diff options
| author | Robert Haas <rhaas@postgresql.org> | 2010-11-25 11:48:49 -0500 |
|---|---|---|
| committer | Robert Haas <rhaas@postgresql.org> | 2010-11-25 11:50:13 -0500 |
| commit | cc1ed40d57aa68322e43a7b0a3320a6c5aff010a (patch) | |
| tree | 9ea4ae8d86ab1e9709e16357a05040700acbe02a /src/backend/commands/user.c | |
| parent | d3c126544342728ab4b5c167b4f4b01a39270db5 (diff) | |
| download | postgresql-cc1ed40d57aa68322e43a7b0a3320a6c5aff010a.tar.gz postgresql-cc1ed40d57aa68322e43a7b0a3320a6c5aff010a.zip | |
Object access hook framework, with post-creation hook.
After a SQL object is created, we provide an opportunity for security
or logging plugins to get control; for example, a security label provider
could use this to assign an initial security label to newly created
objects. The basic infrastructure is (hopefully) reusable for other types
of events that might require similar treatment.
KaiGai Kohei, with minor adjustments.
Diffstat (limited to 'src/backend/commands/user.c')
| -rw-r--r-- | src/backend/commands/user.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index f1ff8398773..2634ca10e64 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -17,6 +17,7 @@ #include "access/xact.h" #include "catalog/dependency.h" #include "catalog/indexing.h" +#include "catalog/objectaccess.h" #include "catalog/pg_auth_members.h" #include "catalog/pg_authid.h" #include "catalog/pg_database.h" @@ -402,6 +403,9 @@ CreateRole(CreateRoleStmt *stmt) rolemembers, roleNamesToIds(rolemembers), GetUserId(), false); + /* Post creation hook for new role */ + InvokeObjectAccessHook(OAT_POST_CREATE, AuthIdRelationId, roleid, 0); + /* * Close pg_authid, but keep lock till commit. */ |