diff options
| author | Peter Eisentraut <peter@eisentraut.org> | 2022-11-13 08:11:17 +0100 |
|---|---|---|
| committer | Peter Eisentraut <peter@eisentraut.org> | 2022-11-13 08:12:37 +0100 |
| commit | afbfc02983f86c4d71825efa6befd547fe81a926 (patch) | |
| tree | 0cff343b85d5c01fb022e0433d89f5d350609fd4 /src/backend/commands/functioncmds.c | |
| parent | b4b7ce8061d34cea2b4915c41403b2a74d5fde0e (diff) | |
| download | postgresql-afbfc02983f86c4d71825efa6befd547fe81a926.tar.gz | |
Refactor ownercheck functions
Instead of dozens of mostly-duplicate pg_foo_ownercheck() functions,
write one common function object_ownercheck() that can handle almost
all of them. We already have all the information we need, such as
which system catalog corresponds to which catalog table and which
column is the owner column.
Reviewed-by: Corey Huinker <corey.huinker@gmail.com>
Reviewed-by: Antonin Houska <ah@cybertec.at>
Discussion: https://www.postgresql.org/message-id/flat/95c30f96-4060-2f48-98b5-a4392d3b6066@enterprisedb.com
Diffstat (limited to 'src/backend/commands/functioncmds.c')
| -rw-r--r-- | src/backend/commands/functioncmds.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c index 1f820c93e9..3645216c4b 100644 --- a/src/backend/commands/functioncmds.c +++ b/src/backend/commands/functioncmds.c @@ -1377,7 +1377,7 @@ AlterFunction(ParseState *pstate, AlterFunctionStmt *stmt) procForm = (Form_pg_proc) GETSTRUCT(tup); /* Permission check: must own function */ - if (!pg_proc_ownercheck(funcOid, GetUserId())) + if (!object_ownercheck(ProcedureRelationId, funcOid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, stmt->objtype, NameListToString(stmt->func->objname)); @@ -1554,8 +1554,8 @@ CreateCast(CreateCastStmt *stmt) TypeNameToString(stmt->targettype)))); /* Permission check */ - if (!pg_type_ownercheck(sourcetypeid, GetUserId()) - && !pg_type_ownercheck(targettypeid, GetUserId())) + if (!object_ownercheck(TypeRelationId, sourcetypeid, GetUserId()) + && !object_ownercheck(TypeRelationId, targettypeid, GetUserId())) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("must be owner of type %s or type %s", @@ -1838,7 +1838,7 @@ CreateTransform(CreateTransformStmt *stmt) errmsg("data type %s is a domain", TypeNameToString(stmt->type_name)))); - if (!pg_type_ownercheck(typeid, GetUserId())) + if (!object_ownercheck(TypeRelationId, typeid, GetUserId())) aclcheck_error_type(ACLCHECK_NOT_OWNER, typeid); aclresult = pg_type_aclcheck(typeid, GetUserId(), ACL_USAGE); @@ -1861,7 +1861,7 @@ CreateTransform(CreateTransformStmt *stmt) { fromsqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->fromsql, false); - if (!pg_proc_ownercheck(fromsqlfuncid, GetUserId())) + if (!object_ownercheck(ProcedureRelationId, fromsqlfuncid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->fromsql->objname)); aclresult = pg_proc_aclcheck(fromsqlfuncid, GetUserId(), ACL_EXECUTE); @@ -1887,7 +1887,7 @@ CreateTransform(CreateTransformStmt *stmt) { tosqlfuncid = LookupFuncWithArgs(OBJECT_FUNCTION, stmt->tosql, false); - if (!pg_proc_ownercheck(tosqlfuncid, GetUserId())) + if (!object_ownercheck(ProcedureRelationId, tosqlfuncid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_FUNCTION, NameListToString(stmt->tosql->objname)); aclresult = pg_proc_aclcheck(tosqlfuncid, GetUserId(), ACL_EXECUTE); |