUTHORIZATION regressuser3;
|
||||
SELECT testfunc1(5); -- fail
|
||||
ERROR: permission denied for "testfunc1"
|
||||
ERROR: permission denied for function testfunc1
|
||||
SELECT col1 FROM atest2 WHERE col2 = true; -- fail
|
||||
ERROR: permission denied for "atest2"
|
||||
ERROR: permission denied for relation atest2
|
||||
SELECT testfunc4(true); -- ok
|
||||
testfunc4
|
||||
-----------
|
||||
@ -268,7 +268,7 @@ SELECT testfunc1(5); -- ok
|
||||
(1 row)
|
||||
|
||||
DROP FUNCTION testfunc1(int); -- fail
|
||||
ERROR: must be owner of "testfunc1"
|
||||
ERROR: must be owner of function testfunc1
|
||||
\c -
|
||||
DROP FUNCTION testfunc1(int); -- ok
|
||||
-- restore to sanity
|
||||
@ -551,7 +551,7 @@ ERROR: grant options can only be granted to individual users
|
||||
SET SESSION AUTHORIZATION regressuser2;
|
||||
GRANT SELECT ON atest4 TO regressuser3;
|
||||
GRANT UPDATE ON atest4 TO regressuser3; -- fail
|
||||
ERROR: permission denied for "atest4"
|
||||
ERROR: permission denied for relation atest4
|
||||
SET SESSION AUTHORIZATION regressuser1;
|
||||
REVOKE SELECT ON atest4 FROM regressuser3; -- does nothing
|
||||
SELECT has_table_privilege('regressuser3', 'atest4', 'SELECT'); -- true
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user