diff options
| -rw-r--r-- | src/backend/catalog/aclchk.c | 244 | ||||
| -rw-r--r-- | src/backend/catalog/heap.c | 4 | ||||
| -rw-r--r-- | src/backend/catalog/pg_namespace.c | 2 | ||||
| -rw-r--r-- | src/backend/catalog/pg_proc.c | 2 | ||||
| -rw-r--r-- | src/backend/catalog/pg_type.c | 2 | ||||
| -rw-r--r-- | src/backend/commands/event_trigger.c | 185 | ||||
| -rw-r--r-- | src/backend/parser/gram.y | 54 | ||||
| -rw-r--r-- | src/backend/tcop/utility.c | 2 | ||||
| -rw-r--r-- | src/backend/utils/adt/acl.c | 58 | ||||
| -rw-r--r-- | src/include/commands/event_trigger.h | 1 | ||||
| -rw-r--r-- | src/include/nodes/parsenodes.h | 21 | ||||
| -rw-r--r-- | src/include/tcop/deparse_utility.h | 2 | ||||
| -rw-r--r-- | src/include/utils/acl.h | 6 | ||||
| -rw-r--r-- | src/include/utils/aclchk_internal.h | 4 |
14 files changed, 302 insertions, 285 deletions
diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c index 50a2e2681b6..5cfaa510def 100644 --- a/src/backend/catalog/aclchk.c +++ b/src/backend/catalog/aclchk.c @@ -86,7 +86,7 @@ typedef struct Oid nspid; /* namespace, or InvalidOid if none */ /* remaining fields are same as in InternalGrant: */ bool is_grant; - GrantObjectType objtype; + ObjectType objtype; bool all_privs; AclMode privileges; List *grantees; @@ -116,8 +116,8 @@ static void ExecGrant_Type(InternalGrant *grantStmt); static void SetDefaultACLsInSchemas(InternalDefaultACL *iacls, List *nspnames); static void SetDefaultACL(InternalDefaultACL *iacls); -static List *objectNamesToOids(GrantObjectType objtype, List *objnames); -static List *objectsInSchemaToOids(GrantObjectType objtype, List *nspnames); +static List *objectNamesToOids(ObjectType objtype, List *objnames); +static List *objectsInSchemaToOids(ObjectType objtype, List *nspnames); static List *getRelationsInNamespace(Oid namespaceId, char relkind); static void expand_col_privileges(List *colnames, Oid table_oid, AclMode this_privileges, @@ -266,7 +266,7 @@ restrict_and_check_grant(bool is_grant, AclMode avail_goptions, bool all_privs, whole_mask = ACL_ALL_RIGHTS_LARGEOBJECT; break; case ACL_KIND_NAMESPACE: - whole_mask = ACL_ALL_RIGHTS_NAMESPACE; + whole_mask = ACL_ALL_RIGHTS_SCHEMA; break; case ACL_KIND_TABLESPACE: whole_mask = ACL_ALL_RIGHTS_TABLESPACE; @@ -441,68 +441,68 @@ ExecuteGrantStmt(GrantStmt *stmt) /* * Convert stmt->privileges, a list of AccessPriv nodes, into an AclMode - * bitmask. Note: objtype can't be ACL_OBJECT_COLUMN. + * bitmask. Note: objtype can't be OBJECT_COLUMN. */ switch (stmt->objtype) { + case OBJECT_TABLE: /* * Because this might be a sequence, we test both relation and * sequence bits, and later do a more limited test when we know * the object type. */ - case ACL_OBJECT_RELATION: all_privileges = ACL_ALL_RIGHTS_RELATION | ACL_ALL_RIGHTS_SEQUENCE; errormsg = gettext_noop("invalid privilege type %s for relation"); break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: all_privileges = ACL_ALL_RIGHTS_SEQUENCE; errormsg = gettext_noop("invalid privilege type %s for sequence"); break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: all_privileges = ACL_ALL_RIGHTS_DATABASE; errormsg = gettext_noop("invalid privilege type %s for database"); break; - case ACL_OBJECT_DOMAIN: + case OBJECT_DOMAIN: all_privileges = ACL_ALL_RIGHTS_TYPE; errormsg = gettext_noop("invalid privilege type %s for domain"); break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for function"); break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: all_privileges = ACL_ALL_RIGHTS_LANGUAGE; errormsg = gettext_noop("invalid privilege type %s for language"); break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: all_privileges = ACL_ALL_RIGHTS_LARGEOBJECT; errormsg = gettext_noop("invalid privilege type %s for large object"); break; - case ACL_OBJECT_NAMESPACE: - all_privileges = ACL_ALL_RIGHTS_NAMESPACE; + case OBJECT_SCHEMA: + all_privileges = ACL_ALL_RIGHTS_SCHEMA; errormsg = gettext_noop("invalid privilege type %s for schema"); break; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for procedure"); break; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for routine"); break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: all_privileges = ACL_ALL_RIGHTS_TABLESPACE; errormsg = gettext_noop("invalid privilege type %s for tablespace"); break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: all_privileges = ACL_ALL_RIGHTS_TYPE; errormsg = gettext_noop("invalid privilege type %s for type"); break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: all_privileges = ACL_ALL_RIGHTS_FDW; errormsg = gettext_noop("invalid privilege type %s for foreign-data wrapper"); break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: all_privileges = ACL_ALL_RIGHTS_FOREIGN_SERVER; errormsg = gettext_noop("invalid privilege type %s for foreign server"); break; @@ -540,7 +540,7 @@ ExecuteGrantStmt(GrantStmt *stmt) */ if (privnode->cols) { - if (stmt->objtype != ACL_OBJECT_RELATION) + if (stmt->objtype != OBJECT_TABLE) ereport(ERROR, (errcode(ERRCODE_INVALID_GRANT_OPERATION), errmsg("column privileges are only valid for relations"))); @@ -574,38 +574,38 @@ ExecGrantStmt_oids(InternalGrant *istmt) { switch (istmt->objtype) { - case ACL_OBJECT_RELATION: - case ACL_OBJECT_SEQUENCE: + case OBJECT_TABLE: + case OBJECT_SEQUENCE: ExecGrant_Relation(istmt); break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: ExecGrant_Database(istmt); break; - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_TYPE: + case OBJECT_DOMAIN: + case OBJECT_TYPE: ExecGrant_Type(istmt); break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: ExecGrant_Fdw(istmt); break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: ExecGrant_ForeignServer(istmt); break; - case ACL_OBJECT_FUNCTION: - case ACL_OBJECT_PROCEDURE: - case ACL_OBJECT_ROUTINE: + case OBJECT_FUNCTION: + case OBJECT_PROCEDURE: + case OBJECT_ROUTINE: ExecGrant_Function(istmt); break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: ExecGrant_Language(istmt); break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: ExecGrant_Largeobject(istmt); break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: ExecGrant_Namespace(istmt); break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: ExecGrant_Tablespace(istmt); break; default: @@ -619,7 +619,7 @@ ExecGrantStmt_oids(InternalGrant *istmt) * the functions a chance to adjust the istmt with privileges actually * granted. */ - if (EventTriggerSupportsGrantObjectType(istmt->objtype)) + if (EventTriggerSupportsObjectType(istmt->objtype)) EventTriggerCollectGrant(istmt); } @@ -634,7 +634,7 @@ ExecGrantStmt_oids(InternalGrant *istmt) * to fail. */ static List * -objectNamesToOids(GrantObjectType objtype, List *objnames) +objectNamesToOids(ObjectType objtype, List *objnames) { List *objects = NIL; ListCell *cell; @@ -643,8 +643,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) switch (objtype) { - case ACL_OBJECT_RELATION: - case ACL_OBJECT_SEQUENCE: + case OBJECT_TABLE: + case OBJECT_SEQUENCE: foreach(cell, objnames) { RangeVar *relvar = (RangeVar *) lfirst(cell); @@ -654,7 +654,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, relOid); } break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: foreach(cell, objnames) { char *dbname = strVal(lfirst(cell)); @@ -664,8 +664,8 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, dbid); } break; - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_TYPE: + case OBJECT_DOMAIN: + case OBJECT_TYPE: foreach(cell, objnames) { List *typname = (List *) lfirst(cell); @@ -675,7 +675,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, oid); } break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: foreach(cell, objnames) { ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell); @@ -685,7 +685,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, funcid); } break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: foreach(cell, objnames) { char *langname = strVal(lfirst(cell)); @@ -695,7 +695,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, oid); } break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: foreach(cell, objnames) { Oid lobjOid = oidparse(lfirst(cell)); @@ -709,7 +709,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, lobjOid); } break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: foreach(cell, objnames) { char *nspname = strVal(lfirst(cell)); @@ -719,7 +719,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, oid); } break; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: foreach(cell, objnames) { ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell); @@ -729,7 +729,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, procid); } break; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: foreach(cell, objnames) { ObjectWithArgs *func = (ObjectWithArgs *) lfirst(cell); @@ -739,7 +739,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, routid); } break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: foreach(cell, objnames) { char *spcname = strVal(lfirst(cell)); @@ -749,7 +749,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, spcoid); } break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: foreach(cell, objnames) { char *fdwname = strVal(lfirst(cell)); @@ -758,7 +758,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) objects = lappend_oid(objects, fdwid); } break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: foreach(cell, objnames) { char *srvname = strVal(lfirst(cell)); @@ -783,7 +783,7 @@ objectNamesToOids(GrantObjectType objtype, List *objnames) * no privilege checking on the individual objects here. */ static List * -objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) +objectsInSchemaToOids(ObjectType objtype, List *nspnames) { List *objects = NIL; ListCell *cell; @@ -798,7 +798,7 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) switch (objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_TABLE: objs = getRelationsInNamespace(namespaceId, RELKIND_RELATION); objects = list_concat(objects, objs); objs = getRelationsInNamespace(namespaceId, RELKIND_VIEW); @@ -810,13 +810,13 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) objs = getRelationsInNamespace(namespaceId, RELKIND_PARTITIONED_TABLE); objects = list_concat(objects, objs); break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: objs = getRelationsInNamespace(namespaceId, RELKIND_SEQUENCE); objects = list_concat(objects, objs); break; - case ACL_OBJECT_FUNCTION: - case ACL_OBJECT_PROCEDURE: - case ACL_OBJECT_ROUTINE: + case OBJECT_FUNCTION: + case OBJECT_PROCEDURE: + case OBJECT_ROUTINE: { ScanKeyData key[2]; int keycount; @@ -835,12 +835,12 @@ objectsInSchemaToOids(GrantObjectType objtype, List *nspnames) * When looking for procedures, check for return type ==0. * When looking for routines, don't check the return type. */ - if (objtype == ACL_OBJECT_FUNCTION) + if (objtype == OBJECT_FUNCTION) ScanKeyInit(&key[keycount++], Anum_pg_proc_prorettype, BTEqualStrategyNumber, F_OIDNE, InvalidOid); - else if (objtype == ACL_OBJECT_PROCEDURE) + else if (objtype == OBJECT_PROCEDURE) ScanKeyInit(&key[keycount++], Anum_pg_proc_prorettype, BTEqualStrategyNumber, F_OIDEQ, @@ -993,32 +993,32 @@ ExecAlterDefaultPrivilegesStmt(ParseState *pstate, AlterDefaultPrivilegesStmt *s */ switch (action->objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_TABLE: all_privileges = ACL_ALL_RIGHTS_RELATION; errormsg = gettext_noop("invalid privilege type %s for relation"); break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: all_privileges = ACL_ALL_RIGHTS_SEQUENCE; errormsg = gettext_noop("invalid privilege type %s for sequence"); break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for function"); break; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for procedure"); break; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: all_privileges = ACL_ALL_RIGHTS_FUNCTION; errormsg = gettext_noop("invalid privilege type %s for routine"); break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: all_privileges = ACL_ALL_RIGHTS_TYPE; errormsg = gettext_noop("invalid privilege type %s for type"); break; - case ACL_OBJECT_NAMESPACE: - all_privileges = ACL_ALL_RIGHTS_NAMESPACE; + case OBJECT_SCHEMA: + all_privileges = ACL_ALL_RIGHTS_SCHEMA; errormsg = gettext_noop("invalid privilege type %s for schema"); break; default: @@ -1184,38 +1184,38 @@ SetDefaultACL(InternalDefaultACL *iacls) */ switch (iacls->objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_TABLE: objtype = DEFACLOBJ_RELATION; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_RELATION; break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: objtype = DEFACLOBJ_SEQUENCE; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_SEQUENCE; break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: objtype = DEFACLOBJ_FUNCTION; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_FUNCTION; break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: objtype = DEFACLOBJ_TYPE; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) this_privileges = ACL_ALL_RIGHTS_TYPE; break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: if (OidIsValid(iacls->nspid)) ereport(ERROR, (errcode(ERRCODE_INVALID_GRANT_OPERATION), errmsg("cannot use IN SCHEMA clause when using GRANT/REVOKE ON SCHEMAS"))); objtype = DEFACLOBJ_NAMESPACE; if (iacls->all_privs && this_privileges == ACL_NO_RIGHTS) - this_privileges = ACL_ALL_RIGHTS_NAMESPACE; + this_privileges = ACL_ALL_RIGHTS_SCHEMA; break; default: @@ -1430,19 +1430,19 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid) switch (pg_default_acl_tuple->defaclobjtype) { case DEFACLOBJ_RELATION: - iacls.objtype = ACL_OBJECT_RELATION; + iacls.objtype = OBJECT_TABLE; break; case DEFACLOBJ_SEQUENCE: - iacls.objtype = ACL_OBJECT_SEQUENCE; + iacls.objtype = OBJECT_SEQUENCE; break; case DEFACLOBJ_FUNCTION: - iacls.objtype = ACL_OBJECT_FUNCTION; + iacls.objtype = OBJECT_FUNCTION; break; case DEFACLOBJ_TYPE: - iacls.objtype = ACL_OBJECT_TYPE; + iacls.objtype = OBJECT_TYPE; break; case DEFACLOBJ_NAMESPACE: - iacls.objtype = ACL_OBJECT_NAMESPACE; + iacls.objtype = OBJECT_SCHEMA; break; default: /* Shouldn't get here */ @@ -1471,35 +1471,35 @@ RemoveRoleFromObjectACL(Oid roleid, Oid classid, Oid objid) switch (classid) { case RelationRelationId: - /* it's OK to use RELATION for a sequence */ - istmt.objtype = ACL_OBJECT_RELATION; + /* it's OK to use TABLE for a sequence */ + istmt.objtype = OBJECT_TABLE; break; case DatabaseRelationId: - istmt.objtype = ACL_OBJECT_DATABASE; + istmt.objtype = OBJECT_DATABASE; break; case TypeRelationId: - istmt.objtype = ACL_OBJECT_TYPE; + istmt.objtype = OBJECT_TYPE; break; case ProcedureRelationId: - istmt.objtype = ACL_OBJECT_ROUTINE; + istmt.objtype = OBJECT_ROUTINE; break; case LanguageRelationId: - istmt.objtype = ACL_OBJECT_LANGUAGE; + istmt.objtype = OBJECT_LANGUAGE; break; case LargeObjectRelationId: - istmt.objtype = ACL_OBJECT_LARGEOBJECT; + istmt.objtype = OBJECT_LARGEOBJECT; break; case NamespaceRelationId: - istmt.objtype = ACL_OBJECT_NAMESPACE; + istmt.objtype = OBJECT_SCHEMA; break; case TableSpaceRelationId: - istmt.objtype = ACL_OBJECT_TABLESPACE; + istmt.objtype = OBJECT_TABLESPACE; break; case ForeignServerRelationId: - istmt.objtype = ACL_OBJECT_FOREIGN_SERVER; + istmt.objtype = OBJECT_FOREIGN_SERVER; break; case ForeignDataWrapperRelationId: - istmt.objtype = ACL_OBJECT_FDW; + istmt.objtype = OBJECT_FDW; break; default: elog(ERROR, "unexpected object class %u", classid); @@ -1682,7 +1682,7 @@ ExecGrant_Attribute(InternalGrant *istmt, Oid relOid, const char *relname, &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_COLUMN, ownerId); + old_acl = acldefault(OBJECT_COLUMN, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -1839,7 +1839,7 @@ ExecGrant_Relation(InternalGrant *istmt) NameStr(pg_class_tuple->relname)))); /* Used GRANT SEQUENCE on a non-sequence? */ - if (istmt->objtype == ACL_OBJECT_SEQUENCE && + if (istmt->objtype == OBJECT_SEQUENCE && pg_class_tuple->relkind != RELKIND_SEQUENCE) ereport(ERROR, (errcode(ERRCODE_WRONG_OBJECT_TYPE), @@ -1863,7 +1863,7 @@ ExecGrant_Relation(InternalGrant *istmt) * permissions. The OR of table and sequence permissions were already * checked. */ - if (istmt->objtype == ACL_OBJECT_RELATION) + if (istmt->objtype == OBJECT_TABLE) { if (pg_class_tuple->relkind == RELKIND_SEQUENCE) { @@ -1942,10 +1942,10 @@ ExecGrant_Relation(InternalGrant *istmt) switch (pg_class_tuple->relkind) { case RELKIND_SEQUENCE: - old_acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId); + old_acl = acldefault(OBJECT_SEQUENCE, ownerId); break; default: - old_acl = acldefault(ACL_OBJECT_RELATION, ownerId); + old_acl = acldefault(OBJECT_TABLE, ownerId); break; } /* There are no old member roles according to the catalogs */ @@ -2170,7 +2170,7 @@ ExecGrant_Database(InternalGrant *istmt) RelationGetDescr(relation), &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_DATABASE, ownerId); + old_acl = acldefault(OBJECT_DATABASE, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2292,7 +2292,7 @@ ExecGrant_Fdw(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_FDW, ownerId); + old_acl = acldefault(OBJECT_FDW, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2418,7 +2418,7 @@ ExecGrant_ForeignServer(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId); + old_acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2542,7 +2542,7 @@ ExecGrant_Function(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_FUNCTION, ownerId); + old_acl = acldefault(OBJECT_FUNCTION, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2673,7 +2673,7 @@ ExecGrant_Language(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId); + old_acl = acldefault(OBJECT_LANGUAGE, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2811,7 +2811,7 @@ ExecGrant_Largeobject(InternalGrant *istmt) RelationGetDescr(relation), &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId); + old_acl = acldefault(OBJECT_LARGEOBJECT, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -2895,7 +2895,7 @@ ExecGrant_Namespace(InternalGrant *istmt) ListCell *cell; if (istmt->all_privs && istmt->privileges == ACL_NO_RIGHTS) - istmt->privileges = ACL_ALL_RIGHTS_NAMESPACE; + istmt->privileges = ACL_ALL_RIGHTS_SCHEMA; relation = heap_open(NamespaceRelationId, RowExclusiveLock); @@ -2937,7 +2937,7 @@ ExecGrant_Namespace(InternalGrant *istmt) &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId); + old_acl = acldefault(OBJECT_SCHEMA, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -3061,7 +3061,7 @@ ExecGrant_Tablespace(InternalGrant *istmt) RelationGetDescr(relation), &isNull); if (isNull) { - old_acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId); + old_acl = acldefault(OBJECT_TABLESPACE, ownerId); /* There are no old member roles according to the catalogs */ noldmembers = 0; oldmembers = NULL; @@ -3179,7 +3179,7 @@ ExecGrant_Type(InternalGrant *istmt) errhint("Set the privileges of the element type instead."))); /* Used GRANT DOMAIN on a non-domain? */ - if (istmt->objtype == ACL_OBJECT_DOMAIN && + if (istmt->objtype == OBJECT_DOMAIN && pg_type_tuple->typtype != TYPTYPE_DOMAIN) ereport(ERROR, (errcode(ERRCODE_WRONG_OBJECT_TYPE), @@ -3745,10 +3745,10 @@ pg_class_aclmask(Oid table_oid, Oid roleid, switch (classForm->relkind) { case RELKIND_SEQUENCE: - acl = acldefault(ACL_OBJECT_SEQUENCE, ownerId); + acl = acldefault(OBJECT_SEQUENCE, ownerId); break; default: - acl = acldefault(ACL_OBJECT_RELATION, ownerId); + acl = acldefault(OBJECT_TABLE, ownerId); break; } aclDatum = (Datum) 0; @@ -3804,7 +3804,7 @@ pg_database_aclmask(Oid db_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_DATABASE, ownerId); + acl = acldefault(OBJECT_DATABASE, ownerId); aclDatum = (Datum) 0; } else @@ -3858,7 +3858,7 @@ pg_proc_aclmask(Oid proc_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_FUNCTION, ownerId); + acl = acldefault(OBJECT_FUNCTION, ownerId); aclDatum = (Datum) 0; } else @@ -3912,7 +3912,7 @@ pg_language_aclmask(Oid lang_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_LANGUAGE, ownerId); + acl = acldefault(OBJECT_LANGUAGE, ownerId); aclDatum = (Datum) 0; } else @@ -3992,7 +3992,7 @@ pg_largeobject_aclmask_snapshot(Oid lobj_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_LARGEOBJECT, ownerId); + acl = acldefault(OBJECT_LARGEOBJECT, ownerId); aclDatum = (Datum) 0; } else @@ -4055,7 +4055,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid, { if (pg_database_aclcheck(MyDatabaseId, roleid, ACL_CREATE_TEMP) == ACLCHECK_OK) - return mask & ACL_ALL_RIGHTS_NAMESPACE; + return mask & ACL_ALL_RIGHTS_SCHEMA; else return mask & ACL_USAGE; } @@ -4076,7 +4076,7 @@ pg_namespace_aclmask(Oid nsp_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_NAMESPACE, ownerId); + acl = acldefault(OBJECT_SCHEMA, ownerId); aclDatum = (Datum) 0; } else @@ -4132,7 +4132,7 @@ pg_tablespace_aclmask(Oid spc_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_TABLESPACE, ownerId); + acl = acldefault(OBJECT_TABLESPACE, ownerId); aclDatum = (Datum) 0; } else @@ -4194,7 +4194,7 @@ pg_foreign_data_wrapper_aclmask(Oid fdw_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_FDW, ownerId); + acl = acldefault(OBJECT_FDW, ownerId); aclDatum = (Datum) 0; } else @@ -4256,7 +4256,7 @@ pg_foreign_server_aclmask(Oid srv_oid, Oid roleid, if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_FOREIGN_SERVER, ownerId); + acl = acldefault(OBJECT_FOREIGN_SERVER, ownerId); aclDatum = (Datum) 0; } else @@ -4333,7 +4333,7 @@ pg_type_aclmask(Oid type_oid, Oid roleid, AclMode mask, AclMaskHow how) if (isNull) { /* No ACL, so build default ACL */ - acl = acldefault(ACL_OBJECT_TYPE, ownerId); + acl = acldefault(OBJECT_TYPE, ownerId); aclDatum = (Datum) 0; } else @@ -5302,7 +5302,7 @@ get_default_acl_internal(Oid roleId, Oid nsp_oid, char objtype) * Returns NULL if built-in system defaults should be used */ Acl * -get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid) +get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid) { Acl *result; Acl *glob_acl; @@ -5320,23 +5320,23 @@ get_user_default_acl(GrantObjectType objtype, Oid ownerId, Oid nsp_oid) /* Check if object type is supported in pg_default_acl */ switch (objtype) { - case ACL_OBJECT_RELATION: + case OBJECT_TABLE: defaclobjtype = DEFACLOBJ_RELATION; break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: defaclobjtype = DEFACLOBJ_SEQUENCE; break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: defaclobjtype = DEFACLOBJ_FUNCTION; break; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: defaclobjtype = DEFACLOBJ_TYPE; break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: defaclobjtype = DEFACLOBJ_NAMESPACE; break; diff --git a/src/backend/catalog/heap.c b/src/backend/catalog/heap.c index 99f4d59863c..774c07b03a0 100644 --- a/src/backend/catalog/heap.c +++ b/src/backend/catalog/heap.c @@ -1143,11 +1143,11 @@ heap_create_with_catalog(const char *relname, case RELKIND_MATVIEW: case RELKIND_FOREIGN_TABLE: case RELKIND_PARTITIONED_TABLE: - relacl = get_user_default_acl(ACL_OBJECT_RELATION, ownerid, + relacl = get_user_default_acl(OBJECT_TABLE, ownerid, relnamespace); break; case RELKIND_SEQUENCE: - relacl = get_user_default_acl(ACL_OBJECT_SEQUENCE, ownerid, + relacl = get_user_default_acl(OBJECT_SEQUENCE, ownerid, relnamespace); break; default: diff --git a/src/backend/catalog/pg_namespace.c b/src/backend/catalog/pg_namespace.c index a82d785034c..2cf52be0255 100644 --- a/src/backend/catalog/pg_namespace.c +++ b/src/backend/catalog/pg_namespace.c @@ -63,7 +63,7 @@ NamespaceCreate(const char *nspName, Oid ownerId, bool isTemp) errmsg("schema \"%s\" already exists", nspName))); if (!isTemp) - nspacl = get_user_default_acl(ACL_OBJECT_NAMESPACE, ownerId, + nspacl = get_user_default_acl(OBJECT_SCHEMA, ownerId, InvalidOid); else nspacl = NULL; diff --git a/src/backend/catalog/pg_proc.c b/src/backend/catalog/pg_proc.c index 39d5172e978..dd674113ba4 100644 --- a/src/backend/catalog/pg_proc.c +++ b/src/backend/catalog/pg_proc.c @@ -582,7 +582,7 @@ ProcedureCreate(const char *procedureName, /* Creating a new procedure */ /* First, get default permissions and set up proacl */ - proacl = get_user_default_acl(ACL_OBJECT_FUNCTION, proowner, + proacl = get_user_default_acl(OBJECT_FUNCTION, proowner, procNamespace); if (proacl != NULL) values[Anum_pg_proc_proacl - 1] = PointerGetDatum(proacl); diff --git a/src/backend/catalog/pg_type.c b/src/backend/catalog/pg_type.c index 963ccb7ff2d..fd63ea8cd1a 100644 --- a/src/backend/catalog/pg_type.c +++ b/src/backend/catalog/pg_type.c @@ -380,7 +380,7 @@ TypeCreate(Oid newTypeOid, else nulls[Anum_pg_type_typdefault - 1] = true; - typacl = get_user_default_acl(ACL_OBJECT_TYPE, ownerId, + typacl = get_user_default_acl(OBJECT_TYPE, ownerId, typeNamespace); if (typacl != NULL) values[Anum_pg_type_typacl - 1] = PointerGetDatum(typacl); diff --git a/src/backend/commands/event_trigger.c b/src/backend/commands/event_trigger.c index 8455138ed39..82c7b6a0ba0 100644 --- a/src/backend/commands/event_trigger.c +++ b/src/backend/commands/event_trigger.c @@ -159,8 +159,8 @@ static Oid insert_event_trigger_tuple(const char *trigname, const char *eventnam static void validate_ddl_tags(const char *filtervar, List *taglist); static void validate_table_rewrite_tags(const char *filtervar, List *taglist); static void EventTriggerInvoke(List *fn_oid_list, EventTriggerData *trigdata); -static const char *stringify_grantobjtype(GrantObjectType objtype); -static const char *stringify_adefprivs_objtype(GrantObjectType objtype); +static const char *stringify_grant_objtype(ObjectType objtype); +static const char *stringify_adefprivs_objtype(ObjectType objtype); /* * Create an event trigger. @@ -1199,41 +1199,6 @@ EventTriggerSupportsObjectClass(ObjectClass objclass) return false; } -bool -EventTriggerSupportsGrantObjectType(GrantObjectType objtype) -{ - switch (objtype) - { - case ACL_OBJECT_DATABASE: - case ACL_OBJECT_TABLESPACE: - /* no support for global objects */ - return false; - - case ACL_OBJECT_COLUMN: - case ACL_OBJECT_RELATION: - case ACL_OBJECT_SEQUENCE: - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_FDW: - case ACL_OBJECT_FOREIGN_SERVER: - case ACL_OBJECT_FUNCTION: - case ACL_OBJECT_LANGUAGE: - case ACL_OBJECT_LARGEOBJECT: - case ACL_OBJECT_NAMESPACE: - case ACL_OBJECT_PROCEDURE: - case ACL_OBJECT_ROUTINE: - case ACL_OBJECT_TYPE: - return true; - - /* - * There's intentionally no default: case here; we want the - * compiler to warn if a new ACL class hasn't been handled above. - */ - } - - /* Shouldn't get here, but if we do, say "no support" */ - return false; -} - /* * Prepare event trigger state for a new complete query to run, if necessary; * returns whether this was done. If it was, EventTriggerEndCompleteQuery must @@ -2196,7 +2161,7 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS) values[i++] = CStringGetTextDatum(cmd->d.grant.istmt->is_grant ? "GRANT" : "REVOKE"); /* object_type */ - values[i++] = CStringGetTextDatum(stringify_grantobjtype( + values[i++] = CStringGetTextDatum(stringify_grant_objtype( cmd->d.grant.istmt->objtype)); /* schema */ nulls[i++] = true; @@ -2219,92 +2184,164 @@ pg_event_trigger_ddl_commands(PG_FUNCTION_ARGS) } /* - * Return the GrantObjectType as a string, as it would appear in GRANT and + * Return the ObjectType as a string, as it would appear in GRANT and * REVOKE commands. */ static const char * -stringify_grantobjtype(GrantObjectType objtype) +stringify_grant_objtype(ObjectType objtype) { switch (objtype) { - case ACL_OBJECT_COLUMN: + case OBJECT_COLUMN: return "COLUMN"; - case ACL_OBJECT_RELATION: + case OBJECT_TABLE: return "TABLE"; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: return "SEQUENCE"; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: return "DATABASE"; - case ACL_OBJECT_DOMAIN: + case OBJECT_DOMAIN: return "DOMAIN"; - case ACL_OBJECT_FDW: + case OBJECT_FDW: return "FOREIGN DATA WRAPPER"; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: return "FOREIGN SERVER"; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: return "FUNCTION"; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: return "LANGUAGE"; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: return "LARGE OBJECT"; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: return "SCHEMA"; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: return "PROCEDURE"; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: return "ROUTINE"; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: return "TABLESPACE"; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: return "TYPE"; + /* these currently aren't used */ + case OBJECT_ACCESS_METHOD: + case OBJECT_AGGREGATE: + case OBJECT_AMOP: + case OBJECT_AMPROC: + case OBJECT_ATTRIBUTE: + case OBJECT_CAST: + case OBJECT_COLLATION: + case OBJECT_CONVERSION: + case OBJECT_DEFAULT: + case OBJECT_DEFACL: + case OBJECT_DOMCONSTRAINT: + case OBJECT_EVENT_TRIGGER: + case OBJECT_EXTENSION: + case OBJECT_FOREIGN_TABLE: + case OBJECT_INDEX: + case OBJECT_MATVIEW: + case OBJECT_OPCLASS: + case OBJECT_OPERATOR: + case OBJECT_OPFAMILY: + case OBJECT_POLICY: + case OBJECT_PUBLICATION: + case OBJECT_PUBLICATION_REL: + case OBJECT_ROLE: + case OBJECT_RULE: + case OBJECT_STATISTIC_EXT: + case OBJECT_SUBSCRIPTION: + case OBJECT_TABCONSTRAINT: + case OBJECT_TRANSFORM: + case OBJECT_TRIGGER: + case OBJECT_TSCONFIGURATION: + case OBJECT_TSDICTIONARY: + case OBJECT_TSPARSER: + case OBJECT_TSTEMPLATE: + case OBJECT_USER_MAPPING: + case OBJECT_VIEW: + elog(ERROR, "unsupported object type: %d", (int) objtype); } - elog(ERROR, "unrecognized grant object type: %d", (int) objtype); return "???"; /* keep compiler quiet */ } /* - * Return the GrantObjectType as a string; as above, but use the spelling + * Return the ObjectType as a string; as above, but use the spelling * in ALTER DEFAULT PRIVILEGES commands instead. Generally this is just * the plural. */ static const char * -stringify_adefprivs_objtype(GrantObjectType objtype) +stringify_adefprivs_objtype(ObjectType objtype) { switch (objtype) { - case ACL_OBJECT_COLUMN: + case OBJECT_COLUMN: return "COLUMNS"; - case ACL_OBJECT_RELATION: + case OBJECT_TABLE: return "TABLES"; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: return "SEQUENCES"; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: return "DATABASES"; - case ACL_OBJECT_DOMAIN: + case OBJECT_DOMAIN: return "DOMAINS"; - case ACL_OBJECT_FDW: + case OBJECT_FDW: return "FOREIGN DATA WRAPPERS"; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: return "FOREIGN SERVERS"; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: return "FUNCTIONS"; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: return "LANGUAGES"; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: return "LARGE OBJECTS"; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: return "SCHEMAS"; - case ACL_OBJECT_PROCEDURE: + case OBJECT_PROCEDURE: return "PROCEDURES"; - case ACL_OBJECT_ROUTINE: + case OBJECT_ROUTINE: return "ROUTINES"; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: return "TABLESPACES"; - case ACL_OBJECT_TYPE: + case OBJECT_TYPE: return "TYPES"; + /* these currently aren't used */ + case OBJECT_ACCESS_METHOD: + case OBJECT_AGGREGATE: + case OBJECT_AMOP: + case OBJECT_AMPROC: + case OBJECT_ATTRIBUTE: + case OBJECT_CAST: + case OBJECT_COLLATION: + case OBJECT_CONVERSION: + case OBJECT_DEFAULT: + case OBJECT_DEFACL: + case OBJECT_DOMCONSTRAINT: + case OBJECT_EVENT_TRIGGER: + case OBJECT_EXTENSION: + case OBJECT_FOREIGN_TABLE: + case OBJECT_INDEX: + case OBJECT_MATVIEW: + case OBJECT_OPCLASS: + case OBJECT_OPERATOR: + case OBJECT_OPFAMILY: + case OBJECT_POLICY: + case OBJECT_PUBLICATION: + case OBJECT_PUBLICATION_REL: + case OBJECT_ROLE: + case OBJECT_RULE: + case OBJECT_STATISTIC_EXT: + case OBJECT_SUBSCRIPTION: + case OBJECT_TABCONSTRAINT: + case OBJECT_TRANSFORM: + case OBJECT_TRIGGER: + case OBJECT_TSCONFIGURATION: + case OBJECT_TSDICTIONARY: + case OBJECT_TSPARSER: + case OBJECT_TSTEMPLATE: + case OBJECT_USER_MAPPING: + case OBJECT_VIEW: + elog(ERROR, "unsupported object type: %d", (int) objtype); } - elog(ERROR, "unrecognized grant object type: %d", (int) objtype); return "???"; /* keep compiler quiet */ } diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y index 93e67e8adcc..459a227e576 100644 --- a/src/backend/parser/gram.y +++ b/src/backend/parser/gram.y @@ -115,7 +115,7 @@ typedef struct PrivTarget { GrantTargetType targtype; - GrantObjectType objtype; + ObjectType objtype; List *objs; } PrivTarget; @@ -7027,7 +7027,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_RELATION; + n->objtype = OBJECT_TABLE; n->objs = $1; $$ = n; } @@ -7035,7 +7035,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_RELATION; + n->objtype = OBJECT_TABLE; n->objs = $2; $$ = n; } @@ -7043,7 +7043,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_SEQUENCE; + n->objtype = OBJECT_SEQUENCE; n->objs = $2; $$ = n; } @@ -7051,7 +7051,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_FDW; + n->objtype = OBJECT_FDW; n->objs = $4; $$ = n; } @@ -7059,7 +7059,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_FOREIGN_SERVER; + n->objtype = OBJECT_FOREIGN_SERVER; n->objs = $3; $$ = n; } @@ -7067,7 +7067,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_FUNCTION; + n->objtype = OBJECT_FUNCTION; n->objs = $2; $$ = n; } @@ -7075,7 +7075,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_PROCEDURE; + n->objtype = OBJECT_PROCEDURE; n->objs = $2; $$ = n; } @@ -7083,7 +7083,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_ROUTINE; + n->objtype = OBJECT_ROUTINE; n->objs = $2; $$ = n; } @@ -7091,7 +7091,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_DATABASE; + n->objtype = OBJECT_DATABASE; n->objs = $2; $$ = n; } @@ -7099,7 +7099,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_DOMAIN; + n->objtype = OBJECT_DOMAIN; n->objs = $2; $$ = n; } @@ -7107,7 +7107,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_LANGUAGE; + n->objtype = OBJECT_LANGUAGE; n->objs = $2; $$ = n; } @@ -7115,7 +7115,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_LARGEOBJECT; + n->objtype = OBJECT_LARGEOBJECT; n->objs = $3; $$ = n; } @@ -7123,7 +7123,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_NAMESPACE; + n->objtype = OBJECT_SCHEMA; n->objs = $2; $$ = n; } @@ -7131,7 +7131,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_TABLESPACE; + n->objtype = OBJECT_TABLESPACE; n->objs = $2; $$ = n; } @@ -7139,7 +7139,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_OBJECT; - n->objtype = ACL_OBJECT_TYPE; + n->objtype = OBJECT_TYPE; n->objs = $2; $$ = n; } @@ -7147,7 +7147,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_RELATION; + n->objtype = OBJECT_TABLE; n->objs = $5; $$ = n; } @@ -7155,7 +7155,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_SEQUENCE; + n->objtype = OBJECT_SEQUENCE; n->objs = $5; $$ = n; } @@ -7163,7 +7163,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_FUNCTION; + n->objtype = OBJECT_FUNCTION; n->objs = $5; $$ = n; } @@ -7171,7 +7171,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_PROCEDURE; + n->objtype = OBJECT_PROCEDURE; n->objs = $5; $$ = n; } @@ -7179,7 +7179,7 @@ privilege_target: { PrivTarget *n = (PrivTarget *) palloc(sizeof(PrivTarget)); n->targtype = ACL_TARGET_ALL_IN_SCHEMA; - n->objtype = ACL_OBJECT_ROUTINE; + n->objtype = OBJECT_ROUTINE; n->objs = $5; $$ = n; } @@ -7337,12 +7337,12 @@ DefACLAction: ; defacl_privilege_target: - TABLES { $$ = ACL_OBJECT_RELATION; } - | FUNCTIONS { $$ = ACL_OBJECT_FUNCTION; } - | ROUTINES { $$ = ACL_OBJECT_FUNCTION; } - | SEQUENCES { $$ = ACL_OBJECT_SEQUENCE; } - | TYPES_P { $$ = ACL_OBJECT_TYPE; } - | SCHEMAS { $$ = ACL_OBJECT_NAMESPACE; } + TABLES { $$ = OBJECT_TABLE; } + | FUNCTIONS { $$ = OBJECT_FUNCTION; } + | ROUTINES { $$ = OBJECT_FUNCTION; } + | SEQUENCES { $$ = OBJECT_SEQUENCE; } + | TYPES_P { $$ = OBJECT_TYPE; } + | SCHEMAS { $$ = OBJECT_SCHEMA; } ; diff --git a/src/backend/tcop/utility.c b/src/backend/tcop/utility.c index 9cccc8d39de..26df660f350 100644 --- a/src/backend/tcop/utility.c +++ b/src/backend/tcop/utility.c @@ -828,7 +828,7 @@ standard_ProcessUtility(PlannedStmt *pstmt, { GrantStmt *stmt = (GrantStmt *) parsetree; - if (EventTriggerSupportsGrantObjectType(stmt->objtype)) + if (EventTriggerSupportsObjectType(stmt->objtype)) ProcessUtilitySlow(pstate, pstmt, queryString, context, params, queryEnv, dest, completionTag); diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c index c11f3dd1cb6..0cfc297b659 100644 --- a/src/backend/utils/adt/acl.c +++ b/src/backend/utils/adt/acl.c @@ -745,7 +745,7 @@ hash_aclitem_extended(PG_FUNCTION_ARGS) * absence of any pg_default_acl entry. */ Acl * -acldefault(GrantObjectType objtype, Oid ownerId) +acldefault(ObjectType objtype, Oid ownerId) { AclMode world_default; AclMode owner_default; @@ -755,56 +755,56 @@ acldefault(GrantObjectType objtype, Oid ownerId) switch (objtype) { - case ACL_OBJECT_COLUMN: + case OBJECT_COLUMN: /* by default, columns have no extra privileges */ world_default = ACL_NO_RIGHTS; owner_default = ACL_NO_RIGHTS; break; - case ACL_OBJECT_RELATION: + case OBJECT_TABLE: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_RELATION; break; - case ACL_OBJECT_SEQUENCE: + case OBJECT_SEQUENCE: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_SEQUENCE; break; - case ACL_OBJECT_DATABASE: + case OBJECT_DATABASE: /* for backwards compatibility, grant some rights by default */ world_default = ACL_CREATE_TEMP | ACL_CONNECT; owner_default = ACL_ALL_RIGHTS_DATABASE; break; - case ACL_OBJECT_FUNCTION: + case OBJECT_FUNCTION: /* Grant EXECUTE by default, for now */ world_default = ACL_EXECUTE; owner_default = ACL_ALL_RIGHTS_FUNCTION; break; - case ACL_OBJECT_LANGUAGE: + case OBJECT_LANGUAGE: /* Grant USAGE by default, for now */ world_default = ACL_USAGE; owner_default = ACL_ALL_RIGHTS_LANGUAGE; break; - case ACL_OBJECT_LARGEOBJECT: + case OBJECT_LARGEOBJECT: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_LARGEOBJECT; break; - case ACL_OBJECT_NAMESPACE: + case OBJECT_SCHEMA: world_default = ACL_NO_RIGHTS; - owner_default = ACL_ALL_RIGHTS_NAMESPACE; + owner_default = ACL_ALL_RIGHTS_SCHEMA; break; - case ACL_OBJECT_TABLESPACE: + case OBJECT_TABLESPACE: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_TABLESPACE; break; - case ACL_OBJECT_FDW: + case OBJECT_FDW: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_FDW; break; - case ACL_OBJECT_FOREIGN_SERVER: + case OBJECT_FOREIGN_SERVER: world_default = ACL_NO_RIGHTS; owner_default = ACL_ALL_RIGHTS_FOREIGN_SERVER; break; - case ACL_OBJECT_DOMAIN: - case ACL_OBJECT_TYPE: + case OBJECT_DOMAIN: + case OBJECT_TYPE: world_default = ACL_USAGE; owner_default = ACL_ALL_RIGHTS_TYPE; break; @@ -855,7 +855,7 @@ acldefault(GrantObjectType objtype, Oid ownerId) /* * SQL-accessible version of acldefault(). Hackish mapping from "char" type to - * ACL_OBJECT_* values, but it's only used in the information schema, not + * OBJECT_* values, but it's only used in the information schema, not * documented for general use. */ Datum @@ -863,45 +863,45 @@ acldefault_sql(PG_FUNCTION_ARGS) { char objtypec = PG_GETARG_CHAR(0); Oid owner = PG_GETARG_OID(1); - GrantObjectType objtype = 0; + ObjectType objtype = 0; switch (objtypec) { case 'c': - objtype = ACL_OBJECT_COLUMN; + objtype = OBJECT_COLUMN; break; case 'r': - objtype = ACL_OBJECT_RELATION; + objtype = OBJECT_TABLE; break; case 's': - objtype = ACL_OBJECT_SEQUENCE; + objtype = OBJECT_SEQUENCE; break; case 'd': - objtype = ACL_OBJECT_DATABASE; + objtype = OBJECT_DATABASE; break; case 'f': - objtype = ACL_OBJECT_FUNCTION; + objtype = OBJECT_FUNCTION; break; case 'l': - objtype = ACL_OBJECT_LANGUAGE; + objtype = OBJECT_LANGUAGE; break; case 'L': - objtype = ACL_OBJECT_LARGEOBJECT; + objtype = OBJECT_LARGEOBJECT; break; case 'n': - objtype = ACL_OBJECT_NAMESPACE; + objtype = OBJECT_SCHEMA; break; case 't': - objtype = ACL_OBJECT_TABLESPACE; + objtype = OBJECT_TABLESPACE; break; case 'F': - objtype = ACL_OBJECT_FDW; + objtype = OBJECT_FDW; break; case 'S': - objtype = ACL_OBJECT_FOREIGN_SERVER; + objtype = OBJECT_FOREIGN_SERVER; break; case 'T': - objtype = ACL_OBJECT_TYPE; + objtype = OBJECT_TYPE; break; default: elog(ERROR, "unrecognized objtype abbreviation: %c", objtypec); diff --git a/src/include/commands/event_trigger.h b/src/include/commands/event_trigger.h index 8e4142391dd..0e1959462eb 100644 --- a/src/include/commands/event_trigger.h +++ b/src/include/commands/event_trigger.h @@ -50,7 +50,6 @@ extern void AlterEventTriggerOwner_oid(Oid, Oid newOwnerId); extern bool EventTriggerSupportsObjectType(ObjectType obtype); extern bool EventTriggerSupportsObjectClass(ObjectClass objclass); -extern bool EventTriggerSupportsGrantObjectType(GrantObjectType objtype); extern void EventTriggerDDLCommandStart(Node *parsetree); extern void EventTriggerDDLCommandEnd(Node *parsetree); extern void EventTriggerSQLDrop(Node *parsetree); diff --git a/src/include/nodes/parsenodes.h b/src/include/nodes/parsenodes.h index 0296784726f..93122adae85 100644 --- a/src/include/nodes/parsenodes.h +++ b/src/include/nodes/parsenodes.h @@ -1845,31 +1845,12 @@ typedef enum GrantTargetType ACL_TARGET_DEFAULTS /* ALTER DEFAULT PRIVILEGES */ } GrantTargetType; -typedef enum GrantObjectType -{ - ACL_OBJECT_COLUMN, /* column */ - ACL_OBJECT_RELATION, /* table, view */ - ACL_OBJECT_SEQUENCE, /* sequence */ - ACL_OBJECT_DATABASE, /* database */ - ACL_OBJECT_DOMAIN, /* domain */ - ACL_OBJECT_FDW, /* foreign-data wrapper */ - ACL_OBJECT_FOREIGN_SERVER, /* foreign server */ - ACL_OBJECT_FUNCTION, /* function */ - ACL_OBJECT_LANGUAGE, /* procedural language */ - ACL_OBJECT_LARGEOBJECT, /* largeobject */ - ACL_OBJECT_NAMESPACE, /* namespace */ - ACL_OBJECT_PROCEDURE, /* procedure */ - ACL_OBJECT_ROUTINE, /* routine */ - ACL_OBJECT_TABLESPACE, /* tablespace */ - ACL_OBJECT_TYPE /* type */ -} GrantObjectType; - typedef struct GrantStmt { NodeTag type; bool is_grant; /* true = GRANT, false = REVOKE */ GrantTargetType targtype; /* type of the grant target */ - GrantObjectType objtype; /* kind of object being operated on */ + ObjectType objtype; /* kind of object being operated on */ List *objects; /* list of RangeVar nodes, ObjectWithArgs * nodes, or plain names (as Value strings) */ List *privileges; /* list of AccessPriv nodes */ diff --git a/src/include/tcop/deparse_utility.h b/src/include/tcop/deparse_utility.h index 9b78748bfd0..8459463391a 100644 --- a/src/include/tcop/deparse_utility.h +++ b/src/include/tcop/deparse_utility.h @@ -97,7 +97,7 @@ typedef struct CollectedCommand /* ALTER DEFAULT PRIVILEGES */ struct { - GrantObjectType objtype; + ObjectType objtype; } defprivs; } d; } CollectedCommand; diff --git a/src/include/utils/acl.h b/src/include/utils/acl.h index 67c7b2d4acc..7db1606b8f0 100644 --- a/src/include/utils/acl.h +++ b/src/include/utils/acl.h @@ -163,7 +163,7 @@ typedef ArrayType Acl; #define ACL_ALL_RIGHTS_FUNCTION (ACL_EXECUTE) #define ACL_ALL_RIGHTS_LANGUAGE (ACL_USAGE) #define ACL_ALL_RIGHTS_LARGEOBJECT (ACL_SELECT|ACL_UPDATE) -#define ACL_ALL_RIGHTS_NAMESPACE (ACL_USAGE|ACL_CREATE) +#define ACL_ALL_RIGHTS_SCHEMA (ACL_USAGE|ACL_CREATE) #define ACL_ALL_RIGHTS_TABLESPACE (ACL_CREATE) #define ACL_ALL_RIGHTS_TYPE (ACL_USAGE) @@ -217,8 +217,8 @@ typedef enum AclObjectKind /* * routines used internally */ -extern Acl *acldefault(GrantObjectType objtype, Oid ownerId); -extern Acl *get_user_default_acl(GrantObjectType objtype, Oid ownerId, +extern Acl *acldefault(ObjectType objtype, Oid ownerId); +extern Acl *get_user_default_acl(ObjectType objtype, Oid ownerId, Oid nsp_oid); extern Acl *aclupdate(const Acl *old_acl, const AclItem *mod_aip, diff --git a/src/include/utils/aclchk_internal.h b/src/include/utils/aclchk_internal.h index 1843f50b5a0..f7c44fcd4ba 100644 --- a/src/include/utils/aclchk_internal.h +++ b/src/include/utils/aclchk_internal.h @@ -26,12 +26,12 @@ * Note: 'all_privs' and 'privileges' represent object-level privileges only. * There might also be column-level privilege specifications, which are * represented in col_privs (this is a list of untransformed AccessPriv nodes). - * Column privileges are only valid for objtype ACL_OBJECT_RELATION. + * Column privileges are only valid for objtype OBJECT_TABLE. */ typedef struct { bool is_grant; - GrantObjectType objtype; + ObjectType objtype; List *objects; bool all_privs; AclMode privileges; |