Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd898665

Browse files
committed
Extend pg_get_acl() to handle sub-object IDs
This patch modifies the pg_get_acl() function to accept a third argumentcalled "objsubid", bringing it on par with similar functions in thisarea like pg_describe_object(). This enables the retrieval of ACLs forrelation attributes when scanning dependencies.Bump catalog version.Author: Joel JacobsonDiscussion:https://postgr.es/m/f2539bff-64be-47f0-9f0b-df85d3cc0432@app.fastmail.com
1 parentf7bd0a3 commitd898665

File tree

6 files changed

+73
-24
lines changed

6 files changed

+73
-24
lines changed

‎doc/src/sgml/func.sgml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26661,12 +26661,12 @@ SELECT currval(pg_get_serial_sequence('sometable', 'id'));
2666126661
<indexterm>
2666226662
<primary>pg_get_acl</primary>
2666326663
</indexterm>
26664-
<function>pg_get_acl</function> ( <parameter>classid</parameter> <type>oid</type>, <parameter>objid</parameter> <type>oid</type> )
26664+
<function>pg_get_acl</function> ( <parameter>classid</parameter> <type>oid</type>, <parameter>objid</parameter> <type>oid</type>, <parameter>objsubid</parameter> <type>integer</type> )
2666526665
<returnvalue>aclitem[]</returnvalue>
2666626666
</para>
2666726667
<para>
2666826668
Returns the <acronym>ACL</acronym> for a database object, specified
26669-
by catalog OIDand objectOID. This function returns
26669+
by catalog OID, object OIDandsub-objectID. This function returns
2667026670
<literal>NULL</literal> values for undefined objects.
2667126671
</para></entry>
2667226672
</row>
@@ -26792,7 +26792,7 @@ SELECT currval(pg_get_serial_sequence('sometable', 'id'));
2679226792
<programlisting>
2679326793
postgres=# SELECT
2679426794
(pg_identify_object(s.classid,s.objid,s.objsubid)).*,
26795-
pg_catalog.pg_get_acl(s.classid,s.objid) AS acl
26795+
pg_catalog.pg_get_acl(s.classid,s.objid,s.objsubid) AS acl
2679626796
FROM pg_catalog.pg_shdepend AS s
2679726797
JOIN pg_catalog.pg_database AS d
2679826798
ON d.datname = current_database() AND

‎src/backend/catalog/objectaddress.c

Lines changed: 32 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -4364,19 +4364,19 @@ pg_identify_object_as_address(PG_FUNCTION_ARGS)
43644364

43654365
/*
43664366
* SQL-level callable function to obtain the ACL of a specified object, given
4367-
* its catalog OIDand objectOID.
4367+
* its catalog OID, object OIDandsub-objectID.
43684368
*/
43694369
Datum
43704370
pg_get_acl(PG_FUNCTION_ARGS)
43714371
{
43724372
OidclassId=PG_GETARG_OID(0);
43734373
OidobjectId=PG_GETARG_OID(1);
4374+
int32objsubid=PG_GETARG_INT32(2);
43744375
OidcatalogId;
43754376
AttrNumberAnum_acl;
4376-
Relationrel;
4377-
HeapTupletup;
43784377
Datumdatum;
43794378
boolisnull;
4379+
HeapTupletup;
43804380

43814381
/* for "pinned" items in pg_depend, return null */
43824382
if (!OidIsValid(classId)&& !OidIsValid(objectId))
@@ -4391,19 +4391,40 @@ pg_get_acl(PG_FUNCTION_ARGS)
43914391
if (Anum_acl==InvalidAttrNumber)
43924392
PG_RETURN_NULL();
43934393

4394-
rel=table_open(catalogId,AccessShareLock);
4394+
/*
4395+
* If dealing with a relation's attribute (objsubid is set), the ACL is
4396+
* retrieved from pg_attribute.
4397+
*/
4398+
if (classId==RelationRelationId&&objsubid!=0)
4399+
{
4400+
AttrNumberattnum= (AttrNumber)objsubid;
43954401

4396-
tup=get_catalog_object_by_oid(rel,get_object_attnum_oid(catalogId),
4397-
objectId);
4398-
if (!HeapTupleIsValid(tup))
4402+
tup=SearchSysCacheCopyAttNum(objectId,attnum);
4403+
4404+
if (!HeapTupleIsValid(tup))
4405+
PG_RETURN_NULL();
4406+
4407+
datum=SysCacheGetAttr(ATTNUM,tup,Anum_pg_attribute_attacl,
4408+
&isnull);
4409+
}
4410+
else
43994411
{
4412+
Relationrel;
4413+
4414+
rel=table_open(catalogId,AccessShareLock);
4415+
4416+
tup=get_catalog_object_by_oid(rel,get_object_attnum_oid(catalogId),
4417+
objectId);
4418+
if (!HeapTupleIsValid(tup))
4419+
{
4420+
table_close(rel,AccessShareLock);
4421+
PG_RETURN_NULL();
4422+
}
4423+
4424+
datum=heap_getattr(tup,Anum_acl,RelationGetDescr(rel),&isnull);
44004425
table_close(rel,AccessShareLock);
4401-
PG_RETURN_NULL();
44024426
}
44034427

4404-
datum=heap_getattr(tup,Anum_acl,RelationGetDescr(rel),&isnull);
4405-
table_close(rel,AccessShareLock);
4406-
44074428
if (isnull)
44084429
PG_RETURN_NULL();
44094430

‎src/include/catalog/catversion.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,6 @@
5757
*/
5858

5959
/*yyyymmddN */
60-
#defineCATALOG_VERSION_NO202407091
60+
#defineCATALOG_VERSION_NO202407101
6161

6262
#endif

‎src/include/catalog/pg_proc.dat

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6364,7 +6364,7 @@
63646364

63656365
{ oid => '8730', descr => 'get ACL for SQL object',
63666366
proname => 'pg_get_acl', provolatile => 's', prorettype => '_aclitem',
6367-
proargtypes => 'oid oid', proargnames => '{classid,objid}',
6367+
proargtypes => 'oid oid int4', proargnames => '{classid,objid,objsubid}',
63686368
prosrc => 'pg_get_acl' },
63696369

63706370
{ oid => '3839',

‎src/test/regress/expected/privileges.out

Lines changed: 28 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -213,7 +213,7 @@ SELECT * FROM atest1;
213213
(0 rows)
214214

215215
CREATE TABLE atest2 (col1 varchar(10), col2 boolean);
216-
SELECT pg_get_acl('pg_class'::regclass, 'atest2'::regclass::oid);
216+
SELECT pg_get_acl('pg_class'::regclass, 'atest2'::regclass::oid, 0);
217217
pg_get_acl
218218
------------
219219

@@ -223,7 +223,7 @@ GRANT SELECT ON atest2 TO regress_priv_user2;
223223
GRANT UPDATE ON atest2 TO regress_priv_user3;
224224
GRANT INSERT ON atest2 TO regress_priv_user4 GRANTED BY CURRENT_USER;
225225
GRANT TRUNCATE ON atest2 TO regress_priv_user5 GRANTED BY CURRENT_ROLE;
226-
SELECT unnest(pg_get_acl('pg_class'::regclass, 'atest2'::regclass::oid));
226+
SELECT unnest(pg_get_acl('pg_class'::regclass, 'atest2'::regclass::oid, 0));
227227
unnest
228228
------------------------------------------------
229229
regress_priv_user1=arwdDxtm/regress_priv_user1
@@ -234,13 +234,13 @@ SELECT unnest(pg_get_acl('pg_class'::regclass, 'atest2'::regclass::oid));
234234
(5 rows)
235235

236236
-- Invalid inputs
237-
SELECT pg_get_acl('pg_class'::regclass, 0); -- null
237+
SELECT pg_get_acl('pg_class'::regclass, 0, 0); -- null
238238
pg_get_acl
239239
------------
240240

241241
(1 row)
242242

243-
SELECT pg_get_acl(0, 0); -- null
243+
SELECT pg_get_acl(0, 0, 0); -- null
244244
pg_get_acl
245245
------------
246246

@@ -653,6 +653,30 @@ CREATE TABLE atest5 (one int, two int unique, three int, four int unique);
653653
CREATE TABLE atest6 (one int, two int, blue int);
654654
GRANT SELECT (one), INSERT (two), UPDATE (three) ON atest5 TO regress_priv_user4;
655655
GRANT ALL (one) ON atest5 TO regress_priv_user3;
656+
SELECT unnest(pg_get_acl('pg_class'::regclass, 'atest5'::regclass::oid, 1));
657+
unnest
658+
--------------------------------------------
659+
regress_priv_user4=r/regress_priv_user1
660+
regress_priv_user3=arwx/regress_priv_user1
661+
(2 rows)
662+
663+
SELECT unnest(pg_get_acl('pg_class'::regclass, 'atest5'::regclass::oid, 2));
664+
unnest
665+
-----------------------------------------
666+
regress_priv_user4=a/regress_priv_user1
667+
(1 row)
668+
669+
SELECT unnest(pg_get_acl('pg_class'::regclass, 'atest5'::regclass::oid, 3));
670+
unnest
671+
-----------------------------------------
672+
regress_priv_user4=w/regress_priv_user1
673+
(1 row)
674+
675+
SELECT unnest(pg_get_acl('pg_class'::regclass, 'atest5'::regclass::oid, 4));
676+
unnest
677+
--------
678+
(0 rows)
679+
656680
INSERT INTO atest5 VALUES (1,2,3);
657681
SET SESSION AUTHORIZATION regress_priv_user4;
658682
SELECT * FROM atest5; -- fail

‎src/test/regress/sql/privileges.sql

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -183,16 +183,16 @@ GRANT SELECT ON atest1 TO regress_priv_user3, regress_priv_user4;
183183
SELECT*FROM atest1;
184184

185185
CREATETABLEatest2 (col1varchar(10), col2boolean);
186-
SELECT pg_get_acl('pg_class'::regclass,'atest2'::regclass::oid);
186+
SELECT pg_get_acl('pg_class'::regclass,'atest2'::regclass::oid,0);
187187
GRANTSELECTON atest2 TO regress_priv_user2;
188188
GRANTUPDATEON atest2 TO regress_priv_user3;
189189
GRANT INSERTON atest2 TO regress_priv_user4 GRANTED BYCURRENT_USER;
190190
GRANT TRUNCATEON atest2 TO regress_priv_user5 GRANTED BY CURRENT_ROLE;
191-
SELECT unnest(pg_get_acl('pg_class'::regclass,'atest2'::regclass::oid));
191+
SELECT unnest(pg_get_acl('pg_class'::regclass,'atest2'::regclass::oid,0));
192192

193193
-- Invalid inputs
194-
SELECT pg_get_acl('pg_class'::regclass,0);-- null
195-
SELECT pg_get_acl(0,0);-- null
194+
SELECT pg_get_acl('pg_class'::regclass,0,0);-- null
195+
SELECT pg_get_acl(0,0,0);-- null
196196

197197
GRANT TRUNCATEON atest2 TO regress_priv_user4 GRANTED BY regress_priv_user5;-- error
198198

@@ -439,6 +439,10 @@ CREATE TABLE atest5 (one int, two int unique, three int, four int unique);
439439
CREATETABLEatest6 (oneint, twoint, blueint);
440440
GRANTSELECT (one), INSERT (two),UPDATE (three)ON atest5 TO regress_priv_user4;
441441
GRANT ALL (one)ON atest5 TO regress_priv_user3;
442+
SELECT unnest(pg_get_acl('pg_class'::regclass,'atest5'::regclass::oid,1));
443+
SELECT unnest(pg_get_acl('pg_class'::regclass,'atest5'::regclass::oid,2));
444+
SELECT unnest(pg_get_acl('pg_class'::regclass,'atest5'::regclass::oid,3));
445+
SELECT unnest(pg_get_acl('pg_class'::regclass,'atest5'::regclass::oid,4));
442446

443447
INSERT INTO atest5VALUES (1,2,3);
444448

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp