1 files changed, 20 insertions, 1 deletions

diff --git a/src/backend/commands/indexcmds.c b/src/backend/commands/indexcmds.c
index 14889a4f0c3..df6f81cd1db 100644
--- a/src/backend/commands/indexcmds.c
+++ b/src/backend/commands/indexcmds.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.71 2002/04/17 20:57:56 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/commands/indexcmds.c,v 1.72 2002/04/27 03:45:01 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -30,6 +30,7 @@
 #include "parser/parsetree.h"
 #include "parser/parse_coerce.h"
 #include "parser/parse_func.h"
+#include "utils/acl.h"
 #include "utils/builtins.h"
 #include "utils/lsyscache.h"
 #include "utils/syscache.h"
@@ -73,6 +74,7 @@ DefineIndex(RangeVar *heapRelation,
 	Oid		   *classObjectId;
 	Oid			accessMethodId;
 	Oid			relationId;
+	Oid			namespaceId;
 	Relation	rel;
 	HeapTuple	tuple;
 	Form_pg_am	accessMethodForm;
@@ -102,6 +104,7 @@ DefineIndex(RangeVar *heapRelation,
 			 heapRelation->relname);
 
 	relationId = RelationGetRelid(rel);
+	namespaceId = RelationGetNamespace(rel);
 
 	if (!IsBootstrapProcessingMode() &&
 		IsSystemRelation(rel) &&
@@ -111,6 +114,22 @@ DefineIndex(RangeVar *heapRelation,
 	heap_close(rel, NoLock);
 
 	/*
+	 * Verify we (still) have CREATE rights in the rel's namespace.
+	 * (Presumably we did when the rel was created, but maybe not anymore.)
+	 * Skip check if bootstrapping, since permissions machinery may not
+	 * be working yet; also, always allow if it's a temp table.
+	 */
+	if (!IsBootstrapProcessingMode() && !isTempNamespace(namespaceId))
+	{
+		AclResult	aclresult;
+
+		aclresult = pg_namespace_aclcheck(namespaceId, GetUserId(),
+										  ACL_CREATE);
+		if (aclresult != ACLCHECK_OK)
+			aclcheck_error(aclresult, get_namespace_name(namespaceId));
+	}
+
+	/*
 	 * look up the access method, verify it can handle the requested
 	 * features
 	 */