Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit31c775a

Browse files
committed
Restructure aclcheck error reporting to make permission-failure
messages more uniform and internationalizable: the global arrayaclcheck_error_strings[] is gone in favor of a subroutineaclcheck_error(). Partial implementation of namespace-relatedpermission checks --- not all done yet.
1 parentaafe72e commit31c775a

File tree

26 files changed

+353
-227
lines changed

26 files changed

+353
-227
lines changed

‎src/backend/catalog/aclchk.c

Lines changed: 43 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.66 2002/04/21 00:26:42 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.67 2002/04/27 03:45:00 tgl Exp $
1212
*
1313
* NOTES
1414
* See acl.h.
@@ -46,16 +46,7 @@ static void ExecuteGrantStmt_Namespace(GrantStmt *stmt);
4646

4747
staticconstchar*privilege_to_string(AclModeprivilege);
4848

49-
staticint32aclcheck(Acl*acl,AclIdid,uint32idtype,AclModemode);
50-
51-
/* warning messages, now more explicit. */
52-
/* MUST correspond to the order of the ACLCHECK_* result codes in acl.h. */
53-
constchar*constaclcheck_error_strings[]= {
54-
"No error.",
55-
"Permission denied.",
56-
"Table does not exist.",
57-
"Must be table owner."
58-
};
49+
staticAclResultaclcheck(Acl*acl,AclIdid,uint32idtype,AclModemode);
5950

6051

6152
#ifdefACLDEBUG
@@ -208,8 +199,7 @@ ExecuteGrantStmt_Relation(GrantStmt *stmt)
208199
pg_class_tuple= (Form_pg_class)GETSTRUCT(tuple);
209200

210201
if (!pg_class_ownercheck(relOid,GetUserId()))
211-
elog(ERROR,"%s: permission denied",
212-
relvar->relname);
202+
aclcheck_error(ACLCHECK_NOT_OWNER,relvar->relname);
213203

214204
if (pg_class_tuple->relkind==RELKIND_INDEX)
215205
elog(ERROR,"\"%s\" is an index",
@@ -409,7 +399,8 @@ ExecuteGrantStmt_Function(GrantStmt *stmt)
409399
pg_proc_tuple= (Form_pg_proc)GETSTRUCT(tuple);
410400

411401
if (!pg_proc_ownercheck(oid,GetUserId()))
412-
elog(ERROR,"permission denied");
402+
aclcheck_error(ACLCHECK_NOT_OWNER,
403+
NameStr(pg_proc_tuple->proname));
413404

414405
/*
415406
* If there's no ACL, create a default using the pg_proc.proowner
@@ -601,7 +592,7 @@ ExecuteGrantStmt_Namespace(GrantStmt *stmt)
601592
pg_namespace_tuple= (Form_pg_namespace)GETSTRUCT(tuple);
602593

603594
if (!pg_namespace_ownercheck(tuple->t_data->t_oid,GetUserId()))
604-
elog(ERROR,"permission denied");
595+
aclcheck_error(ACLCHECK_NOT_OWNER,nspname);
605596

606597
/*
607598
* If there's no ACL, create a default using the pg_namespace.nspowner
@@ -776,6 +767,7 @@ in_group(AclId uid, AclId gid)
776767
returnresult;
777768
}
778769

770+
779771
/*
780772
* aclcheck
781773
*
@@ -785,7 +777,7 @@ in_group(AclId uid, AclId gid)
785777
*
786778
* The ACL list is expected to be sorted in standard order.
787779
*/
788-
staticint32
780+
staticAclResult
789781
aclcheck(Acl*acl,AclIdid,uint32idtype,AclModemode)
790782
{
791783
AclItem*aip,
@@ -902,15 +894,38 @@ aclcheck(Acl *acl, AclId id, uint32 idtype, AclMode mode)
902894
}
903895

904896

897+
/*
898+
* Standardized reporting of aclcheck permissions failures.
899+
*/
900+
void
901+
aclcheck_error(AclResulterrcode,constchar*objectname)
902+
{
903+
switch (errcode)
904+
{
905+
caseACLCHECK_OK:
906+
/* no error, so return to caller */
907+
break;
908+
caseACLCHECK_NO_PRIV:
909+
elog(ERROR,"%s: permission denied",objectname);
910+
break;
911+
caseACLCHECK_NOT_OWNER:
912+
elog(ERROR,"%s: must be owner",objectname);
913+
break;
914+
default:
915+
elog(ERROR,"%s: unexpected AclResult %d",
916+
objectname, (int)errcode);
917+
break;
918+
}
919+
}
920+
921+
905922
/*
906923
* Exported routine for checking a user's access privileges to a table
907-
*
908-
* Returns an ACLCHECK_* result code.
909924
*/
910-
int32
925+
AclResult
911926
pg_class_aclcheck(Oidtable_oid,Oiduserid,AclModemode)
912927
{
913-
int32result;
928+
AclResultresult;
914929
boolusesuper,
915930
usecatupd;
916931
HeapTupletuple;
@@ -1004,13 +1019,11 @@ pg_class_aclcheck(Oid table_oid, Oid userid, AclMode mode)
10041019

10051020
/*
10061021
* Exported routine for checking a user's access privileges to a database
1007-
*
1008-
* Returns an ACLCHECK_* result code.
10091022
*/
1010-
int32
1023+
AclResult
10111024
pg_database_aclcheck(Oiddb_oid,Oiduserid,AclModemode)
10121025
{
1013-
int32result;
1026+
AclResultresult;
10141027
Relationpg_database;
10151028
ScanKeyDataentry[1];
10161029
HeapScanDescscan;
@@ -1069,13 +1082,11 @@ pg_database_aclcheck(Oid db_oid, Oid userid, AclMode mode)
10691082

10701083
/*
10711084
* Exported routine for checking a user's access privileges to a function
1072-
*
1073-
* Returns an ACLCHECK_* result code.
10741085
*/
1075-
int32
1086+
AclResult
10761087
pg_proc_aclcheck(Oidproc_oid,Oiduserid,AclModemode)
10771088
{
1078-
int32result;
1089+
AclResultresult;
10791090
HeapTupletuple;
10801091
DatumaclDatum;
10811092
boolisNull;
@@ -1124,13 +1135,11 @@ pg_proc_aclcheck(Oid proc_oid, Oid userid, AclMode mode)
11241135

11251136
/*
11261137
* Exported routine for checking a user's access privileges to a language
1127-
*
1128-
* Returns an ACLCHECK_* result code.
11291138
*/
1130-
int32
1139+
AclResult
11311140
pg_language_aclcheck(Oidlang_oid,Oiduserid,AclModemode)
11321141
{
1133-
int32result;
1142+
AclResultresult;
11341143
HeapTupletuple;
11351144
DatumaclDatum;
11361145
boolisNull;
@@ -1176,13 +1185,11 @@ pg_language_aclcheck(Oid lang_oid, Oid userid, AclMode mode)
11761185

11771186
/*
11781187
* Exported routine for checking a user's access privileges to a namespace
1179-
*
1180-
* Returns an ACLCHECK_* result code.
11811188
*/
1182-
int32
1189+
AclResult
11831190
pg_namespace_aclcheck(Oidnsp_oid,Oiduserid,AclModemode)
11841191
{
1185-
int32result;
1192+
AclResultresult;
11861193
HeapTupletuple;
11871194
DatumaclDatum;
11881195
boolisNull;

‎src/backend/catalog/namespace.c

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@
1313
* Portions Copyright (c) 1994, Regents of the University of California
1414
*
1515
* IDENTIFICATION
16-
* $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.13 2002/04/26 01:24:08 tgl Exp $
16+
* $Header: /cvsroot/pgsql/src/backend/catalog/namespace.c,v 1.14 2002/04/27 03:45:00 tgl Exp $
1717
*
1818
*-------------------------------------------------------------------------
1919
*/
@@ -35,6 +35,7 @@
3535
#include"miscadmin.h"
3636
#include"nodes/makefuncs.h"
3737
#include"storage/backendid.h"
38+
#include"utils/acl.h"
3839
#include"utils/builtins.h"
3940
#include"utils/fmgroids.h"
4041
#include"utils/guc.h"
@@ -974,6 +975,16 @@ GetTempTableNamespace(void)
974975
charnamespaceName[NAMEDATALEN];
975976
OidnamespaceId;
976977

978+
/*
979+
* First, do permission check to see if we are authorized to make
980+
* temp tables. We use a nonstandard error message here since
981+
* "databasename: permission denied" might be a tad cryptic.
982+
*/
983+
if (pg_database_aclcheck(MyDatabaseId,GetUserId(),
984+
ACL_CREATE_TEMP)!=ACLCHECK_OK)
985+
elog(ERROR,"%s: not authorized to create temp tables",
986+
DatabaseName);
987+
977988
snprintf(namespaceName,NAMEDATALEN,"pg_temp_%d",MyBackendId);
978989

979990
namespaceId=GetSysCacheOid(NAMESPACENAME,

‎src/backend/catalog/pg_operator.c

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.67 2002/04/25 02:56:55 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/catalog/pg_operator.c,v 1.68 2002/04/27 03:45:00 tgl Exp $
1212
*
1313
* NOTES
1414
* these routines moved here from commands/define.c and somewhat cleaned up.
@@ -26,6 +26,7 @@
2626
#include"miscadmin.h"
2727
#include"parser/parse_func.h"
2828
#include"parser/parse_oper.h"
29+
#include"utils/acl.h"
2930
#include"utils/builtins.h"
3031
#include"utils/lsyscache.h"
3132
#include"utils/syscache.h"
@@ -697,6 +698,7 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
697698
boolotherDefined;
698699
char*otherName;
699700
OidotherNamespace;
701+
AclResultaclresult;
700702

701703
other_oid=OperatorLookup(otherOp,
702704
otherLeftTypeId,
@@ -727,6 +729,12 @@ get_other_operator(List *otherOp, Oid otherLeftTypeId, Oid otherRightTypeId,
727729
}
728730

729731
/* not in catalogs, different from operator, so make shell */
732+
733+
aclresult=pg_namespace_aclcheck(otherNamespace,GetUserId(),
734+
ACL_CREATE);
735+
if (aclresult!=ACLCHECK_OK)
736+
aclcheck_error(aclresult,get_namespace_name(otherNamespace));
737+
730738
other_oid=OperatorShellMake(otherName,
731739
otherNamespace,
732740
otherLeftTypeId,

‎src/backend/commands/aggregatecmds.c

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
*
1010
*
1111
* IDENTIFICATION
12-
* $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.1 2002/04/15 05:22:03 tgl Exp $
12+
* $Header: /cvsroot/pgsql/src/backend/commands/aggregatecmds.c,v 1.2 2002/04/27 03:45:00 tgl Exp $
1313
*
1414
* DESCRIPTION
1515
* The "DefineFoo" routines take the parse tree and pick out the
@@ -26,6 +26,7 @@
2626
#include"catalog/catname.h"
2727
#include"catalog/namespace.h"
2828
#include"catalog/pg_aggregate.h"
29+
#include"catalog/pg_proc.h"
2930
#include"commands/comment.h"
3031
#include"commands/defrem.h"
3132
#include"miscadmin.h"
@@ -45,6 +46,7 @@ DefineAggregate(List *names, List *parameters)
4546
{
4647
char*aggName;
4748
OidaggNamespace;
49+
AclResultaclresult;
4850
List*transfuncName=NIL;
4951
List*finalfuncName=NIL;
5052
TypeName*baseType=NULL;
@@ -57,6 +59,11 @@ DefineAggregate(List *names, List *parameters)
5759
/* Convert list of names to a name and namespace */
5860
aggNamespace=QualifiedNameGetCreationNamespace(names,&aggName);
5961

62+
/* Check we have creation rights in target namespace */
63+
aclresult=pg_namespace_aclcheck(aggNamespace,GetUserId(),ACL_CREATE);
64+
if (aclresult!=ACLCHECK_OK)
65+
aclcheck_error(aclresult,get_namespace_name(aggNamespace));
66+
6067
foreach(pl,parameters)
6168
{
6269
DefElem*defel= (DefElem*)lfirst(pl);
@@ -157,20 +164,6 @@ RemoveAggregate(List *aggName, TypeName *aggType)
157164

158165
procOid=find_aggregate_func("RemoveAggregate",aggName,basetypeID);
159166

160-
/* Permission check */
161-
162-
if (!pg_proc_ownercheck(procOid,GetUserId()))
163-
{
164-
if (basetypeID==InvalidOid)
165-
elog(ERROR,"RemoveAggregate: aggregate %s for all types: permission denied",
166-
NameListToString(aggName));
167-
else
168-
elog(ERROR,"RemoveAggregate: aggregate %s for type %s: permission denied",
169-
NameListToString(aggName),format_type_be(basetypeID));
170-
}
171-
172-
/* Remove the pg_proc tuple */
173-
174167
relation=heap_openr(ProcedureRelationName,RowExclusiveLock);
175168

176169
tup=SearchSysCache(PROCOID,
@@ -180,9 +173,16 @@ RemoveAggregate(List *aggName, TypeName *aggType)
180173
elog(ERROR,"RemoveAggregate: couldn't find pg_proc tuple for %s",
181174
NameListToString(aggName));
182175

176+
/* Permission check: must own agg or its namespace */
177+
if (!pg_proc_ownercheck(procOid,GetUserId())&&
178+
!pg_namespace_ownercheck(((Form_pg_proc)GETSTRUCT(tup))->pronamespace,
179+
GetUserId()))
180+
aclcheck_error(ACLCHECK_NOT_OWNER,NameListToString(aggName));
181+
183182
/* Delete any comments associated with this function */
184183
DeleteComments(procOid,RelationGetRelid(relation));
185184

185+
/* Remove the pg_proc tuple */
186186
simple_heap_delete(relation,&tup->t_self);
187187

188188
ReleaseSysCache(tup);

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp