diff options
| author | Robert Haas | 2022-11-18 17:32:50 +0000 |
|---|---|---|
| committer | Robert Haas | 2022-11-18 17:32:56 +0000 |
| commit | 3d14e171e9e2236139e8976f3309a588bcc8683b (patch) | |
| tree | 3a93134fefd39082982fc4aedc9cecedceea48a5 /src/bin | |
| parent | f84ff0c6d4eb4e470e55f48103a7edd269d13c49 (diff) | |
Add a SET option to the GRANT command.
Similar to how the INHERIT option controls whether or not the
permissions of the granted role are automatically available to the
grantee, the new SET permission controls whether or not the grantee
may use the SET ROLE command to assume the privileges of the granted
role.
In addition, the new SET permission controls whether or not it
is possible to transfer ownership of objects to the target role
or to create new objects owned by the target role using commands
such as CREATE DATABASE .. OWNER. We could alternatively have made
this controlled by the INHERIT option, or allow it when either
option is given. An advantage of this approach is that if you
are granted a predefined role with INHERIT TRUE, SET FALSE, you
can't go and create objects owned by that role.
The underlying theory here is that the ability to create objects
as a target role is not a privilege per se, and thus does not
depend on whether you inherit the target role's privileges. However,
it's surely something you could do anyway if you could SET ROLE
to the target role, and thus making it contingent on whether you
have that ability is reasonable.
Design review by Nathan Bossat, Wolfgang Walther, Jeff Davis,
Peter Eisentraut, and Stephen Frost.
Discussion: http://postgr.es/m/CA+Tgmob+zDSRS6JXYrgq0NWdzCXuTNzT5eK54Dn2hhgt17nm8A@mail.gmail.com
Diffstat (limited to 'src/bin')
| -rw-r--r-- | src/bin/pg_dump/pg_dumpall.c | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/src/bin/pg_dump/pg_dumpall.c b/src/bin/pg_dump/pg_dumpall.c index 083012ca39d..76a186b6394 100644 --- a/src/bin/pg_dump/pg_dumpall.c +++ b/src/bin/pg_dump/pg_dumpall.c @@ -955,8 +955,9 @@ dumpRoleMembership(PGconn *conn) end, total; bool dump_grantors; - bool dump_inherit_option; + bool dump_grant_options; int i_inherit_option; + int i_set_option; /* * Previous versions of PostgreSQL didn't used to track the grantor very @@ -968,10 +969,10 @@ dumpRoleMembership(PGconn *conn) dump_grantors = (PQserverVersion(conn) >= 160000); /* - * Previous versions of PostgreSQL also did not have a grant-level + * Previous versions of PostgreSQL also did not have grant-level options. * INHERIT option. */ - dump_inherit_option = (server_version >= 160000); + dump_grant_options = (server_version >= 160000); /* Generate and execute query. */ printfPQExpBuffer(buf, "SELECT ur.rolname AS role, " @@ -979,8 +980,8 @@ dumpRoleMembership(PGconn *conn) "ug.oid AS grantorid, " "ug.rolname AS grantor, " "a.admin_option"); - if (dump_inherit_option) - appendPQExpBufferStr(buf, ", a.inherit_option"); + if (dump_grant_options) + appendPQExpBufferStr(buf, ", a.inherit_option, a.set_option"); appendPQExpBuffer(buf, " FROM pg_auth_members a " "LEFT JOIN %s ur on ur.oid = a.roleid " "LEFT JOIN %s um on um.oid = a.member " @@ -989,6 +990,7 @@ dumpRoleMembership(PGconn *conn) "ORDER BY 1,2,4", role_catalog, role_catalog, role_catalog); res = executeQuery(conn, buf->data); i_inherit_option = PQfnumber(res, "inherit_option"); + i_set_option = PQfnumber(res, "set_option"); if (PQntuples(res) > 0) fprintf(OPF, "--\n-- Role memberships\n--\n\n"); @@ -1059,6 +1061,7 @@ dumpRoleMembership(PGconn *conn) char *admin_option; char *grantorid; char *grantor; + char *set_option = "true"; bool found; /* If we already did this grant, don't do it again. */ @@ -1069,6 +1072,8 @@ dumpRoleMembership(PGconn *conn) grantorid = PQgetvalue(res, i, 2); grantor = PQgetvalue(res, i, 3); admin_option = PQgetvalue(res, i, 4); + if (dump_grant_options) + set_option = PQgetvalue(res, i, i_set_option); /* * If we're not dumping grantors or if the grantor is the @@ -1098,7 +1103,7 @@ dumpRoleMembership(PGconn *conn) fprintf(OPF, " TO %s", fmtId(member)); if (*admin_option == 't') appendPQExpBufferStr(optbuf, "ADMIN OPTION"); - if (dump_inherit_option) + if (dump_grant_options) { char *inherit_option; @@ -1109,6 +1114,12 @@ dumpRoleMembership(PGconn *conn) *inherit_option == 't' ? "TRUE" : "FALSE"); } + if (*set_option != 't') + { + if (optbuf->data[0] != '\0') + appendPQExpBufferStr(optbuf, ", "); + appendPQExpBuffer(optbuf, "SET FALSE"); + } if (optbuf->data[0] != '\0') fprintf(OPF, " WITH %s", optbuf->data); if (dump_grantors) |