aboutsummaryrefslogtreecommitdiff
path: root/src/backend/commands/dbcommands.c
diff options
context:
space:
mode:
authorTom Lane <tgl@sss.pgh.pa.us>2002-02-24 20:20:21 +0000
committerTom Lane <tgl@sss.pgh.pa.us>2002-02-24 20:20:21 +0000
commita833c441fd3cb92bb9cb169a6e73df8f1c6ffe95 (patch)
tree0e8e50cc4634f779c9d0f1504ca094ddf6a74ed4 /src/backend/commands/dbcommands.c
parentf66f7a542f862c0f5f6ca70af38f1ffc743c96cd (diff)
downloadpostgresql-a833c441fd3cb92bb9cb169a6e73df8f1c6ffe95.tar.gz
postgresql-a833c441fd3cb92bb9cb169a6e73df8f1c6ffe95.zip
Add OWNER option to CREATE DATABASE, so superusers can create databases
on behalf of unprivileged users. Also, make '=' optional in CREATE DATABASE syntax. From Gavin Sherry, with kibitzing and docs by Tom Lane.
Diffstat (limited to 'src/backend/commands/dbcommands.c')
-rw-r--r--src/backend/commands/dbcommands.c33
1 files changed, 27 insertions, 6 deletions
diff --git a/src/backend/commands/dbcommands.c b/src/backend/commands/dbcommands.c
index 142fefb60fb..712df38ec51 100644
--- a/src/backend/commands/dbcommands.c
+++ b/src/backend/commands/dbcommands.c
@@ -9,7 +9,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.82 2002/02/23 20:55:46 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.83 2002/02/24 20:20:19 tgl Exp $
*
*-------------------------------------------------------------------------
*/
@@ -34,6 +34,7 @@
#include "storage/sinval.h"
#include "utils/builtins.h"
#include "utils/fmgroids.h"
+#include "utils/lsyscache.h"
#include "utils/syscache.h"
#ifdef MULTIBYTE
@@ -55,8 +56,9 @@ static bool remove_dbdirs(const char *real_loc, const char *altloc);
*/
void
-createdb(const char *dbname, const char *dbpath,
- const char *dbtemplate, int encoding)
+createdb(const char *dbname, const char *dbowner,
+ const char *dbpath, const char *dbtemplate,
+ int encoding)
{
char *nominal_loc;
char *alt_loc;
@@ -79,12 +81,31 @@ createdb(const char *dbname, const char *dbpath,
Datum new_record[Natts_pg_database];
char new_record_nulls[Natts_pg_database];
Oid dboid;
+ int32 datdba;
+ /* obtain sysid of proposed owner */
+ if (dbowner)
+ datdba = get_usesysid(dbowner); /* will elog if no such user */
+ else
+ datdba = GetUserId();
+
+ /* check permission to create database */
if (!get_user_info(GetUserId(), &use_super, &use_createdb))
elog(ERROR, "current user name is invalid");
- if (!use_createdb && !use_super)
- elog(ERROR, "CREATE DATABASE: permission denied");
+ if (datdba == (int32) GetUserId())
+ {
+ /* creating database for self: can be superuser or createdb */
+ if (!use_createdb && !use_super)
+ elog(ERROR, "CREATE DATABASE: permission denied");
+ }
+ else
+ {
+ /* creating database for someone else: must be superuser */
+ /* note that the someone else need not have any permissions */
+ if (!use_super)
+ elog(ERROR, "CREATE DATABASE: permission denied");
+ }
/* don't call this in a transaction block */
if (IsTransactionBlock())
@@ -254,7 +275,7 @@ createdb(const char *dbname, const char *dbpath,
/* Form tuple */
new_record[Anum_pg_database_datname - 1] =
DirectFunctionCall1(namein, CStringGetDatum(dbname));
- new_record[Anum_pg_database_datdba - 1] = Int32GetDatum(GetUserId());
+ new_record[Anum_pg_database_datdba - 1] = Int32GetDatum(datdba);
new_record[Anum_pg_database_encoding - 1] = Int32GetDatum(encoding);
new_record[Anum_pg_database_datistemplate - 1] = BoolGetDatum(false);
new_record[Anum_pg_database_datallowconn - 1] = BoolGetDatum(true);
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-24 19:31:38 +0000