NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitd0f876c

committed

Accept 'public' as a pseudo-role name in has_table_privilege() and friends

to see if a particular privilege has been granted to PUBLIC.The issue was reported by Jim Nasby.Patch by Alvaro Herrera, and reviewed by KaiGai Kohei.

1 parentf4d242e commitd0f876cCopy full SHA for d0f876c

File tree

2 files changed

+42

-27

lines changed

doc/src/sgml
- func.sgml
src/backend/utils/adt
- acl.c

2 files changed

+42

-27

lines changed

`‎doc/src/sgml/func.sgml`

Lines changed: 4 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -12348,8 +12348,8 @@ SET search_path TO <replaceable>schema</> <optional>, <replaceable>schema</>, ..`
`12348`	`12348`	`<para>`
`12349`	`12349`	`<function>has_table_privilege</function> checks whether a user`
`12350`	`12350`	`can access a table in a particular way. The user can be`
`12351`		`- specified by name orby OID`
`12352`		`-(<literal>pg_authid.oid</literal>), or if the argument is`
	`12351`	`+ specified by name,by OID (<literal>pg_authid.oid</literal>),`
	`12352`	`+ <literal>public</> to indicate the PUBLIC pseudo-role, or if the argument is`
`12353`	`12353`	`omitted`
`12354`	`12354`	`<function>current_user</function> is assumed. The table can be specified`
`12355`	`12355`	`by name or by OID. (Thus, there are actually six variants of`
`@@ -12496,7 +12496,8 @@ SELECT has_function_privilege('joeuser', 'myfunc(int, text)', 'execute');`
`12496`	`12496`	`<function>pg_has_role</function> checks whether a user`
`12497`	`12497`	`can access a role in a particular way.`
`12498`	`12498`	`Its argument possibilities`
`12499`		`- are analogous to <function>has_table_privilege</function>.`
	`12499`	`+ are analogous to <function>has_table_privilege</function>,`
	`12500`	`+ except that <literal>public</> is not allowed as a user name.`
`12500`	`12501`	`The desired access privilege type must evaluate to some combination of`
`12501`	`12502`	`<literal>MEMBER</literal> or`
`12502`	`12503`	`<literal>USAGE</literal>.`

`‎src/backend/utils/adt/acl.c`

Lines changed: 38 additions & 24 deletions

Original file line number	Diff line number	Diff line change
`@@ -113,6 +113,7 @@ static AclMode convert_role_priv_string(text *priv_type_text);`
`113`	`113`	`staticAclResultpg_role_aclcheck(Oidrole_oid,Oidroleid,AclModemode);`
`114`	`114`
`115`	`115`	`staticvoidRoleMembershipCacheCallback(Datumarg,intcacheid,ItemPointertuplePtr);`
	`116`	`+staticOidget_role_oid_or_public(constchar*rolname);`
`116`	`117`
`117`	`118`
`118`	`119`	`/*`
`@@ -1791,7 +1792,7 @@ has_table_privilege_name_name(PG_FUNCTION_ARGS)`
`1791`	`1792`	`AclModemode;`
`1792`	`1793`	`AclResultaclresult;`
`1793`	`1794`
`1794`		`-roleid=get_role_oid(NameStr(*rolename), false);`
	`1795`	`+roleid=get_role_oid_or_public(NameStr(*rolename));`
`1795`	`1796`	`tableoid=convert_table_name(tablename);`
`1796`	`1797`	`mode=convert_table_priv_string(priv_type_text);`
`1797`	`1798`
`@@ -1840,7 +1841,7 @@ has_table_privilege_name_id(PG_FUNCTION_ARGS)`
`1840`	`1841`	`AclModemode;`
`1841`	`1842`	`AclResultaclresult;`
`1842`	`1843`
`1843`		`-roleid=get_role_oid(NameStr(*username), false);`
	`1844`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`1844`	`1845`	`mode=convert_table_priv_string(priv_type_text);`
`1845`	`1846`
`1846`	`1847`	`if (!SearchSysCacheExists1(RELOID,ObjectIdGetDatum(tableoid)))`
`@@ -1998,7 +1999,7 @@ has_sequence_privilege_name_name(PG_FUNCTION_ARGS)`
`1998`	`1999`	`AclModemode;`
`1999`	`2000`	`AclResultaclresult;`
`2000`	`2001`
`2001`		`-roleid=get_role_oid(NameStr(*rolename), false);`
	`2002`	`+roleid=get_role_oid_or_public(NameStr(*rolename));`
`2002`	`2003`	`mode=convert_sequence_priv_string(priv_type_text);`
`2003`	`2004`	`sequenceoid=convert_table_name(sequencename);`
`2004`	`2005`	`if (get_rel_relkind(sequenceoid)!=RELKIND_SEQUENCE)`
`@@ -2058,7 +2059,7 @@ has_sequence_privilege_name_id(PG_FUNCTION_ARGS)`
`2058`	`2059`	`AclResultaclresult;`
`2059`	`2060`	`charrelkind;`
`2060`	`2061`
`2061`		`-roleid=get_role_oid(NameStr(*username), false);`
	`2062`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`2062`	`2063`	`mode=convert_sequence_priv_string(priv_type_text);`
`2063`	`2064`	`relkind=get_rel_relkind(sequenceoid);`
`2064`	`2065`	`if (relkind=='\0')`
`@@ -2209,7 +2210,7 @@ has_any_column_privilege_name_name(PG_FUNCTION_ARGS)`
`2209`	`2210`	`AclModemode;`
`2210`	`2211`	`AclResultaclresult;`
`2211`	`2212`
`2212`		`-roleid=get_role_oid(NameStr(*rolename), false);`
	`2213`	`+roleid=get_role_oid_or_public(NameStr(*rolename));`
`2213`	`2214`	`tableoid=convert_table_name(tablename);`
`2214`	`2215`	`mode=convert_column_priv_string(priv_type_text);`
`2215`	`2216`
`@@ -2266,7 +2267,7 @@ has_any_column_privilege_name_id(PG_FUNCTION_ARGS)`
`2266`	`2267`	`AclModemode;`
`2267`	`2268`	`AclResultaclresult;`
`2268`	`2269`
`2269`		`-roleid=get_role_oid(NameStr(*username), false);`
	`2270`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`2270`	`2271`	`mode=convert_column_priv_string(priv_type_text);`
`2271`	`2272`
`2272`	`2273`	`if (!SearchSysCacheExists1(RELOID,ObjectIdGetDatum(tableoid)))`
`@@ -2451,7 +2452,7 @@ has_column_privilege_name_name_name(PG_FUNCTION_ARGS)`
`2451`	`2452`	`AclModemode;`
`2452`	`2453`	`intprivresult;`
`2453`	`2454`
`2454`		`-roleid=get_role_oid(NameStr(*rolename), false);`
	`2455`	`+roleid=get_role_oid_or_public(NameStr(*rolename));`
`2455`	`2456`	`tableoid=convert_table_name(tablename);`
`2456`	`2457`	`colattnum=convert_column_name(tableoid,column);`
`2457`	`2458`	`mode=convert_column_priv_string(priv_type_text);`
`@@ -2479,7 +2480,7 @@ has_column_privilege_name_name_attnum(PG_FUNCTION_ARGS)`
`2479`	`2480`	`AclModemode;`
`2480`	`2481`	`intprivresult;`
`2481`	`2482`
`2482`		`-roleid=get_role_oid(NameStr(*rolename), false);`
	`2483`	`+roleid=get_role_oid_or_public(NameStr(*rolename));`
`2483`	`2484`	`tableoid=convert_table_name(tablename);`
`2484`	`2485`	`mode=convert_column_priv_string(priv_type_text);`
`2485`	`2486`
`@@ -2506,7 +2507,7 @@ has_column_privilege_name_id_name(PG_FUNCTION_ARGS)`
`2506`	`2507`	`AclModemode;`
`2507`	`2508`	`intprivresult;`
`2508`	`2509`
`2509`		`-roleid=get_role_oid(NameStr(*username), false);`
	`2510`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`2510`	`2511`	`colattnum=convert_column_name(tableoid,column);`
`2511`	`2512`	`mode=convert_column_priv_string(priv_type_text);`
`2512`	`2513`
`@@ -2532,7 +2533,7 @@ has_column_privilege_name_id_attnum(PG_FUNCTION_ARGS)`
`2532`	`2533`	`AclModemode;`
`2533`	`2534`	`intprivresult;`
`2534`	`2535`
`2535`		`-roleid=get_role_oid(NameStr(*username), false);`
	`2536`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`2536`	`2537`	`mode=convert_column_priv_string(priv_type_text);`
`2537`	`2538`
`2538`	`2539`	`privresult=column_privilege_check(tableoid,colattnum,roleid,mode);`
`@@ -2823,7 +2824,7 @@ has_database_privilege_name_name(PG_FUNCTION_ARGS)`
`2823`	`2824`	`AclModemode;`
`2824`	`2825`	`AclResultaclresult;`
`2825`	`2826`
`2826`		`-roleid=get_role_oid(NameStr(*username), false);`
	`2827`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`2827`	`2828`	`databaseoid=convert_database_name(databasename);`
`2828`	`2829`	`mode=convert_database_priv_string(priv_type_text);`
`2829`	`2830`
`@@ -2872,7 +2873,7 @@ has_database_privilege_name_id(PG_FUNCTION_ARGS)`
`2872`	`2873`	`AclModemode;`
`2873`	`2874`	`AclResultaclresult;`
`2874`	`2875`
`2875`		`-roleid=get_role_oid(NameStr(*username), false);`
	`2876`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`2876`	`2877`	`mode=convert_database_priv_string(priv_type_text);`
`2877`	`2878`
`2878`	`2879`	`if (!SearchSysCacheExists1(DATABASEOID,ObjectIdGetDatum(databaseoid)))`
`@@ -3021,7 +3022,7 @@ has_foreign_data_wrapper_privilege_name_name(PG_FUNCTION_ARGS)`
`3021`	`3022`	`AclModemode;`
`3022`	`3023`	`AclResultaclresult;`
`3023`	`3024`
`3024`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3025`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3025`	`3026`	`fdwid=convert_foreign_data_wrapper_name(fdwname);`
`3026`	`3027`	`mode=convert_foreign_data_wrapper_priv_string(priv_type_text);`
`3027`	`3028`
`@@ -3070,7 +3071,7 @@ has_foreign_data_wrapper_privilege_name_id(PG_FUNCTION_ARGS)`
`3070`	`3071`	`AclModemode;`
`3071`	`3072`	`AclResultaclresult;`
`3072`	`3073`
`3073`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3074`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3074`	`3075`	`mode=convert_foreign_data_wrapper_priv_string(priv_type_text);`
`3075`	`3076`
`3076`	`3077`	`aclresult=pg_foreign_data_wrapper_aclcheck(fdwid,roleid,mode);`
`@@ -3203,7 +3204,7 @@ has_function_privilege_name_name(PG_FUNCTION_ARGS)`
`3203`	`3204`	`AclModemode;`
`3204`	`3205`	`AclResultaclresult;`
`3205`	`3206`
`3206`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3207`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3207`	`3208`	`functionoid=convert_function_name(functionname);`
`3208`	`3209`	`mode=convert_function_priv_string(priv_type_text);`
`3209`	`3210`
`@@ -3252,7 +3253,7 @@ has_function_privilege_name_id(PG_FUNCTION_ARGS)`
`3252`	`3253`	`AclModemode;`
`3253`	`3254`	`AclResultaclresult;`
`3254`	`3255`
`3255`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3256`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3256`	`3257`	`mode=convert_function_priv_string(priv_type_text);`
`3257`	`3258`
`3258`	`3259`	`if (!SearchSysCacheExists1(PROCOID,ObjectIdGetDatum(functionoid)))`
`@@ -3403,7 +3404,7 @@ has_language_privilege_name_name(PG_FUNCTION_ARGS)`
`3403`	`3404`	`AclModemode;`
`3404`	`3405`	`AclResultaclresult;`
`3405`	`3406`
`3406`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3407`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3407`	`3408`	`languageoid=convert_language_name(languagename);`
`3408`	`3409`	`mode=convert_language_priv_string(priv_type_text);`
`3409`	`3410`
`@@ -3452,7 +3453,7 @@ has_language_privilege_name_id(PG_FUNCTION_ARGS)`
`3452`	`3453`	`AclModemode;`
`3453`	`3454`	`AclResultaclresult;`
`3454`	`3455`
`3455`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3456`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3456`	`3457`	`mode=convert_language_priv_string(priv_type_text);`
`3457`	`3458`
`3458`	`3459`	`if (!SearchSysCacheExists1(LANGOID,ObjectIdGetDatum(languageoid)))`
`@@ -3594,7 +3595,7 @@ has_schema_privilege_name_name(PG_FUNCTION_ARGS)`
`3594`	`3595`	`AclModemode;`
`3595`	`3596`	`AclResultaclresult;`
`3596`	`3597`
`3597`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3598`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3598`	`3599`	`schemaoid=convert_schema_name(schemaname);`
`3599`	`3600`	`mode=convert_schema_priv_string(priv_type_text);`
`3600`	`3601`
`@@ -3643,7 +3644,7 @@ has_schema_privilege_name_id(PG_FUNCTION_ARGS)`
`3643`	`3644`	`AclModemode;`
`3644`	`3645`	`AclResultaclresult;`
`3645`	`3646`
`3646`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3647`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3647`	`3648`	`mode=convert_schema_priv_string(priv_type_text);`
`3648`	`3649`
`3649`	`3650`	`if (!SearchSysCacheExists1(NAMESPACEOID,ObjectIdGetDatum(schemaoid)))`
`@@ -3787,7 +3788,7 @@ has_server_privilege_name_name(PG_FUNCTION_ARGS)`
`3787`	`3788`	`AclModemode;`
`3788`	`3789`	`AclResultaclresult;`
`3789`	`3790`
`3790`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3791`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3791`	`3792`	`serverid=convert_server_name(servername);`
`3792`	`3793`	`mode=convert_server_priv_string(priv_type_text);`
`3793`	`3794`
`@@ -3836,7 +3837,7 @@ has_server_privilege_name_id(PG_FUNCTION_ARGS)`
`3836`	`3837`	`AclModemode;`
`3837`	`3838`	`AclResultaclresult;`
`3838`	`3839`
`3839`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3840`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3840`	`3841`	`mode=convert_server_priv_string(priv_type_text);`
`3841`	`3842`
`3842`	`3843`	`aclresult=pg_foreign_server_aclcheck(serverid,roleid,mode);`
`@@ -3969,7 +3970,7 @@ has_tablespace_privilege_name_name(PG_FUNCTION_ARGS)`
`3969`	`3970`	`AclModemode;`
`3970`	`3971`	`AclResultaclresult;`
`3971`	`3972`
`3972`		`-roleid=get_role_oid(NameStr(*username), false);`
	`3973`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`3973`	`3974`	`tablespaceoid=convert_tablespace_name(tablespacename);`
`3974`	`3975`	`mode=convert_tablespace_priv_string(priv_type_text);`
`3975`	`3976`
`@@ -4018,7 +4019,7 @@ has_tablespace_privilege_name_id(PG_FUNCTION_ARGS)`
`4018`	`4019`	`AclModemode;`
`4019`	`4020`	`AclResultaclresult;`
`4020`	`4021`
`4021`		`-roleid=get_role_oid(NameStr(*username), false);`
	`4022`	`+roleid=get_role_oid_or_public(NameStr(*username));`
`4022`	`4023`	`mode=convert_tablespace_priv_string(priv_type_text);`
`4023`	`4024`
`4024`	`4025`	`aclresult=pg_tablespace_aclcheck(tablespaceoid,roleid,mode);`
`@@ -4821,3 +4822,16 @@ get_role_oid(const char *rolname, bool missing_ok)`
`4821`	`4822`	`errmsg("role \"%s\" does not exist",rolname)));`
`4822`	`4823`	`returnoid;`
`4823`	`4824`	`}`
	`4825`	`+`
	`4826`	`+/*`
	`4827`	`+ * get_role_oid_or_public - As above, but return ACL_ID_PUBLIC if the`
	`4828`	`+ * role name is "public".`
	`4829`	`+ */`
	`4830`	`+staticOid`
	`4831`	`+get_role_oid_or_public(constchar*rolname)`
	`4832`	`+{`
	`4833`	`+if (strcmp(rolname,"public")==0)`
	`4834`	`+returnACL_ID_PUBLIC;`
	`4835`	`+`
	`4836`	`+returnget_role_oid(rolname, false);`
	`4837`	`+}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitd0f876c

File tree

2 files changed

2 files changed

`‎doc/src/sgml/func.sgml`

`‎src/backend/utils/adt/acl.c`

0 commit comments