NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitd05b4bd

committed

Permission checking wasn't quite right for insert/update/delete rules,

either :-(.

1 parentc434ae3 commitd05b4bdCopy full SHA for d05b4bd

File tree

1 file changed

+12

-13

lines changed

src/backend/rewrite
- rewriteDefine.c

1 file changed

+12

-13

lines changed

`‎src/backend/rewrite/rewriteDefine.c‎`

Lines changed: 12 additions & 13 deletions

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.61 2001/03/23 04:49:54 momjian Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/backend/rewrite/rewriteDefine.c,v 1.62 2001/05/03 21:16:48 tgl Exp $`
`12`	`12`	`*`
`13`	`13`	`*-------------------------------------------------------------------------`
`14`	`14`	`*/`
`@@ -377,7 +377,7 @@ DefineQueryRewrite(RuleStmt *stmt)`
`377`	`377`	`* We want the rule's table references to be checked as though by the`
`378`	`378`	`* rule owner, not the user referencing the rule. Therefore, scan`
`379`	`379`	`* through the rule's rtables and set the checkAsUser field on all`
`380`		`- * rtable entries (except OLD and NEW).`
	`380`	`+ * rtable entries.`
`381`	`381`	`*/`
`382`	`382`	`foreach(l,action)`
`383`	`383`	`{`
`@@ -426,29 +426,28 @@ DefineQueryRewrite(RuleStmt *stmt)`
`426`	`426`	`/*`
`427`	`427`	`* setRuleCheckAsUser`
`428`	`428`	`*Recursively scan a query and set the checkAsUser field to the`
`429`		`- given userid in all rtable entries except OLD* and NEW.`
	`429`	`+ *given userid in all rtable entries.`
	`430`	`+ *`
	`431`	`+ * Note: for a view (ON SELECT rule), the checkAsUser field of the OLD`
	`432`	`+ * RTE entry will be overridden when the view rule is expanded, and the`
	`433`	`+ * checkAsUser field of the NEW entry is irrelevant because that entry's`
	`434`	`+ * checkFor bits will never be set. However, for other types of rules it's`
	`435`	`+ * important to set these fields to match the rule owner. So we just set`
	`436`	`+ * them always.`
`430`	`437`	`*/`
`431`	`438`	`staticvoid`
`432`	`439`	`setRuleCheckAsUser(Query*qry,Oiduserid)`
`433`	`440`	`{`
`434`	`441`	`List*l;`
`435`	`442`
`436`		`-/* Set all the RTEs in this query node, except OLD and NEW */`
	`443`	`+/* Set all the RTEs in this query node */`
`437`	`444`	`foreach(l,qry->rtable)`
`438`	`445`	`{`
`439`	`446`	`RangeTblEntryrte= (RangeTblEntry)lfirst(l);`
`440`	`447`
`441`		`-if (strcmp(rte->eref->relname,"NEW")==0)`
`442`		`-continue;`
`443`		`-if (strcmp(rte->eref->relname,"OLD")==0)`
`444`		`-continue;`
`445`		`-`
`446`	`448`	`if (rte->subquery)`
`447`	`449`	`{`
`448`		`-`
`449`		`-/*`
`450`		`- * Recurse into subquery in FROM`
`451`		`- */`
	`450`	`+/* Recurse into subquery in FROM */`
`452`	`451`	`setRuleCheckAsUser(rte->subquery,userid);`
`453`	`452`	`}`
`454`	`453`	`else`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitd05b4bd

File tree

1 file changed

1 file changed

`‎src/backend/rewrite/rewriteDefine.c‎`

0 commit comments