diff options
| author | Peter Eisentraut <peter@eisentraut.org> | 2022-11-13 08:11:17 +0100 |
|---|---|---|
| committer | Peter Eisentraut <peter@eisentraut.org> | 2022-11-13 09:02:41 +0100 |
| commit | c727f511bd7bf3c58063737bcf7a8f331346f253 (patch) | |
| tree | f59a013d0e7fe8b086eab5810b941de27695fe2d /src/backend/utils | |
| parent | afbfc02983f86c4d71825efa6befd547fe81a926 (diff) | |
| download | postgresql-c727f511bd7bf3c58063737bcf7a8f331346f253.tar.gz postgresql-c727f511bd7bf3c58063737bcf7a8f331346f253.zip | |
Refactor aclcheck functions
Instead of dozens of mostly-duplicate pg_foo_aclcheck() functions,
write one common function object_aclcheck() that can handle almost all
of them. We already have all the information we need, such as which
system catalog corresponds to which catalog table and which column is
the ACL column.
There are a few pg_foo_aclcheck() that don't work via the generic
function and have special APIs, so those stay as is.
I also changed most pg_foo_aclmask() functions to static functions,
since they are not used outside of aclchk.c.
Reviewed-by: Corey Huinker <corey.huinker@gmail.com>
Reviewed-by: Antonin Houska <ah@cybertec.at>
Discussion: https://www.postgresql.org/message-id/flat/95c30f96-4060-2f48-98b5-a4392d3b6066@enterprisedb.com
Diffstat (limited to 'src/backend/utils')
| -rw-r--r-- | src/backend/utils/adt/acl.c | 102 | ||||
| -rw-r--r-- | src/backend/utils/adt/dbsize.c | 5 | ||||
| -rw-r--r-- | src/backend/utils/fmgr/fmgr.c | 4 | ||||
| -rw-r--r-- | src/backend/utils/init/postinit.c | 2 |
4 files changed, 60 insertions, 53 deletions
diff --git a/src/backend/utils/adt/acl.c b/src/backend/utils/adt/acl.c index 0bc79cba2b1..8bdb9461b7f 100644 --- a/src/backend/utils/adt/acl.c +++ b/src/backend/utils/adt/acl.c @@ -23,7 +23,13 @@ #include "catalog/pg_authid.h" #include "catalog/pg_class.h" #include "catalog/pg_database.h" +#include "catalog/pg_foreign_data_wrapper.h" +#include "catalog/pg_foreign_server.h" +#include "catalog/pg_language.h" +#include "catalog/pg_namespace.h" #include "catalog/pg_parameter_acl.h" +#include "catalog/pg_proc.h" +#include "catalog/pg_tablespace.h" #include "catalog/pg_type.h" #include "commands/dbcommands.h" #include "commands/proclang.h" @@ -2902,7 +2908,7 @@ has_database_privilege_name_name(PG_FUNCTION_ARGS) databaseoid = convert_database_name(databasename); mode = convert_database_priv_string(priv_type_text); - aclresult = pg_database_aclcheck(databaseoid, roleid, mode); + aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -2927,7 +2933,7 @@ has_database_privilege_name(PG_FUNCTION_ARGS) databaseoid = convert_database_name(databasename); mode = convert_database_priv_string(priv_type_text); - aclresult = pg_database_aclcheck(databaseoid, roleid, mode); + aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -2953,7 +2959,7 @@ has_database_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid))) PG_RETURN_NULL(); - aclresult = pg_database_aclcheck(databaseoid, roleid, mode); + aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -2979,7 +2985,7 @@ has_database_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid))) PG_RETURN_NULL(); - aclresult = pg_database_aclcheck(databaseoid, roleid, mode); + aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3002,7 +3008,7 @@ has_database_privilege_id_name(PG_FUNCTION_ARGS) databaseoid = convert_database_name(databasename); mode = convert_database_priv_string(priv_type_text); - aclresult = pg_database_aclcheck(databaseoid, roleid, mode); + aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3026,7 +3032,7 @@ has_database_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(DATABASEOID, ObjectIdGetDatum(databaseoid))) PG_RETURN_NULL(); - aclresult = pg_database_aclcheck(databaseoid, roleid, mode); + aclresult = object_aclcheck(DatabaseRelationId, databaseoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3099,7 +3105,7 @@ has_foreign_data_wrapper_privilege_name_name(PG_FUNCTION_ARGS) fdwid = convert_foreign_data_wrapper_name(fdwname); mode = convert_foreign_data_wrapper_priv_string(priv_type_text); - aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode); + aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3124,7 +3130,7 @@ has_foreign_data_wrapper_privilege_name(PG_FUNCTION_ARGS) fdwid = convert_foreign_data_wrapper_name(fdwname); mode = convert_foreign_data_wrapper_priv_string(priv_type_text); - aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode); + aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3150,7 +3156,7 @@ has_foreign_data_wrapper_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid))) PG_RETURN_NULL(); - aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode); + aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3176,7 +3182,7 @@ has_foreign_data_wrapper_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid))) PG_RETURN_NULL(); - aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode); + aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3199,7 +3205,7 @@ has_foreign_data_wrapper_privilege_id_name(PG_FUNCTION_ARGS) fdwid = convert_foreign_data_wrapper_name(fdwname); mode = convert_foreign_data_wrapper_priv_string(priv_type_text); - aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode); + aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3223,7 +3229,7 @@ has_foreign_data_wrapper_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(FOREIGNDATAWRAPPEROID, ObjectIdGetDatum(fdwid))) PG_RETURN_NULL(); - aclresult = pg_foreign_data_wrapper_aclcheck(fdwid, roleid, mode); + aclresult = object_aclcheck(ForeignDataWrapperRelationId, fdwid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3290,7 +3296,7 @@ has_function_privilege_name_name(PG_FUNCTION_ARGS) functionoid = convert_function_name(functionname); mode = convert_function_priv_string(priv_type_text); - aclresult = pg_proc_aclcheck(functionoid, roleid, mode); + aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3315,7 +3321,7 @@ has_function_privilege_name(PG_FUNCTION_ARGS) functionoid = convert_function_name(functionname); mode = convert_function_priv_string(priv_type_text); - aclresult = pg_proc_aclcheck(functionoid, roleid, mode); + aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3341,7 +3347,7 @@ has_function_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid))) PG_RETURN_NULL(); - aclresult = pg_proc_aclcheck(functionoid, roleid, mode); + aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3367,7 +3373,7 @@ has_function_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid))) PG_RETURN_NULL(); - aclresult = pg_proc_aclcheck(functionoid, roleid, mode); + aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3390,7 +3396,7 @@ has_function_privilege_id_name(PG_FUNCTION_ARGS) functionoid = convert_function_name(functionname); mode = convert_function_priv_string(priv_type_text); - aclresult = pg_proc_aclcheck(functionoid, roleid, mode); + aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3414,7 +3420,7 @@ has_function_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(PROCOID, ObjectIdGetDatum(functionoid))) PG_RETURN_NULL(); - aclresult = pg_proc_aclcheck(functionoid, roleid, mode); + aclresult = object_aclcheck(ProcedureRelationId, functionoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3490,7 +3496,7 @@ has_language_privilege_name_name(PG_FUNCTION_ARGS) languageoid = convert_language_name(languagename); mode = convert_language_priv_string(priv_type_text); - aclresult = pg_language_aclcheck(languageoid, roleid, mode); + aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3515,7 +3521,7 @@ has_language_privilege_name(PG_FUNCTION_ARGS) languageoid = convert_language_name(languagename); mode = convert_language_priv_string(priv_type_text); - aclresult = pg_language_aclcheck(languageoid, roleid, mode); + aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3541,7 +3547,7 @@ has_language_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid))) PG_RETURN_NULL(); - aclresult = pg_language_aclcheck(languageoid, roleid, mode); + aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3567,7 +3573,7 @@ has_language_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid))) PG_RETURN_NULL(); - aclresult = pg_language_aclcheck(languageoid, roleid, mode); + aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3590,7 +3596,7 @@ has_language_privilege_id_name(PG_FUNCTION_ARGS) languageoid = convert_language_name(languagename); mode = convert_language_priv_string(priv_type_text); - aclresult = pg_language_aclcheck(languageoid, roleid, mode); + aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3614,7 +3620,7 @@ has_language_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(LANGOID, ObjectIdGetDatum(languageoid))) PG_RETURN_NULL(); - aclresult = pg_language_aclcheck(languageoid, roleid, mode); + aclresult = object_aclcheck(LanguageRelationId, languageoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3681,7 +3687,7 @@ has_schema_privilege_name_name(PG_FUNCTION_ARGS) schemaoid = convert_schema_name(schemaname); mode = convert_schema_priv_string(priv_type_text); - aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode); + aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3706,7 +3712,7 @@ has_schema_privilege_name(PG_FUNCTION_ARGS) schemaoid = convert_schema_name(schemaname); mode = convert_schema_priv_string(priv_type_text); - aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode); + aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3732,7 +3738,7 @@ has_schema_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(schemaoid))) PG_RETURN_NULL(); - aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode); + aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3758,7 +3764,7 @@ has_schema_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(schemaoid))) PG_RETURN_NULL(); - aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode); + aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3781,7 +3787,7 @@ has_schema_privilege_id_name(PG_FUNCTION_ARGS) schemaoid = convert_schema_name(schemaname); mode = convert_schema_priv_string(priv_type_text); - aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode); + aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3805,7 +3811,7 @@ has_schema_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(NAMESPACEOID, ObjectIdGetDatum(schemaoid))) PG_RETURN_NULL(); - aclresult = pg_namespace_aclcheck(schemaoid, roleid, mode); + aclresult = object_aclcheck(NamespaceRelationId, schemaoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3874,7 +3880,7 @@ has_server_privilege_name_name(PG_FUNCTION_ARGS) serverid = convert_server_name(servername); mode = convert_server_priv_string(priv_type_text); - aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode); + aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3899,7 +3905,7 @@ has_server_privilege_name(PG_FUNCTION_ARGS) serverid = convert_server_name(servername); mode = convert_server_priv_string(priv_type_text); - aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode); + aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3925,7 +3931,7 @@ has_server_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(FOREIGNSERVEROID, ObjectIdGetDatum(serverid))) PG_RETURN_NULL(); - aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode); + aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3951,7 +3957,7 @@ has_server_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(FOREIGNSERVEROID, ObjectIdGetDatum(serverid))) PG_RETURN_NULL(); - aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode); + aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3974,7 +3980,7 @@ has_server_privilege_id_name(PG_FUNCTION_ARGS) serverid = convert_server_name(servername); mode = convert_server_priv_string(priv_type_text); - aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode); + aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -3998,7 +4004,7 @@ has_server_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(FOREIGNSERVEROID, ObjectIdGetDatum(serverid))) PG_RETURN_NULL(); - aclresult = pg_foreign_server_aclcheck(serverid, roleid, mode); + aclresult = object_aclcheck(ForeignServerRelationId, serverid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4065,7 +4071,7 @@ has_tablespace_privilege_name_name(PG_FUNCTION_ARGS) tablespaceoid = convert_tablespace_name(tablespacename); mode = convert_tablespace_priv_string(priv_type_text); - aclresult = pg_tablespace_aclcheck(tablespaceoid, roleid, mode); + aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4090,7 +4096,7 @@ has_tablespace_privilege_name(PG_FUNCTION_ARGS) tablespaceoid = convert_tablespace_name(tablespacename); mode = convert_tablespace_priv_string(priv_type_text); - aclresult = pg_tablespace_aclcheck(tablespaceoid, roleid, mode); + aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4116,7 +4122,7 @@ has_tablespace_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(TABLESPACEOID, ObjectIdGetDatum(tablespaceoid))) PG_RETURN_NULL(); - aclresult = pg_tablespace_aclcheck(tablespaceoid, roleid, mode); + aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4142,7 +4148,7 @@ has_tablespace_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(TABLESPACEOID, ObjectIdGetDatum(tablespaceoid))) PG_RETURN_NULL(); - aclresult = pg_tablespace_aclcheck(tablespaceoid, roleid, mode); + aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4165,7 +4171,7 @@ has_tablespace_privilege_id_name(PG_FUNCTION_ARGS) tablespaceoid = convert_tablespace_name(tablespacename); mode = convert_tablespace_priv_string(priv_type_text); - aclresult = pg_tablespace_aclcheck(tablespaceoid, roleid, mode); + aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4189,7 +4195,7 @@ has_tablespace_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(TABLESPACEOID, ObjectIdGetDatum(tablespaceoid))) PG_RETURN_NULL(); - aclresult = pg_tablespace_aclcheck(tablespaceoid, roleid, mode); + aclresult = object_aclcheck(TableSpaceRelationId, tablespaceoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4255,7 +4261,7 @@ has_type_privilege_name_name(PG_FUNCTION_ARGS) typeoid = convert_type_name(typename); mode = convert_type_priv_string(priv_type_text); - aclresult = pg_type_aclcheck(typeoid, roleid, mode); + aclresult = object_aclcheck(TypeRelationId, typeoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4280,7 +4286,7 @@ has_type_privilege_name(PG_FUNCTION_ARGS) typeoid = convert_type_name(typename); mode = convert_type_priv_string(priv_type_text); - aclresult = pg_type_aclcheck(typeoid, roleid, mode); + aclresult = object_aclcheck(TypeRelationId, typeoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4306,7 +4312,7 @@ has_type_privilege_name_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(TYPEOID, ObjectIdGetDatum(typeoid))) PG_RETURN_NULL(); - aclresult = pg_type_aclcheck(typeoid, roleid, mode); + aclresult = object_aclcheck(TypeRelationId, typeoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4332,7 +4338,7 @@ has_type_privilege_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(TYPEOID, ObjectIdGetDatum(typeoid))) PG_RETURN_NULL(); - aclresult = pg_type_aclcheck(typeoid, roleid, mode); + aclresult = object_aclcheck(TypeRelationId, typeoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4355,7 +4361,7 @@ has_type_privilege_id_name(PG_FUNCTION_ARGS) typeoid = convert_type_name(typename); mode = convert_type_priv_string(priv_type_text); - aclresult = pg_type_aclcheck(typeoid, roleid, mode); + aclresult = object_aclcheck(TypeRelationId, typeoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } @@ -4379,7 +4385,7 @@ has_type_privilege_id_id(PG_FUNCTION_ARGS) if (!SearchSysCacheExists1(TYPEOID, ObjectIdGetDatum(typeoid))) PG_RETURN_NULL(); - aclresult = pg_type_aclcheck(typeoid, roleid, mode); + aclresult = object_aclcheck(TypeRelationId, typeoid, roleid, mode); PG_RETURN_BOOL(aclresult == ACLCHECK_OK); } diff --git a/src/backend/utils/adt/dbsize.c b/src/backend/utils/adt/dbsize.c index 0a9b93f2634..141db7c9c1c 100644 --- a/src/backend/utils/adt/dbsize.c +++ b/src/backend/utils/adt/dbsize.c @@ -18,6 +18,7 @@ #include "catalog/catalog.h" #include "catalog/namespace.h" #include "catalog/pg_authid.h" +#include "catalog/pg_database.h" #include "catalog/pg_tablespace.h" #include "commands/dbcommands.h" #include "commands/tablespace.h" @@ -115,7 +116,7 @@ calculate_database_size(Oid dbOid) * User must have connect privilege for target database or have privileges * of pg_read_all_stats */ - aclresult = pg_database_aclcheck(dbOid, GetUserId(), ACL_CONNECT); + aclresult = object_aclcheck(DatabaseRelationId, dbOid, GetUserId(), ACL_CONNECT); if (aclresult != ACLCHECK_OK && !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS)) { @@ -203,7 +204,7 @@ calculate_tablespace_size(Oid tblspcOid) if (tblspcOid != MyDatabaseTableSpace && !has_privs_of_role(GetUserId(), ROLE_PG_READ_ALL_STATS)) { - aclresult = pg_tablespace_aclcheck(tblspcOid, GetUserId(), ACL_CREATE); + aclresult = object_aclcheck(TableSpaceRelationId, tblspcOid, GetUserId(), ACL_CREATE); if (aclresult != ACLCHECK_OK) aclcheck_error(aclresult, OBJECT_TABLESPACE, get_tablespace_name(tblspcOid)); diff --git a/src/backend/utils/fmgr/fmgr.c b/src/backend/utils/fmgr/fmgr.c index a9dd068095b..3c210297aa1 100644 --- a/src/backend/utils/fmgr/fmgr.c +++ b/src/backend/utils/fmgr/fmgr.c @@ -2054,7 +2054,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid) langStruct->lanvalidator))); /* first validate that we have permissions to use the language */ - aclresult = pg_language_aclcheck(procStruct->prolang, GetUserId(), + aclresult = object_aclcheck(LanguageRelationId, procStruct->prolang, GetUserId(), ACL_USAGE); if (aclresult != ACLCHECK_OK) aclcheck_error(aclresult, OBJECT_LANGUAGE, @@ -2065,7 +2065,7 @@ CheckFunctionValidatorAccess(Oid validatorOid, Oid functionOid) * execute it, there should be no possible side-effect of * compiling/validation that execution can't have. */ - aclresult = pg_proc_aclcheck(functionOid, GetUserId(), ACL_EXECUTE); + aclresult = object_aclcheck(ProcedureRelationId, functionOid, GetUserId(), ACL_EXECUTE); if (aclresult != ACLCHECK_OK) aclcheck_error(aclresult, OBJECT_FUNCTION, NameStr(procStruct->proname)); diff --git a/src/backend/utils/init/postinit.c b/src/backend/utils/init/postinit.c index 31b7e1de5df..a990c833c5b 100644 --- a/src/backend/utils/init/postinit.c +++ b/src/backend/utils/init/postinit.c @@ -359,7 +359,7 @@ CheckMyDatabase(const char *name, bool am_superuser, bool override_allow_connect * and save a few cycles.) */ if (!am_superuser && - pg_database_aclcheck(MyDatabaseId, GetUserId(), + object_aclcheck(DatabaseRelationId, MyDatabaseId, GetUserId(), ACL_CONNECT) != ACLCHECK_OK) ereport(FATAL, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), |