* files on the server as the PG user, so no need to do any further checks
* here.
*/
- if (is_member_of_role(GetUserId(), ROLE_PG_WRITE_SERVER_FILES))
+ if (has_privs_of_role(GetUserId(), ROLE_PG_WRITE_SERVER_FILES))
return filename;
/*
ALTER FOREIGN TABLE agg_text OPTIONS (SET format 'text');
SET ROLE regress_file_fdw_user;
ALTER FOREIGN TABLE agg_text OPTIONS (SET format 'text');
-ERROR: only superuser or a member of the pg_read_server_files role may specify the filename option of a file_fdw foreign table
+ERROR: only superuser or a role with privileges of the pg_read_server_files role may specify the filename option of a file_fdw foreign table
SET ROLE regress_file_fdw_superuser;
-- cleanup
RESET ROLE;
* otherwise there'd still be a security hole.
*/
if (strcmp(def->defname, "filename") == 0 &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_SERVER_FILES))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_SERVER_FILES))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("only superuser or a member of the pg_read_server_files role may specify the filename option of a file_fdw foreign table")));
+ errmsg("only superuser or a role with privileges of the pg_read_server_files role may specify the filename option of a file_fdw foreign table")));
if (strcmp(def->defname, "program") == 0 &&
- !is_member_of_role(GetUserId(), ROLE_PG_EXECUTE_SERVER_PROGRAM))
+ !has_privs_of_role(GetUserId(), ROLE_PG_EXECUTE_SERVER_PROGRAM))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("only superuser or a member of the pg_execute_server_program role may specify the program option of a file_fdw foreign table")));
+ errmsg("only superuser or a role with privileges of the pg_execute_server_program role may specify the program option of a file_fdw foreign table")));
filename = defGetString(def);
}
HASH_SEQ_STATUS hash_seq;
pgssEntry *entry;
- /* Superusers or members of pg_read_all_stats members are allowed */
- is_allowed_role = is_member_of_role(userid, ROLE_PG_READ_ALL_STATS);
+ /* Superusers or roles with the privileges of pg_read_all_stats members are allowed */
+ is_allowed_role = has_privs_of_role(userid, ROLE_PG_READ_ALL_STATS);
/* hash table must exist already */
if (!pgss || !pgss_hash)
aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
ACL_SELECT);
if (aclresult != ACLCHECK_OK)
- aclresult = is_member_of_role(GetUserId(), ROLE_PG_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
+ aclresult = has_privs_of_role(GetUserId(), ROLE_PG_STAT_SCAN_TABLES) ? ACLCHECK_OK : ACLCHECK_NO_PRIV;
if (aclresult != ACLCHECK_OK)
aclcheck_error(aclresult, get_relkind_objtype(rel->rd_rel->relkind),
functions in <xref linkend="functions-admin-genfile-table"/>, which
provide read-only access.)
Only files within the database cluster directory can be accessed, unless the
- user is a superuser or given one of the pg_read_server_files, or pg_write_server_files
- roles, as appropriate for the function, but either a relative or absolute path is
- allowable.
+ user is a superuser or given privileges of one of the pg_read_server_files,
+ or pg_write_server_files roles, as appropriate for the function, but either a
+ relative or absolute path is allowable.
</para>
<table id="functions-adminpack-table">
<para>
By default, the <structname>pg_backend_memory_contexts</structname> view can be
- read only by superusers or members of the <literal>pg_read_all_stats</literal>
- role.
+ read only by superusers or roles with the privileges of the
+ <literal>pg_read_all_stats</literal> role.
</para>
</sect1>
<para>
Configuration file the current value was set in (null for
values set from sources other than configuration files, or when
- examined by a user who is neither a superuser or a member of
+ examined by a user who neither is a superuser nor has privileges of
<literal>pg_read_all_settings</literal>); helpful when using
<literal>include</literal> directives in configuration files
</para></entry>
<para>
Line number within the configuration file the current value was
set at (null for values set from sources other than configuration files,
- or when examined by a user who is neither a superuser or a member of
+ or when examined by a user who neither is a superuser nor has privileges of
<literal>pg_read_all_settings</literal>).
</para></entry>
</row>
<para>
By default, the <structname>pg_shmem_allocations</structname> view can be
- read only by superusers or members of the <literal>pg_read_all_stats</literal>
- role.
+ read only by superusers or roles with privileges of the
+ <literal>pg_read_all_stats</literal> role.
</para>
</sect1>
Cancels the current query of the session whose backend process has the
specified process ID. This is also allowed if the
calling role is a member of the role whose backend is being canceled or
- the calling role has been granted <literal>pg_signal_backend</literal>,
+ the calling role has privileges of <literal>pg_signal_backend</literal>,
however only superusers can cancel superuser backends.
</para></entry>
</row>
Terminates the session whose backend process has the
specified process ID. This is also allowed if the calling role
is a member of the role whose backend is being terminated or the
- calling role has been granted <literal>pg_signal_backend</literal>,
+ calling role has privileges of <literal>pg_signal_backend</literal>,
however only superusers can terminate superuser backends.
</para>
<para>
Computes the total disk space used by the database with the specified
name or OID. To use this function, you must
have <literal>CONNECT</literal> privilege on the specified database
- (which is granted by default) or be a member of
+ (which is granted by default) or have privileges of
the <literal>pg_read_all_stats</literal> role.
</para></entry>
</row>
Computes the total disk space used in the tablespace with the
specified name or OID. To use this function, you must
have <literal>CREATE</literal> privilege on the specified tablespace
- or be a member of the <literal>pg_read_all_stats</literal> role,
+ or have privileges of the <literal>pg_read_all_stats</literal> role,
unless it is the default tablespace for the current database.
</para></entry>
</row>
a dot, directories, and other special files are excluded.
</para>
<para>
- This function is restricted to superusers and members of
+ This function is restricted to superusers and roles with privileges of
the <literal>pg_monitor</literal> role by default, but other users can
be granted EXECUTE to run the function.
</para></entry>
are excluded.
</para>
<para>
- This function is restricted to superusers and members of
+ This function is restricted to superusers and roles with privileges of
the <literal>pg_monitor</literal> role by default, but other users can
be granted EXECUTE to run the function.
</para></entry>
(sessions belonging to a role that they are a member of). In rows about
other sessions, many columns will be null. Note, however, that the
existence of a session and its general properties such as its sessions user
- and database are visible to all users. Superusers and members of the
+ and database are visible to all users. Superusers and roles with privileges of
built-in role <literal>pg_read_all_stats</literal> (see also <xref
linkend="predefined-roles"/>) can see all the information about all sessions.
</para>
</para>
<para>
- By default, use is restricted to superusers and members of the
+ By default, use is restricted to superusers and roles with privileges of the
<literal>pg_monitor</literal> role. Access may be granted to others
using <command>GRANT</command>.
</para>
</para>
<para>
- By default use is restricted to superusers and members of the
+ By default use is restricted to superusers and roles with privileges of the
<literal>pg_stat_scan_tables</literal> role. Access may be granted to others
using <command>GRANT</command>.
</para>
</para>
<para>
- By default use is restricted to superusers, members of the
+ By default use is restricted to superusers, roles with privileges of the
<literal>pg_stat_scan_tables</literal> role, and users with
<literal>SELECT</literal> permissions on the table.
</para>
</table>
<para>
- For security reasons, only superusers and members of the
+ For security reasons, only superusers and roles with privileges of the
<literal>pg_read_all_stats</literal> role are allowed to see the SQL text and
<structfield>queryid</structfield> of queries executed by other users.
Other users can see the statistics, however, if the view has been installed
</variablelist>
<para>
- By default, these functions are executable only by superusers and members of the
- <literal>pg_stat_scan_tables</literal> role, with the exception of
+ By default, these functions are executable only by superusers and roles with privileges
+ of the <literal>pg_stat_scan_tables</literal> role, with the exception of
<function>pg_truncate_visibility_map(relation regclass)</function> which can only
be executed by superusers.
</para>
{
if (stmt->is_program)
{
- if (!is_member_of_role(GetUserId(), ROLE_PG_EXECUTE_SERVER_PROGRAM))
+ if (!has_privs_of_role(GetUserId(), ROLE_PG_EXECUTE_SERVER_PROGRAM))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("must be superuser or a member of the pg_execute_server_program role to COPY to or from an external program"),
+ errmsg("must be superuser or have privileges of the pg_execute_server_program role to COPY to or from an external program"),
errhint("Anyone can COPY to stdout or from stdin. "
"psql's \\copy command also works for anyone.")));
}
else
{
- if (is_from && !is_member_of_role(GetUserId(), ROLE_PG_READ_SERVER_FILES))
+ if (is_from && !has_privs_of_role(GetUserId(), ROLE_PG_READ_SERVER_FILES))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("must be superuser or a member of the pg_read_server_files role to COPY from a file"),
+ errmsg("must be superuser or have privileges of the pg_read_server_files role to COPY from a file"),
errhint("Anyone can COPY to stdout or from stdin. "
"psql's \\copy command also works for anyone.")));
- if (!is_from && !is_member_of_role(GetUserId(), ROLE_PG_WRITE_SERVER_FILES))
+ if (!is_from && !has_privs_of_role(GetUserId(), ROLE_PG_WRITE_SERVER_FILES))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("must be superuser or a member of the pg_write_server_files role to COPY to a file"),
+ errmsg("must be superuser or have privileges of the pg_write_server_files role to COPY to a file"),
errhint("Anyone can COPY to stdout or from stdin. "
"psql's \\copy command also works for anyone.")));
}
/* Fetch values */
values[0] = Int32GetDatum(pid);
- if (!is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
+ if (!has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
{
/*
- * Only superusers and members of pg_read_all_stats can see details.
- * Other users only get the pid value to know whether it is a WAL
- * receiver, but no details.
+ * Only superusers and roles with privileges of pg_read_all_stats
+ * can see details. Other users only get the pid value to know whether
+ * it is a WAL receiver, but no details.
*/
MemSet(&nulls[1], true, sizeof(bool) * (tupdesc->natts - 1));
}
memset(nulls, 0, sizeof(nulls));
values[0] = Int32GetDatum(pid);
- if (!is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
+ if (!has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
{
/*
- * Only superusers and members of pg_read_all_stats can see
- * details. Other users only get the pid value to know it's a
- * walsender, but no details.
+ * Only superusers and roles with privileges of pg_read_all_stats
+ * can see details. Other users only get the pid value to know
+ * it's a walsender, but no details.
*/
MemSet(&nulls[1], true, PG_STAT_GET_WAL_SENDERS_COLS - 1);
}
* Is member a member of role (directly or indirectly)?
*
* This is defined to recurse through roles regardless of rolinherit.
+ *
+ * Do not use this for privilege checking, instead use has_privs_of_role()
*/
bool
is_member_of_role(Oid member, Oid role)
*
* This is identical to is_member_of_role except we ignore superuser
* status.
+ *
+ * Do not use this for privilege checking, instead use has_privs_of_role()
*/
bool
is_member_of_role_nosuper(Oid member, Oid role)
AclResult aclresult;
/*
- * User must have connect privilege for target database or be a member of
+ * User must have connect privilege for target database or have privileges of
* pg_read_all_stats
*/
aclresult = pg_database_aclcheck(dbOid, GetUserId(), ACL_CONNECT);
if (aclresult != ACLCHECK_OK &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
{
aclcheck_error(aclresult, OBJECT_DATABASE,
get_database_name(dbOid));
AclResult aclresult;
/*
- * User must be a member of pg_read_all_stats or have CREATE privilege for
+ * User must have privileges of pg_read_all_stats or have CREATE privilege for
* target tablespace, either explicitly granted or implicitly because it
* is default for current database.
*/
if (tblspcOid != MyDatabaseTableSpace &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS))
{
aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE);
if (aclresult != ACLCHECK_OK)
canonicalize_path(filename); /* filename can change length here */
/*
- * Members of the 'pg_read_server_files' role are allowed to access any
- * files on the server as the PG user, so no need to do any further checks
+ * Roles with privleges of the 'pg_read_server_files' role are allowed to access
+ * any files on the server as the PG user, so no need to do any further checks
* here.
*/
- if (is_member_of_role(GetUserId(), ROLE_PG_READ_SERVER_FILES))
+ if (has_privs_of_role(GetUserId(), ROLE_PG_READ_SERVER_FILES))
return filename;
/*
#define UINT32_ACCESS_ONCE(var) ((uint32)(*((volatile uint32 *)&(var))))
-#define HAS_PGSTAT_PERMISSIONS(role) (is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS) || has_privs_of_role(GetUserId(), role))
+#define HAS_PGSTAT_PERMISSIONS(role) (has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS) || has_privs_of_role(GetUserId(), role))
Datum
pg_stat_get_numscans(PG_FUNCTION_ARGS)
return NULL;
if (restrict_privileged &&
(record->flags & GUC_SUPERUSER_ONLY) &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("must be superuser or a member of pg_read_all_settings to examine \"%s\"",
+ errmsg("must be superuser or have privileges of pg_read_all_settings to examine \"%s\"",
name)));
switch (record->vartype)
record = find_option(name, false, false, ERROR);
Assert(record != NULL);
if ((record->flags & GUC_SUPERUSER_ONLY) &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("must be superuser or a member of pg_read_all_settings to examine \"%s\"",
+ errmsg("must be superuser or have privileges of pg_read_all_settings to examine \"%s\"",
name)));
switch (record->vartype)
if ((conf->flags & GUC_NO_SHOW_ALL) ||
((conf->flags & GUC_SUPERUSER_ONLY) &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS)))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS)))
continue;
/* assign to the values array */
/* return only options visible to the current user */
if ((conf->flags & GUC_NO_SHOW_ALL) ||
((conf->flags & GUC_SUPERUSER_ONLY) &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS)))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS)))
continue;
/* return only options that are different from their boot values */
}
if ((record->flags & GUC_SUPERUSER_ONLY) &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
- errmsg("must be superuser or a member of pg_read_all_settings to examine \"%s\"",
+ errmsg("must be superuser or have privileges of pg_read_all_settings to examine \"%s\"",
name)));
if (varname)
{
if ((conf->flags & GUC_NO_SHOW_ALL) ||
((conf->flags & GUC_SUPERUSER_ONLY) &&
- !is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS)))
+ !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS)))
*noshow = true;
else
*noshow = false;
* insufficiently-privileged users.
*/
if (conf->source == PGC_S_FILE &&
- is_member_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
+ has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_SETTINGS))
{
values[14] = conf->sourcefile;
snprintf(buffer, sizeof(buffer), "%d", conf->sourceline);
SET SESSION AUTHORIZATION regress_role_nopriv;
-- fails with role not member of pg_read_all_settings
SHOW session_preload_libraries;
-ERROR: must be superuser or a member of pg_read_all_settings to examine "session_preload_libraries"
+ERROR: must be superuser or have privileges of pg_read_all_settings to examine "session_preload_libraries"
RESET SESSION AUTHORIZATION;
ERROR: current transaction is aborted, commands ignored until end of transaction block
ROLLBACK;
projects / users / gsingh / postgres.git / commitdiff