diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2004-01-14 23:01:55 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2004-01-14 23:01:55 +0000 |
| commit | cfd7fb7ed4b66da97f88338d991843fa7e2fe59d (patch) | |
| tree | f433f1281eba10a7ab2e563fa39eaf3228df32e8 /src/backend/parser/parse_clause.c | |
| parent | 01d320d421b3f82de799e86e8b9adac27c2f9a26 (diff) | |
| download | postgresql-cfd7fb7ed4b66da97f88338d991843fa7e2fe59d.tar.gz postgresql-cfd7fb7ed4b66da97f88338d991843fa7e2fe59d.zip | |
Fix permission-checking bug reported by Tim Burgess 10-Feb-03 (this time
for sure...). Rather than relying on the query context of a rangetable
entry to identify what permissions it wants checked, store a full AclMode
mask in each RTE, and check exactly those bits. This allows an RTE
specifying, say, INSERT privilege on a view to be copied into a derived
UPDATE query without changing meaning. Per recent discussion thread.
initdb forced due to change of stored rule representation.
Diffstat (limited to 'src/backend/parser/parse_clause.c')
| -rw-r--r-- | src/backend/parser/parse_clause.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/src/backend/parser/parse_clause.c b/src/backend/parser/parse_clause.c index d4e6747df6f..8b7be43af13 100644 --- a/src/backend/parser/parse_clause.c +++ b/src/backend/parser/parse_clause.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.125 2003/11/29 19:51:51 pgsql Exp $ + * $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.126 2004/01/14 23:01:55 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -116,11 +116,14 @@ transformFromClause(ParseState *pstate, List *frmList) * to check for namespace conflict; we assume that the namespace was * initially empty in these cases.) * + * Finally, we mark the relation as requiring the permissions specified + * by requiredPerms. + * * Returns the rangetable index of the target relation. */ int setTargetTable(ParseState *pstate, RangeVar *relation, - bool inh, bool alsoSource) + bool inh, bool alsoSource, AclMode requiredPerms) { RangeTblEntry *rte; int rtindex; @@ -149,16 +152,15 @@ setTargetTable(ParseState *pstate, RangeVar *relation, Assert(rte == rt_fetch(rtindex, pstate->p_rtable)); /* - * Override addRangeTableEntry's default checkForRead, and instead - * mark target table as requiring write access. + * Override addRangeTableEntry's default ACL_SELECT permissions check, + * and instead mark target table as requiring exactly the specified + * permissions. * * If we find an explicit reference to the rel later during parse - * analysis, scanRTEForColumn will change checkForRead to 'true' - * again. That can't happen for INSERT but it is possible for UPDATE - * and DELETE. + * analysis, scanRTEForColumn will add the ACL_SELECT bit back again. + * That can't happen for INSERT but it is possible for UPDATE and DELETE. */ - rte->checkForRead = false; - rte->checkForWrite = true; + rte->requiredPerms = requiredPerms; /* * If UPDATE/DELETE, add table to joinlist and namespace. |