Arrange that no database accesses are attempted during parser() --- this

took some rejiggering of typename and ACL parsing, as well as moving
parse_analyze call out of parser().  Restructure postgres.c processing
so that parse analysis and rewrite are skipped when in abort-transaction
state.  Only COMMIT and ABORT statements will be processed beyond the raw
parser() phase.  This addresses problem of parser failing with database access
errors while in aborted state (see pghackers discussions around 7/28/00).
Also fix some bugs with COMMIT/ABORT statements appearing in the middle of
a single query input string.
Function, operator, and aggregate arguments/results can now use full
TypeName production, in particular foo[] for array types.
DROP OPERATOR and COMMENT ON OPERATOR were broken for unary operators.
Allow CREATE AGGREGATE to accept unquoted numeric constants for initcond.

1 files changed, 59 insertions, 25 deletions

diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c
index 3d43a45cd1e..401ed1a9375 100644
--- a/src/backend/utils/adt/acl.c
+++ b/src/backend/utils/adt/acl.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.49 2000/10/02 04:49:27 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.50 2000/10/07 00:58:19 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -16,10 +16,12 @@
 
 #include "postgres.h"
 
+#include "access/heapam.h"
 #include "catalog/catalog.h"
 #include "catalog/pg_shadow.h"
 #include "catalog/pg_type.h"
 #include "lib/stringinfo.h"
+#include "miscadmin.h"
 #include "utils/acl.h"
 #include "utils/builtins.h"
 #include "utils/memutils.h"
@@ -561,7 +563,52 @@ aclcontains(PG_FUNCTION_ARGS)
 	PG_RETURN_BOOL(false);
 }
 
-/* parser support routines */
+/*
+ * ExecuteChangeACLStmt
+ *		Called to execute the utility command type ChangeACLStmt
+ */
+void
+ExecuteChangeACLStmt(ChangeACLStmt *stmt)
+{
+	AclItem		aclitem;
+	unsigned	modechg;
+	List	   *i;
+
+	/* see comment in pg_type.h */
+	Assert(ACLITEMSIZE == sizeof(AclItem));
+
+	/* Convert string ACL spec into internal form */
+	aclparse(stmt->aclString, &aclitem, &modechg);
+
+	foreach(i, stmt->relNames)
+	{
+		char	   *relname = strVal(lfirst(i));
+		Relation	rel;
+
+		rel = heap_openr(relname, AccessExclusiveLock);
+		if (rel && rel->rd_rel->relkind == RELKIND_INDEX)
+			elog(ERROR, "\"%s\" is an index relation",
+				 relname);
+#ifndef NO_SECURITY
+		if (!pg_ownercheck(GetUserId(), relname, RELNAME))
+			elog(ERROR, "you do not own class \"%s\"",
+				 relname);
+#endif
+		ChangeAcl(relname, &aclitem, modechg);
+		/* close rel, but keep lock until end of xact */
+		heap_close(rel, NoLock);
+	}
+}
+
+
+/*
+ * Parser support routines for ACL-related statements.
+ *
+ * XXX CAUTION: these are called from gram.y, which is not allowed to
+ * do any table accesses.  Therefore, it is not kosher to do things
+ * like trying to translate usernames to user IDs here.  Keep it all
+ * in string form until statement execution time.
+ */
 
 /*
  * aclmakepriv
@@ -569,9 +616,7 @@ aclcontains(PG_FUNCTION_ARGS)
  * and a new privilege
  *
  * does not add duplicate privileges
- *
  */
-
 char *
 aclmakepriv(char *old_privlist, char new_priv)
 {
@@ -619,12 +664,9 @@ aclmakepriv(char *old_privlist, char new_priv)
  *						"G"  - group
  *						"U"  - user
  *
- * concatenates the two strings together with a space in between
- *
- * this routine is used in the parser
- *
+ * Just concatenates the two strings together with a space in between.
+ * Per above comments, we can't try to resolve a user or group name here.
  */
-
 char *
 aclmakeuser(char *user_type, char *user)
 {
@@ -635,20 +677,16 @@ aclmakeuser(char *user_type, char *user)
 	return user_list;
 }
 
-
 /*
  * makeAclStmt:
- *	  this is a helper routine called by the parser
- * create a ChangeAclStmt
- *	  we take in the privilegs, relation_name_list, and grantee
- * as well as a single character '+' or '-' to indicate grant or revoke
+ *	  create a ChangeACLStmt at parse time.
+ *	  we take in the privileges, relation_name_list, and grantee
+ *	  as well as a single character '+' or '-' to indicate grant or revoke
  *
- * returns a new ChangeACLStmt*
- *
- * this routines works by creating a old-style changle acl string and
- * then calling aclparse;
+ * We convert the information to the same external form recognized by
+ * aclitemin (see aclparse), and save that string in the ChangeACLStmt.
+ * Conversion to internal form happens when the statement is executed.
  */
-
 ChangeACLStmt *
 makeAclStmt(char *privileges, List *rel_list, char *grantee,
 			char grant_or_revoke)
@@ -658,11 +696,6 @@ makeAclStmt(char *privileges, List *rel_list, char *grantee,
 
 	initStringInfo(&str);
 
-	/* see comment in pg_type.h */
-	Assert(ACLITEMSIZE == sizeof(AclItem));
-
-	n->aclitem = (AclItem *) palloc(sizeof(AclItem));
-
 	/* the grantee string is "G <group_name>", "U <user_name>", or "ALL" */
 	if (grantee[0] == 'G')		/* group permissions */
 	{
@@ -683,7 +716,8 @@ makeAclStmt(char *privileges, List *rel_list, char *grantee,
 						 grant_or_revoke, privileges);
 	}
 	n->relNames = rel_list;
-	aclparse(str.data, n->aclitem, (unsigned *) &n->modechg);
+	n->aclString = pstrdup(str.data);
+
 	pfree(str.data);
 	return n;
 }