Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit82a2881

Browse files
committed
Code review for GRANT CONNECT patch. Spell the privilege as CONNECT not
CONNECTION, fix a number of places that were missed (eg pg_dump support),avoid executing an extra search of pg_database during startup.
1 parent986085a commit82a2881

File tree

12 files changed

+118
-81
lines changed

12 files changed

+118
-81
lines changed

‎doc/src/sgml/client-auth.sgml

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.88 2006/04/3002:09:06 momjian Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.89 2006/04/3021:15:32 tgl Exp $ -->
22

33
<chapter id="client-authentication">
44
<title>Client Authentication</title>
@@ -206,8 +206,6 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
206206
Multiple user names can be supplied by separating them with commas.
207207
A separate file containing user names can be specified by preceding the
208208
file name with <literal>@</>.
209-
User and group connectivity can also be restricted by <command>GRANT
210-
CONNECTION ON DATABASE</>.
211209
</para>
212210
</listitem>
213211
</varlistentry>
@@ -436,6 +434,17 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
436434
re-read the file.
437435
</para>
438436

437+
<tip>
438+
<para>
439+
To connect to a particular database, a user must not only pass the
440+
<filename>pg_hba.conf</filename> checks, but must have the
441+
<literal>CONNECT</> privilege for the database. If you wish to
442+
restrict which users can connect to which databases, it's usually
443+
easier to control this by granting/revoking <literal>CONNECT</> privilege
444+
than to put the rules into <filename>pg_hba.conf</filename> entries.
445+
</para>
446+
</tip>
447+
439448
<para>
440449
Some examples of <filename>pg_hba.conf</filename> entries are shown in
441450
<xref linkend="example-pg-hba.conf">. See the next section for details on the

‎doc/src/sgml/ddl.sgml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/ddl.sgml,v 1.56 2006/04/23 03:39:50 momjian Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/ddl.sgml,v 1.57 2006/04/30 21:15:32 tgl Exp $ -->
22

33
<chapter id="ddl">
44
<title>Data Definition</title>
@@ -1343,8 +1343,9 @@ ALTER TABLE products RENAME TO items;
13431343
There are several different privileges: <literal>SELECT</>,
13441344
<literal>INSERT</>, <literal>UPDATE</>, <literal>DELETE</>,
13451345
<literal>RULE</>, <literal>REFERENCES</>, <literal>TRIGGER</>,
1346-
<literal>CREATE</>, <literal>TEMPORARY</>, <literal>EXECUTE</>, and
1347-
<literal>USAGE</>. The privileges applicable to a particular
1346+
<literal>CREATE</>, <literal>CONNECT</>, <literal>TEMPORARY</>,
1347+
<literal>EXECUTE</>, and <literal>USAGE</>.
1348+
The privileges applicable to a particular
13481349
object vary depending on the object's type (table, function, etc).
13491350
For complete information on the different types of privileges
13501351
supported by <productname>PostgreSQL</productname>, refer to the

‎doc/src/sgml/func.sgml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.315 2006/04/25 00:25:15 momjian Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/func.sgml,v 1.316 2006/04/30 21:15:32 tgl Exp $ -->
22

33
<chapter id="functions">
44
<title>Functions and Operators</title>
@@ -9227,6 +9227,7 @@ SELECT has_table_privilege('myschema.mytable', 'select');
92279227
arguments are analogous to <function>has_table_privilege</function>.
92289228
The desired access privilege type must evaluate to
92299229
<literal>CREATE</literal>,
9230+
<literal>CONNECT</literal>,
92309231
<literal>TEMPORARY</literal>, or
92319232
<literal>TEMP</literal> (which is equivalent to
92329233
<literal>TEMPORARY</literal>).

‎doc/src/sgml/ref/grant.sgml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.53 2006/04/3002:09:06 momjian Exp $
2+
$PostgreSQL: pgsql/doc/src/sgml/ref/grant.sgml,v 1.54 2006/04/3021:15:33 tgl Exp $
33
PostgreSQL documentation
44
-->
55

@@ -30,7 +30,7 @@ GRANT { { USAGE | SELECT | UPDATE }
3030
ON SEQUENCE <replaceable class="PARAMETER">sequencename</replaceable> [, ...]
3131
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ]
3232

33-
GRANT { { CREATE |TEMPORARY |TEMP |CONNECTION } [,...] | ALL [ PRIVILEGES ] }
33+
GRANT { { CREATE |CONNECT |TEMPORARY |TEMP } [,...] | ALL [ PRIVILEGES ] }
3434
ON DATABASE <replaceable>dbname</replaceable> [, ...]
3535
TO { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...] [ WITH GRANT OPTION ]
3636

@@ -118,7 +118,8 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
118118
Depending on the type of object, the initial default privileges may
119119
include granting some privileges to <literal>PUBLIC</literal>.
120120
The default is no public access for tables, schemas, and tablespaces;
121-
<literal>TEMP</> table creation privilege for databases;
121+
<literal>CONNECT</> privilege and <literal>TEMP</> table creation privilege
122+
for databases;
122123
<literal>EXECUTE</> privilege for functions; and
123124
<literal>USAGE</> privilege for languages.
124125
The object owner may of course revoke these privileges. (For maximum
@@ -230,13 +231,12 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
230231
</varlistentry>
231232

232233
<varlistentry>
233-
<term>CONNECTION</term>
234+
<term>CONNECT</term>
234235
<listitem>
235236
<para>
236-
Allows the ability to connect to the specified database.
237-
By default, Grant permissions allow users to connect to any database,
238-
though <filename>pg_hba.conf</> can add additional connection
239-
restrictions.
237+
Allows the user to connect to the specified database. This
238+
privilege is checked at connection startup (in addition to checking
239+
any restrictions imposed by <filename>pg_hba.conf</>).
240240
</para>
241241
</listitem>
242242
</varlistentry>
@@ -429,7 +429,7 @@ GRANT <replaceable class="PARAMETER">role</replaceable> [, ...]
429429
X -- EXECUTE
430430
U -- USAGE
431431
C -- CREATE
432-
c --CONNECTION
432+
c --CONNECT
433433
T -- TEMPORARY
434434
arwdRxt -- ALL PRIVILEGES (for tables)
435435
* -- grant option for preceding privilege

‎doc/src/sgml/ref/revoke.sgml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.37 2006/04/3002:09:06 momjian Exp $
2+
$PostgreSQL: pgsql/doc/src/sgml/ref/revoke.sgml,v 1.38 2006/04/3021:15:33 tgl Exp $
33
PostgreSQL documentation
44
-->
55

@@ -35,7 +35,7 @@ REVOKE [ GRANT OPTION FOR ]
3535
[ CASCADE | RESTRICT ]
3636

3737
REVOKE [ GRANT OPTION FOR ]
38-
{ { CREATE |TEMPORARY |TEMP |CONNECTION } [,...] | ALL [ PRIVILEGES ] }
38+
{ { CREATE |CONNECT |TEMPORARY |TEMP } [,...] | ALL [ PRIVILEGES ] }
3939
ON DATABASE <replaceable>dbname</replaceable> [, ...]
4040
FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
4141
[ CASCADE | RESTRICT ]

‎doc/src/sgml/user-manag.sgml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.34 2006/03/10 19:10:49 momjian Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/user-manag.sgml,v 1.35 2006/04/30 21:15:32 tgl Exp $ -->
22

33
<chapter id="user-manag">
44
<title>Database Roles and Privileges</title>
@@ -294,9 +294,9 @@ ALTER ROLE myname SET enable_indexscan TO off;
294294
There are several different kinds of privilege: <literal>SELECT</>,
295295
<literal>INSERT</>, <literal>UPDATE</>, <literal>DELETE</>,
296296
<literal>RULE</>, <literal>REFERENCES</>, <literal>TRIGGER</>,
297-
<literal>CREATE</>, <literal>TEMPORARY</>, <literal>EXECUTE</>,
298-
and <literal>USAGE</>. For more
299-
information on the different types of privileges supported by
297+
<literal>CREATE</>, <literal>CONNECT</>, <literal>TEMPORARY</>,
298+
<literal>EXECUTE</>,and <literal>USAGE</>.
299+
For moreinformation on the different types of privileges supported by
300300
<productname>PostgreSQL</productname>, see the
301301
<xref linkend="sql-grant" endterm="sql-grant-title"> reference page.
302302
</para>

‎src/backend/catalog/aclchk.c

Lines changed: 29 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.126 2006/04/3002:09:07 momjian Exp $
11+
* $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.127 2006/04/3021:15:33 tgl Exp $
1212
*
1313
* NOTES
1414
* See acl.h.
@@ -1368,7 +1368,7 @@ string_to_privilege(const char *privname)
13681368
returnACL_CREATE_TEMP;
13691369
if (strcmp(privname,"temp")==0)
13701370
returnACL_CREATE_TEMP;
1371-
if (strcmp(privname,"connection")==0)
1371+
if (strcmp(privname,"connect")==0)
13721372
returnACL_CONNECT;
13731373
ereport(ERROR,
13741374
(errcode(ERRCODE_SYNTAX_ERROR),
@@ -1404,7 +1404,7 @@ privilege_to_string(AclMode privilege)
14041404
caseACL_CREATE_TEMP:
14051405
return"TEMP";
14061406
caseACL_CONNECT:
1407-
return"CONNECTION";
1407+
return"CONNECT";
14081408
default:
14091409
elog(ERROR,"unrecognized privilege: %d", (int)privilege);
14101410
}
@@ -1661,10 +1661,6 @@ pg_database_aclmask(Oid db_oid, Oid roleid,
16611661
ScanKeyDataentry[1];
16621662
SysScanDescscan;
16631663
HeapTupletuple;
1664-
DatumaclDatum;
1665-
boolisNull;
1666-
Acl*acl;
1667-
OidownerId;
16681664

16691665
/* Superusers bypass all permission checking. */
16701666
if (superuser_arg(roleid))
@@ -1688,10 +1684,33 @@ pg_database_aclmask(Oid db_oid, Oid roleid,
16881684
(errcode(ERRCODE_UNDEFINED_DATABASE),
16891685
errmsg("database with OID %u does not exist",db_oid)));
16901686

1691-
ownerId= ((Form_pg_database)GETSTRUCT(tuple))->datdba;
1687+
result=pg_database_tuple_aclmask(tuple,RelationGetDescr(pg_database),
1688+
roleid,mask,how);
1689+
1690+
systable_endscan(scan);
1691+
heap_close(pg_database,AccessShareLock);
1692+
1693+
returnresult;
1694+
}
1695+
1696+
/*
1697+
* This is split out so that ReverifyMyDatabase can perform an ACL check
1698+
* without a whole extra search of pg_database
1699+
*/
1700+
AclMode
1701+
pg_database_tuple_aclmask(HeapTupledb_tuple,TupleDesctupdesc,
1702+
Oidroleid,AclModemask,AclMaskHowhow)
1703+
{
1704+
AclModeresult;
1705+
DatumaclDatum;
1706+
boolisNull;
1707+
Acl*acl;
1708+
OidownerId;
1709+
1710+
ownerId= ((Form_pg_database)GETSTRUCT(db_tuple))->datdba;
16921711

1693-
aclDatum=heap_getattr(tuple,Anum_pg_database_datacl,
1694-
RelationGetDescr(pg_database),&isNull);
1712+
aclDatum=heap_getattr(db_tuple,Anum_pg_database_datacl,
1713+
tupdesc,&isNull);
16951714

16961715
if (isNull)
16971716
{
@@ -1711,9 +1730,6 @@ pg_database_aclmask(Oid db_oid, Oid roleid,
17111730
if (acl&& (Pointer)acl!=DatumGetPointer(aclDatum))
17121731
pfree(acl);
17131732

1714-
systable_endscan(scan);
1715-
heap_close(pg_database,AccessShareLock);
1716-
17171733
returnresult;
17181734
}
17191735

‎src/backend/utils/adt/acl.c

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/utils/adt/acl.c,v 1.132 2006/04/3002:09:07 momjian Exp $
11+
* $PostgreSQL: pgsql/src/backend/utils/adt/acl.c,v 1.133 2006/04/3021:15:33 tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -553,7 +553,8 @@ acldefault(GrantObjectType objtype, Oid ownerId)
553553
owner_default=ACL_ALL_RIGHTS_SEQUENCE;
554554
break;
555555
caseACL_OBJECT_DATABASE:
556-
world_default=ACL_CREATE_TEMP |ACL_CONNECT;/* not NO_RIGHTS! */
556+
/* for backwards compatibility, grant some rights by default */
557+
world_default=ACL_CREATE_TEMP |ACL_CONNECT;
557558
owner_default=ACL_ALL_RIGHTS_DATABASE;
558559
break;
559560
caseACL_OBJECT_FUNCTION:
@@ -1341,6 +1342,8 @@ convert_priv_string(text *priv_type_text)
13411342
returnACL_CREATE_TEMP;
13421343
if (pg_strcasecmp(priv_type,"TEMPORARY")==0)
13431344
returnACL_CREATE_TEMP;
1345+
if (pg_strcasecmp(priv_type,"CONNECT")==0)
1346+
returnACL_CONNECT;
13441347

13451348
ereport(ERROR,
13461349
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
@@ -1778,6 +1781,11 @@ convert_database_priv_string(text *priv_type_text)
17781781
if (pg_strcasecmp(priv_type,"TEMP WITH GRANT OPTION")==0)
17791782
returnACL_GRANT_OPTION_FOR(ACL_CREATE_TEMP);
17801783

1784+
if (pg_strcasecmp(priv_type,"CONNECT")==0)
1785+
returnACL_CONNECT;
1786+
if (pg_strcasecmp(priv_type,"CONNECT WITH GRANT OPTION")==0)
1787+
returnACL_GRANT_OPTION_FOR(ACL_CONNECT);
1788+
17811789
ereport(ERROR,
17821790
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
17831791
errmsg("unrecognized privilege type: \"%s\"",priv_type)));

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp