diff options
Diffstat (limited to 'src/backend/commands/user.c')
| -rw-r--r-- | src/backend/commands/user.c | 42 |
1 files changed, 26 insertions, 16 deletions
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index 71c5caa41b9..12afa18709e 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -423,8 +423,6 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt) new_record[Anum_pg_authid_rolbypassrls - 1] = BoolGetDatum(bypassrls); - tuple = heap_form_tuple(pg_authid_dsc, new_record, new_record_nulls); - /* * pg_largeobject_metadata contains pg_authid.oid's, so we use the * binary-upgrade override. @@ -436,14 +434,23 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt) (errcode(ERRCODE_INVALID_PARAMETER_VALUE), errmsg("pg_authid OID value not set when in binary upgrade mode"))); - HeapTupleSetOid(tuple, binary_upgrade_next_pg_authid_oid); + roleid = binary_upgrade_next_pg_authid_oid; binary_upgrade_next_pg_authid_oid = InvalidOid; } + else + { + roleid = GetNewOidWithIndex(pg_authid_rel, AuthIdOidIndexId, + Anum_pg_authid_oid); + } + + new_record[Anum_pg_authid_oid - 1] = ObjectIdGetDatum(roleid); + + tuple = heap_form_tuple(pg_authid_dsc, new_record, new_record_nulls); /* * Insert new record in the pg_authid table */ - roleid = CatalogTupleInsert(pg_authid_rel, tuple); + CatalogTupleInsert(pg_authid_rel, tuple); /* * Advance command counter so we can see new record; else tests in @@ -459,8 +466,9 @@ CreateRole(ParseState *pstate, CreateRoleStmt *stmt) { RoleSpec *oldrole = lfirst(item); HeapTuple oldroletup = get_rolespec_tuple(oldrole); - Oid oldroleid = HeapTupleGetOid(oldroletup); - char *oldrolename = NameStr(((Form_pg_authid) GETSTRUCT(oldroletup))->rolname); + Form_pg_authid oldroleform = (Form_pg_authid) GETSTRUCT(oldroletup); + Oid oldroleid = oldroleform->oid; + char *oldrolename = NameStr(oldroleform->rolname); AddRoleMems(oldrolename, oldroleid, list_make1(makeString(stmt->role)), @@ -679,7 +687,7 @@ AlterRole(AlterRoleStmt *stmt) tuple = get_rolespec_tuple(stmt->role); authform = (Form_pg_authid) GETSTRUCT(tuple); rolename = pstrdup(NameStr(authform->rolname)); - roleid = HeapTupleGetOid(tuple); + roleid = authform->oid; /* * To mess with a superuser you gotta be superuser; else you need @@ -886,6 +894,7 @@ Oid AlterRoleSet(AlterRoleSetStmt *stmt) { HeapTuple roletuple; + Form_pg_authid roleform; Oid databaseid = InvalidOid; Oid roleid = InvalidOid; @@ -895,19 +904,20 @@ AlterRoleSet(AlterRoleSetStmt *stmt) "Cannot alter reserved roles."); roletuple = get_rolespec_tuple(stmt->role); - roleid = HeapTupleGetOid(roletuple); + roleform = (Form_pg_authid) GETSTRUCT(roletuple); + roleid = roleform->oid; /* * Obtain a lock on the role and make sure it didn't go away in the * meantime. */ - shdepLockAndCheckObject(AuthIdRelationId, HeapTupleGetOid(roletuple)); + shdepLockAndCheckObject(AuthIdRelationId, roleid); /* * To mess with a superuser you gotta be superuser; else you need * createrole, or just want to change your own settings */ - if (((Form_pg_authid) GETSTRUCT(roletuple))->rolsuper) + if (roleform->rolsuper) { if (!superuser()) ereport(ERROR, @@ -916,8 +926,7 @@ AlterRoleSet(AlterRoleSetStmt *stmt) } else { - if (!have_createrole_privilege() && - HeapTupleGetOid(roletuple) != GetUserId()) + if (!have_createrole_privilege() && roleid != GetUserId()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("permission denied"))); @@ -987,6 +996,7 @@ DropRole(DropRoleStmt *stmt) char *role; HeapTuple tuple, tmp_tuple; + Form_pg_authid roleform; ScanKeyData scankey; char *detail; char *detail_log; @@ -1018,7 +1028,8 @@ DropRole(DropRoleStmt *stmt) continue; } - roleid = HeapTupleGetOid(tuple); + roleform = (Form_pg_authid) GETSTRUCT(tuple); + roleid = roleform->oid; if (roleid == GetUserId()) ereport(ERROR, @@ -1038,8 +1049,7 @@ DropRole(DropRoleStmt *stmt) * roles but not superuser roles. This is mainly to avoid the * scenario where you accidentally drop the last superuser. */ - if (((Form_pg_authid) GETSTRUCT(tuple))->rolsuper && - !superuser()) + if (roleform->rolsuper && !superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("must be superuser to drop superusers"))); @@ -1173,8 +1183,8 @@ RenameRole(const char *oldname, const char *newname) * effective userid, though. */ - roleid = HeapTupleGetOid(oldtuple); authform = (Form_pg_authid) GETSTRUCT(oldtuple); + roleid = authform->oid; if (roleid == GetSessionUserId()) ereport(ERROR, |