AclMode
pg_attribute_aclmask(Oid table_oid, AttrNumber attnum, Oid roleid,
AclMode mask, AclMaskHow how)
+{
+ return pg_attribute_aclmask_ext(table_oid, attnum, roleid,
+ mask, how, NULL);
+}
+
+/*
+ * Exported routine for examining a user's privileges for a column
+ *
+ * Does the bulk of the work for pg_attribute_aclmask(), and allows other
+ * callers to avoid the missing attribute ERROR when is_missing is non-NULL.
+ */
+AclMode
+pg_attribute_aclmask_ext(Oid table_oid, AttrNumber attnum, Oid roleid,
+ AclMode mask, AclMaskHow how, bool *is_missing)
{
AclMode result;
HeapTuple classTuple;
ObjectIdGetDatum(table_oid),
Int16GetDatum(attnum));
if (!HeapTupleIsValid(attTuple))
- ereport(ERROR,
- (errcode(ERRCODE_UNDEFINED_COLUMN),
- errmsg("attribute %d of relation with OID %u does not exist",
- attnum, table_oid)));
+ {
+ if (is_missing != NULL)
+ {
+ /* return "no privileges" instead of throwing an error */
+ *is_missing = true;
+ return 0;
+ }
+ else
+ ereport(ERROR,
+ (errcode(ERRCODE_UNDEFINED_COLUMN),
+ errmsg("attribute %d of relation with OID %u does not exist",
+ attnum, table_oid)));
+ }
+
attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
- /* Throw error on dropped columns, too */
+ /* Check dropped columns, too */
if (attributeForm->attisdropped)
- ereport(ERROR,
- (errcode(ERRCODE_UNDEFINED_COLUMN),
- errmsg("attribute %d of relation with OID %u does not exist",
- attnum, table_oid)));
+ {
+ if (is_missing != NULL)
+ {
+ /* return "no privileges" instead of throwing an error */
+ *is_missing = true;
+ ReleaseSysCache(attTuple);
+ return 0;
+ }
+ else
+ ereport(ERROR,
+ (errcode(ERRCODE_UNDEFINED_COLUMN),
+ errmsg("attribute %d of relation with OID %u does not exist",
+ attnum, table_oid)));
+ }
aclDatum = SysCacheGetAttr(ATTNUM, attTuple, Anum_pg_attribute_attacl,
&isNull);
AclMode
pg_class_aclmask(Oid table_oid, Oid roleid,
AclMode mask, AclMaskHow how)
+{
+ return pg_class_aclmask_ext(table_oid, roleid, mask, how, NULL);
+}
+
+/*
+ * Exported routine for examining a user's privileges for a table
+ *
+ * Does the bulk of the work for pg_class_aclmask(), and allows other
+ * callers to avoid the missing relation ERROR when is_missing is non-NULL.
+ */
+AclMode
+pg_class_aclmask_ext(Oid table_oid, Oid roleid, AclMode mask,
+ AclMaskHow how, bool *is_missing)
{
AclMode result;
HeapTuple tuple;
*/
tuple = SearchSysCache1(RELOID, ObjectIdGetDatum(table_oid));
if (!HeapTupleIsValid(tuple))
- ereport(ERROR,
- (errcode(ERRCODE_UNDEFINED_TABLE),
- errmsg("relation with OID %u does not exist",
- table_oid)));
+ {
+ if (is_missing != NULL)
+ {
+ /* return "no privileges" instead of throwing an error */
+ *is_missing = true;
+ return 0;
+ }
+ else
+ ereport(ERROR,
+ (errcode(ERRCODE_UNDEFINED_TABLE),
+ errmsg("relation with OID %u does not exist",
+ table_oid)));
+ }
+
classForm = (Form_pg_class) GETSTRUCT(tuple);
/*
pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum,
Oid roleid, AclMode mode)
{
- if (pg_attribute_aclmask(table_oid, attnum, roleid, mode, ACLMASK_ANY) != 0)
+ return pg_attribute_aclcheck_ext(table_oid, attnum, roleid, mode, NULL);
+}
+
+
+/*
+ * Exported routine for checking a user's access privileges to a column
+ *
+ * Does the bulk of the work for pg_attribute_aclcheck(), and allows other
+ * callers to avoid the missing attribute ERROR when is_missing is non-NULL.
+ */
+AclResult
+pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum,
+ Oid roleid, AclMode mode, bool *is_missing)
+{
+ if (pg_attribute_aclmask_ext(table_oid, attnum, roleid, mode,
+ ACLMASK_ANY, is_missing) != 0)
return ACLCHECK_OK;
else
return ACLCHECK_NO_PRIV;
AclResult
pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode)
{
- if (pg_class_aclmask(table_oid, roleid, mode, ACLMASK_ANY) != 0)
+ return pg_class_aclcheck_ext(table_oid, roleid, mode, NULL);
+}
+
+/*
+ * Exported routine for checking a user's access privileges to a table
+ *
+ * Does the bulk of the work for pg_class_aclcheck(), and allows other
+ * callers to avoid the missing relation ERROR when is_missing is non-NULL.
+ */
+AclResult
+pg_class_aclcheck_ext(Oid table_oid, Oid roleid,
+ AclMode mode, bool *is_missing)
+{
+ if (pg_class_aclmask_ext(table_oid, roleid, mode,
+ ACLMASK_ANY, is_missing) != 0)
return ACLCHECK_OK;
else
return ACLCHECK_NO_PRIV;
Oid roleid, AclMode mode)
{
AclResult aclresult;
- HeapTuple attTuple;
- Form_pg_attribute attributeForm;
+ bool is_missing = false;
/*
* If convert_column_name failed, we can just return -1 immediately.
return -1;
/*
- * First check if we have the privilege at the table level. We check
- * existence of the pg_class row before risking calling pg_class_aclcheck.
- * Note: it might seem there's a race condition against concurrent DROP,
- * but really it's safe because there will be no syscache flush between
- * here and there. So if we see the row in the syscache, so will
- * pg_class_aclcheck.
+ * Check for column-level privileges first. This serves in
+ * part as a check on whether the column even exists, so we
+ * need to do it before checking table-level privilege.
*/
- if (!SearchSysCacheExists1(RELOID, ObjectIdGetDatum(tableoid)))
+ aclresult = pg_attribute_aclcheck_ext(tableoid, attnum, roleid,
+ mode, &is_missing);
+ if (aclresult == ACLCHECK_OK)
+ return 1;
+ else if (is_missing)
return -1;
- aclresult = pg_class_aclcheck(tableoid, roleid, mode);
-
+ /* Next check if we have the privilege at the table level */
+ aclresult = pg_class_aclcheck_ext(tableoid, roleid, mode, &is_missing);
if (aclresult == ACLCHECK_OK)
- return true;
-
- /*
- * No table privilege, so try per-column privileges. Again, we have to
- * check for dropped attribute first, and we rely on the syscache not to
- * notice a concurrent drop before pg_attribute_aclcheck fetches the row.
- */
- attTuple = SearchSysCache2(ATTNUM,
- ObjectIdGetDatum(tableoid),
- Int16GetDatum(attnum));
- if (!HeapTupleIsValid(attTuple))
- return -1;
- attributeForm = (Form_pg_attribute) GETSTRUCT(attTuple);
- if (attributeForm->attisdropped)
- {
- ReleaseSysCache(attTuple);
+ return 1;
+ else if (is_missing)
return -1;
- }
- ReleaseSysCache(attTuple);
-
- aclresult = pg_attribute_aclcheck(tableoid, attnum, roleid, mode);
-
- return (aclresult == ACLCHECK_OK);
+ else
+ return 0;
}
/*
extern AclMode pg_attribute_aclmask(Oid table_oid, AttrNumber attnum,
Oid roleid, AclMode mask, AclMaskHow how);
+extern AclMode pg_attribute_aclmask_ext(Oid table_oid, AttrNumber attnum,
+ Oid roleid, AclMode mask,
+ AclMaskHow how, bool *is_missing);
extern AclMode pg_class_aclmask(Oid table_oid, Oid roleid,
AclMode mask, AclMaskHow how);
+extern AclMode pg_class_aclmask_ext(Oid table_oid, Oid roleid,
+ AclMode mask, AclMaskHow how,
+ bool *is_missing);
extern AclMode pg_database_aclmask(Oid db_oid, Oid roleid,
AclMode mask, AclMaskHow how);
extern AclMode pg_proc_aclmask(Oid proc_oid, Oid roleid,
extern AclResult pg_attribute_aclcheck(Oid table_oid, AttrNumber attnum,
Oid roleid, AclMode mode);
+extern AclResult pg_attribute_aclcheck_ext(Oid table_oid, AttrNumber attnum,
+ Oid roleid, AclMode mode,
+ bool *is_missing);
extern AclResult pg_attribute_aclcheck_all(Oid table_oid, Oid roleid,
AclMode mode, AclMaskHow how);
extern AclResult pg_class_aclcheck(Oid table_oid, Oid roleid, AclMode mode);
+extern AclResult pg_class_aclcheck_ext(Oid table_oid, Oid roleid,
+ AclMode mode, bool *is_missing);
extern AclResult pg_database_aclcheck(Oid db_oid, Oid roleid, AclMode mode);
extern AclResult pg_proc_aclcheck(Oid proc_oid, Oid roleid, AclMode mode);
extern AclResult pg_language_aclcheck(Oid lang_oid, Oid roleid, AclMode mode);
projects / users / rhaas / postgres.git / commitdiff