]> granicus.if.org Git - postgresql/commitdiff
projects / postgresql / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 43f0c20)
Make CREATE EXTENSION check schema creation permissions.
authorTom Lane <tgl@sss.pgh.pa.us>
Wed, 24 Aug 2011 01:49:07 +0000 (21:49 -0400)
committerTom Lane <tgl@sss.pgh.pa.us>
Wed, 24 Aug 2011 01:49:07 +0000 (21:49 -0400)
When creating a new schema for a non-relocatable extension, we neglected
to check whether the calling user has permission to create schemas.
That didn't matter in the original coding, since we had already checked
superuserness, but in the new dispensation where users need not be
superusers, we should check it.  Use CreateSchemaCommand() rather than
calling NamespaceCreate() directly, so that we also enforce the rules
about reserved schema names.

Per complaint from KaiGai Kohei, though this isn't the same as his patch.

src/backend/commands/extension.c patch | blob | history

diff --git a/src/backend/commands/extension.c b/src/backend/commands/extension.c
index 9b9bb7dc8f046c5e0972a7b8a80d454c7ffea60c..d591bf00f969bb5a3b1a17a7f35b7bd8d0925361 100644 (file)
--- a/src/backend/commands/extension.c
+++ b/src/backend/commands/extension.c
@@ -40,6 +40,7 @@
 #include "commands/alter.h"
 #include "commands/comment.h"
 #include "commands/extension.h"
+#include "commands/schemacmds.h"
 #include "commands/trigger.h"
 #include "executor/executor.h"
 #include "funcapi.h"
@@ -1370,9 +1371,18 @@ CreateExtension(CreateExtensionStmt *stmt)
 
                if (schemaOid == InvalidOid)
                {
-                       schemaOid = NamespaceCreate(schemaName, extowner);
-                       /* Advance cmd counter to make the namespace visible */
-                       CommandCounterIncrement();
+                       CreateSchemaStmt *csstmt = makeNode(CreateSchemaStmt);
+
+                       csstmt->schemaname = schemaName;
+                       csstmt->authid = NULL;          /* will be created by current user */
+                       csstmt->schemaElts = NIL;
+                       CreateSchemaCommand(csstmt, NULL);
+
+                       /*
+                        * CreateSchemaCommand includes CommandCounterIncrement, so new
+                        * schema is now visible
+                        */
+                       schemaOid = get_namespace_oid(schemaName, false);
                }
        }
        else
Unnamed repository; edit this file 'description' to name the repository.