Add is_superuser parameter reporting, soon to be used by psql.

5 files changed, 49 insertions, 20 deletions

diff --git a/src/backend/commands/variable.c b/src/backend/commands/variable.c
index 1b2f8477521..3dd4724f774 100644
--- a/src/backend/commands/variable.c
+++ b/src/backend/commands/variable.c
@@ -9,7 +9,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.78 2003/06/06 16:25:35 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/variable.c,v 1.79 2003/06/27 19:08:37 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -721,25 +721,29 @@ assign_client_encoding(const char *value, bool doit, bool interactive)
  * When resetting session auth after an error, we can't expect to do catalog
  * lookups.  Hence, the stored form of the value must provide a numeric userid
  * that can be re-used directly.  We store the string in the form of
- * NAMEDATALEN 'x's followed by the numeric userid --- this cannot conflict
- * with any valid user name, because of the NAMEDATALEN limit on names.
+ * NAMEDATALEN 'x's, followed by T or F to indicate superuserness, followed
+ * by the numeric userid --- this cannot conflict with any valid user name,
+ * because of the NAMEDATALEN limit on names.
  */
 const char *
 assign_session_authorization(const char *value, bool doit, bool interactive)
 {
 	AclId		usesysid = 0;
+	bool		is_superuser = false;
 	char	   *result;
 
-	if (strspn(value, "x") == NAMEDATALEN)
+	if (strspn(value, "x") == NAMEDATALEN &&
+		(value[NAMEDATALEN] == 'T' || value[NAMEDATALEN] == 'F'))
 	{
 		/* might be a saved numeric userid */
 		char	   *endptr;
 
-		usesysid = (AclId) strtoul(value + NAMEDATALEN, &endptr, 10);
+		usesysid = (AclId) strtoul(value + NAMEDATALEN + 1, &endptr, 10);
 
-		if (endptr != value + NAMEDATALEN && *endptr == '\0')
+		if (endptr != value + NAMEDATALEN + 1 && *endptr == '\0')
 		{
-			/* syntactically valid, so use the numeric user ID */
+			/* syntactically valid, so use the numeric user ID and flag */
+			is_superuser = (value[NAMEDATALEN] == 'T');
 		}
 		else
 			usesysid = 0;
@@ -771,12 +775,13 @@ assign_session_authorization(const char *value, bool doit, bool interactive)
 		}
 
 		usesysid = ((Form_pg_shadow) GETSTRUCT(userTup))->usesysid;
-
+		is_superuser = ((Form_pg_shadow) GETSTRUCT(userTup))->usesuper;
+		
 		ReleaseSysCache(userTup);
 	}
 
 	if (doit)
-		SetSessionAuthorization(usesysid);
+		SetSessionAuthorization(usesysid, is_superuser);
 
 	result = (char *) malloc(NAMEDATALEN + 32);
 	if (!result)
@@ -784,7 +789,9 @@ assign_session_authorization(const char *value, bool doit, bool interactive)
 
 	memset(result, 'x', NAMEDATALEN);
 
-	snprintf(result + NAMEDATALEN, 32, "%lu", (unsigned long) usesysid);
+	snprintf(result + NAMEDATALEN, 32, "%c%lu",
+			 is_superuser ? 'T' : 'F',
+			 (unsigned long) usesysid);
 
 	return result;
 }
diff --git a/src/backend/utils/init/miscinit.c b/src/backend/utils/init/miscinit.c
index c3dc38f387d..4d65f619be4 100644
--- a/src/backend/utils/init/miscinit.c
+++ b/src/backend/utils/init/miscinit.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.103 2003/06/27 14:45:30 petere Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.104 2003/06/27 19:08:37 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -553,9 +553,12 @@ InitializeSessionUserId(const char *username)
 
 	SetSessionUserId(usesysid); /* sets CurrentUserId too */
 
-	/* Record username as a config option too */
+	/* Record username and superuser status as GUC settings too */
 	SetConfigOption("session_authorization", username,
 					PGC_BACKEND, PGC_S_OVERRIDE);
+	SetConfigOption("is_superuser",
+					AuthenticatedUserIsSuperuser ? "on" : "off",
+					PGC_INTERNAL, PGC_S_OVERRIDE);
 
 	/*
 	 * Set up user-specific configuration variables.  This is a good place
@@ -594,10 +597,13 @@ InitializeSessionUserIdStandalone(void)
 /*
  * Change session auth ID while running
  *
- * Only a superuser may set auth ID to something other than himself.
+ * Only a superuser may set auth ID to something other than himself.  Note
+ * that in case of multiple SETs in a single session, the original userid's
+ * superuserness is what matters.  But we set the GUC variable is_superuser
+ * to indicate whether the *current* session userid is a superuser.
  */
 void
-SetSessionAuthorization(AclId userid)
+SetSessionAuthorization(AclId userid, bool is_superuser)
 {
 	/* Must have authenticated already, else can't make permission check */
 	AssertState(AclIdIsValid(AuthenticatedUserId));
@@ -608,6 +614,10 @@ SetSessionAuthorization(AclId userid)
 
 	SetSessionUserId(userid);
 	SetUserId(userid);
+
+	SetConfigOption("is_superuser",
+					is_superuser ? "on" : "off",
+					PGC_INTERNAL, PGC_S_OVERRIDE);
 }
 
 
diff --git a/src/backend/utils/misc/check_guc b/src/backend/utils/misc/check_guc
index 7930d06f6e6..5b545d5f436 100755
--- a/src/backend/utils/misc/check_guc
+++ b/src/backend/utils/misc/check_guc
@@ -16,9 +16,12 @@
 ## if an option is valid but shows up in only one file (guc.c but not
 ## postgresql.conf.sample), it should be listed here so that it 
 ## can be ignored
-INTENTIONALLY_NOT_INCLUDED="pre_auth_delay lc_messages lc_monetary \
-lc_numeric lc_time seed server_encoding session_authorization \
-transaction_isolation transaction_read_only zero_damaged_pages"
+INTENTIONALLY_NOT_INCLUDED="autocommit debug_deadlocks exit_on_error \
+is_superuser lc_collate lc_ctype lc_messages lc_monetary lc_numeric lc_time \
+pre_auth_delay seed server_encoding server_version session_authorization \
+trace_lock_oidmin trace_lock_table trace_locks trace_lwlocks trace_notify \
+trace_userlocks transaction_isolation transaction_read_only \
+zero_damaged_pages"
 
 ### What options are listed in postgresql.conf.sample, but don't appear 
 ### in guc.c?
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index f1582b8c5b5..dfdc4f82e7f 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -10,7 +10,7 @@
  * Written by Peter Eisentraut <peter_e@gmx.net>.
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.131 2003/06/11 22:13:22 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.132 2003/06/27 19:08:38 tgl Exp $
  *
  *--------------------------------------------------------------------
  */
@@ -138,6 +138,7 @@ static char *log_min_error_statement_str;
 static char *log_min_messages_str;
 static char *client_min_messages_str;
 static bool phony_autocommit;
+static bool session_auth_is_superuser;
 static double phony_random_seed;
 static char *client_encoding_string;
 static char *datestyle_string;
@@ -361,6 +362,13 @@ static struct config_bool
 		true, NULL, NULL
 	},
 
+	/* Not for general use --- used by SET SESSION AUTHORIZATION */
+	{
+		{"is_superuser", PGC_INTERNAL, GUC_REPORT | GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL},
+		&session_auth_is_superuser,
+		false, NULL, NULL
+	},
+
 	{
 		{"tcpip_socket", PGC_POSTMASTER}, &NetServer,
 		false, NULL, NULL
@@ -894,6 +902,7 @@ static struct config_string
 		"SQL_ASCII", NULL, NULL
 	},
 
+	/* Can't be set in postgresql.conf */
 	{
 		{"server_version", PGC_INTERNAL, GUC_REPORT},
 		&server_version_string,
diff --git a/src/include/miscadmin.h b/src/include/miscadmin.h
index f88b9835045..213d2581333 100644
--- a/src/include/miscadmin.h
+++ b/src/include/miscadmin.h
@@ -12,7 +12,7 @@
  * Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $Id: miscadmin.h,v 1.124 2003/06/27 14:45:31 petere Exp $
+ * $Id: miscadmin.h,v 1.125 2003/06/27 19:08:38 tgl Exp $
  *
  * NOTES
  *	  some of the information in this file should be moved to
@@ -208,7 +208,7 @@ extern AclId GetSessionUserId(void);
 extern void SetSessionUserId(AclId userid);
 extern void InitializeSessionUserId(const char *username);
 extern void InitializeSessionUserIdStandalone(void);
-extern void SetSessionAuthorization(AclId userid);
+extern void SetSessionAuthorization(AclId userid, bool is_superuser);
 
 extern void SetDataDir(const char *dir);