projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fe62698) | patch
Revise the permission checking on user mapping DDL commands.
authorPeter Eisentraut <peter_e@gmx.net>
Tue, 20 Jan 2009 09:10:20 +0000 (09:10 +0000)
committerPeter Eisentraut <peter_e@gmx.net>
Tue, 20 Jan 2009 09:10:20 +0000 (09:10 +0000)
commit93a6be63a55a8cd0d73b3fa81eb6a46013a3a974
tree687e12b06f610c10bd3acf2210275fbeb7cdfb84tree
parentfe626982182bd1c8cd2606027a4d49a2f31a01c3commit | diff
Revise the permission checking on user mapping DDL commands.
CREATE/ALTER/DROP USER MAPPING are now allowed either by the server owner or
by a user with USAGE privileges for his own user name.  This is more or less
what the SQL standard wants anyway (plus "implementation-defined")

Hide information_schema.user_mapping_options.option_value, unless the current
user is the one associated with the user mapping, or is the server owner and
the mapping is for PUBLIC, or is a superuser.  This is to protect passwords.

Also, fix a bug in information_schema._pg_foreign_servers, which hid servers
using wrappers where the current user did not have privileges on the wrapper.
The correct behavior is to hide servers where the current user has no
privileges on the server.
doc/src/sgml/information_schema.sgml diff | blob | blame | history
doc/src/sgml/ref/alter_user_mapping.sgml diff | blob | blame | history
doc/src/sgml/ref/create_user_mapping.sgml diff | blob | blame | history
doc/src/sgml/ref/drop_user_mapping.sgml diff | blob | blame | history
src/backend/catalog/information_schema.sql diff | blob | blame | history
src/backend/commands/foreigncmds.c diff | blob | blame | history
src/test/regress/expected/foreign_data.out diff | blob | blame | history
src/test/regress/sql/foreign_data.sql diff | blob | blame | history
This is the main PostgreSQL git repository.