Cause '*' and 'foo.*' notations to mark the referenced RTE(s) as

requiring read permissions.  Up till now there was no possible case
in which the RTEs wouldn't already have ACL_SELECT set ... but now that
you can say something like 'INSERT INTO foo ... RETURNING *' this is
an essential step.  With this commit, a RETURNING clause adds the
requirement for SELECT permissions on the target table if and only if
the clause actually reads the value of at least one target-table column.

diff --git a/src/backend/parser/parse_clause.c b/src/backend/parser/parse_clause.c
index 021fb3fa553f586f5e059c0f908a717638e090cc..70b6946d5fa78a8cbeced4049b72f8da5bc513e4 100644 (file)
--- a/src/backend/parser/parse_clause.c
+++ b/src/backend/parser/parse_clause.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.156 2006/08/12 20:05:55 tgl Exp $
+ *       $PostgreSQL: pgsql/src/backend/parser/parse_clause.c,v 1.157 2006/08/14 23:39:32 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -173,8 +173,9 @@ setTargetTable(ParseState *pstate, RangeVar *relation,
         * permissions.
         *
         * If we find an explicit reference to the rel later during parse
-        * analysis, scanRTEForColumn will add the ACL_SELECT bit back again. That
-        * can't happen for INSERT but it is possible for UPDATE and DELETE.
+        * analysis, we will add the ACL_SELECT bit back again; see
+        * scanRTEForColumn (for simple field references), ExpandColumnRefStar
+        * (for foo.*) and ExpandAllTables (for *).
         */
        rte->requiredPerms = requiredPerms;
 

diff --git a/src/backend/parser/parse_target.c b/src/backend/parser/parse_target.c
index 9258acccfbc8a5a86578809bd9ffb445618a32a1..961e3205432b9ecd03fcd171d9846d0c24ad0930 100644 (file)
--- a/src/backend/parser/parse_target.c
+++ b/src/backend/parser/parse_target.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.147 2006/08/02 01:59:47 joe Exp $
+ *       $PostgreSQL: pgsql/src/backend/parser/parse_target.c,v 1.148 2006/08/14 23:39:32 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -889,6 +889,9 @@ ExpandColumnRefStar(ParseState *pstate, ColumnRef *cref,
                        rte = addImplicitRTE(pstate, makeRangeVar(schemaname, relname),
                                                                 cref->location);
 
+               /* Require read access --- see comments in setTargetTable() */
+               rte->requiredPerms |= ACL_SELECT;
+
                rtindex = RTERangeTablePosn(pstate, rte, &sublevels_up);
 
                if (targetlist)
@@ -930,6 +933,9 @@ ExpandAllTables(ParseState *pstate)
                RangeTblEntry *rte = (RangeTblEntry *) lfirst(l);
                int                     rtindex = RTERangeTablePosn(pstate, rte, NULL);
 
+               /* Require read access --- see comments in setTargetTable() */
+               rte->requiredPerms |= ACL_SELECT;
+
                target = list_concat(target,
                                                         expandRelAttrs(pstate, rte, rtindex, 0));
        }