* pg_read_all_data role, which allows read access to all relations.
*/
if (mask & ACL_SELECT && !(result & ACL_SELECT) &&
- has_privs_of_role(roleid, ROLE_READ_ALL_DATA))
+ has_privs_of_role(roleid, ROLE_PG_READ_ALL_DATA))
result |= ACL_SELECT;
/*
*/
if (mask & (ACL_INSERT | ACL_UPDATE | ACL_DELETE) &&
!(result & (ACL_INSERT | ACL_UPDATE | ACL_DELETE)) &&
- has_privs_of_role(roleid, ROLE_WRITE_ALL_DATA))
+ has_privs_of_role(roleid, ROLE_PG_WRITE_ALL_DATA))
result |= (mask & (ACL_INSERT | ACL_UPDATE | ACL_DELETE));
return result;
* access to all schemas.
*/
if (mask & ACL_USAGE && !(result & ACL_USAGE) &&
- (has_privs_of_role(roleid, ROLE_READ_ALL_DATA) ||
- has_privs_of_role(roleid, ROLE_WRITE_ALL_DATA)))
+ (has_privs_of_role(roleid, ROLE_PG_READ_ALL_DATA) ||
+ has_privs_of_role(roleid, ROLE_PG_WRITE_ALL_DATA)))
result |= ACL_USAGE;
return result;
}
* situation-dependent member. There's no technical need for this
* restriction. (One could lift it and take the further step of making
* pg_database_ownercheck() equivalent to has_privs_of_role(roleid,
- * ROLE_DATABASE_OWNER), in which case explicit,
- * situation-independent members could act as the owner of any database.)
+ * ROLE_PG_DATABASE_OWNER), in which case explicit, situation-independent
+ * members could act as the owner of any database.)
*/
- if (roleid == ROLE_DATABASE_OWNER)
+ if (roleid == ROLE_PG_DATABASE_OWNER)
ereport(ERROR,
errmsg("role \"%s\" cannot have explicit members", rolename));
* shared object. (The effect of such ownership is that any owner of
* another database can act as the owner of affected shared objects.)
*/
- if (memberid == ROLE_DATABASE_OWNER)
+ if (memberid == ROLE_PG_DATABASE_OWNER)
ereport(ERROR,
errmsg("role \"%s\" cannot be a member of any role",
get_rolespec_name(memberRole)));
/*
* Role expansion happens in a non-database backend when guc.c checks
- * ROLE_READ_ALL_SETTINGS for a physical walsender SHOW command.
- * In that case, no role gets pg_database_owner.
+ * ROLE_PG_READ_ALL_SETTINGS for a physical walsender SHOW command. In
+ * that case, no role gets pg_database_owner.
*/
if (!OidIsValid(MyDatabaseId))
dba = InvalidOid;
/* implement pg_database_owner implicit membership */
if (memberid == dba && OidIsValid(dba))
roles_list = list_append_unique_oid(roles_list,
- ROLE_DATABASE_OWNER);
+ ROLE_PG_DATABASE_OWNER);
}
/*
rolcreaterole => 't', rolcreatedb => 't', rolcanlogin => 't',
rolreplication => 't', rolbypassrls => 't', rolconnlimit => '-1',
rolpassword => '_null_', rolvaliduntil => '_null_' },
-{ oid => '8778', oid_symbol => 'ROLE_DATABASE_OWNER',
+{ oid => '8778', oid_symbol => 'ROLE_PG_DATABASE_OWNER',
rolname => 'pg_database_owner', rolsuper => 'f', rolinherit => 't',
rolcreaterole => 'f', rolcreatedb => 'f', rolcanlogin => 'f',
rolreplication => 'f', rolbypassrls => 'f', rolconnlimit => '-1',
rolpassword => '_null_', rolvaliduntil => '_null_' },
-{ oid => '9274', oid_symbol => 'ROLE_READ_ALL_DATA',
+{ oid => '9274', oid_symbol => 'ROLE_PG_READ_ALL_DATA',
rolname => 'pg_read_all_data', rolsuper => 'f', rolinherit => 't',
rolcreaterole => 'f', rolcreatedb => 'f', rolcanlogin => 'f',
rolreplication => 'f', rolbypassrls => 'f', rolconnlimit => '-1',
rolpassword => '_null_', rolvaliduntil => '_null_' },
-{ oid => '9275', oid_symbol => 'ROLE_WRITE_ALL_DATA',
+{ oid => '9275', oid_symbol => 'ROLE_PG_WRITE_ALL_DATA',
rolname => 'pg_write_all_data', rolsuper => 'f', rolinherit => 't',
rolcreaterole => 'f', rolcreatedb => 'f', rolcanlogin => 'f',
rolreplication => 'f', rolbypassrls => 'f', rolconnlimit => '-1',
projects / users / c2main / postgres.git / commitdiff