diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2019-11-05 13:40:37 -0500 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2019-11-05 13:40:37 -0500 |
| commit | 791864193636764b4cbba0acd2b4eab7581eb2c3 (patch) | |
| tree | 421fb10db6e32549f2458c0c37cd7accbe5fb4d1 /src/backend/commands/alter.c | |
| parent | a9db37a180e536dc157aebf5bab4286a0494defc (diff) | |
| download | postgresql-791864193636764b4cbba0acd2b4eab7581eb2c3.tar.gz postgresql-791864193636764b4cbba0acd2b4eab7581eb2c3.zip | |
Fix "unexpected relkind" error when denying permissions on toast tables.
get_relkind_objtype, and hence get_object_type, failed when applied to a
toast table. This is not a good thing, because it prevents reporting of
perfectly legitimate permissions errors. (At present, these functions
are in fact *only* used to determine the ObjectType argument for
acl_error() calls.) It seems best to have them fall back to returning
OBJECT_TABLE in every case where they can't determine an object type
for a pg_class entry, so do that.
In passing, make some edits to alter.c to make it more obvious that
those calls of get_object_type() are used only for error reporting.
This might save a few cycles in the non-error code path, too.
Back-patch to v11 where this issue originated.
John Hsu, Michael Paquier, Tom Lane
Discussion: https://postgr.es/m/C652D3DF-2B0C-4128-9420-FB5379F6B1E4@amazon.com
Diffstat (limited to 'src/backend/commands/alter.c')
| -rw-r--r-- | src/backend/commands/alter.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c index 70dbcb0756c..562e3d3455c 100644 --- a/src/backend/commands/alter.c +++ b/src/backend/commands/alter.c @@ -172,7 +172,6 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name) AttrNumber Anum_name = get_object_attnum_name(classId); AttrNumber Anum_namespace = get_object_attnum_namespace(classId); AttrNumber Anum_owner = get_object_attnum_owner(classId); - ObjectType objtype = get_object_type(classId, objectId); HeapTuple oldtup; HeapTuple newtup; Datum datum; @@ -224,7 +223,8 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name) ownerId = DatumGetObjectId(datum); if (!has_privs_of_role(GetUserId(), DatumGetObjectId(ownerId))) - aclcheck_error(ACLCHECK_NOT_OWNER, objtype, old_name); + aclcheck_error(ACLCHECK_NOT_OWNER, get_object_type(classId, objectId), + old_name); /* User must have CREATE privilege on the namespace */ if (OidIsValid(namespaceId)) @@ -670,7 +670,6 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid) AttrNumber Anum_name = get_object_attnum_name(classId); AttrNumber Anum_namespace = get_object_attnum_namespace(classId); AttrNumber Anum_owner = get_object_attnum_owner(classId); - ObjectType objtype = get_object_type(classId, objid); Oid oldNspOid; Datum name, namespace; @@ -726,7 +725,7 @@ AlterObjectNamespace_internal(Relation rel, Oid objid, Oid nspOid) ownerId = DatumGetObjectId(owner); if (!has_privs_of_role(GetUserId(), ownerId)) - aclcheck_error(ACLCHECK_NOT_OWNER, objtype, + aclcheck_error(ACLCHECK_NOT_OWNER, get_object_type(classId, objid), NameStr(*(DatumGetName(name)))); /* User must have CREATE privilege on new namespace */ @@ -950,8 +949,6 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId) /* Superusers can bypass permission checks */ if (!superuser()) { - ObjectType objtype = get_object_type(classId, objectId); - /* must be owner */ if (!has_privs_of_role(GetUserId(), old_ownerId)) { @@ -970,7 +967,8 @@ AlterObjectOwner_internal(Relation rel, Oid objectId, Oid new_ownerId) snprintf(namebuf, sizeof(namebuf), "%u", objectId); objname = namebuf; } - aclcheck_error(ACLCHECK_NOT_OWNER, objtype, objname); + aclcheck_error(ACLCHECK_NOT_OWNER, get_object_type(classId, objectId), + objname); } /* Must be able to become new owner */ check_is_member_of_role(GetUserId(), new_ownerId); |