mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
postgres/src/backend/commands/user.c
Marc G. Fournier bf00bbb0c4 I really hope that I haven't missed anything in this one... 
From: t-ishii@sra.co.jp

Attached are patches to enhance the multi-byte support.  (patches are
against 7/18 snapshot)

* determine encoding at initdb/createdb rather than compile time

Now initdb/createdb has an option to specify the encoding. Also, I
modified the syntax of CREATE DATABASE to accept encoding option. See
README.mb for more details.

For this purpose I have added new column "encoding" to pg_database.
Also pg_attribute and pg_class are changed to catch up the
modification to pg_database.  Actually I haved added pg_database_mb.h,
pg_attribute_mb.h and pg_class_mb.h. These are used only when MB is
enabled. The reason having separate files is I couldn't find a way to
use ifdef or whatever in those files. I have to admit it looks
ugly. No way.

* support for PGCLIENTENCODING when issuing COPY command

commands/copy.c modified.

* support for SQL92 syntax "SET NAMES"

See gram.y.

* support for LATIN2-5
* add UNICODE regression test case
* new test suite for MB

New directory test/mb added.

* clean up source files

Basic idea is to have MB's own subdirectory for easier maintenance.
These are include/mb and backend/utils/mb.
1998-07-24 03:32:46 +00:00

522 lines
13 KiB
C
Raw Blame History

/*-------------------------------------------------------------------------
*
* user.c--
* use pg_exec_query to create a new user in the catalog
*
* Copyright (c) 1994, Regents of the University of California
*
*
*
*-------------------------------------------------------------------------
*/
#include <stdio.h> /* for sprintf() */
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <postgres.h>
#include <miscadmin.h>
#include <catalog/catname.h>
#ifdef MB
#include <catalog/pg_database_mb.h>
#else
#include <catalog/pg_database.h>
#endif
#include <catalog/pg_shadow.h>
#include <libpq/crypt.h>
#include <access/heapam.h>
#include <access/xact.h>
#include <storage/bufmgr.h>
#include <storage/lmgr.h>
#include <tcop/tcopprot.h>
#include <utils/acl.h>
#include <utils/rel.h>
#include <utils/syscache.h>
#include <commands/user.h>
static void CheckPgUserAclNotNull(void);
/*---------------------------------------------------------------------
* UpdatePgPwdFile
*
* copy the modified contents of pg_shadow to a file used by the postmaster
* for user authentication. The file is stored as $PGDATA/pg_pwd.
*---------------------------------------------------------------------
*/
static
void
UpdatePgPwdFile(char *sql)
{
char *filename;
char *tempname;
/*
* Create a temporary filename to be renamed later. This prevents the
* backend from clobbering the pg_pwd file while the postmaster might
* be reading from it.
*/
filename = crypt_getpwdfilename();
tempname = (char *) malloc(strlen(filename) + 12);
sprintf(tempname, "%s.%d", filename, MyProcPid);
/*
* Copy the contents of pg_shadow to the pg_pwd ASCII file using a the
* SEPCHAR character as the delimiter between fields. Then rename the
* file to its final name.
*/
sprintf(sql, "copy %s to '%s' using delimiters %s", ShadowRelationName, tempname, CRYPT_PWD_FILE_SEPCHAR);
pg_exec_query(sql);
rename(tempname, filename);
free((void *) tempname);
/*
* Create a flag file the postmaster will detect the next time it
* tries to authenticate a user. The postmaster will know to reload
* the pg_pwd file contents.
*/
filename = crypt_getpwdreloadfilename();
creat(filename, S_IRUSR | S_IWUSR);
}
/*---------------------------------------------------------------------
* DefineUser
*
* Add the user to the pg_shadow relation, and if specified make sure the
* user is specified in the desired groups of defined in pg_group.
*---------------------------------------------------------------------
*/
void
DefineUser(CreateUserStmt *stmt)
{
char *pg_shadow;
Relation pg_shadow_rel;
TupleDesc pg_shadow_dsc;
HeapScanDesc scan;
HeapTuple tuple;
Datum datum;
Buffer buffer;
char sql[512];
char *sql_end;
bool exists = false,
n,
inblock;
int max_id = -1;
if (stmt->password)
CheckPgUserAclNotNull();
if (!(inblock = IsTransactionBlock()))
BeginTransactionBlock();
/*
* Make sure the user attempting to create a user can insert into the
* pg_shadow relation.
*/
pg_shadow = GetPgUserName();
if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR | ACL_AP) != ACLCHECK_OK)
{
UserAbortTransactionBlock();
elog(ERROR, "defineUser: user \"%s\" does not have SELECT and INSERT privilege for \"%s\"",
pg_shadow, ShadowRelationName);
return;
}
/*
* Scan the pg_shadow relation to be certain the user doesn't already
* exist.
*/
pg_shadow_rel = heap_openr(ShadowRelationName);
pg_shadow_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
/*
* Secure a write lock on pg_shadow so we can be sure of what the next
* usesysid should be.
*/
RelationSetLockForWrite(pg_shadow_rel);
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer)))
{
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_shadow_dsc, &n);
if (!exists && !strncmp((char *) datum, stmt->user, strlen(stmt->user)))
exists = true;
datum = heap_getattr(tuple, Anum_pg_shadow_usesysid, pg_shadow_dsc, &n);
if ((int) datum > max_id)
max_id = (int) datum;
ReleaseBuffer(buffer);
}
heap_endscan(scan);
if (exists)
{
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
UserAbortTransactionBlock();
elog(ERROR, "defineUser: user \"%s\" has already been created", stmt->user);
return;
}
/*
* Build the insert statment to be executed.
*/
sprintf(sql, "insert into %s(usename,usesysid,usecreatedb,usetrace,usesuper,usecatupd,passwd", ShadowRelationName);
/* if (stmt->password)
strcat(sql, ",passwd"); -- removed so that insert empty string when no password */
if (stmt->validUntil)
strcat(sql, ",valuntil");
sql_end = sql + strlen(sql);
sprintf(sql_end, ") values('%s',%d", stmt->user, max_id + 1);
if (stmt->createdb && *stmt->createdb)
strcat(sql_end, ",'t','t'");
else
strcat(sql_end, ",'f','t'");
if (stmt->createuser && *stmt->createuser)
strcat(sql_end, ",'t','t'");
else
strcat(sql_end, ",'f','t'");
sql_end += strlen(sql_end);
if (stmt->password)
{
sprintf(sql_end, ",'%s'", stmt->password);
sql_end += strlen(sql_end);
}
else
{
strcpy(sql_end, ",''");
sql_end += strlen(sql_end);
}
if (stmt->validUntil)
{
sprintf(sql_end, ",'%s'", stmt->validUntil);
sql_end += strlen(sql_end);
}
strcat(sql_end, ")");
pg_exec_query(sql);
/*
* Add the stuff here for groups.
*/
UpdatePgPwdFile(sql);
/*
* This goes after the UpdatePgPwdFile to be certain that two backends
* to not attempt to write to the pg_pwd file at the same time.
*/
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
if (IsTransactionBlock() && !inblock)
EndTransactionBlock();
}
extern void
AlterUser(AlterUserStmt *stmt)
{
char *pg_shadow;
Relation pg_shadow_rel;
TupleDesc pg_shadow_dsc;
HeapScanDesc scan;
HeapTuple tuple;
Datum datum;
Buffer buffer;
char sql[512];
char *sql_end;
bool exists = false,
n,
inblock;
if (stmt->password)
CheckPgUserAclNotNull();
if (!(inblock = IsTransactionBlock()))
BeginTransactionBlock();
/*
* Make sure the user attempting to create a user can insert into the
* pg_shadow relation.
*/
pg_shadow = GetPgUserName();
if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR) != ACLCHECK_OK)
{
UserAbortTransactionBlock();
elog(ERROR, "alterUser: user \"%s\" does not have SELECT and UPDATE privilege for \"%s\"",
pg_shadow, ShadowRelationName);
return;
}
/*
* Scan the pg_shadow relation to be certain the user exists.
*/
pg_shadow_rel = heap_openr(ShadowRelationName);
pg_shadow_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
/*
* Secure a write lock on pg_shadow so we can be sure that when the
* dump of the pg_pwd file is done, there is not another backend doing
* the same.
*/
RelationSetLockForWrite(pg_shadow_rel);
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer)))
{
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_shadow_dsc, &n);
if (!strncmp((char *) datum, stmt->user, strlen(stmt->user)))
{
exists = true;
ReleaseBuffer(buffer);
break;
}
}
heap_endscan(scan);
if (!exists)
{
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
UserAbortTransactionBlock();
elog(ERROR, "alterUser: user \"%s\" does not exist", stmt->user);
return;
}
/*
* Create the update statement to modify the user.
*/
sprintf(sql, "update %s set", ShadowRelationName);
sql_end = sql;
if (stmt->password)
{
sql_end += strlen(sql_end);
sprintf(sql_end, " passwd = '%s'", stmt->password);
}
if (stmt->createdb)
{
if (sql_end != sql)
strcat(sql_end, ",");
sql_end += strlen(sql_end);
if (*stmt->createdb)
strcat(sql_end, " usecreatedb = 't'");
else
strcat(sql_end, " usecreatedb = 'f'");
}
if (stmt->createuser)
{
if (sql_end != sql)
strcat(sql_end, ",");
sql_end += strlen(sql_end);
if (*stmt->createuser)
strcat(sql_end, " usesuper = 't'");
else
strcat(sql_end, " usesuper = 'f'");
}
if (stmt->validUntil)
{
if (sql_end != sql)
strcat(sql_end, ",");
sql_end += strlen(sql_end);
sprintf(sql_end, " valuntil = '%s'", stmt->validUntil);
}
if (sql_end != sql)
{
sql_end += strlen(sql_end);
sprintf(sql_end, " where usename = '%s'", stmt->user);
pg_exec_query(sql);
}
/* do the pg_group stuff here */
UpdatePgPwdFile(sql);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
if (IsTransactionBlock() && !inblock)
EndTransactionBlock();
}
extern void
RemoveUser(char *user)
{
char *pg_shadow;
Relation pg_shadow_rel,
pg_rel;
TupleDesc pg_dsc;
HeapScanDesc scan;
HeapTuple tuple;
Datum datum;
Buffer buffer;
char sql[512];
bool n,
inblock;
int usesysid = -1,
ndbase = 0;
char **dbase = NULL;
if (!(inblock = IsTransactionBlock()))
BeginTransactionBlock();
/*
* Make sure the user attempting to create a user can delete from the
* pg_shadow relation.
*/
pg_shadow = GetPgUserName();
if (pg_aclcheck(ShadowRelationName, pg_shadow, ACL_RD | ACL_WR) != ACLCHECK_OK)
{
UserAbortTransactionBlock();
elog(ERROR, "removeUser: user \"%s\" does not have SELECT and DELETE privilege for \"%s\"",
pg_shadow, ShadowRelationName);
return;
}
/*
* Perform a scan of the pg_shadow relation to find the usesysid of
* the user to be deleted. If it is not found, then return a warning
* message.
*/
pg_shadow_rel = heap_openr(ShadowRelationName);
pg_dsc = RelationGetTupleDescriptor(pg_shadow_rel);
/*
* Secure a write lock on pg_shadow so we can be sure that when the
* dump of the pg_pwd file is done, there is not another backend doing
* the same.
*/
RelationSetLockForWrite(pg_shadow_rel);
scan = heap_beginscan(pg_shadow_rel, false, false, 0, NULL);
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer)))
{
datum = heap_getattr(tuple, Anum_pg_shadow_usename, pg_dsc, &n);
if (!strncmp((char *) datum, user, strlen(user)))
{
usesysid = (int) heap_getattr(tuple, Anum_pg_shadow_usesysid, pg_dsc, &n);
ReleaseBuffer(buffer);
break;
}
ReleaseBuffer(buffer);
}
heap_endscan(scan);
if (usesysid == -1)
{
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
UserAbortTransactionBlock();
elog(ERROR, "removeUser: user \"%s\" does not exist", user);
return;
}
/*
* Perform a scan of the pg_database relation to find the databases
* owned by usesysid. Then drop them.
*/
pg_rel = heap_openr(DatabaseRelationName);
pg_dsc = RelationGetTupleDescriptor(pg_rel);
scan = heap_beginscan(pg_rel, false, false, 0, NULL);
while (HeapTupleIsValid(tuple = heap_getnext(scan, 0, &buffer)))
{
datum = heap_getattr(tuple, Anum_pg_database_datdba, pg_dsc, &n);
if ((int) datum == usesysid)
{
datum = heap_getattr(tuple, Anum_pg_database_datname, pg_dsc, &n);
if (memcmp((void *) datum, "template1", 9))
{
dbase = (char **) realloc((void *) dbase, sizeof(char *) * (ndbase + 1));
dbase[ndbase] = (char *) malloc(NAMEDATALEN + 1);
memcpy((void *) dbase[ndbase], (void *) datum, NAMEDATALEN);
dbase[ndbase++][NAMEDATALEN] = '\0';
}
}
ReleaseBuffer(buffer);
}
heap_endscan(scan);
heap_close(pg_rel);
while (ndbase--)
{
elog(NOTICE, "Dropping database %s", dbase[ndbase]);
sprintf(sql, "drop database %s", dbase[ndbase]);
free((void *) dbase[ndbase]);
pg_exec_query(sql);
}
if (dbase)
free((void *) dbase);
/*
* Since pg_shadow is global over all databases, one of two things
* must be done to insure complete consistency. First, pg_shadow
* could be made non-global. This would elminate the code above for
* deleting database and would require the addition of code to delete
* tables, views, etc owned by the user.
*
* The second option would be to create a means of deleting tables, view,
* etc. owned by the user from other databases. pg_shadow is global and
* so this must be done at some point.
*
* Let us not forget that the user should be removed from the pg_groups
* also.
*
* Todd A. Brandys 11/18/1997
*
*/
/*
* Remove the user from the pg_shadow table
*/
sprintf(sql, "delete from %s where usename = '%s'", ShadowRelationName, user);
pg_exec_query(sql);
UpdatePgPwdFile(sql);
RelationUnsetLockForWrite(pg_shadow_rel);
heap_close(pg_shadow_rel);
if (IsTransactionBlock() && !inblock)
EndTransactionBlock();
}
/*
* CheckPgUserAclNotNull
*
* check to see if there is an ACL on pg_shadow
*/
static void
CheckPgUserAclNotNull()
{
HeapTuple htp;
htp = SearchSysCacheTuple(RELNAME, PointerGetDatum(ShadowRelationName),
0, 0, 0);
if (!HeapTupleIsValid(htp))
{
elog(ERROR, "IsPgUserAclNull: class \"%s\" not found",
ShadowRelationName);
}
if (heap_attisnull(htp, Anum_pg_class_relacl))
{
elog(NOTICE, "To use passwords, you have to revoke permissions on pg_shadow");
elog(NOTICE, "so normal users can not read the passwords.");
elog(ERROR, "Try 'REVOKE ALL ON pg_shadow FROM PUBLIC'");
}
return;
}
Reference in New Issue View Git Blame Copy Permalink