Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit08eb37d

Browse files
committed
Fix column privilege checking for cases where parent and child have different
attribute numbering. Also, a parent whole-row reference should not requireselect privilege on child columns that aren't inherited from the parent.Problem diagnosed by KaiGai Kohei, though this isn't exactly his patch.
1 parentff6c93b commit08eb37d

File tree

3 files changed

+141
-1
lines changed

3 files changed

+141
-1
lines changed

‎src/backend/optimizer/prep/prepunion.c

Lines changed: 70 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,14 +22,15 @@
2222
*
2323
*
2424
* IDENTIFICATION
25-
* $PostgreSQL: pgsql/src/backend/optimizer/prep/prepunion.c,v 1.166 2009/02/25 03:30:37 tgl Exp $
25+
* $PostgreSQL: pgsql/src/backend/optimizer/prep/prepunion.c,v 1.167 2009/03/05 17:30:29 tgl Exp $
2626
*
2727
*-------------------------------------------------------------------------
2828
*/
2929
#include"postgres.h"
3030

3131

3232
#include"access/heapam.h"
33+
#include"access/sysattr.h"
3334
#include"catalog/namespace.h"
3435
#include"catalog/pg_type.h"
3536
#include"miscadmin.h"
@@ -95,6 +96,8 @@ static void make_inh_translation_list(Relation oldrelation,
9596
Relationnewrelation,
9697
Indexnewvarno,
9798
List**translated_vars);
99+
staticBitmapset*translate_col_privs(constBitmapset*parent_privs,
100+
List*translated_vars);
98101
staticNode*adjust_appendrel_attrs_mutator(Node*node,
99102
AppendRelInfo*context);
100103
staticRelidsadjust_relid_set(Relidsrelids,Indexoldrelid,Indexnewrelid);
@@ -1295,6 +1298,19 @@ expand_inherited_rtentry(PlannerInfo *root, RangeTblEntry *rte, Index rti)
12951298
appinfo->parent_reloid=parentOID;
12961299
appinfos=lappend(appinfos,appinfo);
12971300

1301+
/*
1302+
* Translate the column permissions bitmaps to the child's attnums
1303+
* (we have to build the translated_vars list before we can do this).
1304+
* But if this is the parent table, leave copyObject's result alone.
1305+
*/
1306+
if (childOID!=parentOID)
1307+
{
1308+
childrte->selectedCols=translate_col_privs(rte->selectedCols,
1309+
appinfo->translated_vars);
1310+
childrte->modifiedCols=translate_col_privs(rte->modifiedCols,
1311+
appinfo->translated_vars);
1312+
}
1313+
12981314
/*
12991315
* Build a RowMarkClause if parent is marked FOR UPDATE/SHARE.
13001316
*/
@@ -1437,6 +1453,59 @@ make_inh_translation_list(Relation oldrelation, Relation newrelation,
14371453
*translated_vars=vars;
14381454
}
14391455

1456+
/*
1457+
* translate_col_privs
1458+
* Translate a bitmapset representing per-column privileges from the
1459+
* parent rel's attribute numbering to the child's.
1460+
*
1461+
* The only surprise here is that we don't translate a parent whole-row
1462+
* reference into a child whole-row reference. That would mean requiring
1463+
* permissions on all child columns, which is overly strict, since the
1464+
* query is really only going to reference the inherited columns. Instead
1465+
* we set the per-column bits for all inherited columns.
1466+
*/
1467+
staticBitmapset*
1468+
translate_col_privs(constBitmapset*parent_privs,
1469+
List*translated_vars)
1470+
{
1471+
Bitmapset*child_privs=NULL;
1472+
boolwhole_row;
1473+
intattno;
1474+
ListCell*lc;
1475+
1476+
/* System attributes have the same numbers in all tables */
1477+
for (attno=FirstLowInvalidHeapAttributeNumber+1;attno<0;attno++)
1478+
{
1479+
if (bms_is_member(attno-FirstLowInvalidHeapAttributeNumber,
1480+
parent_privs))
1481+
child_privs=bms_add_member(child_privs,
1482+
attno-FirstLowInvalidHeapAttributeNumber);
1483+
}
1484+
1485+
/* Check if parent has whole-row reference */
1486+
whole_row=bms_is_member(InvalidAttrNumber-FirstLowInvalidHeapAttributeNumber,
1487+
parent_privs);
1488+
1489+
/* And now translate the regular user attributes, using the vars list */
1490+
attno=InvalidAttrNumber;
1491+
foreach(lc,translated_vars)
1492+
{
1493+
Var*var= (Var*)lfirst(lc);
1494+
1495+
attno++;
1496+
if (var==NULL)/* ignore dropped columns */
1497+
continue;
1498+
Assert(IsA(var,Var));
1499+
if (whole_row||
1500+
bms_is_member(attno-FirstLowInvalidHeapAttributeNumber,
1501+
parent_privs))
1502+
child_privs=bms_add_member(child_privs,
1503+
var->varattno-FirstLowInvalidHeapAttributeNumber);
1504+
}
1505+
1506+
returnchild_privs;
1507+
}
1508+
14401509
/*
14411510
* adjust_appendrel_attrs
14421511
* Copy the specified query or expression and translate Vars referring

‎src/test/regress/expected/privileges.out

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -393,6 +393,48 @@ SET SESSION AUTHORIZATION regressuser3;
393393
DELETE FROM atest5 WHERE one = 1; -- fail
394394
ERROR: permission denied for relation atest5
395395
DELETE FROM atest5 WHERE two = 2; -- ok
396+
-- check inheritance cases
397+
SET SESSION AUTHORIZATION regressuser1;
398+
CREATE TABLE atestp1 (f1 int, f2 int) WITH OIDS;
399+
CREATE TABLE atestp2 (fx int, fy int) WITH OIDS;
400+
CREATE TABLE atestc (fz int) INHERITS (atestp1, atestp2);
401+
GRANT SELECT(fx,fy,oid) ON atestp2 TO regressuser2;
402+
GRANT SELECT(fx) ON atestc TO regressuser2;
403+
SET SESSION AUTHORIZATION regressuser2;
404+
SELECT fx FROM atestp2; -- ok
405+
fx
406+
----
407+
(0 rows)
408+
409+
SELECT fy FROM atestp2; -- fail, no privilege on atestc.fy
410+
ERROR: permission denied for relation atestc
411+
SELECT atestp2 FROM atestp2; -- fail, no privilege on atestc.fy
412+
ERROR: permission denied for relation atestc
413+
SELECT oid FROM atestp2; -- fail, no privilege on atestc.oid
414+
ERROR: permission denied for relation atestc
415+
SET SESSION AUTHORIZATION regressuser1;
416+
GRANT SELECT(fy,oid) ON atestc TO regressuser2;
417+
SET SESSION AUTHORIZATION regressuser2;
418+
SELECT fx FROM atestp2; -- still ok
419+
fx
420+
----
421+
(0 rows)
422+
423+
SELECT fy FROM atestp2; -- ok
424+
fy
425+
----
426+
(0 rows)
427+
428+
SELECT atestp2 FROM atestp2; -- ok
429+
atestp2
430+
---------
431+
(0 rows)
432+
433+
SELECT oid FROM atestp2; -- ok
434+
oid
435+
-----
436+
(0 rows)
437+
396438
-- privileges on functions, languages
397439
-- switch to superuser
398440
\c -
@@ -791,6 +833,9 @@ DROP TABLE atest3;
791833
DROP TABLE atest4;
792834
DROP TABLE atest5;
793835
DROP TABLE atest6;
836+
DROP TABLE atestc;
837+
DROP TABLE atestp1;
838+
DROP TABLE atestp2;
794839
DROP GROUP regressgroup1;
795840
DROP GROUP regressgroup2;
796841
REVOKE USAGE ON LANGUAGE sql FROM regressuser1;

‎src/test/regress/sql/privileges.sql

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -267,6 +267,29 @@ SET SESSION AUTHORIZATION regressuser3;
267267
DELETEFROM atest5WHERE one=1;-- fail
268268
DELETEFROM atest5WHERE two=2;-- ok
269269

270+
-- check inheritance cases
271+
SET SESSION AUTHORIZATION regressuser1;
272+
CREATETABLEatestp1 (f1int, f2int) WITH OIDS;
273+
CREATETABLEatestp2 (fxint, fyint) WITH OIDS;
274+
CREATETABLEatestc (fzint) INHERITS (atestp1, atestp2);
275+
GRANTSELECT(fx,fy,oid)ON atestp2 TO regressuser2;
276+
GRANTSELECT(fx)ON atestc TO regressuser2;
277+
278+
SET SESSION AUTHORIZATION regressuser2;
279+
SELECT fxFROM atestp2;-- ok
280+
SELECT fyFROM atestp2;-- fail, no privilege on atestc.fy
281+
SELECT atestp2FROM atestp2;-- fail, no privilege on atestc.fy
282+
SELECToidFROM atestp2;-- fail, no privilege on atestc.oid
283+
284+
SET SESSION AUTHORIZATION regressuser1;
285+
GRANTSELECT(fy,oid)ON atestc TO regressuser2;
286+
287+
SET SESSION AUTHORIZATION regressuser2;
288+
SELECT fxFROM atestp2;-- still ok
289+
SELECT fyFROM atestp2;-- ok
290+
SELECT atestp2FROM atestp2;-- ok
291+
SELECToidFROM atestp2;-- ok
292+
270293
-- privileges on functions, languages
271294

272295
-- switch to superuser
@@ -466,6 +489,9 @@ DROP TABLE atest3;
466489
DROPTABLE atest4;
467490
DROPTABLE atest5;
468491
DROPTABLE atest6;
492+
DROPTABLE atestc;
493+
DROPTABLE atestp1;
494+
DROPTABLE atestp2;
469495

470496
DROPGROUP regressgroup1;
471497
DROPGROUP regressgroup2;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp