Teach SHOW ALL to honor pg_read_all_settings membership

Also, fix the pg_settings view to display source filename and line
number when invoked by a pg_read_all_settings member.  This addition by
me (Álvaro).

Also, fix wording of the comment in GetConfigOption regarding the
restriction it implements, renaming the parameter for extra clarity.
Noted by Michaël.

These were all oversight in commit 25fff40798fc; backpatch to pg10,
where that commit first appeared.

Author: Laurenz Albe
Reviewed-by: Michaël Paquier, Álvaro Herrera
Discussion: https://postgr.es/m/1519917758.6586.8.camel@cybertec.at

diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 50769618d15118d9e4fe40ef2302bc1e3d63a8f5..03c1d99f217bef044ca71720da1cd02f08c53935 100644 (file)
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -6696,15 +6696,15 @@ SetConfigOption(const char *name, const char *value,
  * this cannot be distinguished from a string variable with a NULL value!),
  * otherwise throw an ereport and don't return.
  *
- * If restrict_superuser is true, we also enforce that only superusers can
- * see GUC_SUPERUSER_ONLY variables.  This should only be passed as true
- * in user-driven calls.
+ * If restrict_privileged is true, we also enforce that only superusers and
+ * members of the pg_read_all_settings role can see GUC_SUPERUSER_ONLY
+ * variables.  This should only be passed as true in user-driven calls.
  *
  * The string is *not* allocated for modification and is really only
  * valid until the next call to configuration related functions.
  */
 const char *
-GetConfigOption(const char *name, bool missing_ok, bool restrict_superuser)
+GetConfigOption(const char *name, bool missing_ok, bool restrict_privileged)
 {
        struct config_generic *record;
        static char buffer[256];
@@ -6719,7 +6719,7 @@ GetConfigOption(const char *name, bool missing_ok, bool restrict_superuser)
                                 errmsg("unrecognized configuration parameter \"%s\"",
                                                name)));
        }
-       if (restrict_superuser &&
+       if (restrict_privileged &&
                (record->flags & GUC_SUPERUSER_ONLY) &&
                !is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_SETTINGS))
                ereport(ERROR,
@@ -8000,7 +8000,6 @@ ShowGUCConfigOption(const char *name, DestReceiver *dest)
 static void
 ShowAllGUCConfig(DestReceiver *dest)
 {
-       bool            am_superuser = superuser();
        int                     i;
        TupOutputState *tstate;
        TupleDesc       tupdesc;
@@ -8025,7 +8024,8 @@ ShowAllGUCConfig(DestReceiver *dest)
                char       *setting;
 
                if ((conf->flags & GUC_NO_SHOW_ALL) ||
-                       ((conf->flags & GUC_SUPERUSER_ONLY) && !am_superuser))
+                       ((conf->flags & GUC_SUPERUSER_ONLY) &&
+                        !is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_SETTINGS)))
                        continue;
 
                /* assign to the values array */
@@ -8348,9 +8348,10 @@ GetConfigOptionByNum(int varnum, const char **values, bool *noshow)
        /*
         * If the setting came from a config file, set the source location. For
         * security reasons, we don't show source file/line number for
-        * non-superusers.
+        * insufficiently-privileged users.
         */
-       if (conf->source == PGC_S_FILE && superuser())
+       if (conf->source == PGC_S_FILE &&
+               is_member_of_role(GetUserId(), DEFAULT_ROLE_READ_ALL_SETTINGS))
        {
                values[14] = conf->sourcefile;
                snprintf(buffer, sizeof(buffer), "%d", conf->sourceline);

diff --git a/src/include/utils/guc.h b/src/include/utils/guc.h
index 9267b526989fbed8eaa6343e46a5236c313157f0..a0f797542a4b9a8e279a008f98c4aca6bf3c8774 100644 (file)
--- a/src/include/utils/guc.h
+++ b/src/include/utils/guc.h
@@ -346,7 +346,7 @@ extern void DefineCustomEnumVariable(
 extern void EmitWarningsOnPlaceholders(const char *className);
 
 extern const char *GetConfigOption(const char *name, bool missing_ok,
-                               bool restrict_superuser);
+                               bool restrict_privileged);
 extern const char *GetConfigOptionResetString(const char *name);
 extern int     GetConfigOptionFlags(const char *name, bool missing_ok);
 extern void ProcessConfigFile(GucContext context);