diff options
| author | Peter Eisentraut <peter_e@gmx.net> | 2000-09-06 14:15:31 +0000 |
|---|---|---|
| committer | Peter Eisentraut <peter_e@gmx.net> | 2000-09-06 14:15:31 +0000 |
| commit | 6dc249610a87aa8b9dcc8baf4e64d2e14d02f548 (patch) | |
| tree | 6ca1b864625ecf91a2887c8031a9fa91b5f9c5c5 /src/backend/commands/command.c | |
| parent | daf1e3a7026e367d630be3ac34ac0a9e7cf1340f (diff) | |
| download | postgresql-6dc249610a87aa8b9dcc8baf4e64d2e14d02f548.tar.gz postgresql-6dc249610a87aa8b9dcc8baf4e64d2e14d02f548.zip | |
Code cleanup of user name and user id handling in the backend. The current
user is now defined in terms of the user id, the user name is only computed
upon request (for display purposes). This is kind of the opposite of the
previous state, which would maintain the user name and compute the user id
for permission checks.
Besides perhaps saving a few cycles (integer vs string), this now creates a
single point of attack for changing the user id during a connection, for
purposes of "setuid" functions, etc.
Diffstat (limited to 'src/backend/commands/command.c')
| -rw-r--r-- | src/backend/commands/command.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/backend/commands/command.c b/src/backend/commands/command.c index 97b3563d9fc..054b76e480d 100644 --- a/src/backend/commands/command.c +++ b/src/backend/commands/command.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.97 2000/08/29 04:20:43 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.98 2000/09/06 14:15:16 petere Exp $ * * NOTES * The PerformAddAttribute() code, like most of the relation @@ -308,7 +308,7 @@ AlterTableAddColumn(const char *relationName, elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relationName); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -523,7 +523,7 @@ AlterTableAlterColumn(const char *relationName, elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relationName); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -935,7 +935,7 @@ AlterTableDropColumn(const char *relationName, elog(ERROR, "ALTER TABLE: relation \"%s\" is a system catalog", relationName); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -1095,7 +1095,7 @@ AlterTableAddConstraint(char *relationName, elog(ERROR, "ALTER TABLE / ADD CONSTRAINT passed invalid constraint."); #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -1484,7 +1484,7 @@ AlterTableCreateToastTable(const char *relationName, bool silent) * permissions checking. XXX exactly what is appropriate here? */ #ifndef NO_SECURITY - if (!pg_ownercheck(UserName, relationName, RELNAME)) + if (!pg_ownercheck(GetUserId(), relationName, RELNAME)) elog(ERROR, "ALTER TABLE: permission denied"); #endif @@ -1723,9 +1723,9 @@ LockTableCommand(LockStmt *lockstmt) rel = heap_openr(lockstmt->relname, NoLock); if (lockstmt->mode == AccessShareLock) - aclresult = pg_aclcheck(lockstmt->relname, GetPgUserName(), ACL_RD); + aclresult = pg_aclcheck(lockstmt->relname, GetUserId(), ACL_RD); else - aclresult = pg_aclcheck(lockstmt->relname, GetPgUserName(), ACL_WR); + aclresult = pg_aclcheck(lockstmt->relname, GetUserId(), ACL_WR); if (aclresult != ACLCHECK_OK) elog(ERROR, "LOCK TABLE: permission denied"); |