diff options
| author | Peter Eisentraut <peter@eisentraut.org> | 2022-11-13 08:11:17 +0100 |
|---|---|---|
| committer | Peter Eisentraut <peter@eisentraut.org> | 2022-11-13 08:12:37 +0100 |
| commit | afbfc02983f86c4d71825efa6befd547fe81a926 (patch) | |
| tree | 0cff343b85d5c01fb022e0433d89f5d350609fd4 /src/backend/commands/dbcommands.c | |
| parent | b4b7ce8061d34cea2b4915c41403b2a74d5fde0e (diff) | |
| download | postgresql-afbfc02983f86c4d71825efa6befd547fe81a926.tar.gz postgresql-afbfc02983f86c4d71825efa6befd547fe81a926.zip | |
Refactor ownercheck functions
Instead of dozens of mostly-duplicate pg_foo_ownercheck() functions,
write one common function object_ownercheck() that can handle almost
all of them. We already have all the information we need, such as
which system catalog corresponds to which catalog table and which
column is the owner column.
Reviewed-by: Corey Huinker <corey.huinker@gmail.com>
Reviewed-by: Antonin Houska <ah@cybertec.at>
Discussion: https://www.postgresql.org/message-id/flat/95c30f96-4060-2f48-98b5-a4392d3b6066@enterprisedb.com
Diffstat (limited to 'src/backend/commands/dbcommands.c')
| -rw-r--r-- | src/backend/commands/dbcommands.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c index 8abc2c3e0b0..0d6a1228639 100644 --- a/src/backend/commands/dbcommands.c +++ b/src/backend/commands/dbcommands.c @@ -972,7 +972,7 @@ createdb(ParseState *pstate, const CreatedbStmt *stmt) */ if (!src_istemplate) { - if (!pg_database_ownercheck(src_dboid, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, src_dboid, GetUserId())) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("permission denied to copy database \"%s\"", @@ -1549,7 +1549,7 @@ dropdb(const char *dbname, bool missing_ok, bool force) /* * Permission checks */ - if (!pg_database_ownercheck(db_id, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, db_id, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, dbname); @@ -1733,7 +1733,7 @@ RenameDatabase(const char *oldname, const char *newname) errmsg("database \"%s\" does not exist", oldname))); /* must be owner */ - if (!pg_database_ownercheck(db_id, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, db_id, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, oldname); @@ -1854,7 +1854,7 @@ movedb(const char *dbname, const char *tblspcname) /* * Permission checks */ - if (!pg_database_ownercheck(db_id, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, db_id, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, dbname); @@ -2281,7 +2281,7 @@ AlterDatabase(ParseState *pstate, AlterDatabaseStmt *stmt, bool isTopLevel) datform = (Form_pg_database) GETSTRUCT(tuple); dboid = datform->oid; - if (!pg_database_ownercheck(dboid, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, dboid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, stmt->dbname); @@ -2364,7 +2364,7 @@ AlterDatabaseRefreshColl(AlterDatabaseRefreshCollStmt *stmt) datForm = (Form_pg_database) GETSTRUCT(tuple); db_id = datForm->oid; - if (!pg_database_ownercheck(db_id, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, db_id, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, stmt->dbname); @@ -2427,7 +2427,7 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt) */ shdepLockAndCheckObject(DatabaseRelationId, datid); - if (!pg_database_ownercheck(datid, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, datid, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, stmt->dbname); @@ -2490,7 +2490,7 @@ AlterDatabaseOwner(const char *dbname, Oid newOwnerId) HeapTuple newtuple; /* Otherwise, must be owner of the existing object */ - if (!pg_database_ownercheck(db_id, GetUserId())) + if (!object_ownercheck(DatabaseRelationId, db_id, GetUserId())) aclcheck_error(ACLCHECK_NOT_OWNER, OBJECT_DATABASE, dbname); |