aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
aclmode);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
return rel;
/* Check permissions, user must have usage on the server. */
aclresult = pg_foreign_server_aclcheck(serverid, userid, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, foreign_server->servername);
+ aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, foreign_server->servername);
foreach(cell, fdw->options)
{
SET ROLE regress_no_priv_user;
SELECT * FROM agg_text ORDER BY a; -- ERROR
-ERROR: permission denied for relation agg_text
+ERROR: permission denied for foreign table agg_text
SET ROLE regress_file_fdw_user;
\t on
EXPLAIN (VERBOSE, COSTS FALSE) SELECT * FROM agg_text WHERE a > 0;
rel = relation_open(relOid, AccessShareLock);
aclresult = pg_class_aclcheck(relOid, GetUserId(), ACL_SELECT);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS, get_rel_name(relOid));
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind), get_rel_name(relOid));
/* Check that the fork exists. */
RelationOpenSmgr(rel);
aclresult = is_member_of_role(GetUserId(), DEFAULT_ROLE_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
scan = heap_beginscan(rel, GetActiveSnapshot(), 0, NULL);
(1 row)
INSERT INTO lr_test VALUES('lr_superuser_init');
-ERROR: permission denied for relation lr_test
+ERROR: permission denied for table lr_test
SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
data
------
SELECT 'init' FROM pg_create_logical_replication_slot('regression_slot', 'test_decoding');
ERROR: must be superuser or replication role to use replication slots
INSERT INTO lr_test VALUES('lr_superuser_init');
-ERROR: permission denied for relation lr_test
+ERROR: permission denied for table lr_test
SELECT data FROM pg_logical_slot_get_changes('regression_slot', NULL, NULL, 'include-xids', '0', 'skip-empty-xacts', '1');
ERROR: must be superuser or replication role to use replication slots
SELECT pg_drop_replication_slot('regression_slot');
/* User must own the index (comparable to privileges needed for VACUUM) */
if (!pg_class_ownercheck(indexoid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
RelationGetRelationName(indexRel));
/*
/* User must own the index (comparable to privileges needed for VACUUM) */
if (!pg_class_ownercheck(indexoid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
RelationGetRelationName(indexRel));
/*
/* User must own the index (comparable to privileges needed for VACUUM) */
if (!pg_class_ownercheck(indexoid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX,
RelationGetRelationName(indexRel));
memset(&stats, 0, sizeof(stats));
static AclMode restrict_and_check_grant(bool is_grant, AclMode avail_goptions,
bool all_privs, AclMode privileges,
Oid objectId, Oid grantorId,
- AclObjectKind objkind, const char *objname,
+ ObjectType objtype, const char *objname,
AttrNumber att_number, const char *colname);
-static AclMode pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum,
+static AclMode pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum,
Oid roleid, AclMode mask, AclMaskHow how);
static void recordExtensionInitPriv(Oid objoid, Oid classoid, int objsubid,
Acl *new_acl);
static AclMode
restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs,
AclMode privileges, Oid objectId, Oid grantorId,
- AclObjectKind objkind, const char *objname,
+ ObjectType objtype, const char *objname,
AttrNumber att_number, const char *colname)
{
AclMode this_privileges;
AclMode whole_mask;
- switch (objkind)
+ switch (objtype)
{
- case ACL_KIND_COLUMN:
+ case OBJECT_COLUMN:
whole_mask = ACL_ALL_RIGHTS_COLUMN;
break;
- case ACL_KIND_CLASS:
+ case OBJECT_TABLE:
whole_mask = ACL_ALL_RIGHTS_RELATION;
break;
- case ACL_KIND_SEQUENCE:
+ case OBJECT_SEQUENCE:
whole_mask = ACL_ALL_RIGHTS_SEQUENCE;
break;
- case ACL_KIND_DATABASE:
+ case OBJECT_DATABASE:
whole_mask = ACL_ALL_RIGHTS_DATABASE;
break;
- case ACL_KIND_PROC:
+ case OBJECT_FUNCTION:
whole_mask = ACL_ALL_RIGHTS_FUNCTION;
break;
- case ACL_KIND_LANGUAGE:
+ case OBJECT_LANGUAGE:
whole_mask = ACL_ALL_RIGHTS_LANGUAGE;
break;
- case ACL_KIND_LARGEOBJECT:
+ case OBJECT_LARGEOBJECT:
whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT;
break;
- case ACL_KIND_NAMESPACE:
+ case OBJECT_SCHEMA:
whole_mask = ACL_ALL_RIGHTS_SCHEMA;
break;
- case ACL_KIND_TABLESPACE:
+ case OBJECT_TABLESPACE:
whole_mask = ACL_ALL_RIGHTS_TABLESPACE;
break;
- case ACL_KIND_FDW:
+ case OBJECT_FDW:
whole_mask = ACL_ALL_RIGHTS_FDW;
break;
- case ACL_KIND_FOREIGN_SERVER:
+ case OBJECT_FOREIGN_SERVER:
whole_mask = ACL_ALL_RIGHTS_FOREIGN_SERVER;
break;
- case ACL_KIND_EVENT_TRIGGER:
+ case OBJECT_EVENT_TRIGGER:
elog(ERROR, "grantable rights not supported for event triggers");
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
- case ACL_KIND_TYPE:
+ case OBJECT_TYPE:
whole_mask = ACL_ALL_RIGHTS_TYPE;
break;
default:
- elog(ERROR, "unrecognized object kind: %d", objkind);
+ elog(ERROR, "unrecognized object type: %d", objtype);
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
}
*/
if (avail_goptions == ACL_NO_RIGHTS)
{
- if (pg_aclmask(objkind, objectId, att_number, grantorId,
+ if (pg_aclmask(objtype, objectId, att_number, grantorId,
whole_mask | ACL_GRANT_OPTION_FOR(whole_mask),
ACLMASK_ANY) == ACL_NO_RIGHTS)
{
- if (objkind == ACL_KIND_COLUMN && colname)
- aclcheck_error_col(ACLCHECK_NO_PRIV, objkind, objname, colname);
+ if (objtype == OBJECT_COLUMN && colname)
+ aclcheck_error_col(ACLCHECK_NO_PRIV, objtype, objname, colname);
else
- aclcheck_error(ACLCHECK_NO_PRIV, objkind, objname);
+ aclcheck_error(ACLCHECK_NO_PRIV, objtype, objname);
}
}
{
if (this_privileges == 0)
{
- if (objkind == ACL_KIND_COLUMN && colname)
+ if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
errmsg("no privileges were granted for column \"%s\" of relation \"%s\"",
}
else if (!all_privs && this_privileges != privileges)
{
- if (objkind == ACL_KIND_COLUMN && colname)
+ if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_GRANTED),
errmsg("not all privileges were granted for column \"%s\" of relation \"%s\"",
{
if (this_privileges == 0)
{
- if (objkind == ACL_KIND_COLUMN && colname)
+ if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
errmsg("no privileges could be revoked for column \"%s\" of relation \"%s\"",
}
else if (!all_privs && this_privileges != privileges)
{
- if (objkind == ACL_KIND_COLUMN && colname)
+ if (objtype == OBJECT_COLUMN && colname)
ereport(WARNING,
(errcode(ERRCODE_WARNING_PRIVILEGE_NOT_REVOKED),
errmsg("not all privileges could be revoked for column \"%s\" of relation \"%s\"",
restrict_and_check_grant(istmt->is_grant, avail_goptions,
(col_privileges == ACL_ALL_RIGHTS_COLUMN),
col_privileges,
- relOid, grantorId, ACL_KIND_COLUMN,
+ relOid, grantorId, OBJECT_COLUMN,
relname, attnum,
NameStr(pg_attribute_tuple->attname));
bool replaces[Natts_pg_class];
int nnewmembers;
Oid *newmembers;
- AclObjectKind aclkind;
+ ObjectType objtype;
/* Determine ID to do the grant as, and available grant options */
select_best_grantor(GetUserId(), this_privileges,
switch (pg_class_tuple->relkind)
{
case RELKIND_SEQUENCE:
- aclkind = ACL_KIND_SEQUENCE;
+ objtype = OBJECT_SEQUENCE;
break;
default:
- aclkind = ACL_KIND_CLASS;
+ objtype = OBJECT_TABLE;
break;
}
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, this_privileges,
- relOid, grantorId, aclkind,
+ relOid, grantorId, objtype,
NameStr(pg_class_tuple->relname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- datId, grantorId, ACL_KIND_DATABASE,
+ datId, grantorId, OBJECT_DATABASE,
NameStr(pg_database_tuple->datname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- fdwid, grantorId, ACL_KIND_FDW,
+ fdwid, grantorId, OBJECT_FDW,
NameStr(pg_fdw_tuple->fdwname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- srvid, grantorId, ACL_KIND_FOREIGN_SERVER,
+ srvid, grantorId, OBJECT_FOREIGN_SERVER,
NameStr(pg_server_tuple->srvname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- funcId, grantorId, ACL_KIND_PROC,
+ funcId, grantorId, OBJECT_FUNCTION,
NameStr(pg_proc_tuple->proname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- langId, grantorId, ACL_KIND_LANGUAGE,
+ langId, grantorId, OBJECT_LANGUAGE,
NameStr(pg_language_tuple->lanname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- loid, grantorId, ACL_KIND_LARGEOBJECT,
+ loid, grantorId, OBJECT_LARGEOBJECT,
loname, 0, NULL);
/*
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- nspid, grantorId, ACL_KIND_NAMESPACE,
+ nspid, grantorId, OBJECT_SCHEMA,
NameStr(pg_namespace_tuple->nspname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- tblId, grantorId, ACL_KIND_TABLESPACE,
+ tblId, grantorId, OBJECT_TABLESPACE,
NameStr(pg_tablespace_tuple->spcname),
0, NULL);
this_privileges =
restrict_and_check_grant(istmt->is_grant, avail_goptions,
istmt->all_privs, istmt->privileges,
- typId, grantorId, ACL_KIND_TYPE,
+ typId, grantorId, OBJECT_TYPE,
NameStr(pg_type_tuple->typname),
0, NULL);
* Note: we do not double-quote the %s's below, because many callers
* supply strings that might be already quoted.
*/
-
-static const char *const no_priv_msg[MAX_ACL_KIND] =
-{
- /* ACL_KIND_COLUMN */
- gettext_noop("permission denied for column %s"),
- /* ACL_KIND_CLASS */
- gettext_noop("permission denied for relation %s"),
- /* ACL_KIND_SEQUENCE */
- gettext_noop("permission denied for sequence %s"),
- /* ACL_KIND_DATABASE */
- gettext_noop("permission denied for database %s"),
- /* ACL_KIND_PROC */
- gettext_noop("permission denied for function %s"),
- /* ACL_KIND_OPER */
- gettext_noop("permission denied for operator %s"),
- /* ACL_KIND_TYPE */
- gettext_noop("permission denied for type %s"),
- /* ACL_KIND_LANGUAGE */
- gettext_noop("permission denied for language %s"),
- /* ACL_KIND_LARGEOBJECT */
- gettext_noop("permission denied for large object %s"),
- /* ACL_KIND_NAMESPACE */
- gettext_noop("permission denied for schema %s"),
- /* ACL_KIND_OPCLASS */
- gettext_noop("permission denied for operator class %s"),
- /* ACL_KIND_OPFAMILY */
- gettext_noop("permission denied for operator family %s"),
- /* ACL_KIND_COLLATION */
- gettext_noop("permission denied for collation %s"),
- /* ACL_KIND_CONVERSION */
- gettext_noop("permission denied for conversion %s"),
- /* ACL_KIND_STATISTICS */
- gettext_noop("permission denied for statistics object %s"),
- /* ACL_KIND_TABLESPACE */
- gettext_noop("permission denied for tablespace %s"),
- /* ACL_KIND_TSDICTIONARY */
- gettext_noop("permission denied for text search dictionary %s"),
- /* ACL_KIND_TSCONFIGURATION */
- gettext_noop("permission denied for text search configuration %s"),
- /* ACL_KIND_FDW */
- gettext_noop("permission denied for foreign-data wrapper %s"),
- /* ACL_KIND_FOREIGN_SERVER */
- gettext_noop("permission denied for foreign server %s"),
- /* ACL_KIND_EVENT_TRIGGER */
- gettext_noop("permission denied for event trigger %s"),
- /* ACL_KIND_EXTENSION */
- gettext_noop("permission denied for extension %s"),
- /* ACL_KIND_PUBLICATION */
- gettext_noop("permission denied for publication %s"),
- /* ACL_KIND_SUBSCRIPTION */
- gettext_noop("permission denied for subscription %s"),
-};
-
-static const char *const not_owner_msg[MAX_ACL_KIND] =
-{
- /* ACL_KIND_COLUMN */
- gettext_noop("must be owner of relation %s"),
- /* ACL_KIND_CLASS */
- gettext_noop("must be owner of relation %s"),
- /* ACL_KIND_SEQUENCE */
- gettext_noop("must be owner of sequence %s"),
- /* ACL_KIND_DATABASE */
- gettext_noop("must be owner of database %s"),
- /* ACL_KIND_PROC */
- gettext_noop("must be owner of function %s"),
- /* ACL_KIND_OPER */
- gettext_noop("must be owner of operator %s"),
- /* ACL_KIND_TYPE */
- gettext_noop("must be owner of type %s"),
- /* ACL_KIND_LANGUAGE */
- gettext_noop("must be owner of language %s"),
- /* ACL_KIND_LARGEOBJECT */
- gettext_noop("must be owner of large object %s"),
- /* ACL_KIND_NAMESPACE */
- gettext_noop("must be owner of schema %s"),
- /* ACL_KIND_OPCLASS */
- gettext_noop("must be owner of operator class %s"),
- /* ACL_KIND_OPFAMILY */
- gettext_noop("must be owner of operator family %s"),
- /* ACL_KIND_COLLATION */
- gettext_noop("must be owner of collation %s"),
- /* ACL_KIND_CONVERSION */
- gettext_noop("must be owner of conversion %s"),
- /* ACL_KIND_STATISTICS */
- gettext_noop("must be owner of statistics object %s"),
- /* ACL_KIND_TABLESPACE */
- gettext_noop("must be owner of tablespace %s"),
- /* ACL_KIND_TSDICTIONARY */
- gettext_noop("must be owner of text search dictionary %s"),
- /* ACL_KIND_TSCONFIGURATION */
- gettext_noop("must be owner of text search configuration %s"),
- /* ACL_KIND_FDW */
- gettext_noop("must be owner of foreign-data wrapper %s"),
- /* ACL_KIND_FOREIGN_SERVER */
- gettext_noop("must be owner of foreign server %s"),
- /* ACL_KIND_EVENT_TRIGGER */
- gettext_noop("must be owner of event trigger %s"),
- /* ACL_KIND_EXTENSION */
- gettext_noop("must be owner of extension %s"),
- /* ACL_KIND_PUBLICATION */
- gettext_noop("must be owner of publication %s"),
- /* ACL_KIND_SUBSCRIPTION */
- gettext_noop("must be owner of subscription %s"),
-};
-
-
void
-aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error(AclResult aclerr, ObjectType objtype,
const char *objectname)
{
switch (aclerr)
/* no error, so return to caller */
break;
case ACLCHECK_NO_PRIV:
- ereport(ERROR,
- (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg(no_priv_msg[objectkind], objectname)));
- break;
+ {
+ const char *msg;
+
+ switch (objtype)
+ {
+ case OBJECT_AGGREGATE:
+ msg = gettext_noop("permission denied for aggregate %s");
+ break;
+ case OBJECT_COLLATION:
+ msg = gettext_noop("permission denied for collation %s");
+ break;
+ case OBJECT_COLUMN:
+ msg = gettext_noop("permission denied for column %s");
+ break;
+ case OBJECT_CONVERSION:
+ msg = gettext_noop("permission denied for conversion %s");
+ break;
+ case OBJECT_DATABASE:
+ msg = gettext_noop("permission denied for database %s");
+ break;
+ case OBJECT_DOMAIN:
+ msg = gettext_noop("permission denied for domain %s");
+ break;
+ case OBJECT_EVENT_TRIGGER:
+ msg = gettext_noop("permission denied for event trigger %s");
+ break;
+ case OBJECT_EXTENSION:
+ msg = gettext_noop("permission denied for extension %s");
+ break;
+ case OBJECT_FDW:
+ msg = gettext_noop("permission denied for foreign-data wrapper %s");
+ break;
+ case OBJECT_FOREIGN_SERVER:
+ msg = gettext_noop("permission denied for foreign server %s");
+ break;
+ case OBJECT_FOREIGN_TABLE:
+ msg = gettext_noop("permission denied for foreign table %s");
+ break;
+ case OBJECT_FUNCTION:
+ msg = gettext_noop("permission denied for function %s");
+ break;
+ case OBJECT_INDEX:
+ msg = gettext_noop("permission denied for index %s");
+ break;
+ case OBJECT_LANGUAGE:
+ msg = gettext_noop("permission denied for language %s");
+ break;
+ case OBJECT_LARGEOBJECT:
+ msg = gettext_noop("permission denied for large object %s");
+ break;
+ case OBJECT_MATVIEW:
+ msg = gettext_noop("permission denied for materialized view %s");
+ break;
+ case OBJECT_OPCLASS:
+ msg = gettext_noop("permission denied for operator class %s");
+ break;
+ case OBJECT_OPERATOR:
+ msg = gettext_noop("permission denied for operator %s");
+ break;
+ case OBJECT_OPFAMILY:
+ msg = gettext_noop("permission denied for operator family %s");
+ break;
+ case OBJECT_POLICY:
+ msg = gettext_noop("permission denied for policy %s");
+ break;
+ case OBJECT_PROCEDURE:
+ msg = gettext_noop("permission denied for procedure %s");
+ break;
+ case OBJECT_PUBLICATION:
+ msg = gettext_noop("permission denied for publication %s");
+ break;
+ case OBJECT_ROUTINE:
+ msg = gettext_noop("permission denied for routine %s");
+ break;
+ case OBJECT_SCHEMA:
+ msg = gettext_noop("permission denied for schema %s");
+ break;
+ case OBJECT_SEQUENCE:
+ msg = gettext_noop("permission denied for sequence %s");
+ break;
+ case OBJECT_STATISTIC_EXT:
+ msg = gettext_noop("permission denied for statistics object %s");
+ break;
+ case OBJECT_SUBSCRIPTION:
+ msg = gettext_noop("permission denied for subscription %s");
+ break;
+ case OBJECT_TABLE:
+ msg = gettext_noop("permission denied for table %s");
+ break;
+ case OBJECT_TABLESPACE:
+ msg = gettext_noop("permission denied for tablespace %s");
+ break;
+ case OBJECT_TSCONFIGURATION:
+ msg = gettext_noop("permission denied for text search configuration %s");
+ break;
+ case OBJECT_TSDICTIONARY:
+ msg = gettext_noop("permission denied for text search dictionary %s");
+ break;
+ case OBJECT_TYPE:
+ msg = gettext_noop("permission denied for type %s");
+ break;
+ case OBJECT_VIEW:
+ msg = gettext_noop("permission denied for view %s");
+ break;
+ /* these currently aren't used */
+ case OBJECT_ACCESS_METHOD:
+ case OBJECT_AMOP:
+ case OBJECT_AMPROC:
+ case OBJECT_ATTRIBUTE:
+ case OBJECT_CAST:
+ case OBJECT_DEFAULT:
+ case OBJECT_DEFACL:
+ case OBJECT_DOMCONSTRAINT:
+ case OBJECT_PUBLICATION_REL:
+ case OBJECT_ROLE:
+ case OBJECT_RULE:
+ case OBJECT_TABCONSTRAINT:
+ case OBJECT_TRANSFORM:
+ case OBJECT_TRIGGER:
+ case OBJECT_TSPARSER:
+ case OBJECT_TSTEMPLATE:
+ case OBJECT_USER_MAPPING:
+ elog(ERROR, "unsupported object type %d", objtype);
+ msg = "???";
+ }
+
+ ereport(ERROR,
+ (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+ errmsg(msg, objectname)));
+ break;
+ }
case ACLCHECK_NOT_OWNER:
- ereport(ERROR,
- (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg(not_owner_msg[objectkind], objectname)));
- break;
+ {
+ const char *msg;
+
+ switch (objtype)
+ {
+ case OBJECT_AGGREGATE:
+ msg = gettext_noop("must be owner of aggregate %s");
+ break;
+ case OBJECT_COLLATION:
+ msg = gettext_noop("must be owner of collation %s");
+ break;
+ case OBJECT_CONVERSION:
+ msg = gettext_noop("must be owner of conversion %s");
+ break;
+ case OBJECT_DATABASE:
+ msg = gettext_noop("must be owner of database %s");
+ break;
+ case OBJECT_DOMAIN:
+ msg = gettext_noop("must be owner of domain %s");
+ break;
+ case OBJECT_EVENT_TRIGGER:
+ msg = gettext_noop("must be owner of event trigger %s");
+ break;
+ case OBJECT_EXTENSION:
+ msg = gettext_noop("must be owner of extension %s");
+ break;
+ case OBJECT_FDW:
+ msg = gettext_noop("must be owner of foreign-data wrapper %s");
+ break;
+ case OBJECT_FOREIGN_SERVER:
+ msg = gettext_noop("must be owner of foreign server %s");
+ break;
+ case OBJECT_FOREIGN_TABLE:
+ msg = gettext_noop("must be owner of foreign table %s");
+ break;
+ case OBJECT_FUNCTION:
+ msg = gettext_noop("must be owner of function %s");
+ break;
+ case OBJECT_INDEX:
+ msg = gettext_noop("must be owner of index %s");
+ break;
+ case OBJECT_LANGUAGE:
+ msg = gettext_noop("must be owner of language %s");
+ break;
+ case OBJECT_LARGEOBJECT:
+ msg = gettext_noop("must be owner of large object %s");
+ break;
+ case OBJECT_MATVIEW:
+ msg = gettext_noop("must be owner of materialized view %s");
+ break;
+ case OBJECT_OPCLASS:
+ msg = gettext_noop("must be owner of operator class %s");
+ break;
+ case OBJECT_OPERATOR:
+ msg = gettext_noop("must be owner of operator %s");
+ break;
+ case OBJECT_OPFAMILY:
+ msg = gettext_noop("must be owner of operator family %s");
+ break;
+ case OBJECT_PROCEDURE:
+ msg = gettext_noop("must be owner of procedure %s");
+ break;
+ case OBJECT_PUBLICATION:
+ msg = gettext_noop("must be owner of publication %s");
+ break;
+ case OBJECT_ROUTINE:
+ msg = gettext_noop("must be owner of routine %s");
+ break;
+ case OBJECT_SEQUENCE:
+ msg = gettext_noop("must be owner of sequence %s");
+ break;
+ case OBJECT_SUBSCRIPTION:
+ msg = gettext_noop("must be owner of subscription %s");
+ break;
+ case OBJECT_TABLE:
+ msg = gettext_noop("must be owner of table %s");
+ break;
+ case OBJECT_TYPE:
+ msg = gettext_noop("must be owner of type %s");
+ break;
+ case OBJECT_VIEW:
+ msg = gettext_noop("must be owner of view %s");
+ break;
+ case OBJECT_SCHEMA:
+ msg = gettext_noop("must be owner of schema %s");
+ break;
+ case OBJECT_STATISTIC_EXT:
+ msg = gettext_noop("must be owner of statistics object %s");
+ break;
+ case OBJECT_TABLESPACE:
+ msg = gettext_noop("must be owner of tablespace %s");
+ break;
+ case OBJECT_TSCONFIGURATION:
+ msg = gettext_noop("must be owner of text search configuration %s");
+ break;
+ case OBJECT_TSDICTIONARY:
+ msg = gettext_noop("must be owner of text search dictionary %s");
+ break;
+ /*
+ * Special cases: For these, the error message talks about
+ * "relation", because that's where the ownership is
+ * attached. See also check_object_ownership().
+ */
+ case OBJECT_COLUMN:
+ case OBJECT_POLICY:
+ case OBJECT_RULE:
+ case OBJECT_TABCONSTRAINT:
+ case OBJECT_TRIGGER:
+ msg = gettext_noop("must be owner of relation %s");
+ break;
+ /* these currently aren't used */
+ case OBJECT_ACCESS_METHOD:
+ case OBJECT_AMOP:
+ case OBJECT_AMPROC:
+ case OBJECT_ATTRIBUTE:
+ case OBJECT_CAST:
+ case OBJECT_DEFAULT:
+ case OBJECT_DEFACL:
+ case OBJECT_DOMCONSTRAINT:
+ case OBJECT_PUBLICATION_REL:
+ case OBJECT_ROLE:
+ case OBJECT_TRANSFORM:
+ case OBJECT_TSPARSER:
+ case OBJECT_TSTEMPLATE:
+ case OBJECT_USER_MAPPING:
+ elog(ERROR, "unsupported object type %d", objtype);
+ msg = "???";
+ }
+
+ ereport(ERROR,
+ (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+ errmsg(msg, objectname)));
+ break;
+ }
default:
elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
break;
void
-aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+aclcheck_error_col(AclResult aclerr, ObjectType objtype,
const char *objectname, const char *colname)
{
switch (aclerr)
break;
case ACLCHECK_NOT_OWNER:
/* relation msg is OK since columns don't have separate owners */
- ereport(ERROR,
- (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg(not_owner_msg[objectkind], objectname)));
+ aclcheck_error(aclerr, objtype, objectname);
break;
default:
elog(ERROR, "unrecognized AclResult: %d", (int) aclerr);
{
Oid element_type = get_element_type(typeOid);
- aclcheck_error(aclerr, ACL_KIND_TYPE, format_type_be(element_type ? element_type : typeOid));
+ aclcheck_error(aclerr, OBJECT_TYPE, format_type_be(element_type ? element_type : typeOid));
}
* Relay for the various pg_*_mask routines depending on object kind
*/
static AclMode
-pg_aclmask(AclObjectKind objkind, Oid table_oid, AttrNumber attnum, Oid roleid,
+pg_aclmask(ObjectType objtype, Oid table_oid, AttrNumber attnum, Oid roleid,
AclMode mask, AclMaskHow how)
{
- switch (objkind)
+ switch (objtype)
{
- case ACL_KIND_COLUMN:
+ case OBJECT_COLUMN:
return
pg_class_aclmask(table_oid, roleid, mask, how) |
pg_attribute_aclmask(table_oid, attnum, roleid, mask, how);
- case ACL_KIND_CLASS:
- case ACL_KIND_SEQUENCE:
+ case OBJECT_TABLE:
+ case OBJECT_SEQUENCE:
return pg_class_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_DATABASE:
+ case OBJECT_DATABASE:
return pg_database_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_PROC:
+ case OBJECT_FUNCTION:
return pg_proc_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_LANGUAGE:
+ case OBJECT_LANGUAGE:
return pg_language_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_LARGEOBJECT:
+ case OBJECT_LARGEOBJECT:
return pg_largeobject_aclmask_snapshot(table_oid, roleid,
mask, how, NULL);
- case ACL_KIND_NAMESPACE:
+ case OBJECT_SCHEMA:
return pg_namespace_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_STATISTICS:
+ case OBJECT_STATISTIC_EXT:
elog(ERROR, "grantable rights not supported for statistics objects");
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
- case ACL_KIND_TABLESPACE:
+ case OBJECT_TABLESPACE:
return pg_tablespace_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_FDW:
+ case OBJECT_FDW:
return pg_foreign_data_wrapper_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_FOREIGN_SERVER:
+ case OBJECT_FOREIGN_SERVER:
return pg_foreign_server_aclmask(table_oid, roleid, mask, how);
- case ACL_KIND_EVENT_TRIGGER:
+ case OBJECT_EVENT_TRIGGER:
elog(ERROR, "grantable rights not supported for event triggers");
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
- case ACL_KIND_TYPE:
+ case OBJECT_TYPE:
return pg_type_aclmask(table_oid, roleid, mask, how);
default:
- elog(ERROR, "unrecognized objkind: %d",
- (int) objkind);
+ elog(ERROR, "unrecognized objtype: %d",
+ (int) objtype);
/* not reached, but keep compiler quiet */
return ACL_NO_RIGHTS;
}
/* Check namespace permissions. */
aclresult = pg_namespace_aclcheck(nspid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(nspid));
if (retry)
if (lockmode != NoLock && OidIsValid(relid))
{
if (!pg_class_ownercheck(relid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)),
relation->relname);
if (relid != oldrelid)
LockRelationOid(relid, lockmode);
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
nspname);
/* Schema search hook for this lookup */
InvokeNamespaceSearchHook(namespaceId, true);
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
nspname);
return namespaceId;
AttrNumber attnum_namespace; /* attnum of namespace field */
AttrNumber attnum_owner; /* attnum of owner field */
AttrNumber attnum_acl; /* attnum of acl field */
- AclObjectKind acl_kind; /* ACL_KIND_* of this object type */
+ ObjectType objtype; /* OBJECT_* of this object type */
bool is_nsp_name_unique; /* can the nsp/name combination (or name
* alone, if there's no namespace) be
* considered a unique identifier for an
Anum_pg_collation_collnamespace,
Anum_pg_collation_collowner,
InvalidAttrNumber,
- ACL_KIND_COLLATION,
+ OBJECT_COLLATION,
true
},
{
Anum_pg_conversion_connamespace,
Anum_pg_conversion_conowner,
InvalidAttrNumber,
- ACL_KIND_CONVERSION,
+ OBJECT_CONVERSION,
true
},
{
InvalidAttrNumber,
Anum_pg_database_datdba,
Anum_pg_database_datacl,
- ACL_KIND_DATABASE,
+ OBJECT_DATABASE,
true
},
{
InvalidAttrNumber, /* extension doesn't belong to extnamespace */
Anum_pg_extension_extowner,
InvalidAttrNumber,
- ACL_KIND_EXTENSION,
+ OBJECT_EXTENSION,
true
},
{
InvalidAttrNumber,
Anum_pg_foreign_data_wrapper_fdwowner,
Anum_pg_foreign_data_wrapper_fdwacl,
- ACL_KIND_FDW,
+ OBJECT_FDW,
true
},
{
InvalidAttrNumber,
Anum_pg_foreign_server_srvowner,
Anum_pg_foreign_server_srvacl,
- ACL_KIND_FOREIGN_SERVER,
+ OBJECT_FOREIGN_SERVER,
true
},
{
Anum_pg_proc_pronamespace,
Anum_pg_proc_proowner,
Anum_pg_proc_proacl,
- ACL_KIND_PROC,
+ OBJECT_FUNCTION,
false
},
{
InvalidAttrNumber,
Anum_pg_language_lanowner,
Anum_pg_language_lanacl,
- ACL_KIND_LANGUAGE,
+ OBJECT_LANGUAGE,
true
},
{
InvalidAttrNumber,
Anum_pg_largeobject_metadata_lomowner,
Anum_pg_largeobject_metadata_lomacl,
- ACL_KIND_LARGEOBJECT,
+ OBJECT_LARGEOBJECT,
false
},
{
Anum_pg_opclass_opcnamespace,
Anum_pg_opclass_opcowner,
InvalidAttrNumber,
- ACL_KIND_OPCLASS,
+ OBJECT_OPCLASS,
true
},
{
Anum_pg_operator_oprnamespace,
Anum_pg_operator_oprowner,
InvalidAttrNumber,
- ACL_KIND_OPER,
+ OBJECT_OPERATOR,
false
},
{
Anum_pg_opfamily_opfnamespace,
Anum_pg_opfamily_opfowner,
InvalidAttrNumber,
- ACL_KIND_OPFAMILY,
+ OBJECT_OPFAMILY,
true
},
{
InvalidAttrNumber,
Anum_pg_namespace_nspowner,
Anum_pg_namespace_nspacl,
- ACL_KIND_NAMESPACE,
+ OBJECT_SCHEMA,
true
},
{
Anum_pg_class_relnamespace,
Anum_pg_class_relowner,
Anum_pg_class_relacl,
- ACL_KIND_CLASS,
+ OBJECT_TABLE,
true
},
{
InvalidAttrNumber,
Anum_pg_tablespace_spcowner,
Anum_pg_tablespace_spcacl,
- ACL_KIND_TABLESPACE,
+ OBJECT_TABLESPACE,
true
},
{
InvalidAttrNumber,
Anum_pg_event_trigger_evtowner,
InvalidAttrNumber,
- ACL_KIND_EVENT_TRIGGER,
+ OBJECT_EVENT_TRIGGER,
true
},
{
Anum_pg_ts_config_cfgnamespace,
Anum_pg_ts_config_cfgowner,
InvalidAttrNumber,
- ACL_KIND_TSCONFIGURATION,
+ OBJECT_TSCONFIGURATION,
true
},
{
Anum_pg_ts_dict_dictnamespace,
Anum_pg_ts_dict_dictowner,
InvalidAttrNumber,
- ACL_KIND_TSDICTIONARY,
+ OBJECT_TSDICTIONARY,
true
},
{
Anum_pg_type_typnamespace,
Anum_pg_type_typowner,
Anum_pg_type_typacl,
- ACL_KIND_TYPE,
+ OBJECT_TYPE,
true
},
{
InvalidAttrNumber,
Anum_pg_publication_pubowner,
InvalidAttrNumber,
- ACL_KIND_PUBLICATION,
+ OBJECT_PUBLICATION,
true
},
{
InvalidAttrNumber,
Anum_pg_subscription_subowner,
InvalidAttrNumber,
- ACL_KIND_SUBSCRIPTION,
+ OBJECT_SUBSCRIPTION,
true
},
{
Anum_pg_statistic_ext_stxnamespace,
Anum_pg_statistic_ext_stxowner,
InvalidAttrNumber, /* no ACL (same as relation) */
- ACL_KIND_STATISTICS,
+ OBJECT_STATISTIC_EXT,
true
}
};
case OBJECT_POLICY:
case OBJECT_TABCONSTRAINT:
if (!pg_class_ownercheck(RelationGetRelid(relation), roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
RelationGetRelationName(relation));
break;
case OBJECT_DATABASE:
if (!pg_database_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_TYPE:
case OBJECT_PROCEDURE:
case OBJECT_ROUTINE:
if (!pg_proc_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString((castNode(ObjectWithArgs, object))->objname));
break;
case OBJECT_OPERATOR:
if (!pg_oper_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString((castNode(ObjectWithArgs, object))->objname));
break;
case OBJECT_SCHEMA:
if (!pg_namespace_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_COLLATION:
if (!pg_collation_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_CONVERSION:
if (!pg_conversion_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CONVERSION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_EXTENSION:
if (!pg_extension_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_FDW:
if (!pg_foreign_data_wrapper_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FDW,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_FOREIGN_SERVER:
if (!pg_foreign_server_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_EVENT_TRIGGER:
if (!pg_event_trigger_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_LANGUAGE:
if (!pg_language_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_OPCLASS:
if (!pg_opclass_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPCLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_OPFAMILY:
if (!pg_opfamily_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPFAMILY,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_LARGEOBJECT:
break;
case OBJECT_PUBLICATION:
if (!pg_publication_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_SUBSCRIPTION:
if (!pg_subscription_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_TRANSFORM:
break;
case OBJECT_TABLESPACE:
if (!pg_tablespace_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
strVal((Value *) object));
break;
case OBJECT_TSDICTIONARY:
if (!pg_ts_dict_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_TSCONFIGURATION:
if (!pg_ts_config_ownercheck(address.objectId, roleid))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameListToString(castNode(List, object)));
break;
case OBJECT_ROLE:
return prop->attnum_acl;
}
-AclObjectKind
-get_object_aclkind(Oid class_id)
+ObjectType
+get_object_type(Oid class_id, Oid object_id)
{
const ObjectPropertyType *prop = get_object_property_data(class_id);
- return prop->acl_kind;
+ if (prop->objtype == OBJECT_TABLE)
+ {
+ /*
+ * If the property data says it's a table, dig a little deeper to get
+ * the real relation kind, so that callers can produce more precise
+ * error messages.
+ */
+ return get_relkind_objtype(get_rel_relkind(object_id));
+ }
+ else
+ return prop->objtype;
}
bool
return arr;
}
+
+ObjectType
+get_relkind_objtype(char relkind)
+{
+ switch (relkind)
+ {
+ case RELKIND_RELATION:
+ case RELKIND_PARTITIONED_TABLE:
+ return OBJECT_TABLE;
+ case RELKIND_INDEX:
+ return OBJECT_INDEX;
+ case RELKIND_SEQUENCE:
+ return OBJECT_SEQUENCE;
+ case RELKIND_VIEW:
+ return OBJECT_VIEW;
+ case RELKIND_MATVIEW:
+ return OBJECT_MATVIEW;
+ case RELKIND_FOREIGN_TABLE:
+ return OBJECT_FOREIGN_TABLE;
+ /* other relkinds are not supported here because they don't map to OBJECT_* values */
+ default:
+ elog(ERROR, "unexpected relkind: %d", relkind);
+ return 0;
+ }
+}
/* Check aggregate creator has permission to call the function */
aclresult = pg_proc_aclcheck(fnOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fnOid));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(fnOid));
return fnOid;
}
*/
if (OidIsValid(operatorObjectId) &&
!pg_oper_ownercheck(operatorObjectId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
operatorName);
/*
/* Permission check: must own other operator */
if (OidIsValid(commutatorId) &&
!pg_oper_ownercheck(commutatorId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
NameListToString(commutatorName));
/*
/* Permission check: must own other operator */
if (OidIsValid(negatorId) &&
!pg_oper_ownercheck(negatorId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
NameListToString(negatorName));
}
else
aclresult = pg_namespace_aclcheck(otherNamespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(otherNamespace));
other_oid = OperatorShellMake(otherName,
errmsg("function \"%s\" already exists with same argument types",
procedureName)));
if (!pg_proc_ownercheck(HeapTupleGetOid(oldtup), proowner))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
procedureName);
/*
* shell type must have been created by same owner
*/
if (((Form_pg_type) GETSTRUCT(tup))->typowner != ownerId)
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TYPE, typeName);
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TYPE, typeName);
/* trouble if caller wanted to force the OID */
if (OidIsValid(newTypeOid))
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(aggNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(aggNamespace));
/* Deconstruct the output of the aggr_args grammar production */
AttrNumber Anum_name = get_object_attnum_name(classId);
AttrNumber Anum_namespace = get_object_attnum_namespace(classId);
AttrNumber Anum_owner = get_object_attnum_owner(classId);
- AclObjectKind acl_kind = get_object_aclkind(classId);
+ ObjectType objtype = get_object_type(classId, objectId);
HeapTuple oldtup;
HeapTuple newtup;
Datum datum;
ownerId = DatumGetObjectId(datum);
if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId)))
- aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind, old_name);
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name);
/* User must have CREATE privilege on the namespace */
if (OidIsValid(namespaceId))
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
}
}
AttrNumber Anum_name = get_object_attnum_name(classId);
AttrNumber Anum_namespace = get_object_attnum_namespace(classId);
AttrNumber Anum_owner = get_object_attnum_owner(classId);
- AclObjectKind acl_kind = get_object_aclkind(classId);
+ ObjectType objtype = get_object_type(classId, objid);
Oid oldNspOid;
Datum name,
namespace;
ownerId = DatumGetObjectId(owner);
if (!has_privs_of_role(GetUserId(), ownerId))
- aclcheck_error(ACLCHECK_NOT_OWNER, acl_kind,
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype,
NameStr(*(DatumGetName(name))));
/* User must have CREATE privilege on new namespace */
aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(nspOid));
}
/* Superusers can bypass permission checks */
if (!superuser())
{
- AclObjectKind aclkind = get_object_aclkind(classId);
+ ObjectType objtype = get_object_type(classId, objectId);
/* must be owner */
if (!has_privs_of_role(GetUserId(), old_ownerId))
HeapTupleGetOid(oldtup));
objname = namebuf;
}
- aclcheck_error(ACLCHECK_NOT_OWNER, aclkind, objname);
+ aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname);
}
/* Must be able to become new owner */
check_is_member_of_role(GetUserId(), new_ownerId);
aclresult = pg_namespace_aclcheck(namespaceId, new_ownerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
}
}
aclresult = pg_namespace_aclcheck(collNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(collNamespace));
foreach(pl, parameters)
collOid = get_collation_oid(stmt->collname, false);
if (!pg_collation_ownercheck(collOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_COLLATION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_COLLATION,
NameListToString(stmt->collname));
tup = SearchSysCacheCopy1(COLLOID, ObjectIdGetDatum(collOid));
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
/* Check the encoding names */
/* Check we have EXECUTE rights for the function */
aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(func_name));
/*
aclresult = pg_tablespace_aclcheck(dst_deftablespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+ aclcheck_error(aclresult, OBJECT_TABLESPACE,
tablespacename);
/* pg_global must never be the default tablespace */
* Permission checks
*/
if (!pg_database_ownercheck(db_id, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
dbname);
/* DROP hook for the database being removed */
/* must be owner */
if (!pg_database_ownercheck(db_id, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
oldname);
/* must have createdb rights */
* Permission checks
*/
if (!pg_database_ownercheck(db_id, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
dbname);
/*
aclresult = pg_tablespace_aclcheck(dst_tblspcoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+ aclcheck_error(aclresult, OBJECT_TABLESPACE,
tblspcname);
/*
dboid = HeapTupleGetOid(tuple);
if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
stmt->dbname);
/*
shdepLockAndCheckObject(DatabaseRelationId, datid);
if (!pg_database_ownercheck(datid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
stmt->dbname);
AlterSetting(datid, InvalidOid, stmt->setstmt);
/* Otherwise, must be owner of the existing object */
if (!pg_database_ownercheck(HeapTupleGetOid(tuple), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
dbname);
/* Must be able to become new owner */
trigoid = HeapTupleGetOid(tup);
if (!pg_event_trigger_ownercheck(trigoid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
stmt->trigname);
/* tuple is a copy, so we can modify it below */
return;
if (!pg_event_trigger_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EVENT_TRIGGER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EVENT_TRIGGER,
NameStr(form->evtname));
/* New owner must be a superuser */
* check ownership of the individual member objects ...
*/
if (!pg_extension_ownercheck(extensionOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
extensionName);
/* Permission check: must have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(nspOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE, newschema);
+ aclcheck_error(aclresult, OBJECT_SCHEMA, newschema);
/*
* If the schema is currently a member of the extension, disallow moving
/* Permission check: must own extension */
if (!pg_extension_ownercheck(extensionOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
stmt->extname);
/*
/* Permission check: must own extension */
if (!pg_extension_ownercheck(extension.objectId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_EXTENSION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_EXTENSION,
stmt->extname);
/*
/* Must be owner */
if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
NameStr(form->srvname));
/* Must be able to become new owner */
{
ForeignDataWrapper *fdw = GetForeignDataWrapper(form->srvfdw);
- aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+ aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
}
}
aclresult = pg_foreign_data_wrapper_aclcheck(fdw->fdwid, ownerId, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_FDW, fdw->fdwname);
+ aclcheck_error(aclresult, OBJECT_FDW, fdw->fdwname);
/*
* Insert tuple into pg_foreign_server.
* Only owner or a superuser can ALTER a SERVER.
*/
if (!pg_foreign_server_ownercheck(srvId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
stmt->servername);
memset(repl_val, 0, sizeof(repl_val));
aclresult = pg_foreign_server_aclcheck(serverid, curuserid, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, servername);
+ aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, servername);
}
else
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_FOREIGN_SERVER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FOREIGN_SERVER,
servername);
}
}
server = GetForeignServerByName(stmt->servername, false);
aclresult = pg_foreign_server_aclcheck(server->serverid, ownerId, ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+ aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
fdw = GetForeignDataWrapper(server->fdwid);
server = GetForeignServerByName(stmt->server_name, false);
aclresult = pg_foreign_server_aclcheck(server->serverid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_FOREIGN_SERVER, server->servername);
+ aclcheck_error(aclresult, OBJECT_FOREIGN_SERVER, server->servername);
/* Check that the schema exists and we have CREATE permissions on it */
(void) LookupCreationNamespace(stmt->local_schema);
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
address = TypeShellMake(typname, namespaceId, GetUserId());
rettype = address.objectId;
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
/* default attributes */
aclresult = pg_language_aclcheck(languageOid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+ aclcheck_error(aclresult, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
else
{
/* if untrusted language, must be superuser */
if (!superuser())
- aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+ aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
/* Permission check: must own function */
if (!pg_proc_ownercheck(funcOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype,
NameListToString(stmt->func->objname));
if (procForm->proisagg)
aclresult = pg_language_aclcheck(langid, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_LANGUAGE, stmt->lang);
+ aclcheck_error(aclresult, OBJECT_LANGUAGE, stmt->lang);
/*
* Get the functions
fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false);
if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->fromsql->objname));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname));
tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(fromsqlfuncid));
if (!HeapTupleIsValid(tuple))
tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false);
if (!pg_proc_ownercheck(tosqlfuncid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, NameListToString(stmt->tosql->objname));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname));
tuple = SearchSysCache1(PROCOID, ObjectIdGetDatum(tosqlfuncid));
if (!HeapTupleIsValid(tuple))
aclresult = pg_language_aclcheck(codeblock->langOid, GetUserId(),
ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+ aclcheck_error(aclresult, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
else
{
/* if untrusted language, must be superuser */
if (!superuser())
- aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
+ aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_LANGUAGE,
NameStr(languageStruct->lanname));
}
aclresult = pg_proc_aclcheck(fexpr->funcid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(fexpr->funcid));
+ aclcheck_error(aclresult, OBJECT_PROCEDURE, get_func_name(fexpr->funcid));
InvokeFunctionExecuteHook(fexpr->funcid);
nargs = list_length(fexpr->args);
aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceId));
}
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+ aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(tablespaceId));
}
/* Check permissions */
if (!pg_class_ownercheck(relId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_INDEX, relation->relname);
/* Lock heap before index to avoid deadlock. */
if (relId != oldRelId)
objectOid = get_namespace_oid(objectName, false);
if (!pg_namespace_ownercheck(objectOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
objectName);
}
else
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
errmsg("can only reindex the currently open database")));
if (!pg_database_ownercheck(objectOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
objectName);
}
/* Check permissions. */
aclresult = LockTableAclCheck(relid, lockmode);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS, rv->relname);
+ aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
}
/*
if (!relname)
continue; /* child concurrently dropped, just skip it */
- aclcheck_error(aclresult, ACL_KIND_CLASS, relname);
+ aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(childreloid)), relname);
}
/* We have enough rights to lock the relation; do so. */
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/* Get necessary info about access method */
/* XXX this is unnecessary given the superuser check above */
/* Caller must own operator and its underlying function */
if (!pg_oper_ownercheck(operOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
get_opname(operOid));
funcOid = get_opcode(operOid);
if (!pg_proc_ownercheck(funcOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif
/* XXX this is unnecessary given the superuser check above */
/* Caller must own function */
if (!pg_proc_ownercheck(funcOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/* Get access method OID, throwing an error if it doesn't exist. */
/* XXX this is unnecessary given the superuser check above */
/* Caller must own operator and its underlying function */
if (!pg_oper_ownercheck(operOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
get_opname(operOid));
funcOid = get_opcode(operOid);
if (!pg_proc_ownercheck(funcOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif
/* XXX this is unnecessary given the superuser check above */
/* Caller must own function */
if (!pg_proc_ownercheck(funcOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
get_func_name(funcOid));
#endif
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(oprNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(oprNamespace));
/*
*/
aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(functionName));
rettype = get_func_rettype(functionOid);
/* Require EXECUTE rights for the estimator */
aclresult = pg_proc_aclcheck(restrictionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(restrictionName));
return restrictionOid;
/* Require EXECUTE rights for the estimator */
aclresult = pg_proc_aclcheck(joinOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(joinName));
return joinOid;
/* Check permissions. Must be owner. */
if (!pg_oper_ownercheck(oprId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_OPER,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_OPERATOR,
NameStr(oprForm->oprname));
/*
/* Must own relation. */
if (!pg_class_ownercheck(relid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
/* No system table modifications unless explicitly allowed. */
if (!allowSystemTableMods && IsSystemClass(relid, classform))
errmsg("must be superuser to create procedural language \"%s\"",
stmt->plname)));
if (!pg_database_ownercheck(MyDatabaseId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
}
(errcode(ERRCODE_DUPLICATE_OBJECT),
errmsg("language \"%s\" already exists", languageName)));
if (!pg_language_ownercheck(HeapTupleGetOid(oldtup), languageOwner))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_LANGUAGE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_LANGUAGE,
languageName);
/*
/* must have CREATE privilege on database */
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_DATABASE,
+ aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
/* FOR ALL TABLES requires superuser */
/* must be owner */
if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
stmt->pubname);
if (stmt->options)
/* Must be owner of the table or superuser. */
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
obj = publication_add_relation(pubid, rel, if_not_exists);
/* Must be owner */
if (!pg_publication_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PUBLICATION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_PUBLICATION,
NameStr(form->pubname));
/* Must be able to become new owner */
/* New owner must have CREATE privilege on database */
aclresult = pg_database_aclcheck(MyDatabaseId, newOwnerId, ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_DATABASE,
+ aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
if (form->puballtables && !superuser_arg(newOwnerId))
*/
aclresult = pg_database_aclcheck(MyDatabaseId, saved_uid, ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_DATABASE,
+ aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
check_is_member_of_role(saved_uid, owner_uid);
/* must be owner */
if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
oldname);
/* must have CREATE privilege on database */
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_DATABASE,
+ aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
if (!allowSystemTableMods && IsReservedName(newname))
/* Otherwise, must be owner of the existing object */
if (!pg_namespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_NAMESPACE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SCHEMA,
NameStr(nspForm->nspname));
/* Must be able to become new owner */
aclresult = pg_database_aclcheck(MyDatabaseId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_DATABASE,
+ aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(MyDatabaseId));
memset(repl_null, false, sizeof(repl_null));
/* You must own the relation to create stats on it */
if (!pg_class_ownercheck(RelationGetRelid(rel), stxowner))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
}
/* must be owner */
if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
stmt->subname);
subid = HeapTupleGetOid(tup);
/* must be owner */
if (!pg_subscription_ownercheck(subid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
stmt->subname);
/* DROP hook for the subscription being removed */
return;
if (!pg_subscription_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_SUBSCRIPTION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SUBSCRIPTION,
NameStr(form->subname));
/* New owner must be a superuser */
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+ aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(tablespaceId));
}
/* Allow DROP to either table owner or schema owner */
if (!pg_class_ownercheck(relOid, GetUserId()) &&
!pg_namespace_ownercheck(classform->relnamespace, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)),
rel->relname);
if (!allowSystemTableMods && IsSystemClass(relOid, classform))
/* This check must match AlterSequence! */
if (!pg_class_ownercheck(seq_relid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_SEQUENCE,
RelationGetRelationName(seq_rel));
seq_relids = lappend_oid(seq_relids, seq_relid);
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_TRUNCATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (!allowSystemTableMods && IsSystemRelation(rel))
* demand that creator of a child table own the parent.
*/
if (!pg_class_ownercheck(RelationGetRelid(relation), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(relation->rd_rel->relkind),
RelationGetRelationName(relation));
/*
* permissions checking. only the owner of a class can change its schema.
*/
if (!pg_class_ownercheck(myrelid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(myrelid)),
NameStr(classform->relname));
if (!allowSystemTableMods && IsSystemClass(myrelid, classform))
ereport(ERROR,
/* Permissions checks */
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (!allowSystemTableMods && IsSystemRelation(rel))
/* Permissions checks */
if (!pg_class_ownercheck(RelationGetRelid(rel), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
}
aclresult = pg_attribute_aclcheck(RelationGetRelid(rel), attnums[i],
roleid, ACL_REFERENCES);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
}
}
/* Otherwise, must be owner of the existing object */
if (!pg_class_ownercheck(relationOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relationOid)),
RelationGetRelationName(target_rel));
/* Must be able to become new owner */
aclresult = pg_namespace_aclcheck(namespaceOid, newOwnerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceOid));
}
}
aclresult = pg_tablespace_aclcheck(tablespaceId, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE, tablespacename);
+ aclcheck_error(aclresult, OBJECT_TABLESPACE, tablespacename);
}
/* Save info for Phase 3 to do the real work */
aclresult = pg_tablespace_aclcheck(new_tablespaceoid, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+ aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(new_tablespaceoid));
}
* Caller must be considered an owner on the table to move it.
*/
if (!pg_class_ownercheck(relOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relOid)),
NameStr(relForm->relname));
if (stmt->nowait &&
/* Check permissions */
if (!pg_class_ownercheck(relId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, relation->relname);
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)), relation->relname);
}
/*
elog(ERROR, "cache lookup failed for relation %u", relId);
if (!pg_class_ownercheck(relId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relId)),
relation->relname);
if (!allowSystemTableMods &&
/* Must own relation. */
if (!pg_class_ownercheck(relid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
/* No system table modifications unless explicitly allowed. */
if (!allowSystemTableMods && IsSystemClass(relid, classform))
aclresult = pg_namespace_aclcheck(classform->relnamespace,
GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(classform->relnamespace));
reltype = ((RenameStmt *) stmt)->renameType;
}
/* Must be tablespace owner */
if (!pg_tablespace_ownercheck(tablespaceoid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
tablespacename);
/* Disallow drop of the standard tablespaces, even by superuser */
if (tablespaceoid == GLOBALTABLESPACE_OID ||
tablespaceoid == DEFAULTTABLESPACE_OID)
- aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE,
+ aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE,
tablespacename);
/* DROP hook for the tablespace being removed */
/* Must be owner */
if (!pg_tablespace_ownercheck(HeapTupleGetOid(newtuple), GetUserId()))
- aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_TABLESPACE, oldname);
+ aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_TABLESPACE, oldname);
/* Validate new name */
if (!allowSystemTableMods && IsReservedName(newname))
/* Must be owner of the existing object */
if (!pg_tablespace_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TABLESPACE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TABLESPACE,
stmt->tablespacename);
/* Generate new proposed spcoptions (text array) */
if (aclresult != ACLCHECK_OK)
{
if (source >= PGC_S_INTERACTIVE)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE, curname);
+ aclcheck_error(aclresult, OBJECT_TABLESPACE, curname);
continue;
}
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_TRIGGER);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (OidIsValid(constrrelid))
aclresult = pg_class_aclcheck(constrrelid, GetUserId(),
ACL_TRIGGER);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(get_rel_relkind(constrrelid)),
get_rel_name(constrrelid));
}
}
{
aclresult = pg_proc_aclcheck(funcoid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
NameListToString(stmt->funcname));
}
funcrettype = get_func_rettype(funcoid);
/* you must own the table to rename one of its triggers */
if (!pg_class_ownercheck(relid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
if (!allowSystemTableMods && IsSystemClass(relid, form))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/*
/* must be owner */
if (!pg_ts_dict_ownercheck(dictId, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSDICTIONARY,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSDICTIONARY,
NameListToString(stmt->dictname));
/* deserialize the existing set of options */
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(namespaceoid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(namespaceoid));
/*
/* must be owner */
if (!pg_ts_config_ownercheck(HeapTupleGetOid(tup), GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_TSCONFIGURATION,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_TSCONFIGURATION,
NameListToString(stmt->cfgname));
relMap = heap_open(TSConfigMapRelationId, RowExclusiveLock);
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typeNamespace));
#endif
#ifdef NOT_USED
/* XXX this is unnecessary given the superuser check above */
if (inputOid && !pg_proc_ownercheck(inputOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(inputName));
if (outputOid && !pg_proc_ownercheck(outputOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(outputName));
if (receiveOid && !pg_proc_ownercheck(receiveOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(receiveName));
if (sendOid && !pg_proc_ownercheck(sendOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(sendName));
if (typmodinOid && !pg_proc_ownercheck(typmodinOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(typmodinName));
if (typmodoutOid && !pg_proc_ownercheck(typmodoutOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(typmodoutName));
if (analyzeOid && !pg_proc_ownercheck(analyzeOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION,
NameListToString(analyzeName));
#endif
aclresult = pg_namespace_aclcheck(domainNamespace, GetUserId(),
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(domainNamespace));
/*
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(enumNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(enumNamespace));
/*
/* Check we have creation rights in target namespace */
aclresult = pg_namespace_aclcheck(typeNamespace, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typeNamespace));
/*
/* Also, range type's creator must have permission to call function */
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
return procOid;
}
/* Also, range type's creator must have permission to call function */
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(procOid));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(procOid));
return procOid;
}
newOwnerId,
ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(typTup->typnamespace));
}
* ALTER DATABASE ... SET, so use the same permission check.
*/
if (!pg_database_ownercheck(databaseid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE,
+ aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE,
stmt->database);
}
}
GetUserId(),
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(opexpr->opfuncid));
InvokeFunctionExecuteHook(opexpr->opfuncid);
/* Check permission to call function */
aclresult = pg_proc_aclcheck(funcid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(funcid));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(funcid));
InvokeFunctionExecuteHook(funcid);
/*
{
Assert(rte->rtekind == RTE_RELATION);
if (ereport_on_violation)
- aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NO_PRIV, get_relkind_objtype(get_rel_relkind(rte->relid)),
get_rel_name(rte->relid));
return false;
}
/* Check permission to call function */
aclresult = pg_proc_aclcheck(foid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, get_func_name(foid));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, get_func_name(foid));
InvokeFunctionExecuteHook(foid);
/*
aclresult = pg_proc_aclcheck(aggref->aggfnoid, GetUserId(),
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_AGGREGATE,
get_func_name(aggref->aggfnoid));
InvokeFunctionExecuteHook(aggref->aggfnoid);
aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(transfn_oid));
InvokeFunctionExecuteHook(transfn_oid);
if (OidIsValid(finalfn_oid))
aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(finalfn_oid));
InvokeFunctionExecuteHook(finalfn_oid);
}
aclresult = pg_proc_aclcheck(serialfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(serialfn_oid));
InvokeFunctionExecuteHook(serialfn_oid);
}
aclresult = pg_proc_aclcheck(deserialfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(deserialfn_oid));
InvokeFunctionExecuteHook(deserialfn_oid);
}
aclresult = pg_proc_aclcheck(wfunc->winfnoid, GetUserId(),
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(wfunc->winfnoid));
InvokeFunctionExecuteHook(wfunc->winfnoid);
aclresult = pg_proc_aclcheck(transfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(transfn_oid));
InvokeFunctionExecuteHook(transfn_oid);
aclresult = pg_proc_aclcheck(invtransfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(invtransfn_oid));
InvokeFunctionExecuteHook(invtransfn_oid);
}
aclresult = pg_proc_aclcheck(finalfn_oid, aggOwner,
ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(finalfn_oid));
InvokeFunctionExecuteHook(finalfn_oid);
}
aclresult = pg_type_aclcheck(relation->rd_rel->reltype, GetUserId(),
ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TYPE,
+ aclcheck_error(aclresult, OBJECT_TYPE,
RelationGetRelationName(relation));
}
else
aclresult = pg_class_aclcheck(RelationGetRelid(relation), GetUserId(),
ACL_SELECT);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(relation->rd_rel->relkind),
RelationGetRelationName(relation));
}
* Check user has permission to apply rules to this relation.
*/
if (!pg_class_ownercheck(event_relid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(event_relation->rd_rel->relkind),
RelationGetRelationName(event_relation));
/*
eventRelationOid = ((Form_pg_rewrite) GETSTRUCT(ruletup))->ev_class;
Assert(eventRelationOid == owningRel);
if (!pg_class_ownercheck(eventRelationOid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS,
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(eventRelationOid)),
get_rel_name(eventRelationOid));
/*
/* you must own the table to rename one of its rules */
if (!pg_class_ownercheck(relid, GetUserId()))
- aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_CLASS, rv->relname);
+ aclcheck_error(ACLCHECK_NOT_OWNER, get_relkind_objtype(get_rel_relkind(relid)), rv->relname);
ReleaseSysCache(tuple);
}
*/
aclresult = pg_namespace_aclcheck(fip->namespace, GetUserId(), ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_NAMESPACE,
+ aclcheck_error(aclresult, OBJECT_SCHEMA,
get_namespace_name(fip->namespace));
InvokeNamespaceSearchHook(fip->namespace, true);
aclresult = pg_proc_aclcheck(fid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC,
+ aclcheck_error(aclresult, OBJECT_FUNCTION,
get_func_name(fid));
InvokeFunctionExecuteHook(fid);
if (aclresult != ACLCHECK_OK &&
!is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_STATS))
{
- aclcheck_error(aclresult, ACL_KIND_DATABASE,
+ aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(dbOid));
}
{
aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_TABLESPACE,
+ aclcheck_error(aclresult, OBJECT_TABLESPACE,
get_tablespace_name(tblspcOid));
}
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_SELECT);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (rel->rd_rel->relkind == RELKIND_VIEW)
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_SELECT);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_CLASS,
+ aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
RelationGetRelationName(rel));
if (rel->rd_rel->relkind == RELKIND_VIEW)
aclresult = pg_language_aclcheck(procStruct->prolang, GetUserId(),
ACL_USAGE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_LANGUAGE,
+ aclcheck_error(aclresult, OBJECT_LANGUAGE,
NameStr(langStruct->lanname));
/*
*/
aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, NameStr(procStruct->proname));
+ aclcheck_error(aclresult, OBJECT_FUNCTION, NameStr(procStruct->proname));
ReleaseSysCache(procTup);
ReleaseSysCache(langTup);
extern AttrNumber get_object_attnum_namespace(Oid class_id);
extern AttrNumber get_object_attnum_owner(Oid class_id);
extern AttrNumber get_object_attnum_acl(Oid class_id);
-extern AclObjectKind get_object_aclkind(Oid class_id);
+extern ObjectType get_object_type(Oid class_id, Oid object_id);
extern bool get_object_namensp_unique(Oid class_id);
extern HeapTuple get_catalog_object_by_oid(Relation catalog,
List **objname, List **objargs);
extern ArrayType *strlist_to_textarray(List *list);
+extern ObjectType get_relkind_objtype(char relkind);
+
#endif /* OBJECTADDRESS_H */
ACLCHECK_NOT_OWNER
} AclResult;
-/* this enum covers all object types that can have privilege errors */
-/* currently it's only used to tell aclcheck_error what to say */
-typedef enum AclObjectKind
-{
- ACL_KIND_COLUMN, /* pg_attribute */
- ACL_KIND_CLASS, /* pg_class */
- ACL_KIND_SEQUENCE, /* pg_sequence */
- ACL_KIND_DATABASE, /* pg_database */
- ACL_KIND_PROC, /* pg_proc */
- ACL_KIND_OPER, /* pg_operator */
- ACL_KIND_TYPE, /* pg_type */
- ACL_KIND_LANGUAGE, /* pg_language */
- ACL_KIND_LARGEOBJECT, /* pg_largeobject */
- ACL_KIND_NAMESPACE, /* pg_namespace */
- ACL_KIND_OPCLASS, /* pg_opclass */
- ACL_KIND_OPFAMILY, /* pg_opfamily */
- ACL_KIND_COLLATION, /* pg_collation */
- ACL_KIND_CONVERSION, /* pg_conversion */
- ACL_KIND_STATISTICS, /* pg_statistic_ext */
- ACL_KIND_TABLESPACE, /* pg_tablespace */
- ACL_KIND_TSDICTIONARY, /* pg_ts_dict */
- ACL_KIND_TSCONFIGURATION, /* pg_ts_config */
- ACL_KIND_FDW, /* pg_foreign_data_wrapper */
- ACL_KIND_FOREIGN_SERVER, /* pg_foreign_server */
- ACL_KIND_EVENT_TRIGGER, /* pg_event_trigger */
- ACL_KIND_EXTENSION, /* pg_extension */
- ACL_KIND_PUBLICATION, /* pg_publication */
- ACL_KIND_SUBSCRIPTION, /* pg_subscription */
- MAX_ACL_KIND /* MUST BE LAST */
-} AclObjectKind;
-
/*
* routines used internally
extern AclResult pg_foreign_server_aclcheck(Oid srv_oid, Oid roleid, AclMode mode);
extern AclResult pg_type_aclcheck(Oid type_oid, Oid roleid, AclMode mode);
-extern void aclcheck_error(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error(AclResult aclerr, ObjectType objtype,
const char *objectname);
-extern void aclcheck_error_col(AclResult aclerr, AclObjectKind objectkind,
+extern void aclcheck_error_col(AclResult aclerr, ObjectType objtype,
const char *objectname, const char *colname);
extern void aclcheck_error_type(AclResult aclerr, Oid typeOid);
/* Current user must have permission to call function */
aclresult = pg_proc_aclcheck(procOid, GetUserId(), ACL_EXECUTE);
if (aclresult != ACLCHECK_OK)
- aclcheck_error(aclresult, ACL_KIND_PROC, start_proc);
+ aclcheck_error(aclresult, OBJECT_FUNCTION, start_proc);
/* Get the function's pg_proc entry */
procTup = SearchSysCache1(PROCOID, ObjectIdGetDatum(procOid));
SECURITY LABEL FOR 'unknown_seclabel' ON TABLE dummy_seclabel_tbl1 IS 'classified'; -- fail
ERROR: security label provider "unknown_seclabel" is not loaded
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'unclassified'; -- fail (not owner)
-ERROR: must be owner of relation dummy_seclabel_tbl2
+ERROR: must be owner of table dummy_seclabel_tbl2
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'secret'; -- fail (not superuser)
ERROR: only superuser can set 'secret' label
SECURITY LABEL ON TABLE dummy_seclabel_tbl3 IS 'unclassified'; -- fail (not found)
ERROR: relation "dummy_seclabel_tbl3" does not exist
SET SESSION AUTHORIZATION regress_dummy_seclabel_user2;
SECURITY LABEL ON TABLE dummy_seclabel_tbl1 IS 'unclassified'; -- fail
-ERROR: must be owner of relation dummy_seclabel_tbl1
+ERROR: must be owner of table dummy_seclabel_tbl1
SECURITY LABEL ON TABLE dummy_seclabel_tbl2 IS 'classified'; -- OK
--
-- Test for shared database object
--
-- ALTER_TABLE
+--
+-- Clean up in case a prior regression run failed
+SET client_min_messages TO 'warning';
+DROP ROLE IF EXISTS regress_alter_user1;
+RESET client_min_messages;
+CREATE USER regress_alter_user1;
+--
-- add attribute
--
CREATE TABLE tmp (initial int4);
NOTICE: relation "__tmp_onek_unique1" does not exist, skipping
ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1;
ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1;
+SET ROLE regress_alter_user1;
+ALTER INDEX onek_unique1 RENAME TO fail; -- permission denied
+ERROR: must be owner of index onek_unique1
+RESET ROLE;
-- renaming views
CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1;
ALTER TABLE tmp_view RENAME TO tmp_view_new;
+SET ROLE regress_alter_user1;
+ALTER VIEW tmp_view_new RENAME TO fail; -- permission denied
+ERROR: must be owner of view tmp_view_new
+RESET ROLE;
-- hack to ensure we get an indexscan here
set enable_seqscan to off;
set enable_bitmapscan to off;
a int
) PARTITION BY LIST (a);
ALTER TABLE owned_by_me ATTACH PARTITION not_owned_by_me FOR VALUES IN (1);
-ERROR: must be owner of relation not_owned_by_me
+ERROR: must be owner of table not_owned_by_me
RESET SESSION AUTHORIZATION;
DROP TABLE owned_by_me, not_owned_by_me;
DROP ROLE regress_test_not_me;
ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited);
ANALYZE tmp;
DROP TABLE tmp;
+DROP USER regress_alter_user1;
SET SESSION AUTHORIZATION regress_rls_copy_user_colperms;
-- attempt all columns (should fail)
COPY rls_t1 TO stdout;
-ERROR: permission denied for relation rls_t1
+ERROR: permission denied for table rls_t1
COPY rls_t1 (a, b, c) TO stdout;
-ERROR: permission denied for relation rls_t1
+ERROR: permission denied for table rls_t1
-- try to copy column with no privileges (should fail)
COPY rls_t1 (c) TO stdout;
-ERROR: permission denied for relation rls_t1
+ERROR: permission denied for table rls_t1
-- subset of columns (should succeed)
COPY rls_t1 (a) TO stdout;
2
REVOKE EXECUTE ON PROCEDURE ptest1(text) FROM PUBLIC;
SET ROLE regress_user1;
CALL ptest1('a'); -- error
-ERROR: permission denied for function ptest1
+ERROR: permission denied for procedure ptest1
RESET ROLE;
GRANT EXECUTE ON PROCEDURE ptest1(text) TO regress_user1;
SET ROLE regress_user1;
SET ROLE regress_rol_lock1;
BEGIN;
LOCK TABLE lock_tbl1 * IN ACCESS EXCLUSIVE MODE;
-ERROR: permission denied for relation lock_tbl2
+ERROR: permission denied for table lock_tbl2
ROLLBACK;
BEGIN;
LOCK TABLE ONLY lock_tbl1;
INSERT INTO atest1 VALUES (2, 'two'); -- ok
INSERT INTO atest2 VALUES ('foo', true); -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
INSERT INTO atest1 SELECT 1, b FROM atest1; -- ok
UPDATE atest1 SET a = 1 WHERE a = 2; -- ok
UPDATE atest2 SET col2 = NOT col2; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
SELECT * FROM atest1 FOR UPDATE; -- ok
a | b
---+-----
(2 rows)
SELECT * FROM atest2 FOR UPDATE; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
DELETE FROM atest2; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
TRUNCATE atest2; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
BEGIN;
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
COMMIT;
COPY atest2 FROM stdin; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
GRANT ALL ON atest1 TO PUBLIC; -- fail
WARNING: no privileges were granted for "atest1"
-- checks in subquery, both ok
(2 rows)
SELECT * FROM atest2; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
INSERT INTO atest1 VALUES (2, 'two'); -- fail
-ERROR: permission denied for relation atest1
+ERROR: permission denied for table atest1
INSERT INTO atest2 VALUES ('foo', true); -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
INSERT INTO atest1 SELECT 1, b FROM atest1; -- fail
-ERROR: permission denied for relation atest1
+ERROR: permission denied for table atest1
UPDATE atest1 SET a = 1 WHERE a = 2; -- fail
-ERROR: permission denied for relation atest1
+ERROR: permission denied for table atest1
UPDATE atest2 SET col2 = NULL; -- ok
UPDATE atest2 SET col2 = NOT col2; -- fails; requires SELECT on atest2
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
UPDATE atest2 SET col2 = true FROM atest1 WHERE atest1.a = 5; -- ok
SELECT * FROM atest1 FOR UPDATE; -- fail
-ERROR: permission denied for relation atest1
+ERROR: permission denied for table atest1
SELECT * FROM atest2 FOR UPDATE; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
DELETE FROM atest2; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
TRUNCATE atest2; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
BEGIN;
LOCK atest2 IN ACCESS EXCLUSIVE MODE; -- ok
COMMIT;
COPY atest2 FROM stdin; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
-- checks in subquery, both fail
SELECT * FROM atest1 WHERE ( b IN ( SELECT col1 FROM atest2 ) );
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
SELECT * FROM atest2 WHERE ( col1 IN ( SELECT b FROM atest1 ) );
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
SET SESSION AUTHORIZATION regress_user4;
COPY atest2 FROM stdin; -- ok
SELECT * FROM atest1; -- ok
restrict = scalargtsel);
-- This should not show any "leak" notices before failing.
EXPLAIN (COSTS OFF) SELECT * FROM atest12 WHERE a >>> 0;
-ERROR: permission denied for relation atest12
+ERROR: permission denied for table atest12
-- This plan should use hashjoin, as it will expect many rows to be selected.
EXPLAIN (COSTS OFF) SELECT * FROM atest12v x, atest12v y WHERE x.a = y.b;
QUERY PLAN
GRANT DELETE ON atest3 TO GROUP regress_group2;
SET SESSION AUTHORIZATION regress_user1;
SELECT * FROM atest3; -- fail
-ERROR: permission denied for relation atest3
+ERROR: permission denied for table atest3
DELETE FROM atest3; -- ok
-- views
SET SESSION AUTHORIZATION regress_user3;
(2 rows)
SELECT * FROM atestv2; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
GRANT SELECT ON atestv1, atestv3 TO regress_user4;
GRANT SELECT ON atestv2 TO regress_user2;
SET SESSION AUTHORIZATION regress_user4;
(2 rows)
SELECT * FROM atestv2; -- fail
-ERROR: permission denied for relation atestv2
+ERROR: permission denied for view atestv2
SELECT * FROM atestv3; -- ok
one | two | three
-----+-----+-------
(0 rows)
SELECT * FROM atestv0; -- fail
-ERROR: permission denied for relation atestv0
+ERROR: permission denied for view atestv0
-- Appendrels excluded by constraints failed to check permissions in 8.4-9.2.
select * from
((select a.q1 as x from int8_tbl a offset 0)
union all
(select b.q2 as x from int8_tbl b offset 0)) ss
where false;
-ERROR: permission denied for relation int8_tbl
+ERROR: permission denied for table int8_tbl
set constraint_exclusion = on;
select * from
((select a.q1 as x, random() from int8_tbl a where q1 > 0)
union all
(select b.q2 as x, random() from int8_tbl b where q2 > 0)) ss
where x < 0;
-ERROR: permission denied for relation int8_tbl
+ERROR: permission denied for table int8_tbl
reset constraint_exclusion;
CREATE VIEW atestv4 AS SELECT * FROM atestv3; -- nested view
SELECT * FROM atestv4; -- ok
SET SESSION AUTHORIZATION regress_user2;
-- Two complex cases:
SELECT * FROM atestv3; -- fail
-ERROR: permission denied for relation atestv3
+ERROR: permission denied for view atestv3
SELECT * FROM atestv4; -- ok (even though regress_user2 cannot access underlying atestv3)
one | two | three
-----+-----+-------
(1 row)
SELECT * FROM atestv2; -- fail (even though regress_user2 can access underlying atest2)
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
-- Test column level permissions
SET SESSION AUTHORIZATION regress_user1;
CREATE TABLE atest5 (one int, two int unique, three int, four int unique);
INSERT INTO atest5 VALUES (1,2,3);
SET SESSION AUTHORIZATION regress_user4;
SELECT * FROM atest5; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT one FROM atest5; -- ok
one
-----
COPY atest5 (one) TO stdout; -- ok
1
SELECT two FROM atest5; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
COPY atest5 (two) TO stdout; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT atest5 FROM atest5; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
COPY atest5 (one,two) TO stdout; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT 1 FROM atest5; -- ok
?column?
----------
(1 row)
SELECT 1 FROM atest5 a JOIN atest5 b USING (two); -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT 1 FROM atest5 a NATURAL JOIN atest5 b; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT (j.*) IS NULL FROM (atest5 a JOIN atest5 b USING (one)) j; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT 1 FROM atest5 WHERE two = 2; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT * FROM atest1, atest5; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT atest1.* FROM atest1, atest5; -- ok
a | b
---+-----
(2 rows)
SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.two); -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT atest1.*,atest5.one FROM atest1 JOIN atest5 ON (atest1.a = atest5.one); -- ok
a | b | one
---+-----+-----
(2 rows)
SELECT one, two FROM atest5; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT (one,two) ON atest6 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT one, two FROM atest5 NATURAL JOIN atest6; -- fail still
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT (two) ON atest5 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
-- test column-level privileges for INSERT and UPDATE
INSERT INTO atest5 (two) VALUES (3); -- ok
COPY atest5 FROM stdin; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
COPY atest5 (two) FROM stdin; -- ok
INSERT INTO atest5 (three) VALUES (4); -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
INSERT INTO atest5 VALUES (5,5,5); -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
UPDATE atest5 SET three = 10; -- ok
UPDATE atest5 SET one = 8; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
UPDATE atest5 SET three = 5, one = 2; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
-- Check that column level privs are enforced in RETURNING
-- Ok.
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10;
-- Error. No SELECT on column three.
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.three;
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
-- Ok. May SELECT on column "one":
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = 10 RETURNING atest5.one;
one
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.one;
-- Error. No select rights on three
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set three = EXCLUDED.three;
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
INSERT INTO atest5(two) VALUES (6) ON CONFLICT (two) DO UPDATE set one = 8; -- fails (due to UPDATE)
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
INSERT INTO atest5(three) VALUES (4) ON CONFLICT (two) DO UPDATE set three = 10; -- fails (due to INSERT)
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
-- Check that the columns in the inference require select privileges
INSERT INTO atest5(four) VALUES (4); -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
GRANT INSERT (four) ON atest5 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
INSERT INTO atest5(four) VALUES (4) ON CONFLICT (four) DO UPDATE set three = 3; -- fails (due to SELECT)
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
INSERT INTO atest5(four) VALUES (4) ON CONFLICT ON CONSTRAINT atest5_four_key DO UPDATE set three = 3; -- fails (due to SELECT)
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
INSERT INTO atest5(four) VALUES (4); -- ok
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT (four) ON atest5 TO regress_user4;
GRANT SELECT (one,two,blue) ON atest6 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT one FROM atest5; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
UPDATE atest5 SET one = 1; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SELECT atest6 FROM atest6; -- ok
atest6
--------
GRANT SELECT (one) ON atest5 TO regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT atest6 FROM atest6; -- fail
-ERROR: permission denied for relation atest6
+ERROR: permission denied for table atest6
SELECT one FROM atest5 NATURAL JOIN atest6; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
SET SESSION AUTHORIZATION regress_user1;
ALTER TABLE atest6 DROP COLUMN three;
SET SESSION AUTHORIZATION regress_user4;
REVOKE SELECT (one,blue) ON atest6 FROM regress_user4;
SET SESSION AUTHORIZATION regress_user4;
SELECT * FROM atest6; -- fail
-ERROR: permission denied for relation atest6
+ERROR: permission denied for table atest6
SELECT 1 FROM atest6; -- fail
-ERROR: permission denied for relation atest6
+ERROR: permission denied for table atest6
SET SESSION AUTHORIZATION regress_user3;
DELETE FROM atest5 WHERE one = 1; -- fail
-ERROR: permission denied for relation atest5
+ERROR: permission denied for table atest5
DELETE FROM atest5 WHERE two = 2; -- ok
-- check inheritance cases
SET SESSION AUTHORIZATION regress_user1;
(0 rows)
SELECT fy FROM atestc; -- fail
-ERROR: permission denied for relation atestc
+ERROR: permission denied for table atestc
SET SESSION AUTHORIZATION regress_user1;
GRANT SELECT(fy,oid) ON atestc TO regress_user2;
SET SESSION AUTHORIZATION regress_user2;
SELECT testfunc1(5); -- fail
ERROR: permission denied for function testfunc1
SELECT testagg1(x) FROM (VALUES (1), (2), (3)) _(x); -- fail
-ERROR: permission denied for function testagg1
+ERROR: permission denied for aggregate testagg1
CALL testproc1(6); -- fail
-ERROR: permission denied for function testproc1
+ERROR: permission denied for procedure testproc1
SELECT col1 FROM atest2 WHERE col2 = true; -- fail
-ERROR: permission denied for relation atest2
+ERROR: permission denied for table atest2
SELECT testfunc4(true); -- ok
testfunc4
-----------
DROP FUNCTION testfunc1(int); -- fail
ERROR: must be owner of function testfunc1
DROP AGGREGATE testagg1(int); -- fail
-ERROR: must be owner of function testagg1
+ERROR: must be owner of aggregate testagg1
DROP PROCEDURE testproc1(int); -- fail
-ERROR: must be owner of function testproc1
+ERROR: must be owner of procedure testproc1
\c -
DROP FUNCTION testfunc1(int); -- ok
-- restore to sanity
SET SESSION AUTHORIZATION regress_user5;
TRUNCATE atest2; -- ok
TRUNCATE atest3; -- fail
-ERROR: permission denied for relation atest3
+ERROR: permission denied for table atest3
-- has_table_privilege function
-- bad-input checks
select has_table_privilege(NULL,'pg_authid','select');
SET SESSION AUTHORIZATION regress_user1;
SELECT * FROM pg_largeobject LIMIT 0; -- to be denied
-ERROR: permission denied for relation pg_largeobject
+ERROR: permission denied for table pg_largeobject
-- test default ACLs
\c -
CREATE SCHEMA testns;
SET SESSION AUTHORIZATION regress_locktable_user;
BEGIN;
LOCK TABLE lock_table IN ROW EXCLUSIVE MODE; -- should fail
-ERROR: permission denied for relation lock_table
+ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail
-ERROR: permission denied for relation lock_table
+ERROR: permission denied for table lock_table
ROLLBACK;
\c
REVOKE SELECT ON lock_table FROM regress_locktable_user;
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR: permission denied for relation lock_table
+ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should fail
-ERROR: permission denied for relation lock_table
+ERROR: permission denied for table lock_table
ROLLBACK;
\c
REVOKE INSERT ON lock_table FROM regress_locktable_user;
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR: permission denied for relation lock_table
+ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR: permission denied for relation lock_table
+ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
COMMIT;
BEGIN;
LOCK TABLE lock_table IN ACCESS SHARE MODE; -- should fail
-ERROR: permission denied for relation lock_table
+ERROR: permission denied for table lock_table
ROLLBACK;
BEGIN;
LOCK TABLE lock_table IN ACCESS EXCLUSIVE MODE; -- should pass
SET ROLE regress_publication_user2;
CREATE PUBLICATION testpub2; -- ok
ALTER PUBLICATION testpub2 ADD TABLE testpub_tbl1; -- fail
-ERROR: must be owner of relation testpub_tbl1
+ERROR: must be owner of table testpub_tbl1
SET ROLE regress_publication_user;
GRANT regress_publication_user TO regress_publication_user2;
SET ROLE regress_publication_user2;
ERROR: new row violates row-level security policy "p2r" for table "document"
-- only owner can change policies
ALTER POLICY p1 ON document USING (true); --fail
-ERROR: must be owner of relation document
+ERROR: must be owner of table document
DROP POLICY p1 ON document; --fail
ERROR: must be owner of relation document
SET SESSION AUTHORIZATION regress_rls_alice;
-- only owner can change policies
ALTER POLICY pp1 ON part_document USING (true); --fail
-ERROR: must be owner of relation part_document
+ERROR: must be owner of table part_document
DROP POLICY pp1 ON part_document; --fail
ERROR: must be owner of relation part_document
SET SESSION AUTHORIZATION regress_rls_alice;
-- Query as role that is not the owner of the table or view without permissions.
SET SESSION AUTHORIZATION regress_rls_carol;
SELECT * FROM rls_view; --fail - permission denied.
-ERROR: permission denied for relation rls_view
+ERROR: permission denied for view rls_view
EXPLAIN (COSTS OFF) SELECT * FROM rls_view; --fail - permission denied.
-ERROR: permission denied for relation rls_view
+ERROR: permission denied for view rls_view
-- Query as role that is not the owner of the table or view with permissions.
SET SESSION AUTHORIZATION regress_rls_bob;
GRANT SELECT ON rls_view TO regress_rls_carol;
ERROR: query would be affected by row-level security policy for table "copy_t"
SET row_security TO ON;
COPY (SELECT * FROM copy_t ORDER BY a ASC) TO STDOUT WITH DELIMITER ','; --fail - permission denied
-ERROR: permission denied for relation copy_t
+ERROR: permission denied for table copy_t
-- Check COPY relation TO; keep it just one row to avoid reordering issues
RESET SESSION AUTHORIZATION;
SET row_security TO ON;
SET SESSION AUTHORIZATION regress_rls_carol;
SET row_security TO OFF;
COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied
-ERROR: permission denied for relation copy_rel_to
+ERROR: permission denied for table copy_rel_to
SET row_security TO ON;
COPY copy_rel_to TO STDOUT WITH DELIMITER ','; --fail - permission denied
-ERROR: permission denied for relation copy_rel_to
+ERROR: permission denied for table copy_rel_to
-- Check COPY FROM as Superuser/owner.
RESET SESSION AUTHORIZATION;
SET row_security TO OFF;
SET SESSION AUTHORIZATION regress_rls_carol;
SET row_security TO OFF;
COPY copy_t FROM STDIN; --fail - permission denied.
-ERROR: permission denied for relation copy_t
+ERROR: permission denied for table copy_t
SET row_security TO ON;
COPY copy_t FROM STDIN; --fail - permission denied.
-ERROR: permission denied for relation copy_t
+ERROR: permission denied for table copy_t
RESET SESSION AUTHORIZATION;
DROP TABLE copy_t;
DROP TABLE copy_rel_to CASCADE;
SET SESSION AUTHORIZATION regress_selinto_user;
SELECT * INTO TABLE selinto_schema.tmp1
FROM pg_class WHERE relname like '%a%'; -- Error
-ERROR: permission denied for relation tmp1
+ERROR: permission denied for table tmp1
SELECT oid AS clsoid, relname, relnatts + 10 AS x
INTO selinto_schema.tmp2
FROM pg_class WHERE relname like '%b%'; -- Error
-ERROR: permission denied for relation tmp2
+ERROR: permission denied for table tmp2
CREATE TABLE selinto_schema.tmp3 (a,b,c)
AS SELECT oid,relname,relacl FROM pg_class
WHERE relname like '%c%'; -- Error
-ERROR: permission denied for relation tmp3
+ERROR: permission denied for table tmp3
RESET SESSION AUTHORIZATION;
ALTER DEFAULT PRIVILEGES FOR ROLE regress_selinto_user
GRANT INSERT ON TABLES TO regress_selinto_user;
BEGIN;
SET LOCAL SESSION AUTHORIZATION regress_seq_user;
ALTER SEQUENCE sequence_test2 START WITH 1;
-ERROR: must be owner of relation sequence_test2
+ERROR: must be owner of sequence sequence_test2
ROLLBACK;
-- Sequences should get wiped out as well:
DROP TABLE serialTest1, serialTest2;
(2 rows)
INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
INSERT INTO rw_view1 VALUES ('Row 3', 3.0, 3); -- not allowed
-ERROR: permission denied for relation rw_view1
+ERROR: permission denied for view rw_view1
INSERT INTO rw_view2 VALUES ('Row 3', 3.0, 3); -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
UPDATE base_tbl SET a=a, c=c; -- ok
UPDATE base_tbl SET b=b; -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
UPDATE rw_view1 SET bb=bb, cc=cc; -- ok
UPDATE rw_view1 SET aa=aa; -- not allowed
-ERROR: permission denied for relation rw_view1
+ERROR: permission denied for view rw_view1
UPDATE rw_view2 SET aa=aa, cc=cc; -- ok
UPDATE rw_view2 SET bb=bb; -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
DELETE FROM base_tbl; -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
DELETE FROM rw_view1; -- not allowed
-ERROR: permission denied for relation rw_view1
+ERROR: permission denied for view rw_view1
DELETE FROM rw_view2; -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
RESET SESSION AUTHORIZATION;
SET SESSION AUTHORIZATION regress_view_user1;
GRANT INSERT, DELETE ON base_tbl TO regress_view_user2;
SET SESSION AUTHORIZATION regress_view_user2;
INSERT INTO base_tbl VALUES (3, 'Row 3', 3.0); -- ok
INSERT INTO rw_view1 VALUES ('Row 4', 4.0, 4); -- not allowed
-ERROR: permission denied for relation rw_view1
+ERROR: permission denied for view rw_view1
INSERT INTO rw_view2 VALUES ('Row 4', 4.0, 4); -- ok
DELETE FROM base_tbl WHERE a=1; -- ok
DELETE FROM rw_view1 WHERE aa=2; -- not allowed
-ERROR: permission denied for relation rw_view1
+ERROR: permission denied for view rw_view1
DELETE FROM rw_view2 WHERE aa=2; -- ok
SELECT * FROM base_tbl;
a | b | c
RESET SESSION AUTHORIZATION;
SET SESSION AUTHORIZATION regress_view_user2;
INSERT INTO base_tbl VALUES (5, 'Row 5', 5.0); -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
INSERT INTO rw_view1 VALUES ('Row 5', 5.0, 5); -- ok
INSERT INTO rw_view2 VALUES ('Row 6', 6.0, 6); -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
DELETE FROM base_tbl WHERE a=3; -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
DELETE FROM rw_view1 WHERE aa=3; -- ok
DELETE FROM rw_view2 WHERE aa=4; -- not allowed
-ERROR: permission denied for relation base_tbl
+ERROR: permission denied for table base_tbl
SELECT * FROM base_tbl;
a | b | c
---+-------+---
--
-- ALTER_TABLE
+--
+
+-- Clean up in case a prior regression run failed
+SET client_min_messages TO 'warning';
+DROP ROLE IF EXISTS regress_alter_user1;
+RESET client_min_messages;
+
+CREATE USER regress_alter_user1;
+
+--
-- add attribute
--
ALTER INDEX onek_unique1 RENAME TO tmp_onek_unique1;
ALTER INDEX tmp_onek_unique1 RENAME TO onek_unique1;
+
+SET ROLE regress_alter_user1;
+ALTER INDEX onek_unique1 RENAME TO fail; -- permission denied
+RESET ROLE;
+
-- renaming views
CREATE VIEW tmp_view (unique1) AS SELECT unique1 FROM tenk1;
ALTER TABLE tmp_view RENAME TO tmp_view_new;
+SET ROLE regress_alter_user1;
+ALTER VIEW tmp_view_new RENAME TO fail; -- permission denied
+RESET ROLE;
+
-- hack to ensure we get an indexscan here
set enable_seqscan to off;
set enable_bitmapscan to off;
ALTER TABLE tmp ALTER COLUMN i RESET (n_distinct_inherited);
ANALYZE tmp;
DROP TABLE tmp;
+
+DROP USER regress_alter_user1;
projects / postgresql / commitdiff