Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd824e28

Browse files
committed
Disallow converting a table to a view if row security is present.
When DefineQueryRewrite() is about to convert a table to a view, it checksthe table for features unavailable to views. For example, it rejects tableshaving triggers. It omits to reject tables having relrowsecurity or apg_policy record. Fix that. To faciliate the repair, inventrelation_has_policies() which indicates the presence of policies on arelation even when row security is disabled for that relation.Reported by Noah Misch. Patch by me, review by Stephen Frost. Back-patchto 9.5 where RLS was introduced.
1 parentf781a0f commitd824e28

File tree

5 files changed

+97
-5
lines changed

5 files changed

+97
-5
lines changed

‎src/backend/commands/policy.c

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1037,3 +1037,32 @@ get_relation_policy_oid(Oid relid, const char *policy_name, bool missing_ok)
10371037

10381038
returnpolicy_oid;
10391039
}
1040+
1041+
/*
1042+
* relation_has_policies - Determine if relation has any policies
1043+
*/
1044+
bool
1045+
relation_has_policies(Relationrel)
1046+
{
1047+
Relationcatalog;
1048+
ScanKeyDataskey;
1049+
SysScanDescsscan;
1050+
HeapTuplepolicy_tuple;
1051+
boolret= false;
1052+
1053+
catalog=heap_open(PolicyRelationId,AccessShareLock);
1054+
ScanKeyInit(&skey,
1055+
Anum_pg_policy_polrelid,
1056+
BTEqualStrategyNumber,F_OIDEQ,
1057+
ObjectIdGetDatum(RelationGetRelid(rel)));
1058+
sscan=systable_beginscan(catalog,PolicyPolrelidPolnameIndexId, true,
1059+
NULL,1,&skey);
1060+
policy_tuple=systable_getnext(sscan);
1061+
if (HeapTupleIsValid(policy_tuple))
1062+
ret= true;
1063+
1064+
systable_endscan(sscan);
1065+
heap_close(catalog,AccessShareLock);
1066+
1067+
returnret;
1068+
}

‎src/backend/rewrite/rewriteDefine.c

Lines changed: 19 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727
#include"catalog/objectaccess.h"
2828
#include"catalog/pg_rewrite.h"
2929
#include"catalog/storage.h"
30+
#include"commands/policy.h"
3031
#include"miscadmin.h"
3132
#include"nodes/nodeFuncs.h"
3233
#include"parser/parse_utilcmd.h"
@@ -410,11 +411,12 @@ DefineQueryRewrite(char *rulename,
410411
*
411412
* If so, check that the relation is empty because the storage for the
412413
* relation is going to be deleted. Also insist that the rel not have
413-
* any triggers, indexes, or child tables. (Note: these tests are too
414-
* strict, because they will reject relations that once had such but
415-
* don't anymore. But we don't really care, because this whole
416-
* business of converting relations to views is just a kluge to allow
417-
* dump/reload of views that participate in circular dependencies.)
414+
* any triggers, indexes, child tables, policies, or RLS enabled.
415+
* (Note: these tests are too strict, because they will reject
416+
* relations that once had such but don't anymore. But we don't
417+
* really care, because this whole business of converting relations
418+
* to views is just a kluge to allow dump/reload of views that
419+
* participate in circular dependencies.)
418420
*/
419421
if (event_relation->rd_rel->relkind!=RELKIND_VIEW&&
420422
event_relation->rd_rel->relkind!=RELKIND_MATVIEW)
@@ -451,6 +453,18 @@ DefineQueryRewrite(char *rulename,
451453
errmsg("could not convert table \"%s\" to a view because it has child tables",
452454
RelationGetRelationName(event_relation))));
453455

456+
if (event_relation->rd_rel->relrowsecurity)
457+
ereport(ERROR,
458+
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
459+
errmsg("could not convert table \"%s\" to a view because it has row security enabled",
460+
RelationGetRelationName(event_relation))));
461+
462+
if (relation_has_policies(event_relation))
463+
ereport(ERROR,
464+
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
465+
errmsg("could not convert table \"%s\" to a view because it has row security policies",
466+
RelationGetRelationName(event_relation))));
467+
454468
RelisBecomingView= true;
455469
}
456470
}

‎src/include/commands/policy.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,5 +31,6 @@ extern Oid get_relation_policy_oid(Oid relid, const char *policy_name,
3131

3232
externObjectAddressrename_policy(RenameStmt*stmt);
3333

34+
externboolrelation_has_policies(Relationrel);
3435

3536
#endif/* POLICY_H */

‎src/test/regress/expected/rowsecurity.out

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2997,6 +2997,29 @@ DROP ROLE bob; -- succeeds
29972997
ROLLBACK TO q;
29982998
ROLLBACK; -- cleanup
29992999
--
3000+
-- Converting table to view
3001+
--
3002+
BEGIN;
3003+
SET ROW_SECURITY = FORCE;
3004+
CREATE TABLE t (c int);
3005+
CREATE POLICY p ON t USING (c % 2 = 1);
3006+
ALTER TABLE t ENABLE ROW LEVEL SECURITY;
3007+
SAVEPOINT q;
3008+
CREATE RULE "_RETURN" AS ON SELECT TO t DO INSTEAD
3009+
SELECT * FROM generate_series(1,5) t0(c); -- fails due to row level security enabled
3010+
ERROR: could not convert table "t" to a view because it has row security enabled
3011+
ROLLBACK TO q;
3012+
ALTER TABLE t DISABLE ROW LEVEL SECURITY;
3013+
SAVEPOINT q;
3014+
CREATE RULE "_RETURN" AS ON SELECT TO t DO INSTEAD
3015+
SELECT * FROM generate_series(1,5) t0(c); -- fails due to policy p on t
3016+
ERROR: could not convert table "t" to a view because it has row security policies
3017+
ROLLBACK TO q;
3018+
DROP POLICY p ON t;
3019+
CREATE RULE "_RETURN" AS ON SELECT TO t DO INSTEAD
3020+
SELECT * FROM generate_series(1,5) t0(c); -- succeeds
3021+
ROLLBACK;
3022+
--
30003023
-- Clean up objects
30013024
--
30023025
RESET SESSION AUTHORIZATION;

‎src/test/regress/sql/rowsecurity.sql

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1260,6 +1260,31 @@ ROLLBACK TO q;
12601260

12611261
ROLLBACK;-- cleanup
12621262

1263+
--
1264+
-- Converting table to view
1265+
--
1266+
BEGIN;
1267+
SET ROW_SECURITY= FORCE;
1268+
CREATETABLEt (cint);
1269+
CREATE POLICY pON t USING (c %2=1);
1270+
ALTERTABLE t ENABLE ROW LEVEL SECURITY;
1271+
1272+
SAVEPOINT q;
1273+
CREATERULE "_RETURN"ASONSELECT TO t DO INSTEAD
1274+
SELECT*FROM generate_series(1,5) t0(c);-- fails due to row level security enabled
1275+
ROLLBACK TO q;
1276+
1277+
ALTERTABLE t DISABLE ROW LEVEL SECURITY;
1278+
SAVEPOINT q;
1279+
CREATERULE "_RETURN"ASONSELECT TO t DO INSTEAD
1280+
SELECT*FROM generate_series(1,5) t0(c);-- fails due to policy p on t
1281+
ROLLBACK TO q;
1282+
1283+
DROP POLICY pON t;
1284+
CREATERULE "_RETURN"ASONSELECT TO t DO INSTEAD
1285+
SELECT*FROM generate_series(1,5) t0(c);-- succeeds
1286+
ROLLBACK;
1287+
12631288
--
12641289
-- Clean up objects
12651290
--

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp