diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2005-03-12 21:12:05 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2005-03-12 21:12:05 +0000 |
| commit | b3dbaab1e95d43e106e805b3e19666c435470c43 (patch) | |
| tree | d5ba750792f95164e6e5d62d2b8114f4873aa8a9 | |
| parent | 8806b09b822238d448f9bd4900307b101fccd2ff (diff) | |
| download | postgresql-b3dbaab1e95d43e106e805b3e19666c435470c43.tar.gz postgresql-b3dbaab1e95d43e106e805b3e19666c435470c43.zip | |
Fix ALTER DATABASE RENAME to allow the operation if user is a superuser
who for some reason isn't marked usecreatedb. Per report from Alexander
Pravking. Also fix sloppy coding in have_createdb_privilege().
| -rw-r--r-- | src/backend/commands/dbcommands.c | 27 |
1 files changed, 12 insertions, 15 deletions
diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c index a602ff109cd..d00e6adc8fd 100644 --- a/src/backend/commands/dbcommands.c +++ b/src/backend/commands/dbcommands.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.148 2004/12/31 21:59:41 pgsql Exp $ + * $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.148.4.1 2005/03/12 21:12:05 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -717,8 +717,8 @@ RenameDatabase(const char *oldname, const char *newname) aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_DATABASE, oldname); - /* must have createdb */ - if (!have_createdb_privilege()) + /* must have createdb rights */ + if (!superuser() && !have_createdb_privilege()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("permission denied to rename database"))); @@ -882,8 +882,7 @@ AlterDatabaseOwner(const char *dbname, AclId newOwnerSysId) bool isNull; HeapTuple newtuple; - /* changing owner's database for someone else: must be superuser */ - /* note that the someone else need not have any permissions */ + /* must be superuser to change ownership */ if (!superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), @@ -1004,24 +1003,22 @@ get_db_info(const char *name, Oid *dbIdP, int4 *ownerIdP, return gottuple; } +/* Check if current user has createdb privileges */ static bool have_createdb_privilege(void) { + bool result = false; HeapTuple utup; - bool retval; utup = SearchSysCache(SHADOWSYSID, Int32GetDatum(GetUserId()), 0, 0, 0); - - if (!HeapTupleIsValid(utup)) - retval = false; - else - retval = ((Form_pg_shadow) GETSTRUCT(utup))->usecreatedb; - - ReleaseSysCache(utup); - - return retval; + if (HeapTupleIsValid(utup)) + { + result = ((Form_pg_shadow) GETSTRUCT(utup))->usecreatedb; + ReleaseSysCache(utup); + } + return result; } /* |